English
Related papers

Related papers: ACFA: Secure Runtime Auditing & Guaranteed Device …

200 papers

Nowadays, cyberattacks are growing exponentially, causing havoc to Internet users. In particular, authentication attacks constitute the major attack vector where intruders impersonate legitimate users to maliciously access systems or…

Cryptography and Security · Computer Science 2025-06-18 Ang Kok Wee , Eyasu Getahun Chekole , Jianying Zhou

Spectre attacks and their many subsequent variants are a new vulnerability class affecting modern CPUs. The attacks rely on the ability to misguide speculative execution, generally by exploiting the branch prediction structures, to execute…

Cryptography and Security · Computer Science 2019-12-06 Esmaeil Mohammadian Koruyeh , Shirin Haji Amin Shirazi , Khaled N. Khasawneh , Chengyu Song , Nael Abu-Ghazaleh

This paper presents an in-kernel, hardware-based control-flow integrity (CFI) protection, called PAL, that utilizes ARM's Pointer Authentication (PA). It provides three important benefits over commercial, state-of-the-art PA-based CFIs like…

Cryptography and Security · Computer Science 2021-12-15 Sungbae Yoo , Jinbum Park , Seolheui Kim , Yeji Kim , Taesoo Kim

Fault injection attacks (FIA) pose significant security threats to embedded systems as they exploit weaknesses across multiple layers, including system software, instruction set architecture (ISA), microarchitecture, and physical hardware.…

Cryptography and Security · Computer Science 2025-10-24 Arsalan Ali Malik , Harshvadan Mihir , Aydin Aysu

Fault injection (FI) is a powerful attack methodology allowing an adversary to entirely break the security of a target device. As finite-state machines (FSMs) are fundamental hardware building blocks responsible for controlling systems,…

Cryptography and Security · Computer Science 2022-08-03 Pascal Nasahl , Martin Unterguggenberger , Rishub Nagpal , Robert Schilling , David Schrammel , Stefan Mangard

Network log data analysis plays a critical role in detecting security threats and operational anomalies. Traditional log analysis methods for anomaly detection and root cause analysis rely heavily on expert knowledge or fully supervised…

Networking and Internet Architecture · Computer Science 2025-09-09 Xuanhao Luo , Shivesh Madan Nath Jha , Akruti Sinha , Zhizhen Li , Yuchen Liu

Applications written in low-level languages without type or memory safety are especially prone to memory corruption. Attackers gain code execution capabilities through such applications despite all currently deployed defenses by exploiting…

Cryptography and Security · Computer Science 2014-07-03 Mathias Payer , Antonio Barresi , Thomas R. Gross

Trusted execution environments in several existing and upcoming CPUs demonstrate the success of confidential computing, with the caveat that tenants cannot securely use accelerators such as GPUs and FPGAs. In this paper, we reconsider the…

Cryptography and Security · Computer Science 2023-10-26 Supraja Sridhara , Andrin Bertschi , Benedict Schlüter , Mark Kuhne , Fabio Aliberti , Shweta Shinde

The Confidential Consortium Framework (CCF) is an open-source platform for developing trustworthy and reliable cloud applications. CCF powers Microsoft's Azure Confidential Ledger service and as such it is vital to build confidence in the…

Distributed, Parallel, and Cluster Computing · Computer Science 2024-10-17 Heidi Howard , Markus A. Kuppe , Edward Ashton , Amaury Chamayou , Natacha Crooks

With the increased utilization, the small embedded and IoT devices have become an attractive target for sophisticated attacks that can exploit the devices security critical information and data in malevolent activities. Secure boot and…

Cryptography and Security · Computer Science 2023-04-25 Avani Dave , Nilanjan Banerjee , Chintan Patel

We propose Remote Attestation with TOCTOU Avoidance (RATA): a provably secure approach to address the RA TOCTOU problem. With RATA, even malware that erases itself before execution of the next RA, can not hide its ephemeral presence. RATA…

Cryptography and Security · Computer Science 2021-04-19 Ivan De Oliveira Nunes , Sashidhar Jakkamsetti , Norrathep Rattanavipanon , Gene Tsudik

Recent technological advancements have enabled proliferated use of small embedded and IoT devices for collecting, processing, and transferring the security-critical information and user data. This exponential use has acted as a catalyst in…

Cryptography and Security · Computer Science 2021-01-18 Avani Dave , Nilanjan Banerjee , Chintan Patel

Despite its ever-increasing impact, security is not considered as a design objective in commercial electronic design automation (EDA) tools. This results in vulnerabilities being overlooked during the software-hardware design process.…

Cryptography and Security · Computer Science 2023-08-08 Lennart M. Reimann , Jonathan Wiesner , Dominik Sisejkovic , Farhad Merchant , Rainer Leupers

The Internet of Things (IoT) is an emerging paradigm that allows to set large networks of small and independent devices. To ensure their integrity, practitioners employ so-called Remote Attestation (RA) schemes. Classic RA schemes require a…

Cryptography and Security · Computer Science 2019-12-13 Alessandro Visintin , Flavio Toffalini , Mauro Conti , Jianying Zhou

Run Time Assurance (RTA) Systems are online verification mechanisms that filter an unverified primary controller output to ensure system safety. The primary control may come from a human operator, an advanced control approach, or an…

Systems and Control · Electrical Eng. & Systems 2023-03-28 Kerianne Hobbs , Mark Mote , Matthew Abate , Samuel Coogan , Eric Feron

Control flow integrity (CFI) has received significant attention in the community to combat control hijacking attacks in the presence of memory corruption vulnerabilities. The challenges in creating a practical CFI has resulted in the…

Cryptography and Security · Computer Science 2020-02-17 Reza Mirzazade Farkhani , Saman Jafari , Sajjad Arshad , William Robertson , Engin Kirda , Hamed Okhravi

Memory corruption errors in C/C++ programs remain the most common source of security vulnerabilities in today's systems. Control-flow hijacking attacks exploit memory corruption vulnerabilities to divert program execution away from the…

Cryptography and Security · Computer Science 2019-11-26 Nathan Burow , Scott A. Carr , Joseph Nash , Per Larsen , Michael Franz , Stefan Brunthaler , Mathias Payer

Attacks based on side-channel analysis (SCA) pose a severe security threat to modern computing platforms, further exacerbated on IoT devices by their pervasiveness and handling of private and critical data. Designing SCA-resistant computing…

Cryptography and Security · Computer Science 2025-03-18 Davide Zoni , Andrea Galimberti , Davide Galli

In this paper, we present a framework that uses acoustic side-channel analysis (ASCA) to monitor and verify whether a robot correctly executes its intended commands. We develop and evaluate a machine-learning-based workflow verification…

Cryptography and Security · Computer Science 2025-10-31 Zeynep Yasemin Erdogan , Shishir Nagaraja , Chuadhry Mujeeb Ahmed , Ryan Shah

With the improvements in computing technologies, edge devices in the Internet-of-Things have become more complex. The enabler technology for these complex systems are powerful application core processors with operating system support, such…

Cryptography and Security · Computer Science 2023-01-13 Robert Schilling , Pascal Nasahl , Martin Unterguggenberger , Stefan Mangard