English
Related papers

Related papers: FIPAC: Thwarting Fault- and Software-Induced Contr…

200 papers

Embedded and Internet-of-Things (IoT) devices are ubiquitous today, and the uprising of several botnets based on them (e.g., Mirai, Ripple20) raises issues about the security of such devices. Especially low-power devices often lack support…

Cryptography and Security · Computer Science 2024-04-08 Davide Bove , Lukas Panzer

As currently classical malware detection methods based on signatures fail to detect new malware, they are not always efficient with new obfuscation techniques. Besides, new malware is easily created and old malware can be recoded to produce…

Cryptography and Security · Computer Science 2016-09-13 Andree Linke , Nhien-An Le-Khac

The design of tiny trust anchors has received significant attention over the past decade, to secure low-end MCU-s that cannot afford expensive security mechanisms. In particular, hardware/software (hybrid) co-designs offer low hardware…

Cryptography and Security · Computer Science 2020-12-16 Ivan De Oliveira Nunes , Sashidhar Jakkamsetti , Gene Tsudik

We present the design, implementation, and evaluation of FineIBT: a CFI enforcement mechanism that improves the precision of hardware-assisted CFI solutions, like Intel IBT, by instrumenting program code to reduce the valid/allowed targets…

Cryptography and Security · Computer Science 2023-09-15 Alexander J. Gaidis , Joao Moreira , Ke Sun , Alyssa Milburn , Vaggelis Atlidakis , Vasileios P. Kemerlis

Trusted Execution Environments (TEEs) are critical components of modern secure computing, providing isolated zones in processors to safeguard sensitive data and execute secure operations. Despite their importance, TEEs are increasingly…

Cryptography and Security · Computer Science 2024-11-25 Aaron Joy , Ben Soh , Zhi Zhang , Sri Parameswaran , Darshana Jayasinghe

Assured Remote Execution on a device is the ability of suitably authorized parties to construct secure channels with known processes -- i.e. processes executing known code -- running on it. Assured Remote Execution requires a hardware basis…

Cryptography and Security · Computer Science 2024-09-24 Scott L. Dyer , Christian A. Femrite , Joshua D. Guttman , Julian P. Lanson , Moses D. Liskov

Control Flow Attestation (CFA) offers a means to detect control flow hijacking attacks on remote devices, enabling verification of their runtime trustworthiness. CFA generates a trace (CFLog) containing the destination of all branching…

Cryptography and Security · Computer Science 2024-10-01 Adam Caulfield , Antonio Joia Neto , Norrathep Rattanavipanon , Ivan De Oliveira Nunes

Application Programming Interface (API) Injection attacks refer to the unauthorized or malicious use of APIs, which are often exploited to gain access to sensitive data or manipulate online systems for illicit purposes. Identifying actors…

Cryptography and Security · Computer Science 2025-05-16 Udi Aharon , Ran Dubin , Amit Dvir , Chen Hajaj

Many important security problems in JavaScript, such as browser extension security, untrusted JavaScript libraries and safe integration of mutually distrustful websites (mash-ups), may be effectively addressed using an efficient…

Programming Languages · Computer Science 2015-01-20 Stefan Heule , Deian Stefan , Edward Z. Yang , John C. Mitchell , Alejandro Russo

Control flow obfuscation deters software reverse engineering attempts by altering the program's control flow transfer. The alternation should not affect the software's run-time behaviour. In this paper, we propose a control flow obfuscation…

Cryptography and Security · Computer Science 2021-03-01 Kenny Zhuo Ming Lu

Numerous threats are associated with the globalized integrated circuit (IC) supply chain, such as piracy, reverse engineering, overproduction, and malicious logic insertion. Many obfuscation approaches have been proposed to mitigate these…

Cryptography and Security · Computer Science 2022-07-13 Zain UlAbideen , Tiago Diadami Perez , Mayler Martins , Samuel Pagliarini

The outsourcing of the design and manufacturing of integrated circuits has raised severe concerns about the piracy of Intellectual Properties and illegal overproduction. Logic locking has emerged as an obfuscation technique to protect…

Cryptography and Security · Computer Science 2022-10-14 Yadi Zhong , Ayush Jain , M. Tanjidur Rahman , Navid Asadizanjani , Jiafeng Xie , Ujjwal Guin

Smart contracts are frequently vulnerable to control-flow attacks based on confused deputies, reentrancy, and incorrect error handling. These attacks exploit the complexity of interactions among multiple possibly unknown contracts. Existing…

Cryptography and Security · Computer Science 2025-04-24 Siqiu Yao , Haobin Ni , Stephanie Ma , Noah Schiff , Andrew C. Myers , Ethan Cecchetti

Embedded devices in the Internet of Things (IoT) face a wide variety of security challenges. For example, software attackers perform code injection and code-reuse attacks on their remote interfaces, and physical access to IoT devices allows…

Cryptography and Security · Computer Science 2018-02-20 Mario Werner , Thomas Unterluggauer , David Schaffenrath , Stefan Mangard

Modern operating systems provide powerful mandatory access control mechanisms, yet they largely reason about who executes code rather than how execution originates. As a result, processes launched remotely, locally, or by background…

Cryptography and Security · Computer Science 2026-01-21 Omer Abdelmajeed Idris Mohammed , Ilhami M. Orak

Cyber-physical control systems, such as industrial control systems (ICS), are increasingly targeted by cyberattacks. Such attacks can potentially cause tremendous damage, affect critical infrastructure or even jeopardize human life when the…

Cryptography and Security · Computer Science 2018-12-21 Sridhar Adepu , Ferdinand Brasser , Luis Garcia , Michael Rodler , Lucas Davi , Ahmad-Reza Sadeghi , Saman Zonouz

Autonomous Large Language Model (LLM) agents exhibit significant vulnerability to Indirect Prompt Injection (IPI) attacks. These attacks hijack agent behavior by polluting external information sources, exploiting fundamental trade-offs…

Artificial Intelligence · Computer Science 2026-01-26 Zhibo Liang , Tianze Hu , Zaiye Chen , Mingjie Tang

Semiconductor design houses are increasingly becoming dependent on third party vendors to procure intellectual property (IP) and meet time-to-market constraints. However, these third party IPs cannot be trusted as hardware Trojans can be…

Cryptography and Security · Computer Science 2018-03-13 Adib Nahiyan , Mehdi Sadi , Rahul Vittal , Gustavo Contreras , Domenic Forte , Mark Tehranipoor

The enormous amount of code required to design modern hardware implementations often leads to critical vulnerabilities being overlooked. Especially vulnerabilities that compromise the confidentiality of sensitive data, such as cryptographic…

Cryptography and Security · Computer Science 2021-12-23 Lennart M. Reimann , Luca Hanel , Dominik Sisejkovic , Farhad Merchant , Rainer Leupers

We consider the problem of provably securing a given control loop implementation in the presence of adversarial interventions on data exchange between plant and controller. Such interventions can be thwarted using continuously operating…

Cryptography and Security · Computer Science 2024-08-05 Sunandan Adhikary , Ipsita Koley , Sumana Ghosh , Saurav Kumar Ghosh , Soumyajit Dey , Debdeep Mukhopadhyay
‹ Prev 1 3 4 5 6 7 10 Next ›