English
Related papers

Related papers: ferify: A Virtual Machine File Protection System a…

200 papers

AMD's Secure Encrypted Virtualization (SEV) is an emerging security feature on AMD processors that allows virtual machines to run on encrypted memory and perform confidential computing even with an untrusted hypervisor. This paper first…

Cryptography and Security · Computer Science 2022-04-01 Mengyuan Li , Yinqian Zhang , Zhiqiang Lin

The widespread deployment of control-flow integrity has propelled non-control data attacks into the mainstream. In the domain of OS kernel exploits, by corrupting critical non-control data, local attackers can directly gain root access or…

Cryptography and Security · Computer Science 2024-09-10 Jinmeng Zhou , Jiayi Hu , Ziyue Pan , Jiaxun Zhu , Wenbo Shen , Guoren Li , Zhiyun Qian

This paper presents a systematic study on the security of modern file systems, following a vulnerability-centric perspective. Specifically, we collected 377 file system vulnerabilities committed to the CVE database in the past 20 years. We…

Cryptography and Security · Computer Science 2022-04-28 Jinghan Sun , Shaobo Li , Jun Xu , Jian Huang

Over the last years, security kernels have played a promising role in reshaping the landscape of platform security on today's ubiquitous embedded devices. Security kernels, such as separation kernels, enable constructing high-assurance…

Cryptography and Security · Computer Science 2020-05-07 Hamed Nemati

Cache attacks pose a threat to any code whose execution flow or memory accesses depend on sensitive information. Especially in public clouds, where caches are shared across several tenants, cache attacks remain an unsolved problem. Cache…

Cryptography and Security · Computer Science 2017-09-07 Samira Briongos , Gorka Irazoqui , Pedro Malagón , Thomas Eisenbarth

VDI is no longer safe and reliable anymore. VDI(Virtual Desktop Infrastructure, also called Cloud Desktop) is being widely used as working interface to avoid data exfiltration. With VDI client, end users can access internal data without…

Cryptography and Security · Computer Science 2022-12-22 Bin Wei

Emerging high performance non-volatile memories recall the importance of efficient file system design. To avoid the virtual file system (VFS) and syscall overhead as in these kernel-based file systems, recent works deploy file systems…

Operating Systems · Computer Science 2019-08-29 Youmin Chen , Youyou Lu , Bohong Zhu , Jiwu Shu

Despite significant research and engineering efforts, many of today's important computer systems suffer from bugs. To increase the reliability of software systems, recent work has applied formal verification to certify the correctness of…

Cryptography and Security · Computer Science 2020-12-16 Daniel W. Song , Konstantinos Mamouras , Ang Chen , Nathan Dautenhahn , Dan S. Wallach

Virtual file systems are a tool to centralize and mobilize a file system that could otherwise be complex and consist of multiple hierarchies, hard disks, and more. In this paper, we discuss the design of Unix-based file systems and how this…

Operating Systems · Computer Science 2023-12-27 Qin Sun , Grace McKenzie , Guanqun Song , Ting Zhu

Attackers willing to compromise computing systems can use malicious peripherals as an attack vector, threatening users that cannot verify the hardware's authenticity. To address this problem, our work uses the Security Protocol and Data…

Cryptography and Security · Computer Science 2026-05-11 Ágatha de Freitas , Marcos A. Simplicio , Bruno C. Albertini , Renan C. A. Alves

Virtualization promises significant benefits in security, efficiency, dependability, and cost. Achieving these benefits depends upon the reliability of the underlying virtual machine monitors (hypervisors). This paper describes an ongoing…

Logic in Computer Science · Computer Science 2011-10-24 Mike Dahlin , Ryan Johnson , Robert Bellarmine Krug , Michael McCoyd , William Young

High performance networks (e.g. Infiniband) rely on zero-copy operations for performance. Zero-copy operations, as the name implies, avoid copying buffers for sending and receiving data. Instead, hardware devices directly read and write to…

Distributed, Parallel, and Cluster Computing · Computer Science 2013-04-02 Russell Power

In this article, virtualization security concerns in the cloud computing domain are reviewed. The focus is toward virtual machine (VM) security where attacks and vulnerabilities such as VM escape, VM hopping, cross-VM side-channel, VM-based…

Cryptography and Security · Computer Science 2014-11-17 Yasir Shoaib , Olivia Das

Ransomware core capability, unauthorized encryption, demands controls that identify and block malicious cryptographic activity without disrupting legitimate use. We present a probabilistic, risk-based access control architecture that…

Cryptography and Security · Computer Science 2026-03-24 Kenan Begovic , Abdulaziz Al-Ali , Qutaibah Malluhi

Cloud computing relies on secure and efficient virtualization. Software level security solutions compromise the performance of virtual machines (VMs), as a large amount of computational power would be utilized for running the security…

Hardware Architecture · Computer Science 2018-05-11 Jithin R , Priya Chandran

Malicious peripherals designed to attack their host computers are a growing problem. Inexpensive and powerful peripherals that attach to plug-and-play buses have made such attacks easy to mount. Making matters worse, commodity operating…

Operating Systems · Computer Science 2016-08-19 Sebastian Angel , Riad S. Wahby , Max Howald , Joshua B. Leners , Michael Spilo , Zhen Sun , Andrew J. Blumberg , Michael Walfish

Memory corruption vulnerabilities remain one of the most severe threats to software security. They often allow attackers to achieve arbitrary code execution by redirecting a vulnerable program's control flow. While Control Flow Integrity…

Cryptography and Security · Computer Science 2025-08-22 Sabine Houy , Bruno Kreyssig , Timothee Riom , Alexandre Bartel , Patrick McDaniel

In systems owned by normal end-users, many times security attacks are mounted by sneaking in malicious applications or exploiting existing software vulnerabilities through security non-conforming actions of users. Virtualization approaches…

Cryptography and Security · Computer Science 2022-11-07 Vinayak Trivedi , Tushar Gurjar , Sumaiya Shaikh , Saketh Maddamsetty , Debadatta Mishra

Fully Homomorphic Encryption (FHE) is seeing increasing real-world deployment to protect data in use by allowing computation over encrypted data. However, the same malleability that enables homomorphic computations also raises integrity…

Cryptography and Security · Computer Science 2023-02-14 Alexander Viand , Christian Knabenhans , Anwar Hithnawi

The eBPF framework enables execution of user-provided code in the Linux kernel. In the last few years, a large ecosystem of cloud services has leveraged eBPF to enhance container security, system observability, and network management.…

Cryptography and Security · Computer Science 2024-09-13 Soo Yee Lim , Tanya Prasad , Xueyuan Han , Thomas Pasquier