English
Related papers

Related papers: StackVault: Protection from Untrusted Functions

200 papers

A stack overflow occurs when a program or process tries to store more data in a buffer (or stack) than it was intended to hold. If the affected program is running with special privileges or accepts data from untrusted network hosts (e.g. a…

Cryptography and Security · Computer Science 2019-11-07 Md. Masudur Rahman , B M Mainul Hossain

Stack-based memory corruption vulnerabilities have long been exploited by attackers to execute arbitrary code or perform unauthorized memory operations. Various defense mechanisms have been introduced to mitigate stack memory errors, but…

Cryptography and Security · Computer Science 2025-03-24 Lei Chong

Many applications that benefit from data offload to cloud services operate on private data. A now-long line of work has shown that, even when data is offloaded in an encrypted form, an adversary can learn sensitive information by analyzing…

Cryptography and Security · Computer Science 2023-11-06 Midhul Vuppalapati , Kushal Babel , Anurag Khandelwal , Rachit Agarwal

Since its debut, SGX has been used in many applications, e.g., secure data processing. However, previous systems usually assume a trusted enclave and ignore the security issues caused by an untrusted enclave. For instance, a vulnerable (or…

Cryptography and Security · Computer Science 2020-10-26 Yuan Chen , Jiaqi Li , Guorui Xu , Yajin Zhou , Zhi Wang , Cong Wang , Kui Ren

Web applications in widespread use have always been the target of large-scale attacks, leading to massive disruption of services and financial loss, as in the Equifax data breach. It has become common practice to deploy web application in…

Cryptography and Security · Computer Science 2019-08-07 Indranil Jana , Alina Oprea

New hardware primitives such as Intel SGX secure a user-level process in presence of an untrusted or compromised OS. Such "enclaved execution" systems are vulnerable to several side-channels, one of which is the page fault channel. In this…

Cryptography and Security · Computer Science 2016-01-13 Shweta Shinde , Zheng Leong Chua , Viswesh Narayanan , Prateek Saxena

This paper presents the results of a series of penetration tests performed on the OpenStack Essex Cloud Management Software. Several different types of penetration tests were performed including network protocol and command line fuzzing,…

Cryptography and Security · Computer Science 2013-01-10 Ralph LaBarge , Thomas McGuire

Confidential computing safeguards sensitive computations from untrusted clouds, with Confidential Virtual Machines (CVMs) providing a secure environment for guest OS. However, CVMs often come with large and vulnerable operating system…

Cryptography and Security · Computer Science 2024-07-19 Benshan Mei , Saisai Xia , Wenhao Wang , Dongdai Lin

Cache attacks pose a threat to any code whose execution flow or memory accesses depend on sensitive information. Especially in public clouds, where caches are shared across several tenants, cache attacks remain an unsolved problem. Cache…

Cryptography and Security · Computer Science 2017-09-07 Samira Briongos , Gorka Irazoqui , Pedro Malagón , Thomas Eisenbarth

Protecting sensitive information in data-driven collaborations, such as AI training, while meeting the diverse requirements of multiple mutually distrusted stakeholders, is both crucial and challenging. This paper presents Styx, a novel…

Cryptography and Security · Computer Science 2026-04-07 Shixuan Zhao , Weicheng Wang , Ninghui Li , Zhiqiang Lin

Memory corruption vulnerabilities often enable attackers to take control of a target system by overwriting control-flow relevant data (such as return addresses and function pointers), which are potentially stored in close proximity of…

Cryptography and Security · Computer Science 2019-09-10 Marie-Therese Walter , David Pfaff , Stefan Nürnberger , Michael Backes

Hardware support for trusted execution in modern CPUs enables tenants to shield their data processing workloads in otherwise untrusted cloud environments. Runtime systems for the trusted execution must rely on an interface to the untrusted…

Operating Systems · Computer Science 2020-01-22 Christian Priebe , Divya Muthukumaran , Joshua Lind , Huanzhou Zhu , Shujie Cui , Vasily A. Sartakov , Peter Pietzuch

Manipulations of return addresses on the stack are the basis for a variety of attacks on programs written in memory unsafe languages. Dual stack schemes for protecting return addresses promise an efficient and effective defense against such…

Cryptography and Security · Computer Science 2018-06-26 Philipp Zieris , Julian Horsch

While the security of the cloud remains a concern, a common practice is to encrypt data before outsourcing them for utilization. One key challenging issue is how to efficiently perform queries over the ciphertext. Conventional crypto-based…

Cryptography and Security · Computer Science 2019-12-19 Yaxing Chen , Qinghua Zheng , Dan Liu , Zheng Yan , Wenhai Sun , Ning Zhang , Wenjing Lou , Y. Thomas Hou

With the improvements in computing technologies, edge devices in the Internet-of-Things have become more complex. The enabler technology for these complex systems are powerful application core processors with operating system support, such…

Cryptography and Security · Computer Science 2023-01-13 Robert Schilling , Pascal Nasahl , Martin Unterguggenberger , Stefan Mangard

Intel has introduced a trusted computing technology, Intel Software Guard Extension (SGX), which provides an isolated and secure execution environment called enclave for a user program without trusting any privilege software (e.g., an…

Cryptography and Security · Computer Science 2018-11-14 Jinwen Wang , Yueqiang Cheng , Qi Li , Yong Jiang

Unauthorized data alteration has been a longstanding threat since the emergence of malware. System and application software can be reinstalled and hardware can be replaced, but user data is priceless in many cases. Especially in recent…

Cryptography and Security · Computer Science 2019-05-28 Lianying Zhao , Mohammad Mannan

Intel SGX is known to be vulnerable to a class of practical attacks exploiting memory access pattern side-channels, notably page-fault attacks and cache timing attacks. A promising hardening scheme is to wrap applications in hardware…

Cryptography and Security · Computer Science 2022-12-29 Yuzhe Tang , Kai Li , Yibo Wang , Jiaqi Chen , Cheng Xu

In-storage computing with modern solid-state drives (SSDs) enables developers to offload programs from the host to the SSD. It has been proven to be an effective approach to alleviating the I/O bottleneck. To facilitate in-storage…

Cryptography and Security · Computer Science 2022-05-16 Yuqi Xue , Luyi Kang , Weiwei Jia , Xiaohao Wang , Jongryool Kim , Changhwan Youn , Myeong Joon Kang , Hyung Jin Lim , Bruce Jacob , Jian Huang

Software supply chain vulnerabilities arise when attackers exploit weaknesses by injecting vulnerable code into widely used packages or libraries within software repositories. While most existing approaches focus on identifying vulnerable…

Cryptography and Security · Computer Science 2025-06-25 Sajal Halder , Muhammad Ejaz Ahmed , Seyit Camtepe
‹ Prev 1 2 3 10 Next ›