English
Related papers

Related papers: Automating Seccomp Filter Generation for Linux App…

200 papers

With the improvements in computing technologies, edge devices in the Internet-of-Things have become more complex. The enabler technology for these complex systems are powerful application core processors with operating system support, such…

Cryptography and Security · Computer Science 2023-01-13 Robert Schilling , Pascal Nasahl , Martin Unterguggenberger , Stefan Mangard

Web applications are distributed applications, they are programs that run on more than one computer and communicate through a network or server. This very distributed nature of web applications, combined with the scale and sheer complexity…

Cryptography and Security · Computer Science 2022-10-17 Akash Nagaraj , Bishesh Sinha , Mukund Sood , Yash Mathur , Sanchika Gupta , Dinkar Sitaram

In the era of microarchitectural side channels, vendors scramble to deploy mitigations for transient execution attacks, but leave traditional side-channel attacks against sensitive software (e.g., crypto programs) to be fixed by developers…

Cryptography and Security · Computer Science 2021-09-16 Pietro Borrello , Daniele Cono D'Elia , Leonardo Querzoni , Cristiano Giuffrida

Patch reviewing is critical for software development, especially in distributed open-source development, which highly depends on voluntary work, such as Linux. This paper studies the past 10 years of patch reviews of the Linux memory…

Software Engineering · Computer Science 2026-03-27 Chih-En Lin , Attreyee Mukherjee , Ajay Rawat , Ruqi Zhang , Pedro Fonseca

Static Application Security Testing (SAST) tools using taint analysis are widely viewed as providing higher-quality vulnerability detection results compared to traditional pattern-based approaches. However, performing static taint analysis…

Software bugs in a production environment have an undesirable impact on quality of service, unplanned system downtime, and disruption in good customer experience, resulting in loss of revenue and reputation. Existing approaches to automated…

Software Engineering · Computer Science 2020-02-21 Anusha Bableshwar , Arun Ravindran , Manoj Iyer

Constant-time programming is a widely deployed approach to harden cryptographic programs against side channel attacks. However, modern processors often violate the underlying assumptions of standard constant-time policies by transiently…

Cryptography and Security · Computer Science 2025-05-21 Ali Hajiabadi , Trevor E. Carlson

Security-Enhanced Linux (SELinux) is a Linux kernel module that allows for a role-based access control (RBAC) mechanism. It provides a fine-grained security framework enabling system administrators to define security policies at the system…

Cryptography and Security · Computer Science 2023-12-11 Divyam Pahuja , Alvin Tang , Klim Tsoutsman

Linux kernel stable versions serve the needs of users who value stability of the kernel over new features. The quality of such stable versions depends on the initiative of kernel developers and maintainers to propagate bug fixing patches to…

Software Engineering · Computer Science 2019-11-12 Thong Hoang , Julia Lawall , Yuan Tian , Richard J Oentaryo , David Lo

This paper presents the Container Profiler, a software tool that measures and records the resource usage of any containerized task. Our tool profiles the CPU, memory, disk, and network utilization of containerized tasks collecting over…

Distributed, Parallel, and Cluster Computing · Computer Science 2023-02-08 Varik Hoang , Ling-Hong Hung , David Perez , Huazeng Deng , Raymond Schooley , Niharika Arumilli , Ka Yee Yeung , Wes Lloyd

The security of scripting languages such as PowerShell is critical given their powerful automation and administration capabilities, often exercised with elevated privileges. Today, securing these languages still demands substantial human…

Cryptography and Security · Computer Science 2026-01-13 Keyang Zhang , Zeyu Chen , Xuan Feng , Dongliang Fang , Yaowen Zheng , Zhi Li , Limin Sun

Many users implicitly assume that software can only be exploited after it is installed. However, recent supply-chain attacks demonstrate that application integrity must be ensured during installation itself. We introduce SIGL, a new tool…

Cryptography and Security · Computer Science 2021-06-24 Xueyuan Han , Xiao Yu , Thomas Pasquier , Ding Li , Junghwan Rhee , James Mickens , Margo Seltzer , Haifeng Chen

Hardware-enclaves that target complex CPU designs compromise both security and performance. Programs have little control over micro-architecture, which leads to side-channel leaks, and then have to be transformed to have worst-case control-…

Cryptography and Security · Computer Science 2020-07-16 Sarbartha Banerjee , Prakash Ramrakhyani , Shijia Wei , Mohit Tiwari

A container is a group of processes isolated from other groups via distinct kernel namespaces and resource allocation quota. Attacks against containers often leverage kernel exploits through system call interface. In this paper, we present…

Cryptography and Security · Computer Science 2017-12-18 Zhiyuan Wan , David Lo , Xin Xia , Liang Cai , Shanping Li

In this paper we introduce Timeloops a novel technique for automatically learning system call filtering policies for containerized microservices applications. At run-time, Timeloops automatically learns which system calls a program should…

Cryptography and Security · Computer Science 2022-09-27 Meghna Pancholi , Andreas D. Kellas , Vasileios P. Kemerlis , Simha Sethumadhavan

As an emerging application paradigm, serverless computing attracts attention from more and more attackers. Unfortunately, security tools for conventional applications cannot be easily ported to serverless, and existing serverless security…

Cryptography and Security · Computer Science 2020-11-11 Deepak Sirone Jegan , Liang Wang , Siddhant Bhagat , Thomas Ristenpart , Michael Swift

Malware continues to evolve rapidly, and more than 450,000 new samples are captured every day, which makes manual malware analysis impractical. However, existing deep learning detection models need manual feature engineering or require high…

Cryptography and Security · Computer Science 2022-05-10 Jiawei Xu , Wenxuan Fu , Haoyu Bu , Zhi Wang , Lingyun Ying

Security vulnerabilities are among the most critical software defects in existence. As such, they require patches that are correct and quickly deployed. This motivates an automatic patch generation method that emphasizes both soundness and…

Cryptography and Security · Computer Science 2018-06-13 Zhen Huang , David Lie

The prevalence of software systems has become an integral part of modern-day living. Software usage has increased significantly, leading to its growth in both size and complexity. Consequently, software development is becoming a more…

Software Engineering · Computer Science 2023-06-07 Tiago Dias , Arthur Batista , Eva Maia , Isabel Praça

Linux container technologies such as Docker and Singularity offer encapsulated environments for easy execution of software. In high performance computing, this is especially important for evolving and complex software stacks with…

Operating Systems · Computer Science 2022-12-15 Vanessa Sochat , Matthieu Muffato , Audrey Stott , Marco De La Pierre , Georgia Stuart