English
Related papers

Related papers: Field-sensitive Data Flow Integrity

200 papers

Computing systems, including real-time embedded systems, are becoming increasingly connected to allow for more advanced and safer operation. Such embedded systems are resource-constrained, such as lower processing capabilities, as compared…

Cryptography and Security · Computer Science 2022-08-09 Tanmaya Mishra , Thidapat Chantem , Ryan Gerdes

Memory disclosure attacks play an important role in the exploitation of memory corruption vulnerabilities. By analyzing recent research, we observe that bypasses of defensive solutions that enforce control-flow integrity or attempt to…

Cryptography and Security · Computer Science 2020-07-08 Robert Gawlik , Philipp Koppe , Benjamin Kollenda , Andre Pawlowski , Behrad Garmany , Thorsten Holz

Ensuring system correctness, such as memory safety, can eliminate security vulnerabilities that attackers could exploit in the first place. However, high and unpredictable performance degradation remains a primary challenge. Recognizing…

Cryptography and Security · Computer Science 2024-08-28 Myoung Jin Nam

Memory-safety issues and information leakage are known to be depressingly common. We consider the compositional static detection of these kinds of vulnerabilities in first-order C-like programs. Indeed the latter are relational hyper-safety…

Programming Languages · Computer Science 2023-08-22 Toby Murray , Pengbo Yan , Gidon Ernst

Although ransomware has received broad attention in media and research, this evolving threat vector still poses a systematic threat. Related literature has explored their detection using various approaches leveraging Machine and Deep…

Cryptography and Security · Computer Science 2024-02-01 Jan von der Assen , Chao Feng , Alberto Huertas Celdrán , Róbert Oleš , Gérôme Bovet , Burkhard Stiller

Memory safety is an essential correctness property of software systems. For programs operating on linked heap-allocated data structures, the problem of proving memory safety boils down to analyzing the possible shapes of data structures,…

Programming Languages · Computer Science 2024-08-20 Sebastian Wolff , Ekanshdeep Gupta , Zafer Esen , Hossein Hojjat , Philipp Rümmer , Thomas Wies

The widespread presence of Use-After-Free (UAF) vulnerabilities poses a serious threat to software security, with dangling pointers being considered the primary cause of these vulnerabilities. However, existing methods for defending against…

Cryptography and Security · Computer Science 2024-11-13 Xun An

Reconstruction attacks and defenses are essential in understanding the data leakage problem in machine learning. However, prior work has centered around empirical observations of gradient inversion attacks, lacks theoretical grounding, and…

Cryptography and Security · Computer Science 2025-03-25 Sheng Liu , Zihan Wang , Yuxiao Chen , Qi Lei

Website fingerprinting (WF) attacks, which covertly monitor user communications to identify the web pages they visit, pose a serious threat to user privacy. Existing WF defenses attempt to reduce attack accuracy by disrupting traffic…

Cryptography and Security · Computer Science 2026-02-23 Siyuan Liang , Jiajun Gong , Tianmeng Fang , Aishan Liu , Tao Wang , Xiaochun Cao , Dacheng Tao , Ee-Chien Chang

Protecting programs against control-flow hijacking attacks recently has become an arms race between defenders and attackers. While certain defenses, e.g., \textit{Control Flow Integrity} (CFI), restrict the targets of indirect control-flow…

Cryptography and Security · Computer Science 2018-12-21 Paul Muntean

To counter software reverse engineering or tampering, software obfuscation tools can be used. However, such tools to a large degree hard-code how the obfuscations are deployed. They hence lack resilience and stealth in the face of many…

Cryptography and Security · Computer Science 2020-12-24 Jens Van den Broeck , Bart Coppens , Bjorn De Sutter

Memory safety remains a critical and widely violated property in reality. Numerous defense techniques have been proposed and developed but most of them are not applied or enabled by default in production-ready environment due to their…

Cryptography and Security · Computer Science 2021-11-30 Wei Song , Jiameng Ying , Sihao Shen , Boya Li , Hao Ma , Peng Liu

A popular class of defenses against prompt injection attacks on large language models (LLMs) relies on fine-tuning to separate instructions and data, so that the LLM does not follow instructions that might be present with data. We evaluate…

Cryptography and Security · Computer Science 2025-12-18 Nishit V. Pandya , Andrey Labunets , Sicun Gao , Earlence Fernandes

In recent years, non-control-data attacks have be come a research hotspot in the field of network security, driven by the increasing number of defense methods against control-flow hijacking attacks. These attacks exploit memory…

Cryptography and Security · Computer Science 2025-11-28 Lei Chong

Selective data protection is a promising technique to defend against the data leakage attack. In this paper, we revisit technical challenges that were neglected when applying this protection to real applications. These challenges include…

Cryptography and Security · Computer Science 2021-06-01 Lin Ma , Jinyan Xu , Jiadong Sun , Yajin Zhou , Xun Xie , Wenbo Shen , Rui Chang , Kui Ren

Memory-safety errors remain a persistent source of zero-day vulnerabilities in low-level software. The problem is especially acute in embedded systems, where hardware protections are often limited and dynamic analysis is difficult to apply…

Many damaging cybersecurity attacks are enabled when an attacker can access residual sensitive information (e.g. cryptographic keys, personal identifiers) left behind from earlier computation. Attackers can sometimes use residual…

Cryptography and Security · Computer Science 2021-06-21 Deborah Shands , Carolyn Talcott

Different users always have different requirement for sensitive memory definition. It is not flexible for aborting program execution once detecting memory corruption. Because the users may loose some sensitive data. We presented Selfie, a…

Cryptography and Security · Computer Science 2019-09-11 Pengfei Sun , Saman Zonouz

Rising device use and third-party IP integration in semiconductors raise security concerns. Unauthorized access, fault injection, and privacy invasion are potential threats from untrusted actors. Different security techniques have been…

Cryptography and Security · Computer Science 2023-11-20 Geraldine Shirley Nicholas , Dhruvakumar Vikas Aklekar , Bhavin Thakar , Fareena Saqib

Practitioners of secure information flow often face a design challenge: what is the right semantic treatment of leaks via termination? On the one hand, the potential harm of untrusted code calls for strong progress-sensitive security. On…

Programming Languages · Computer Science 2020-05-12 Johan Bay , Aslan Askarov