English
Related papers

Related papers: MemoryRanger Prevents Hijacking FILE_OBJECT Struct…

200 papers

The security of computer systems fundamentally relies on memory isolation, e.g., kernel address ranges are marked as non-accessible and are protected from user access. In this paper, we present Meltdown. Meltdown exploits side effects of…

Cryptography and Security · Computer Science 2018-01-08 Moritz Lipp , Michael Schwarz , Daniel Gruss , Thomas Prescher , Werner Haas , Stefan Mangard , Paul Kocher , Daniel Genkin , Yuval Yarom , Mike Hamburg

In an era of escalating cyber threats, malware poses significant risks to individuals and organizations, potentially leading to data breaches, system failures, and substantial financial losses. This study addresses the urgent need for…

Cryptography and Security · Computer Science 2025-01-28 Marzieh Esnaashari , Nima Moradi

Existing anti-malware software and reverse engineering toolkits struggle with stealthy sub-OS rootkits due to limitations of run-time kernel-level monitoring. A malicious kernel-level driver can bypass OS-level anti-virus mechanisms easily.…

Dynamic Random Access Memory (DRAM) is pervasive in computer systems. Cell vulnerabilities caused by unintended phenomena (forced retention failure, latency alteration, rowhammer and rowpress) lead to unintended bit flips in memory. These…

Cryptography and Security · Computer Science 2026-03-20 Zilong Hu , Hongming Fei , Prosanta Gope , Jack Miskelly , Owen Millwood , Biplab Sikdar

Machine learning based malware detection techniques rely on grayscale images of malware and tends to classify malware based on the distribution of textures in graycale images. Albeit the advancement and promising results shown by machine…

Cryptography and Security · Computer Science 2022-08-05 Sanket Shukla

Monolithic operating systems, where all kernel functionality resides in a single, shared address space, are the foundation of most mainstream computer systems. However, a single flaw, even in a non-essential part of the kernel (e.g., device…

Cryptography and Security · Computer Science 2024-04-16 Soo Yee Lim , Sidhartha Agrawal , Xueyuan Han , David Eyers , Dan O'Keeffe , Thomas Pasquier

Since modern anti-virus software mainly depends on a signature-based static analysis, they are not suitable for coping with the rapid increase in malware variants. Moreover, even worse, many vulnerabilities of operating systems enable…

Cryptography and Security · Computer Science 2022-11-28 Manabu Hirano , Ryotaro Kobayashi

Register Files (RFs) are the most frequently accessed memories in a microprocessor for fast and efficient computation and control logic. Segment registers and control registers are especially critical for maintaining the CPU mode of…

Cryptography and Security · Computer Science 2019-04-16 Mohammad Nasim Imtiaz Khan , Asmit De , Swaroop Ghosh

In this chapter, readers will explore how machine learning has been applied to build malware detection systems designed for the Windows operating system. This chapter starts by introducing the main components of a Machine Learning pipeline,…

Cryptography and Security · Computer Science 2024-11-18 Daniel Gibert

Memory protection units (MPUs) are hardware-assisted security features that are commonly used in embedded processors such as the ARM 940T, Infineon TC1775, and Xilinx Zynq. MPUs partition the memory statically, and set individual protection…

Cryptography and Security · Computer Science 2024-05-24 Bharadwaj Madabhushi , Chandra Sekhar Mummidi , Sandip Kundu , Daniel Holcomb

WebAssembly (Wasm) is a next-generation portable compilation target for deploying applications written in high-level languages on the web. In order to protect their memory from untrusted code, web browser engines confine the execution of…

Programming Languages · Computer Science 2019-10-23 Marco Vassena , Marco Patrignani

The kernels of operating systems such as Windows, Linux, and MacOS are vulnerable to control-flow hijacking. Defenses exist, but many require efficient intra-address-space isolation. Execute-only memory, for example, requires read…

Cryptography and Security · Computer Science 2021-08-04 Spyridoula Gravani , Mohammad Hedayati , John Criswell , Michael L. Scott

Adversaries with physical access to a target platform can perform cold boot or DMA attacks to extract sensitive data from the RAM. In response, several main-memory encryption schemes have been proposed to prevent such attacks. Also hardware…

Cryptography and Security · Computer Science 2016-12-13 Robert Buhren , Shay Gueron , Jan Nordholz , Jean-Pierre Seifert , Julian Vetter

Windows malware detectors based on machine learning are vulnerable to adversarial examples, even if the attacker is only given black-box query access to the model. The main drawback of these attacks is that: (i) they are query-inefficient,…

Cryptography and Security · Computer Science 2021-05-20 Luca Demetrio , Battista Biggio , Giovanni Lagorio , Fabio Roli , Alessandro Armando

Memory disclosure attacks play an important role in the exploitation of memory corruption vulnerabilities. By analyzing recent research, we observe that bypasses of defensive solutions that enforce control-flow integrity or attempt to…

Cryptography and Security · Computer Science 2020-07-08 Robert Gawlik , Philipp Koppe , Benjamin Kollenda , Andre Pawlowski , Behrad Garmany , Thorsten Holz

In recent years, insider threats and attacks have been increasing in terms of frequency and cost to the corporate business. The utilization of end-to-end encrypted instant messaging applications (WhatsApp, Telegram, VPN) by malicious…

Cryptography and Security · Computer Science 2024-06-14 Janardhan Kalikiri , Gaurav Varshney , Jaswinder Kour , Tarandeep Singh

With the discovery of new exploit techniques, new protection mechanisms are needed as well. Mitigations like DEP (Data Execution Prevention) or ASLR (Address Space Layout Randomization) created a significantly more difficult environment for…

Cryptography and Security · Computer Science 2010-08-25 Piotr Bania

While machine learning is vulnerable to adversarial examples, it still lacks systematic procedures and tools for evaluating its security in different application contexts. In this article, we discuss how to develop automated and scalable…

Cryptography and Security · Computer Science 2022-07-13 Luca Demetrio , Battista Biggio , Fabio Roli

This retrospective paper describes the RowHammer problem in Dynamic Random Access Memory (DRAM), which was initially introduced by Kim et al. at the ISCA 2014 conference~\cite{rowhammer-isca2014}. RowHammer is a prime (and perhaps the…

Cryptography and Security · Computer Science 2019-04-23 Onur Mutlu , Jeremie S. Kim

Many damaging cybersecurity attacks are enabled when an attacker can access residual sensitive information (e.g. cryptographic keys, personal identifiers) left behind from earlier computation. Attackers can sometimes use residual…

Cryptography and Security · Computer Science 2021-06-21 Deborah Shands , Carolyn Talcott