English
Related papers

Related papers: PACStack: an Authenticated Call Stack

200 papers

Return-Oriented Programming (ROP) is a typical attack technique that exploits return addresses to abuse existing code repeatedly. Most of the current return address protecting mechanisms (also known as the Backward-Edge Control-Flow…

Cryptography and Security · Computer Science 2020-07-16 Jinfeng Li , Liwei Chen , Qizhen Xu , Linan Tian , Gang Shi , Kai Chen , Dan Meng

Run-time attacks against programs written in memory-unsafe programming languages (e.g., C and C++) remain a prominent threat against computer systems. The prevalence of techniques like return-oriented programming (ROP) in attacking…

Cryptography and Security · Computer Science 2019-05-27 Hans Liljestrand , Thomas Nyman , Kui Wang , Carlos Chinea Perez , Jan-Erik Ekberg , N. Asokan

Modern processors include high-performance cryptographic functionalities such as Intel's AES-NI and ARM's Pointer Authentication that allow programs to efficiently authenticate data held by the program. Pointer Authentication is already…

Cryptography and Security · Computer Science 2022-10-21 Setareh Ghorshi , Lachlan J. Gunn , Hans Liljestrand , N. Asokan

Stack-based memory corruption vulnerabilities have long been exploited by attackers to execute arbitrary code or perform unauthorized memory operations. Various defense mechanisms have been introduced to mitigate stack memory errors, but…

Cryptography and Security · Computer Science 2025-03-24 Lei Chong

Attacks on the microarchitecture of modern processors have become a practical threat to security and privacy in desktop and cloud computing. Recently, cache attacks have successfully been demonstrated on ARM based mobile devices, suggesting…

Cryptography and Security · Computer Science 2017-03-30 Marc Green , Leandro Rodrigues-Lima , Andreas Zankl , Gorka Irazoqui , Johann Heyszl , Thomas Eisenbarth

Intercepting system calls is crucial for tools that aim to modify or monitor application behavior. However, existing system call interception tools on the ARM platform still suffer from limitations in terms of performance and completeness.…

Hardware Architecture · Computer Science 2025-06-24 Yang Shen , Min Xie , Wenzhe Zhang , Tao Wu

Control-Flow Hijacking attacks are the dominant attack vector against C/C++ programs. Control-Flow Integrity (CFI) solutions mitigate these attacks on the forward edge,i.e., indirect calls through function pointers and virtual calls.…

Cryptography and Security · Computer Science 2019-11-26 Nathan Burow , Xinping Zhang , Mathias Payer

The increasing integration of modern IT technologies into OT technologies and industrial systems is expanding the vulnerability surface of legacy infrastructures, which often rely on outdated protocols and resource-constrained devices.…

Cryptography and Security · Computer Science 2025-05-07 Alessandro Lotto , Alessandro Brighente , Mauro Conti

Nowadays, Vehicular Ad hoc Networks (VANETs) are popularly known as they can reduce traffic and road accidents. These networks need several security requirements, such as anonymity, data authentication, confidentiality, traceability and…

Cryptography and Security · Computer Science 2021-04-07 A. Aghabagherloo , J. Mohajeri , M. Salmasizadeh , M. Mohassel Feghhi

Memory safety is a key security property that stops memory corruption vulnerabilities. Existing sanitizers enforce checks and catch such bugs during development and testing. However, they either provide partial memory safety or have…

Cryptography and Security · Computer Science 2022-02-09 Yuan Li , Wende Tan , Zhizheng Lv , Songtao Yang , Mathias Payer , Ying Liu , Chao Zhang

With the increasing popularity of AArch64 processors in general-purpose computing, securing software running on AArch64 systems against control-flow hijacking attacks has become a critical part toward secure computation. Shadow stacks keep…

Cryptography and Security · Computer Science 2023-07-20 Zhuojia Shen , John Criswell

Stack canaries remain a widely deployed defense against memory corruption attacks. Despite their practical usefulness, canaries are vulnerable to memory disclosure and brute-forcing attacks. We propose PCan, a new approach based on…

Cryptography and Security · Computer Science 2019-09-13 Hans Liljestrand , Zaheer Gauhar , Thomas Nyman , Jan-Erik Ekberg , N. Asokan

Manipulations of return addresses on the stack are the basis for a variety of attacks on programs written in memory unsafe languages. Dual stack schemes for protecting return addresses promise an efficient and effective defense against such…

Cryptography and Security · Computer Science 2018-06-26 Philipp Zieris , Julian Horsch

Embedded and Internet-of-Things (IoT) devices play a critical role in modern life. Their software and firmware, often developed in memory-unsafe languages like C, are susceptible to memory safety vulnerabilities that can lead to…

Cryptography and Security · Computer Science 2026-05-12 Xi Tan , Sagar Mohan , Ziming Zhao

Side-channel attacks, which are capable of breaking secrecy via side-channel information, pose a growing threat to the implementation of cryptographic algorithms. Masking is an effective countermeasure against side-channel attacks by…

Cryptography and Security · Computer Science 2020-06-17 Pengfei Gao , Hongyi Xie , Fu Song , Taolue Chen

This white paper demonstrates how the assurance, reliability, and security of an existing professional-grade, open-source embedded TCP/IP stack implementation written in the C programming language is significantly enhanced by adopting the…

Cryptography and Security · Computer Science 2021-09-23 Kyriakos Georgiou , Guillaume Cluzel , Paul Butcher , Yannick Moy

Caches have been exploited to leak secret information due to the different times they take to handle memory accesses. Cache timing attacks include non-speculative cache side and covert channel attacks and cache-based speculative execution…

Cryptography and Security · Computer Science 2024-04-23 Guangyuan Hu , Ruby B. Lee

With the improvements of computing technology, more and more applications embed powerful ARM processors into their devices. These systems can be attacked by redirecting the control-flow of a program to bypass critical pieces of code such as…

Cryptography and Security · Computer Science 2021-05-03 Robert Schilling , Pascal Nasahl , Stefan Mangard

This paper investigates the problem of safety certification for black-box discrete-time stochastic systems, where both the system dynamics and disturbance distributions are unknown, and only sampled data are available. Under such limited…

Systems and Control · Electrical Eng. & Systems 2026-02-17 Taoran Wu , Dominik Wagner , Jingduo Pan , Luke Ong , Arvind Easwaran , Bai Xue

Storage integrity is essential to systems and applications that use untrusted storage (e.g., public clouds, end-user devices). However, known methods for achieving storage integrity either suffer from high (and often prohibitive) overheads…

Cryptography and Security · Computer Science 2025-04-10 Quinn Burke , Ryan Sheatsley , Yohan Beugin , Eric Pauley , Owen Hines , Michael Swift , Patrick McDaniel
‹ Prev 1 2 3 10 Next ›