English
Related papers

Related papers: V0LTpwn: Attacking x86 Processor Integrity from So…

200 papers

We propose a symbolic execution method for analyzing the safety of software under fault attacks both accurately and efficiently. Fault attacks leverage physically injected hardware faults in an embedded system to break the safety of a…

Software Engineering · Computer Science 2026-04-27 Yuzhou Fang , Chenyu Zhou , Jingbo Wang , Chao Wang

Malware and cheat developers use fileless execution techniques to evade traditional, signature-based security products. These methods include various types of manual mapping, module stomping, and threadless injection which work entirely…

Cryptography and Security · Computer Science 2025-08-07 Arjun Juneja

We use browsers daily to access all sorts of information. Because browsers routinely process scripts, media, and executable code from unknown sources, they form a critical security boundary between users and adversaries. A common attack…

Cryptography and Security · Computer Science 2025-09-11 Nils Bars , Lukas Bernhard , Moritz Schloegel , Thorsten Holz

Trying to address the security challenges of a cloud-centric software deployment paradigm, silicon and cloud vendors are introducing confidential computing - an umbrella term aimed at providing hardware and software mechanisms for…

Memory protection units (MPUs) are hardware-assisted security features that are commonly used in embedded processors such as the ARM 940T, Infineon TC1775, and Xilinx Zynq. MPUs partition the memory statically, and set individual protection…

Cryptography and Security · Computer Science 2024-05-24 Bharadwaj Madabhushi , Chandra Sekhar Mummidi , Sandip Kundu , Daniel Holcomb

Intel's Software Guard Extensions (SGX) introduced new instructions to switch the processor to enclave mode which protects it from introspection. While the enclave mode strongly protects the memory and the state of the processor, it cannot…

Cryptography and Security · Computer Science 2020-07-17 Tobias Cloosters , Michael Rodler , Lucas Davi

Highly privileged software, such as firmware, is an attractive target for attackers. Thus, BIOS vendors use cryptographic signatures to ensure firmware integrity at boot time. Nevertheless, such protection does not prevent an attacker from…

Cryptography and Security · Computer Science 2018-03-08 Ronny Chevalier , Maugan Villatel , David Plaquin , Guillaume Hiet

CPUs provide isolation mechanisms like virtualization and privilege levels to protect software. Yet these focus on architectural isolation while typically overlooking microarchitectural side channels, exemplified by Meltdown and Foreshadow.…

Cryptography and Security · Computer Science 2025-07-09 Oleksii Oleksenko , Flavien Solt , Cédric Fournet , Jana Hofmann , Boris Köpf , Stavros Volos

Data exfiltration attacks have led to huge data breaches. Recently, the Equifax attack affected 147M users and a third-party library - Apache Struts - was alleged to be responsible for it. These attacks often exploit the fact that sensitive…

Cryptography and Security · Computer Science 2019-07-09 Qi Zhang , Zehra Sura , Ashish Kundu , Gong Su , Arun Iyengar , Ling Liu

Fault injections are increasingly used to attack/test secure applications. In this paper, we define formal models of runtime monitors that can detect fault injections that result in test inversion attacks and arbitrary jumps in the control…

Cryptography and Security · Computer Science 2019-09-23 Ali Kassem , Yliès Falcone

Large Language Models (LLMs), while powerful, are built and trained to process a single text input. In common applications, multiple inputs can be processed by concatenating them together into a single stream of text. However, the LLM is…

Cryptography and Security · Computer Science 2024-03-25 Keegan Hines , Gary Lopez , Matthew Hall , Federico Zarfati , Yonatan Zunger , Emre Kiciman

Encrypting data before sending it to the cloud protects it against hackers and malicious insiders, but requires the cloud to compute on encrypted data. Trusted (hardware) modules, e.g., secure enclaves like Intel's SGX, can very efficiently…

Cryptography and Security · Computer Science 2017-10-03 Andreas Fischer , Benny Fuhry , Florian Kerschbaum , Eric Bodden

Adversaries with physical access to a target platform can perform cold boot or DMA attacks to extract sensitive data from the RAM. In response, several main-memory encryption schemes have been proposed to prevent such attacks. Also hardware…

Cryptography and Security · Computer Science 2016-12-13 Robert Buhren , Shay Gueron , Jan Nordholz , Jean-Pierre Seifert , Julian Vetter

Hardware-based Trusted execution environments (TEEs) offer an isolation granularity of virtual machine abstraction. They provide confidential VMs (CVMs) that host security-sensitive code and data. AMD SEV-SNP and Intel TDX enable CVMs and…

Cryptography and Security · Computer Science 2024-04-05 Benedict Schlüter , Supraja Sridhara , Mark Kuhne , Andrin Bertschi , Shweta Shinde

Trusted Platform Modules constitute an integral building block of modern security features. Moreover, as Windows 11 made a TPM 2.0 mandatory, they are subject to an ever-increasing academic challenge. While discrete TPMs - as found in…

Cryptography and Security · Computer Science 2023-05-03 Hans Niklas Jacob , Christian Werling , Robert Buhren , Jean-Pierre Seifert

Intel SGX enables memory isolation and static integrity verification of code and data stored in user-space memory regions called enclaves. SGX effectively shields the execution of enclaves from the underlying untrusted OS. Attackers cannot…

Cryptography and Security · Computer Science 2022-06-16 Flavio Toffalini , Mathias Payer , Jianying Zhou , Lorenzo Cavallaro

Malware attacks are a significant part of the new software security threats detected each year. Intel Software Guard Extensions (SGX) are a set of hardware instructions introduced by Intel in their recent lines of processors that are…

Cryptography and Security · Computer Science 2020-09-24 Vlad Crăciun , Pascal Felber , Andrei Mogage , Emanuel Onica , Rafael Pires

Since its debut, SGX has been used in many applications, e.g., secure data processing. However, previous systems usually assume a trusted enclave and ignore the security issues caused by an untrusted enclave. For instance, a vulnerable (or…

Cryptography and Security · Computer Science 2020-10-26 Yuan Chen , Jiaqi Li , Guorui Xu , Yajin Zhou , Zhi Wang , Cong Wang , Kui Ren

Hardware support for trusted execution in modern CPUs enables tenants to shield their data processing workloads in otherwise untrusted cloud environments. Runtime systems for the trusted execution must rely on an interface to the untrusted…

Operating Systems · Computer Science 2020-01-22 Christian Priebe , Divya Muthukumaran , Joshua Lind , Huanzhou Zhu , Shujie Cui , Vasily A. Sartakov , Peter Pietzuch

Meltdown and Spectre exploit microarchitectural changes the CPU makes during transient out-of-order execution. Using side-channel techniques, these attacks enable leaking arbitrary data from memory. As state-of-the-art software mitigations…

Cryptography and Security · Computer Science 2021-03-08 Michael Schwarz , Claudio Canella , Lukas Giner , Daniel Gruss