English
Related papers

Related papers: Camouflage: Hardware-assisted CFI for the ARM Linu…

200 papers

The Unified Extensible Firmware Interface (UEFI) is a standardised interface between the firmware and the operating system used in all x86-based platforms over the past ten years. A side effect of the transition from conventional BIOS…

Software Engineering · Computer Science 2021-11-22 Mikhail Krichanov , Vitaly Cheptsov

Secure elements physically exposed to adversaries are frequently targeted by fault attacks. These attacks can be utilized to hijack the control-flow of software allowing the attacker to bypass security measures, extract sensitive data, or…

Cryptography and Security · Computer Science 2023-03-27 Pascal Nasahl , Stefan Mangard

Micro-Controller Units (MCUs) are widely used in safety-critical systems, making them attractive targets for attacks. This calls for lightweight defenses that remain effective despite software compromise. Control Flow Auditing (CFAud) is…

Cryptography and Security · Computer Science 2026-03-03 Alexandra Lengert , Adam Ilyas Caulfield , Ivan De Oliveira Nunes

Low-end embedded devices are increasingly used in various smart applications and spaces. They are implemented under strict cost and energy budgets, using microcontroller units (MCUs) that lack security features available in general-purpose…

Cryptography and Security · Computer Science 2023-10-20 Adam Caulfield , Norrathep Rattanavipanon , Ivan De Oliveira Nunes

This work details a hardware-assisted approach for information flow tracking implemented on reconfigurable chips. Current solutions are either time-consuming or hardly portable (modifications of both sofware/hardware layers). This work…

Cryptography and Security · Computer Science 2018-11-15 Muhammad Abdul Wahab , Pascal Cotret , Mounir Nasr Allah , Guillaume Hiet , Vianney Lapotre , Guy Gogniat

High-performance IO demands low-overhead communication between user- and kernel space. This demand can no longer be fulfilled by traditional system calls. Linux's extended Berkeley Packet Filter (BPF) avoids user-/kernel transitions by…

Cryptography and Security · Computer Science 2025-01-09 Luis Gerhorst , Henriette Herzog , Peter Wägemann , Maximilian Ott , Rüdiger Kapitza , Timo Hönig

Analyzing the security of closed-source drivers and libraries in embedded systems holds significant importance, given their fundamental role in the supply chain. Unlike x86, embedded platforms lack comprehensive binary manipulating tools,…

Cryptography and Security · Computer Science 2024-04-25 Shipei Qu , Xiaolin Zhang , Chi Zhang , Dawu Gu

Attackers willing to compromise computing systems can use malicious peripherals as an attack vector, threatening users that cannot verify the hardware's authenticity. To address this problem, our work uses the Security Protocol and Data…

Cryptography and Security · Computer Science 2026-05-11 Ágatha de Freitas , Marcos A. Simplicio , Bruno C. Albertini , Renan C. A. Alves

The signing key protection of Certificate Authorities (CAs) remains a critical challenge in PKI. Traditional approaches struggle to eliminate the risk of key exposure due to those (un)intentional human errors. This long-standing dilemma…

Cryptography and Security · Computer Science 2025-01-14 Xiaolin Zhang , Chenghao Chen , Kailun Qin , Yuxuan Wang , Shipei Qu , Tengfei Wang , Chi Zhang , Dawu Gu

Prior research yielded many techniques to mitigate software compromise for low-end Internet of Things (IoT) devices. Some of them detect software modifications via remote attestation and similar services, while others preventatively ensure…

Cryptography and Security · Computer Science 2025-01-17 Sashidhar Jakkamsetti , Youngil Kim , Andrew Searles , Gene Tsudik

Arm Confidential Computing Architecture (CCA) currently isolates at the granularity of an entire Confidential Virtual Machine (CVM), leaving intra-VM bugs such as Heartbleed unmitigated. The state-of-the-art narrows this to the process…

Cryptography and Security · Computer Science 2025-06-10 Shiqi Liu , Yongpeng Gao , Mingyang Zhang , Jie Wang

Memory corruption vulnerabilities remain one of the most severe threats to software security. They often allow attackers to achieve arbitrary code execution by redirecting a vulnerable program's control flow. While Control Flow Integrity…

Cryptography and Security · Computer Science 2025-08-22 Sabine Houy , Bruno Kreyssig , Timothee Riom , Alexandre Bartel , Patrick McDaniel

Compiler-based Control-Flow Integrity (CFI) offers strong forward-edge protection but remains challenging to deploy in large C/C++ software due to visibility mismatches, type inconsistencies, and unintended behavioral failures. We present…

Software Engineering · Computer Science 2025-12-30 Sabine Houy , Bruno Kreyssig , Alexandre Bartel

MMU-less Linux variant lacks security because it does not have protection or isolation mechanisms. It also does not use MPUs as they do not fit with its software model because of the design drawbacks of MPUs (\ie coarse-grained protection…

Operating Systems · Computer Science 2024-01-19 Hesham Almatary , Alfredo Mazzinghi , Robert N. M. Watson

Modern computing systems are limited in performance by the memory bandwidth available to processors, a problem known as the memory wall. Processing-in-Memory (PIM) promises to substantially improve this problem by moving processing closer…

Cryptography and Security · Computer Science 2025-04-24 Sahar Ghoflsaz Ghinani , Jingyao Zhang , Elaheh Sadredini

Assured Remote Execution on a device is the ability of suitably authorized parties to construct secure channels with known processes -- i.e. processes executing known code -- running on it. Assured Remote Execution requires a hardware basis…

Cryptography and Security · Computer Science 2024-09-24 Scott L. Dyer , Christian A. Femrite , Joshua D. Guttman , Julian P. Lanson , Moses D. Liskov

Remote attestation is a crucial security service particularly relevant to increasingly popular IoT (and other embedded) devices. It allows a trusted party (verifier) to learn the state of a remote, and potentially malware-infected, device…

Cryptography and Security · Computer Science 2016-08-18 Tigist Abera , N. Asokan , Lucas Davi , Jan-Erik Ekberg , Thomas Nyman , Andrew Paverd , Ahmad-Reza Sadeghi , Gene Tsudik

Static Random Access Memory (SRAM) Physically Unclonable Functions (PUFs) make use of intrinsic manufacturing variations in memory cells to derive device-unique responses. Employing such hardware-rooted fingerprints for authentication, this…

Cryptography and Security · Computer Science 2026-04-20 Florian Lehn , Pascal Ahr , Hans D. Schotten

In-process compartmentalization and access control have been actively explored to provide in-place and efficient isolation of in-process security domains. Many works have proposed compartmentalization schemes that leverage hardware…

Cryptography and Security · Computer Science 2023-09-21 Kha Dinh Duy , Kyuwon Cho , Taehyun Noh , Hojoon Lee

This work presents the first design, integration, and evaluation of the standard RISC-V extensions for Control-Flow Integrity (CFI). The Zicfiss and Zicfilp extensions aim at protecting the execution of a vulnerable program from…

Hardware Architecture · Computer Science 2026-02-16 Simone Manoni , Emanuele Parisi , Riccardo Tedeschi , Davide Rossi , Andrea Acquaviva , Andrea Bartolini