English
Related papers

Related papers: Runtime Prevention of Deserialization Attacks

200 papers

Nowadays, an increasing number of applications uses deserialization. This technique, based on rebuilding the instance of objects from serialized byte streams, can be dangerous since it can open the application to attacks such as remote code…

Cryptography and Security · Computer Science 2022-08-18 Imen Sayar , Alexandre Bartel , Eric Bodden , Yves Le Traon

Object serialization and deserialization are widely used for storing and preserving objects in files, memory, or database as well as for transporting them across machines, enabling remote interaction among processes and many more. This…

Software Engineering · Computer Science 2024-09-04 Joanna C. S. Santos , Mehdi Mirakhorli , Ali Shokri

Java (de)serialization is prone to causing security-critical vulnerabilities that attackers can invoke existing methods (gadgets) on the application's classpath to construct a gadget chain to perform malicious behaviors. Several techniques…

Cryptography and Security · Computer Science 2023-04-05 Sicong Cao , Xiaobing Sun , Xiaoxue Wu , Lili Bo , Bin Li , Rongxin Wu , Wei Liu , Biao He , Yu Ouyang , Jiajia Li

Maliciously prepared software packages are an extensively leveraged weapon for software supply chain attacks. The detection of malicious packages is undoubtedly of high priority and many academic and commercial approaches have been…

Cryptography and Security · Computer Science 2025-05-13 Marc Ohm , Timo Pohl , Felix Boes

Graph encryption schemes play a crucial role in facilitating secure queries on encrypted graphs hosted on untrusted servers. With applications spanning navigation systems, network topology, and social networks, the need to safeguard…

Cryptography and Security · Computer Science 2024-05-30 Seyni Kane , Anis Bkakria

In this paper, we investigate the impact of denial-of-service attacks on the status updating of a cyber-physical system with one or more sensors connected to a remote monitor via unreliable channels. We approach the problem from the…

Information Theory · Computer Science 2024-11-19 Saad Kriouile , Mohamad Assaad , Amira Alloum , Touraj Soleymani

Advanced Persistent Threats (APTs) are a main impendence in cyber security of computer networks. In 2015, a successful breach remains undetected 146 days on average, reported by [Fi16].With our work we demonstrate a feasible and fast way to…

Databases · Computer Science 2018-02-02 Timo Schindler

The main goal of this study is to investigate the robustness of graph-based Deep Learning (DL) models used for Internet of Things (IoT) malware classification against Adversarial Learning (AL). We designed two approaches to craft…

Cryptography and Security · Computer Science 2019-02-19 Ahmed Abusnaina , Aminollah Khormali , Hisham Alasmary , Jeman Park , Afsah Anwar , Ulku Meteriz , Aziz Mohaisen

Many techniques have been proposed for quickly detecting and containing malware-generated network attacks such as large-scale denial of service attacks; unfortunately, much damage is already done within the first few minutes of an attack,…

Cryptography and Security · Computer Science 2021-02-04 Zainab Abaid , Dilip Sarkar , Mohamed Ali Kaafar , Sanjay Jha

Permissionless distributed ledgers provide a promising approach to deal with the Internet of Things (IoT) paradigm. Since IoT devices mostly generate data transactions and micropayments, distributed ledgers that use fees to regulate the…

Cryptography and Security · Computer Science 2021-04-08 Vidal Attias , Luigi Vigneri , Vassil Dimitrov

Inter-app communication is a mandatory and security-critical functionality of operating systems, such as Android. On the application level, Android implements this facility through Intents, which can also transfer non-primitive objects…

Cryptography and Security · Computer Science 2025-02-13 Bruno Kreyssig , Timothée Riom , Sabine Houy , Alexandre Bartel , Patrick McDaniel

Open-source software supply chain attacks aim at infecting downstream users by poisoning open-source packages. The common way of consuming such artifacts is through package repositories and the development of vetting strategies to detect…

Cryptography and Security · Computer Science 2022-10-11 Piergiorgio Ladisa , Henrik Plate , Matias Martinez , Olivier Barais , Serena Elisa Ponta

Malware analysis techniques are divided into static and dynamic analysis. Both techniques can be bypassed by circumvention techniques such as obfuscation. In a series of works, the authors have promoted the use of symbolic executions…

Cryptography and Security · Computer Science 2022-04-13 Charles-Henry Bertrand Van Ouytsel , Axel Legay

A recent discovery of a new class of microarchitectural attacks called Spectre picked up the attention of the security community as these attacks can circumvent many traditional mechanisms of defense. One of the attacks---Bounds Check…

Cryptography and Security · Computer Science 2018-10-11 Oleksii Oleksenko , Bohdan Trach , Tobias Reiher , Mark Silberstein , Christof Fetzer

Adversarial attacks can affect the performance of existing deep learning models. With the increased interest in graph based machine learning techniques, there have been investigations which suggest that these models are also vulnerable to…

Machine Learning · Computer Science 2020-07-15 Florence Regol , Soumyasundar Pal , Mark Coates

The last level cache is vulnerable to timing based side channel attacks because it is shared by the attacker and the victim processes even if they are located on different cores. These timing attacks evict the victim cache lines using small…

Cryptography and Security · Computer Science 2019-09-30 Kartik Ramkrishnan , Antonia Zhai , Stephen McCamant , Pen Chung Yew

Since the Internet of Things (IoT) is widely adopted using Android applications, detecting malicious Android apps is essential. In recent years, Android graph-based deep learning research has proposed many approaches to extract…

Cryptography and Security · Computer Science 2025-12-24 Rahul Yumlembam , Biju Issac , Seibu Mary Jacob , Longzhi Yang

We classify .NET files as either benign or malicious by examining directed graphs derived from the set of functions comprising the given file. Each graph is viewed probabilistically as a Markov chain where each node represents a code block…

Artificial Intelligence · Computer Science 2019-11-15 Michael A. Slawinski , Andy Wortman

Early detection of network intrusions and cyber threats is one of the main pillars of cybersecurity. One of the most effective approaches for this purpose is to analyze network traffic with the help of artificial intelligence algorithms,…

Cryptography and Security · Computer Science 2024-02-13 Giacomo Zonneveld , Lorenzo Principi , Marco Baldi

With the escalating threat of malware, particularly on mobile devices, the demand for effective analysis methods has never been higher. While existing security solutions, including AI-based approaches, offer promise, their lack of…

Cryptography and Security · Computer Science 2025-03-11 Merve Cigdem Ipek , Sevil Sen
‹ Prev 1 2 3 10 Next ›