English
Related papers

Related papers: Assessing the Effectiveness of Binary-Level CFI Te…

200 papers

With the widespread deployment of Control-Flow Integrity (CFI), control-flow hijacking attacks, and consequently code reuse attacks, are significantly more difficult. CFI limits control flow to well-known locations, severely restricting…

Cryptography and Security · Computer Science 2019-11-26 Kyriakos Ispoglou , Bader AlBassam , Trent Jaeger , Mathias Payer

Large language models (LLMs) deployed behind APIs and retrieval-augmented generation (RAG) stacks are vulnerable to prompt injection attacks that may override system policies, subvert intended behavior, and induce unsafe outputs. Existing…

Cryptography and Security · Computer Science 2026-03-20 Md Takrim Ul Alam , Akif Islam , Mohd Ruhul Ameen , Abu Saleh Musa Miah , Jungpil Shin

In a software system it is possible to quantify the amount of information that is leaked or corrupted by analysing the flows of information present in the source code. In a cyber-physical system, information flows are not only present at…

Cryptography and Security · Computer Science 2017-08-17 Eric Rothstein Morris , Carlos G. Murguia , Martín Ochoa

Noninterference guarantees that an attacker cannot infer secrets by interacting with a program. Information flow control (IFC) type systems assert noninterference by tracking the level of information learned (pc) and disallowing…

Programming Languages · Computer Science 2024-07-31 Farzaneh Derakhshan , Stephanie Balzer , Yue Yao

Secure elements physically exposed to adversaries are frequently targeted by fault attacks. These attacks can be utilized to hijack the control-flow of software allowing the attacker to bypass security measures, extract sensitive data, or…

Cryptography and Security · Computer Science 2023-03-27 Pascal Nasahl , Stefan Mangard

With the improvements of computing technology, more and more applications embed powerful ARM processors into their devices. These systems can be attacked by redirecting the control-flow of a program to bypass critical pieces of code such as…

Cryptography and Security · Computer Science 2021-05-03 Robert Schilling , Pascal Nasahl , Stefan Mangard

While third-party libraries are extensively reused to enhance productivity during software development, they can also introduce potential security risks such as vulnerability propagation. Software composition analysis, proposed to identify…

Software Engineering · Computer Science 2024-08-27 Ling Jiang , Junwen An , Huihui Huang , Qiyi Tang , Sen Nie , Shi Wu , Yuqun Zhang

Fault injection (FI) is a powerful attack methodology allowing an adversary to entirely break the security of a target device. As finite-state machines (FSMs) are fundamental hardware building blocks responsible for controlling systems,…

Cryptography and Security · Computer Science 2022-08-03 Pascal Nasahl , Martin Unterguggenberger , Rishub Nagpal , Robert Schilling , David Schrammel , Stefan Mangard

Control-flow leakage (CFL) attacks enable an attacker to expose control-flow decisions of a victim program via side-channel observations. Linearization (i.e., elimination) of secret-dependent control flow is the main countermeasure against…

Cryptography and Security · Computer Science 2025-02-12 Hans Winderix , Marton Bognar , Lesly-Ann Daniel , Frank Piessens

Memory corruption attacks remain the primary threat for computer security. Information flow tracking or taint analysis has been proven to be effective against most memory corruption attacks. However, there are two shortcomings with current…

Cryptography and Security · Computer Science 2015-03-13 Pankaj Kohli

Cyber Threat Intelligence (CTI) has emerged as a vital complementary approach that operates in the early phases of the cyber threat lifecycle. CTI involves collecting, processing, and analyzing threat data to provide a more accurate and…

Cryptography and Security · Computer Science 2026-05-25 Samaneh Shafee , Alysson Bessani , Pedro M. Ferreira

Binary security has increasingly relied on deep learning to reason about malware behavior and program semantics. However, the performance often degrades as threat landscapes evolve and code representations shift. While continual learning…

Machine Learning · Computer Science 2026-04-24 Yiling He , Junchi Lei , Hongyu She , Shuo Shao , Xinran Zheng , Yiping Liu , Zhan Qin , Lorenzo Cavallaro

Binary function similarity, which often relies on learning-based algorithms to identify what functions in a pool are most similar to a given query function, is a sought-after topic in different communities, including machine learning,…

Cryptography and Security · Computer Science 2025-05-23 Gianluca Capozzi , Tong Tang , Jie Wan , Ziqi Yang , Daniele Cono D'Elia , Giuseppe Antonio Di Luna , Lorenzo Cavallaro , Leonardo Querzoni

Type recovery is a crucial step in binary code analysis, holding significant importance for reverse engineering and various security applications. Existing works typically simply target type identifiers within binary code and achieve type…

Cryptography and Security · Computer Science 2026-05-05 Gangyang Li , Xiuwei Shang , Shaoyin Cheng , Junqi Zhang , Li Hu , Xu Zhu , Weiming Zhang , Nenghai Yu

In today's world, critical infrastructure is often controlled by computing systems. This introduces new risks for cyber attacks, which can compromise the security and disrupt the functionality of these systems. It is therefore necessary to…

Formal Languages and Automata Theory · Computer Science 2021-09-06 Tomas Kulik , Brijesh Dongol , Peter Gorm Larsen , Hugo Daniel Macedo , Steve Schneider , Peter Würtz Vinther Tran-Jørgensen , Jim Woodcock

Binary analysis is traditionally used in the realm of malware detection. However, the same technique may be employed by an attacker to analyze the original binaries in order to reverse engineer them and extract exploitable weaknesses. When…

Distributed, Parallel, and Cluster Computing · Computer Science 2019-12-04 Novak Boskov , Mihailo Isakov , Michel A. Kinsy

Programmers of cryptographic applications written in C need to avoid common mistakes such as sending private data over public channels, modifying trusted data with untrusted functions, or improperly ordering protocol steps. These secrecy,…

Cryptography and Security · Computer Science 2019-07-04 Darion Cassel , Yan Huang , Limin Jia

Detecting memory corruption vulnerabilities in stripped binaries requires recovering object semantics, interprocedural propagation, and feasible triggers from low-level, lossy representations. Recent LLM-based approaches improve code…

Software Engineering · Computer Science 2026-05-15 Xinran Zheng , Alfredo Pesoli , Marco Valleri , Suman Jana , Lorenzo Cavallaro

Cyber-Physical Systems have played an essential role in our daily lives, providing critical services such as power and water, whose operability, availability, and reliability must be ensured. The C programming language, prevalent in CPS…

Cryptography and Security · Computer Science 2025-11-26 Luis Ferreirinha , Iberia Medeiros

Modern RISC-V platforms control and monitor security-critical systems such as industrial controllers and autonomous vehicles. While these platforms feature a Root-of-Trust (RoT) to store authentication secrets and enable secure boot…

Cryptography and Security · Computer Science 2024-01-08 Emanuele Parisi , Alberto Musa , Simone Manoni , Maicol Ciani , Davide Rossi , Francesco Barchi , Andrea Bartolini , Andrea Acquaviva