English
Related papers

Related papers: An Axiomatic Approach to Detect Information Leaks …

200 papers

Memory leaks are prevalent in various real-world software projects, thereby leading to serious attacks like denial-of-service. Though prior methods for detecting memory leaks made significant advance, they often suffer from low accuracy and…

Cryptography and Security · Computer Science 2025-04-08 Hongliang Liang , Luming Yin , Guohao Wu , Yuxiang Li , Qiuping Yi , Lei Wang

A resource leak occurs when a program fails to free some finite resource after it is no longer needed. Such leaks are a significant cause of real-world crashes and performance problems. Recent work proposed an approach to prevent resource…

Software Engineering · Computer Science 2023-09-25 Narges Shadab , Pritam Gharat , Shrey Tiwari , Michael D. Ernst , Martin Kellogg , Shuvendu Lahiri , Akash Lal , Manu Sridharan

Sensitive information leakage in code repositories has emerged as a critical security challenge. Traditional detection methods that rely on regular expressions, fingerprint features, and high-entropy calculations often suffer from high…

Cryptography and Security · Computer Science 2025-12-10 Bin Wang , Hui Li , Liyang Zhang , Qijia Zhuang , Ao Yang , Dong Zhang , Xijun Luo , Bing Lin

Side-channel attacks, which are capable of breaking secrecy via side-channel information, pose a growing threat to the implementation of cryptographic algorithms. Masking is an effective countermeasure against side-channel attacks by…

Cryptography and Security · Computer Science 2020-06-17 Pengfei Gao , Hongyi Xie , Fu Song , Taolue Chen

Memory disclosure attacks play an important role in the exploitation of memory corruption vulnerabilities. By analyzing recent research, we observe that bypasses of defensive solutions that enforce control-flow integrity or attempt to…

Cryptography and Security · Computer Science 2020-07-08 Robert Gawlik , Philipp Koppe , Benjamin Kollenda , Andre Pawlowski , Behrad Garmany , Thorsten Holz

Vulnerability of Frontier language models to misuse and jailbreaks has prompted the development of safety measures like filters and alignment training in an effort to ensure safety through robustness to adversarially crafted prompts. We…

Cryptography and Security · Computer Science 2024-10-31 David Glukhov , Ziwen Han , Ilia Shumailov , Vardan Papyan , Nicolas Papernot

Spectre attacks disclosed in early 2018 expose data leakage scenarios via cache side channels. Specifically, speculatively executed paths due to branch mis-prediction may bring secret data into the cache which are then exposed via cache…

Cryptography and Security · Computer Science 2020-05-26 Guanhua Wang , Sudipta Chattopadhyay , Arnab Kumar Biswas , Tulika Mitra , Abhik Roychoudhury

Data leakage is a well-known problem in machine learning. Data leakage occurs when information from outside the training dataset is used to create a model. This phenomenon renders a model excessively optimistic or even useless in the real…

Programming Languages · Computer Science 2024-08-07 Filip Drobnjaković , Pavle Subotić , Caterina Urban

Designing scalable concurrent objects, which can be efficiently used on multicore processors, often requires one to abandon standard specification techniques, such as linearizability, in favor of more relaxed consistency requirements.…

Logic in Computer Science · Computer Science 2016-07-22 Ilya Sergey , Aleksandar Nanevski , Anindya Banerjee , German Andres Delbianco

CPU cache is a limited but crucial storage component in modern processors, whereas the cache timing side-channel may inadvertently leak information through the physically measurable timing variance. Speculative execution, an essential…

Cryptography and Security · Computer Science 2020-02-18 Shengjian Guo , Yueqi Chen , Peng Li , Yueqiang Cheng , Huibo Wang , Meng Wu , Zhiqiang Zuo

Making threaded programs safe and easy to reason about is one of the chief difficulties in modern programming. This work provides an efficient execution model for SCOOP, a concurrency approach that provides not only data race freedom but…

Distributed, Parallel, and Cluster Computing · Computer Science 2015-07-28 Scott West , Sebastian Nanz , Bertrand Meyer

Side-channel attacks that leak sensitive information through a computing device's interaction with its physical environment have proven to be a severe threat to devices' security, particularly when adversaries have unfettered physical…

Cryptography and Security · Computer Science 2021-06-15 Ileana Buhan , Lejla Batina , Yuval Yarom , Patrick Schaumont

This work considers the problem of detecting signals from multiple sequentially observed data streams, where only one stream can be observed at every time instant. The goal is to detect signals as quickly as possible while controlling the…

Methodology · Statistics 2026-04-07 Yiming Xing , Georgios Fellouris

This work presents a new tool to verify the correctness of cryptographic implementations with respect to cache attacks. Our methodology discovers vulnerabilities that are hard to find with other techniques, observed as exploitable leakage.…

Cryptography and Security · Computer Science 2017-09-07 Gorka Irazoqui , Kai Cong , Xiaofei Guo , Hareesh Khattri , Arun Kanuparthi , Thomas Eisenbarth , Berk Sunar

This work utilizes the plethora of work on verification of sequential programs for the purpose of verifying concurrent programs. We reduce the verification of a concurrent program to a series of verification tasks of sequential programs.…

Programming Languages · Computer Science 2021-06-03 Dan Rasin , Orna Grumberg , Sharon Shoham

Information flow security is classically formulated in terms of the absence of illegal information flows, with respect to a security setting consisting of a single flow policy that specifies what information flows should be permitted in the…

Programming Languages · Computer Science 2019-01-09 Ana Almeida Matos , Jan Cederquist

System prompts are widely used to guide the outputs of large language models (LLMs). These prompts often contain business logic and sensitive information, making their protection essential. However, adversarial and even regular user queries…

Cryptography and Security · Computer Science 2025-08-28 Zhifeng Jiang , Zhihua Jin , Guoliang He

There is a growing need for hardware-software contracts which precisely define the implications of microarchitecture on software security-i.e., security contracts. It is our view that such contracts should explicitly account for…

Cryptography and Security · Computer Science 2021-12-21 Nicholas Mosier , Hanna Lachnitt , Hamed Nemati , Caroline Trippel

This paper presents a {theoretical study} of the problem of verifying linearizability at runtime, where one seeks for a concurrent algorithm for verifying that the current execution of a given concurrent shared object implementation is…

Distributed, Parallel, and Cluster Computing · Computer Science 2025-11-14 Armando Castañeda , Gilde Valeria Rodríguez

Since the advent of SPECTRE, a number of countermeasures have been proposed and deployed. Rigorously reasoning about their effectiveness, however, requires a well-defined notion of security against speculative execution attacks, which has…

Cryptography and Security · Computer Science 2019-07-25 Marco Guarnieri , Boris Köpf , José F. Morales , Jan Reineke , Andrés Sánchez