English
Related papers

Related papers: DECLASSIFLOW: A Static Analysis for Modeling Non-S…

200 papers

Spectre intrusions exploit speculative execution design vulnerabilities in modern processors. The attacks violate the principles of isolation in programs to gain unauthorized private user information. Current state-of-the-art detection…

Cryptography and Security · Computer Science 2022-10-27 Chidera Biringa , Gaspard Baye , Gökhan Kul

Traffic analysis attacks remain a significant problem for online security. Communication between nodes can be observed by network level attackers as it inherently takes place in the open. Despite online services increasingly using encrypted…

Cryptography and Security · Computer Science 2025-07-04 Jeppe Fredsgaard Blaabjerg , Aslan Askarov

Since the advent of Spectre attacks, researchers and practitioners have developed a range of hardware and software measures to counter transient execution attacks. A prime example of such mitigation is speculative load hardening in LLVM,…

Cryptography and Security · Computer Science 2023-12-18 Tiziano Marinaro , Pablo Buiras , Andreas Lindner , Roberto Guanciale , Hamed Nemati

Speculative attacks such as Spectre can leak secret information without being discovered by the operating system. Speculative execution vulnerabilities are finicky and deep in the sense that to exploit them, it requires intensive manual…

Cryptography and Security · Computer Science 2025-04-04 Evan Lai , Wenjie Xiong , Edward Suh , Mohit Tiwari , Mulong Luo

The constant-time discipline is a software-based countermeasure used for protecting high assurance cryptographic implementations against timing side-channel attacks. Constant-time is effective (it protects against many known attacks),…

Cryptography and Security · Computer Science 2020-05-12 Sunjay Cauligi , Craig Disselkoen , Klaus v. Gleissenthall , Dean Tullsen , Deian Stefan , Tamara Rezk , Gilles Barthe

This paper investigates a flow- and path-sensitive static information flow analysis. Compared with security type systems with fixed labels, it has been shown that flow-sensitive type systems accept more secure programs. We show that an…

Programming Languages · Computer Science 2017-06-22 Peixuan Li , Danfeng Zhang

Microarchitectural attacks represent a challenging and persistent threat to modern processors, exploiting inherent design vulnerabilities in processors to leak sensitive information or compromise systems. Of particular concern is the…

Cryptography and Security · Computer Science 2024-10-31 Mohamadreza Rostami , Shaza Zeitouni , Rahul Kande , Chen Chen , Pouya Mahmoody , Jeyavijayan , Rajendran , Ahmad-Reza Sadeghi

The prevalence of memory corruption bugs in the past decades resulted in numerous defenses, such as stack canaries, control flow integrity (CFI), and memory safe languages. These defenses can prevent entire classes of vulnerabilities, and…

Cryptography and Security · Computer Science 2021-04-20 Andrea Mambretti , Alexandra Sandulescu , Alessandro Sorniotti , William Robertson , Engin Kirda , Anil Kurmus

Memory disclosure attacks play an important role in the exploitation of memory corruption vulnerabilities. By analyzing recent research, we observe that bypasses of defensive solutions that enforce control-flow integrity or attempt to…

Cryptography and Security · Computer Science 2020-07-08 Robert Gawlik , Philipp Koppe , Benjamin Kollenda , Andre Pawlowski , Behrad Garmany , Thorsten Holz

Modern processors employ different prediction mechanisms to speculate over different kinds of instructions. Attackers can exploit these prediction mechanisms simultaneously in order to trigger leaks about speculatively-accessed data. Thus,…

Cryptography and Security · Computer Science 2022-09-05 Xaver Fabian , Marco Guarnieri , Marco Patrignani

Recent security vulnerabilities that target speculative execution (e.g., Spectre) present a significant challenge for processor design. The highly publicized vulnerability uses speculative execution to learn victim secrets by changing cache…

Advanced Persistent Threats (APTs) are stealthy customized attacks by intelligent adversaries. This paper deals with the detection of APTs that infiltrate cyber systems and compromise specifically targeted data and/or infrastructures.…

Computer Science and Game Theory · Computer Science 2021-06-29 Shana Moothedath , Dinuka Sahabandu , Joey Allen , Andrew Clark , Linda Bushnell , Wenke Lee , Radha Poovendran

Realizing flow security in a concurrent environment is extremely challenging, primarily due to non-deterministic nature of execution. The difficulty is further exacerbated from a security angle if sequential threads disclose control…

Programming Languages · Computer Science 2021-03-04 Sandip Ghosal , R. K. Shyamasundar

Despite extensive efforts to align Large Language Models (LLMs) with human values and safety rules, jailbreak attacks that exploit certain vulnerabilities continuously emerge, highlighting the need to strengthen existing LLMs with…

Machine Learning · Computer Science 2025-09-30 Xuekang Wang , Shengyu Zhu , Xueqi Cheng

Control Flow Graphs are one of the main data sources for software analysis that use dynamic and static software analysis methods. Protected software and modern malware increasingly depend on dynamic code loading techniques to evade static…

Cryptography and Security · Computer Science 2026-05-29 Oleksandr Mostovyi

Transient Execution Attacks (TEAs) have gradually become a major security threat to modern high-performance processors. They exploit the vulnerability of speculative execution to illegally access private data, and transmit them through…

Cryptography and Security · Computer Science 2023-04-18 Bowen Tang , Chenggang Wu , Pen-Chung Yew , Yinqian Zhang , Mengyao Xie , Yuanming Lai , Yan Kang , Wei Wang , Qiang Wei , Zhe Wang

The recent discovery of the Spectre and Meltdown attacks represents a watershed moment not just for the field of Computer Security, but also of Programming Languages. This paper explores speculative side-channel attacks and their…

Programming Languages · Computer Science 2019-02-15 Ross Mcilroy , Jaroslav Sevcik , Tobias Tebbi , Ben L. Titzer , Toon Verwaest

The Spectre vulnerability in modern processors has been widely reported. The key insight in this vulnerability is that speculative execution in processors can be misused to access the secrets. Subsequently, even though the speculatively…

Cryptography and Security · Computer Science 2019-11-13 Guanhua Wang , Sudipta Chattopadhyay , Ivan Gotovchits , Tulika Mitra , Abhik Roychoudhury

Reasoning about correctness and security of software is increasingly difficult due to the complexity of modern microarchitectural features such as out-of-order execution. A class of security vulnerabilities termed Spectre that exploits side…

Programming Languages · Computer Science 2020-04-02 Robert J. Colvin , Kirsten Winter

Since the discovery of Spectre, a large number of hardware mechanisms for secure speculation has been proposed. Intuitively, more defensive mechanisms are less efficient but can securely execute a larger class of programs, while more…

Cryptography and Security · Computer Science 2020-10-02 Marco Guarnieri , Boris Köpf , Jan Reineke , Pepe Vila