English
Related papers

Related papers: ACFA: Secure Runtime Auditing & Guaranteed Device …

200 papers

With the rising number of IoT devices, the security of such devices becomes increasingly important. Remote attestation (RA) is a distinct security service that allows a remote verifer to reason about the state of an untrusted remote prover…

Cryptography and Security · Computer Science 2021-05-13 Alexander Sprogø Banks , Marek Kisiel , Philip Korsholm

Traditional control-flow analysis (CFA) for higher-order languages, whether implemented by constraint-solving or abstract interpretation, introduces spurious connections between callers and callees. Two distinct invocations of a function…

Programming Languages · Computer Science 2016-03-23 Thomas Gilray , Steven Lyde , Michael D. Adams , Matthew Might , David Van Horn

The widespread adoption of embedded systems has led to their deployment in critical real-world applications, making them attractive targets for malicious actors. These devices face unique challenges in mitigating vulnerabilities due to…

Cryptography and Security · Computer Science 2025-12-16 André Cirne , Patrícia R. Sousa , João S. Resende , Luís Antunes

Office automation (OA) systems play a crucial role in enterprise operations and management, with access control flow approval (ACFA) being a key component that manages the accessibility of various resources. However, traditional ACFA…

Artificial Intelligence · Computer Science 2026-04-14 Dugang Liu , Zulong Chen , Chuanfei Xu , Jiaxuan He , Yunlu Ma , Jia Xu

In this work, we take the first step towards formal verification of Remote Attestation (RA) by designing and verifying an architecture called VRASED: Verifiable Remote Attestation for Simple Embedded Devices. VRASED instantiates a hybrid…

Cryptography and Security · Computer Science 2019-05-28 Ivan De Oliveira Nunes , Karim Eldefrawy , Norrathep Rattanavipanon , Michael Steiner , Gene Tsudik

Remote Attestation (RA) allows a trusted entity (verifier) to securely measure internal state of a remote untrusted hardware platform (prover). RA can be used to establish a static or dynamic root of trust in embedded and cyber-physical…

Cryptography and Security · Computer Science 2017-03-16 Karim ElDefrawy , Norrathep Rattanavipanon , Gene Tsudik

Recent optical flow methods are almost exclusively judged in terms of accuracy, while their robustness is often neglected. Although adversarial attacks offer a useful tool to perform such an analysis, current attacks on optical flow methods…

Computer Vision and Pattern Recognition · Computer Science 2022-07-19 Jenny Schmalfuss , Philipp Scholze , Andrés Bruhn

Assured Remote Execution on a device is the ability of suitably authorized parties to construct secure channels with known processes -- i.e. processes executing known code -- running on it. Assured Remote Execution requires a hardware basis…

Cryptography and Security · Computer Science 2024-09-24 Scott L. Dyer , Christian A. Femrite , Joshua D. Guttman , Julian P. Lanson , Moses D. Liskov

Recent Pwn2Own competitions have demonstrated the continued effectiveness of control hijacking attacks despite deployed countermeasures including stack canaries and ASLR. A powerful defense called Control flow Integrity (CFI) offers a…

Cryptography and Security · Computer Science 2014-08-08 Ali Jose Mashtizadeh , Andrea Bittau , David Mazieres , Dan Boneh

This study investigates the effectiveness of multifactor authentication (MFA) in protecting commercial accounts from unauthorized access, with an additional focus on accounts with known credential leaks. We employ the benchmark-multiplier…

Cryptography and Security · Computer Science 2023-05-02 Lucas Augusto Meyer , Sergio Romero , Gabriele Bertoli , Tom Burt , Alex Weinert , Juan Lavista Ferres

To keep a system secure, all devices in the system need to be benign. To avoid malicious and/or compromised devices, network access control such as authentication using a credential and remote attestation based on trusted hardware has been…

Cryptography and Security · Computer Science 2020-08-24 Takayuki Sasaki , Yusuke Shimada

Control-flow hijacking attacks are used to perform malicious com-putations. Current solutions for assessing the attack surface afteracontrol flow integrity(CFI) policy was applied can measure onlyindirect transfer averages in the best case…

Cryptography and Security · Computer Science 2019-10-04 Paul Muntean , Matthias Neumayer , Zhiqiang Lin , Gang Tan , Jens Grossklags , Claudia Eckert

This work presents the first design, integration, and evaluation of the standard RISC-V extensions for Control-Flow Integrity (CFI). The Zicfiss and Zicfilp extensions aim at protecting the execution of a vulnerable program from…

Hardware Architecture · Computer Science 2026-02-16 Simone Manoni , Emanuele Parisi , Riccardo Tedeschi , Davide Rossi , Andrea Acquaviva , Andrea Bartolini

Autonomous systems are often complex and prone to software failures and cyber-attacks. We introduce RVAFTs, an extension of Attack-Fault Trees (AFTs) with runtime events that can be used to construct runtime monitors. These monitors are…

Software Engineering · Computer Science 2022-09-29 Rafael C. Cardoso , Angelo Ferrando , Michael Fisher

Physically unclonable functions (PUFs) can be employed for device identification, authentication, secret key storage, and other security tasks. However, PUFs are susceptible to modeling attacks if a number of PUFs' challenge-response pairs…

Cryptography and Security · Computer Science 2020-07-21 Mahmood Azhar Qureshi , Arslan Munir

Field Programmable Gate Arrays (FPGAs) are more prone to be affected by transient faults in presence of radiation and other environmental hazards compared to Application Specific Integrated Circuits (ASICs). Hence, error mitigation and…

Hardware Architecture · Computer Science 2015-09-24 Swagata Mandal , Rourab Paul , Suman Sau , Amlan Chakrabarti , Subhasis Chattopadhyay

Recently, code reuse attacks (CRAs), such as return-oriented programming (ROP) and jump-oriented programming (JOP), have emerged as a new class of ingenious security threatens. Attackers can utilize CRAs to hijack the control flow of…

Cryptography and Security · Computer Science 2018-09-20 Jiliang Zhang , Binhang Qi , Gang Qu

Software control flow integrity (CFI) solutions have been applied to the Linux kernel for memory protection. Due to performance costs, deployed software CFI solutions are coarse grained. In this work, we demonstrate a precise…

Cryptography and Security · Computer Science 2019-12-10 Rémi Denis-Courmont , Hans Liljestrand , Carlos Chinea , Jan-Erik Ekberg

Certifying neural network robustness against adversarial examples is challenging, as formal guarantees often require solving non-convex problems. Hence, incomplete verifiers are widely used because they scale efficiently and substantially…

Machine Learning · Computer Science 2026-02-05 Mohammadreza Maleki , Rushendra Sidibomma , Arman Adibi , Reza Samavi

Sensor networks are vulnerable to \emph{false data injection attack} and \emph{path-based DoS} (PDoS) attack. While conventional authentication schemes are insufficient for solving these security conflicts, an \emph{en-route filtering}…

Networking and Internet Architecture · Computer Science 2009-11-24 Chia-Mu Yu , Chun-Shien Lu , Sy-Yen Kuo