English
Related papers

Related papers: WAIT: Protecting the Integrity of Web Applications…

200 papers

The PQDSS standardization process requires cryptographic primitives to be free from vulnerabilities, including timing and cache side-channels. Resistance to timing leakage is therefore an essential property, and achieving this typically…

Operating Systems enforce logical isolation using abstractions such as processes, containers, and isolation technologies to protect a system from malicious or buggy code. In this paper, we show new types of side channels through the file…

Cryptography and Security · Computer Science 2025-04-29 Cheng Gu , Yicheng Zhang , Nael Abu-Ghazaleh

Many important security properties can be formulated in terms of flows of tainted data, and improved taint analysis tools to prevent such flows are of critical need. Most existing taint analyses use whole-program static analysis, leading to…

Programming Languages · Computer Science 2025-05-02 Nima Karimipour , Kanak Das , Manu Sridharan , Behnaz Hassanshahi

According to experts, one third of all IT vulnerabilities today are due to inadequate software verification. Internal program processes are not sufficiently secured against manipulation by attackers, especially if access has been gained.…

Cryptography and Security · Computer Science 2022-11-22 Erik Heiland , Peter Hillmann

Secure applications implement software protections against side-channel and physical attacks. Such protections are meaningful at machine code or micro-architectural level, but they typically do not carry observable semantics at source…

Cryptography and Security · Computer Science 2021-01-18 Son Tuan Vu , Albert Cohen , Karine Heydemann , Arnaud de Grandmaison , Christophe Guillon

The Internet of Things (IoT) is a paradigm that can tremendously revolutionize health care thus benefiting both hospitals, doctors and patients. In this context, protecting the IoT in health care against interference, including service…

Cryptography and Security · Computer Science 2017-10-03 Rym Zrelli , Moez Yeddes , Nejib Ben Hadj-Alouane

Single Page Applications (SPAs) are different than hypertext-based web applications in that their workflow is not defined by explicit links, but rather implicitly by changes of their widgets' states. The workflow may hence be hard to track.…

Software Engineering · Computer Science 2020-05-13 Gefei Zhang

Internet of Things is growing rapidly, with many connected devices now available to consumers. With this growth, the IoT apps that manage the devices from smartphones raise significant security concerns. Typically, these apps are secured…

Cryptography and Security · Computer Science 2018-11-06 Davino Mauro Junior , Kiev Gama , Atul Prakash

Applications running in Trusted Execution Environments (TEEs) commonly use untrusted external services such as host File System. Adversaries may maliciously alter the normal service behavior to trigger subtle application bugs that would…

Cryptography and Security · Computer Science 2022-11-15 Meni Orenbach , Bar Raveh , Alon Berkenstadt , Yan Michalevsky , Shachar Itzhaky , Mark Silberstein

While web agents gained popularity by automating web interactions, their requirement for interface access introduces significant privacy risks that are understudied, particularly from users' perspective. Through a formative study (N=15), we…

Human-Computer Interaction · Computer Science 2025-09-16 Shuning Zhang , Yutong Jiang , Rongjun Ma , Yuting Yang , Mingyao Xu , Zhixin Huang , Xin Yi , Hewu Li

Software vulnerabilities continue to be the primary cause of cyberattacks. It is crucial to identify vulnerabilities in applications' source code before attackers gain access to them and exploit any vulnerability they may contain.…

Software Engineering · Computer Science 2026-05-26 Jorge Martins , David Dantas , Rafael Ramires , Bernardo Ferreira , Ibéria Medeiros

Modern low-latency anonymity systems, no matter whether constructed as an overlay or implemented at the network layer, offer limited security guarantees against traffic analysis. On the other hand, high-latency anonymity systems offer…

Cryptography and Security · Computer Science 2018-02-26 Chen Chen , Daniele E. Asoni , Adrian Perrig , David Barrera , George Danezis , Carmela Troncoso

Individuals lack oversight over systems that process their data. This can lead to discrimination and hidden biases that are hard to uncover. Recent data protection legislation tries to tackle these issues, but it is inadequate. It does not…

Software Engineering · Computer Science 2023-05-22 Valentin Zieglmeier , Alexander Pretschner

There are often situations where two remote users each have data, and wish to (i) verify the equality of their data, and (ii) whenever a discrepancy is found afterwards, determine which of the two modified his data. The most common example…

Information Theory · Computer Science 2023-10-31 Go Kato , Mikio Fujiwara , Toyohiro Tsurumaru

As machine learning (ML) is increasingly integrated into our everyday Web experience, there is a call for transparent and explainable web-based ML. However, existing explainability techniques often require dedicated backend servers, which…

Machine Learning · Computer Science 2023-03-17 Zijie J. Wang , Duen Horng Chau

Privacy computing involves the extensive exchange and processing of encrypted data. For the parties involved in these interactions, how to determine the consistency of exchanged data without accessing the original data, ensuring tamper…

Cryptography and Security · Computer Science 2024-10-24 Huang Neng

A large user base relies on software updates provided through package managers. This provides a unique lever for improving the security of the software update process. We propose a transparency system for software updates and implement it…

Cryptography and Security · Computer Science 2017-11-21 Benjamin Hof , Georg Carle

Software protection aims at safeguarding assets embedded in software by preventing and delaying reverse engineering and tampering attacks. This paper presents an architecture and supporting tool flow to renew parts of native applications…

Cryptography and Security · Computer Science 2020-06-25 Bert Abrath , Bart Coppens , Jens Van den Broeck , Brecht Wyseur , Alessandro Cabutto , Paolo Falcarin , Bjorn De Sutter

Runtime verification offers scalable solutions to improve the safety and reliability of systems. However, systems that require verification or monitoring by a third party to ensure compliance with a specification might contain sensitive…

Cryptography and Security · Computer Science 2025-05-15 Thomas A. Henzinger , Mahyar Karimi , K. S. Thejaswini

Although iOS is the second most popular mobile operating system and is often considered the more secure one, approaches to automatically analyze iOS applications are scarce and generic app analysis frameworks do not exist. This is on the…

Cryptography and Security · Computer Science 2020-03-31 Julian Schütte , Dennis Titze