English
Related papers

Related papers: Compositional Vulnerability Detection with Insecur…

200 papers

We present Security Relaxed Separation Logic (SecRSL), a separation logic for proving information-flow security of C11 programs in the Release-Acquire fragment with relaxed accesses. SecRSL is the first security logic that (1) supports…

Cryptography and Security · Computer Science 2021-09-10 Pengbo Yan , Toby Murray

Realizing flow security in a concurrent environment is extremely challenging, primarily due to non-deterministic nature of execution. The difficulty is further exacerbated from a security angle if sequential threads disclose control…

Programming Languages · Computer Science 2021-03-04 Sandip Ghosal , R. K. Shyamasundar

Incorrectness Separation Logic (ISL) is a proof system designed to automate verification and detect bugs in programs manipulating heap memories. In this study, we extend ISL to support variable-length array predicates and pointer…

Logic in Computer Science · Computer Science 2025-03-04 Yeonseok Lee , Koji Nakazawa

Interconnected systems such as power systems and chemical processes are often required to satisfy safety properties in the presence of faults and attacks. Verifying safety of these systems, however, is computationally challenging due to…

Systems and Control · Electrical Eng. & Systems 2024-02-15 Luyao Niu , Abdullah Al Maruf , Andrew Clark , J. Sukarno Mertoguno , Radha Poovendran

Concurrent separation logic with fractional permissions (CSLPerm) provides a promising reasoning system to verify most complex sequential and concurrent fine-grained programs. The logic with strong and weak separating conjunctions offers a…

Logic in Computer Science · Computer Science 2025-10-07 Quang Loc Le

The timing characteristics of cache, a high-speed storage between the fast CPU and the slowmemory, may reveal sensitive information of a program, thus allowing an adversary to conduct side-channel attacks. Existing methods for detecting…

Cryptography and Security · Computer Science 2018-07-10 Shengjian Guo , Meng Wu , Chao Wang

Traditional security mechanisms isolate resources from users who should not access them. We reflect the compositional nature of such security mechanisms back into the structure of LLMs to build a provably secure LLM; that we term SecureLLM.…

Computation and Language · Computer Science 2024-06-14 Abdulrahman Alabdulkareem , Christian M Arnold , Yerim Lee , Pieter M Feenstra , Boris Katz , Andrei Barbu

Incorrectness Separation Logic (ISL) is a proof system that is tailored specifically to resolve problems of under-approximation in programs that manipulate heaps, and it primarily focuses on bug detection. This approach is different from…

Logic in Computer Science · Computer Science 2025-08-05 Yeonseok Lee , Koji Nakazawa

Memory disclosure attacks play an important role in the exploitation of memory corruption vulnerabilities. By analyzing recent research, we observe that bypasses of defensive solutions that enforce control-flow integrity or attempt to…

Cryptography and Security · Computer Science 2020-07-08 Robert Gawlik , Philipp Koppe , Benjamin Kollenda , Andre Pawlowski , Behrad Garmany , Thorsten Holz

SEAL is a static analyser for the verification of programs that manipulate unbounded linked data structures. It is based on separation logic to represent abstract memory states and, unlike other separation-logic-based approaches, it employs…

Software Engineering · Computer Science 2026-02-09 Tomáš Brablec , Tomáš Dacík , Tomáš Vojnar

In quantitative information flow we say that program $Q$ is "at least as secure as" $P$ just when the amount of secret information flowing from $Q$ is never more than flows from $P$, with of course a suitable quantification of "flow". This…

Cryptography and Security · Computer Science 2016-04-19 N. Bordenabe , A. McIver , C Morgan , T. Rabehaja

Separation logic's compositionality and local reasoning properties have led to significant advances in scalable static analysis. But program analysis has new challenges -- many programs display computational effects and, orthogonally,…

Logic in Computer Science · Computer Science 2024-03-15 Noam Zilberstein , Angelina Saliling , Alexandra Silva

We consider the problem of specifying and proving the security of non-trivial, concurrent programs that intentionally leak information. We present a method that decomposes the problem into (a) proving that the program only leaks information…

Cryptography and Security · Computer Science 2023-09-08 Toby Murray , Mukesh Tiwari , Gidon Ernst , David A. Naumann

Speculative execution enhances processor performance by predicting intermediate results and executing instructions based on these predictions. However, incorrect predictions can lead to security vulnerabilities, as speculative instructions…

Cryptography and Security · Computer Science 2026-04-01 Xaver Fabian , Marco Guarnieri , Boris Köpf , Jose F. Morales , Marco Patrignani , Jan Reineke , Andres Sanchez

The generalization capabilities of Large Language Models (LLMs) have led to their widespread deployment across various applications. However, this increased adoption has introduced several security threats, notably in the forms of…

Cryptography and Security · Computer Science 2025-08-04 Francesco Panebianco , Stefano Bonfanti , Francesco Trovò , Michele Carminati

Memory leaks are prevalent in various real-world software projects, thereby leading to serious attacks like denial-of-service. Though prior methods for detecting memory leaks made significant advance, they often suffer from low accuracy and…

Cryptography and Security · Computer Science 2025-04-08 Hongliang Liang , Luming Yin , Guohao Wu , Yuxiang Li , Qiuping Yi , Lei Wang

Sequence models, such as Large Language Models (LLMs) and autoregressive image generators, have a tendency to memorize and inadvertently leak sensitive information. While this tendency has critical legal implications, existing tools are…

Cryptography and Security · Computer Science 2025-06-06 Lorenzo Rossi , Michael Aerni , Jie Zhang , Florian Tramèr

Existing logic-locking attacks are known to successfully decrypt functionally correct key of a locked combinational circuit. It is possible to extend these attacks to real-world Silicon-based Intellectual Properties (IPs, which are…

Cryptography and Security · Computer Science 2021-02-18 Seetal Potluri , Aydin Aysu , Akash Kumar

Software is prone to security vulnerabilities. Program analysis tools to detect them have limited effectiveness in practice due to their reliance on human labeled specifications. Large language models (or LLMs) have shown impressive code…

Cryptography and Security · Computer Science 2025-04-08 Ziyang Li , Saikat Dutta , Mayur Naik

The increasing complexity of modern software systems exacerbates the prevalence of security vulnerabilities, posing risks of severe breaches and substantial economic loss. Consequently, robust code vulnerability detection is essential for…

Cryptography and Security · Computer Science 2025-10-09 Zhiyuan Wei , Xiaoxuan Yang , Jing Sun , Zijian Zhang
‹ Prev 1 2 3 10 Next ›