English
Related papers

Related papers: MicroWalk: A Framework for Finding Side Channels i…

200 papers

Memory disclosure attacks play an important role in the exploitation of memory corruption vulnerabilities. By analyzing recent research, we observe that bypasses of defensive solutions that enforce control-flow integrity or attempt to…

Cryptography and Security · Computer Science 2020-07-08 Robert Gawlik , Philipp Koppe , Benjamin Kollenda , Andre Pawlowski , Behrad Garmany , Thorsten Holz

The continued evolution and diversity of malware constitutes a major threat in modern systems. It is well proven that security defenses currently available are ineffective to mitigate the skills and imagination of cyber-criminals…

Cryptography and Security · Computer Science 2019-04-02 Irina Baptista , Stavros Shiaeles , Nicholas Kolokotronis

Currently, Application Programming Interfaces (APIs) are becoming increasingly popular to facilitate data transfer in a variety of mobile applications. These APIs often process sensitive user information through their endpoints, which are…

Cryptography and Security · Computer Science 2023-10-24 Nate Haris , Kendree Chen , Ann Song , Benjamin Pou

Recent work has shown that out-of-order and speculative execution mechanisms used to increase performance in the majority of processors expose the processors to critical attacks. These attacks, called Meltdown and Spectre, exploit the side…

Cryptography and Security · Computer Science 2025-11-25 Subhash Sethumurugan , Hari Cherupalli , Kangjie Lu , John Sartori

Memory leaks are prevalent in various real-world software projects, thereby leading to serious attacks like denial-of-service. Though prior methods for detecting memory leaks made significant advance, they often suffer from low accuracy and…

Cryptography and Security · Computer Science 2025-04-08 Hongliang Liang , Luming Yin , Guohao Wu , Yuxiang Li , Qiuping Yi , Lei Wang

Attacks based on side-channel analysis (SCA) pose a severe security threat to modern computing platforms, further exacerbated on IoT devices by their pervasiveness and handling of private and critical data. Designing SCA-resistant computing…

Cryptography and Security · Computer Science 2025-03-18 Davide Zoni , Andrea Galimberti , Davide Galli

The Web is replete with tutorial-style content on how to accomplish programming tasks. Unfortunately, even top-ranked tutorials suffer from severe security vulnerabilities, such as cross-site scripting (XSS), and SQL injection (SQLi).…

Cryptography and Security · Computer Science 2017-04-11 Tommi Unruh , Bhargava Shastry , Malte Skoruppa , Federico Maggi , Konrad Rieck , Jean-Pierre Seifert , Fabian Yamaguchi

This paper presents a novel tool, named Rampo, that can perform binary code analysis to identify cyber kinetic vulnerabilities in CPS. The tool takes as input a Signal Temporal Logic (STL) formula that describes the kinetic effect, i.e.,…

Cryptography and Security · Computer Science 2025-11-24 Kohei Tsujio , Mohammad Abdullah Al Faruque , Yasser Shoukry

Binary code similarity analysis (BCSA) is a crucial research area in many fields such as cybersecurity. Specifically, function-level diffing tools are the most widely used in BCSA: they perform function matching one by one for evaluating…

Cryptography and Security · Computer Science 2025-06-16 Zhijie Liu , Qiyi Tang , Sen Nie , Shi Wu , Liang Feng Zhang , Yutian Tang

WebAssembly (Wasm), as a compact, fast, and isolation-guaranteed binary format, can be compiled from more than 40 high-level programming languages. However, vulnerabilities in Wasm binaries could lead to sensitive data leakage and even…

Cryptography and Security · Computer Science 2024-08-19 Ningyu He , Zhehao Zhao , Hanqin Guan , Jikai Wang , Shuo Peng , Ding Li , Haoyu Wang , Xiangqun Chen , Yao Guo

To meet the ever-growing need for performance in silicon devices, SoC providers have been increasingly relying on software-hardware cooperation. By controlling hardware resources such as power or clock management from the software,…

Cryptography and Security · Computer Science 2021-11-03 Joseph Gravellier , Jean-Max Dutertre , Yannick Teglia , Philippe Loubet Moundi

Time variation during program execution can leak sensitive information. Time variations due to program control flow and hardware resource contention have been used to steal encryption keys in cipher implementations such as AES and RSA. A…

Cryptography and Security · Computer Science 2017-03-23 Zelalem Birhanu Aweke , Todd Austin

This paper presents results from the MSR 2021 Hackathon. Our team investigates files/projects that contain known security vulnerabilities and how widespread they are throughout repositories in open source software. These security…

Software Engineering · Computer Science 2021-03-24 David Reid , Kalvin Eng , Chris Bogart , Adam Tutko

Many cybersecurity attacks rely on analyzing a binary executable to find exploitable sections of code. Code obfuscation is used to prevent attackers from reverse engineering these executables. In this work, we focus on control flow…

Cryptography and Security · Computer Science 2019-08-28 Novak Boskov , Mihailo Isakov , Michel A. Kinsy

Side channels pose a significant threat to the confidentiality of software systems. Such vulnerabilities are challenging to detect and evaluate because they arise from non-functional properties of software such as execution times and…

Cryptography and Security · Computer Science 2021-07-09 Yannic Noller , Saeid Tizpaz-Niari

Side-channel attacks allow extracting secret information from the execution of cryptographic primitives by correlating the partially known computed data and the measured side-channel signal. However, to set up a successful side-channel…

Cryptography and Security · Computer Science 2024-09-02 Giuseppe Chiari , Davide Galli , Francesco Lattari , Matteo Matteucci , Davide Zoni

The threats of physical side-channel attacks and their countermeasures have been widely researched. Most physical side-channel attacks rely on the unavoidable influence of computation or storage on current consumption or voltage drop on a…

Cryptography and Security · Computer Science 2023-10-24 Saleh Khalaj Monfared , Tahoura Mosavirik , Shahin Tajik

Side-channel attacks on shared hardware resources increasingly threaten confidentiality, especially with the rise of Large Language Models (LLMs). In this work, we introduce Spill The Beans, a novel application of cache side-channels to…

Cryptography and Security · Computer Science 2025-05-05 Andrew Adiletta , Berk Sunar

Side-channel attacks on mobile devices have gained increasing attention since their introduction in 2007. While traditional side-channel attacks, such as power analysis attacks and electromagnetic analysis attacks, required physical…

Cryptography and Security · Computer Science 2017-12-08 Raphael Spreitzer , Veelasha Moonsamy , Thomas Korak , Stefan Mangard

Microarchitectural timing channels enable unwanted information flow across security boundaries, violating fundamental security assumptions. They leverage timing variations of several state-holding microarchitectural components and have been…

Cryptography and Security · Computer Science 2025-10-14 Nils Wistoff , Moritz Schneider , Frank K. Gürkaynak , Gernot Heiser , Luca Benini