English
Related papers

Related papers: SecurePtrs: Proving Secure Compilation with Data-F…

200 papers

Secure applications implement software protections against side-channel and physical attacks. Such protections are meaningful at machine code or micro-architectural level, but they typically do not carry observable semantics at source…

Cryptography and Security · Computer Science 2021-01-18 Son Tuan Vu , Albert Cohen , Karine Heydemann , Arnaud de Grandmaison , Christophe Guillon

Security protocols are concurrent processes that communicate using cryptography with the aim of achieving various security properties. Recent work on their formal verification has brought procedures and tools for deciding trace equivalence…

Cryptography and Security · Computer Science 2015-09-08 David Baelde , Stéphanie Delaune , Lucca Hirschi

Although many large language models (LLMs) have been trained to refuse harmful requests, they are still vulnerable to jailbreaking attacks which rewrite the original prompt to conceal its harmful intent. In this paper, we propose a new…

Computation and Language · Computer Science 2024-06-10 Yihan Wang , Zhouxing Shi , Andrew Bai , Cho-Jui Hsieh

We study when a programming language can emulate programs written in that same language without delegating the guest program back to the host evaluator or compiler. We call this property emulation-completeness. The central observation is…

Programming Languages · Computer Science 2026-04-20 Gregory Morse , Tamás Kozsik

HyperLTL model-checking enables the automated verification of information-flow properties for security-critical systems. However, it only provides a binary answer. Here, we introduce two paradigms to compute counterexamples and explanations…

Logic in Computer Science · Computer Science 2024-11-27 Sarah Winter , Martin Zimmermann

Memory corruption vulnerabilities often enable attackers to take control of a target system by overwriting control-flow relevant data (such as return addresses and function pointers), which are potentially stored in close proximity of…

Cryptography and Security · Computer Science 2019-09-10 Marie-Therese Walter , David Pfaff , Stefan Nürnberger , Michael Backes

Text generation has a fundamental limitation almost by definition: there is no taking back tokens that have been generated, even when they are clearly problematic. In the context of language model safety, when a partial unsafe generation is…

Machine Learning · Computer Science 2024-09-24 Yiming Zhang , Jianfeng Chi , Hailey Nguyen , Kartikeya Upasani , Daniel M. Bikel , Jason Weston , Eric Michael Smith

An Air Force evaluation of Multics, and Ken Thompson's famous Turing award lecture "Reflections on Trusting Trust," showed that compilers can be subverted to insert malicious Trojan horses into critical software, including themselves. If…

Cryptography and Security · Computer Science 2016-11-17 David A. Wheeler

Conformance checking, one of the main process mining operations, aims to identify discrepancies between a process model and an event log. The model represents the expected behaviour, whereas the event log represents the actual process…

In the classical multi-party computation setting, multiple parties jointly compute a function without revealing their own input data. We consider a variant of this problem, where the input data can be shared for machine learning training…

Machine Learning · Computer Science 2020-09-25 Chenwei Wu , Chenzhuang Du , Yang Yuan

Deep learning methods, which have found successful applications in fields like image classification and natural language processing, have recently been applied to source code analysis too, due to the enormous amount of freely available…

Software Engineering · Computer Science 2021-11-18 Rocìo Cabrera Lozoya , Arnaud Baumann , Antonino Sabetta , Michele Bezzi

Getting access to labelled datasets in certain sensitive application domains can be challenging. Hence, one often resorts to transfer learning to transfer knowledge learned from a source domain with sufficient labelled data to a target…

Cryptography and Security · Computer Science 2020-05-20 Zhuoran Ma , Jianfeng Ma , Yinbin Miao , Ximeng Liu , Wei Zheng , Kim-Kwang Raymond Choo , Robert H. Deng

Program safety (i.e., absence of undefined behaviors) is critical for correct operation of computer systems. It is usually verified at the source level (e.g., by separation logics) and preserved to the target by verified compilers (e.g.,…

Programming Languages · Computer Science 2025-10-14 Jinhua Wu , Yuting Wang , Liukun Yu , Linglong Meng

We address the problem of preserving non-interference across compiler transformations under speculative semantics. We develop a proof method that ensures the preservation uniformly across all source programs. The basis of our proof method…

Programming Languages · Computer Science 2024-11-22 Sören van der Wall , Roland Meyer

We address the problem of automatic decompilation, converting a program in low-level representation back to a higher-level human-readable programming language. The problem of decompilation is extremely important for security researchers.…

Programming Languages · Computer Science 2019-05-22 Omer Katz , Yuval Olshaker , Yoav Goldberg , Eran Yahav

Recent compilers allow a general-purpose program (written in a conventional programming language) that handles private data to be translated into secure distributed implementation of the corresponding functionality. The resulting program is…

Cryptography and Security · Computer Science 2017-07-04 Yihua Zhang , Marina Blanton , Ghada Almashaqbeh

A security policy specifies a security property as the maximal information flow. A distributed system composed of interacting processes implicitly defines an intransitive security policy by repudiating direct information flow between…

Cryptography and Security · Computer Science 2013-10-15 Jean Quilbeuf , Georgeta Igna , Denis Bytschkow , Harald Ruess

Based on our previous work on truly concurrent process algebras APTC, we use it to verify the security protocols. This work (called Secure APTC, abbreviated SAPTC) have the following advantages in verifying security protocols: (1) It has a…

Logic in Computer Science · Computer Science 2021-10-26 Yong Wang

The paper demonstrates how traffic load of a shared packet queue can be exploited as a side channel through which protected information leaks to an off-path attacker. The attacker sends to a victim a sequence of identical spoofed segments.…

Cryptography and Security · Computer Science 2012-01-25 Jan Wrobel

Memory corruption errors in C/C++ programs remain the most common source of security vulnerabilities in today's systems. Control-flow hijacking attacks exploit memory corruption vulnerabilities to divert program execution away from the…

Cryptography and Security · Computer Science 2019-11-26 Nathan Burow , Scott A. Carr , Joseph Nash , Per Larsen , Michael Franz , Stefan Brunthaler , Mathias Payer