English
Related papers

Related papers: Beyond Control: Exploring Novel File System Object…

200 papers

The security of computer systems fundamentally relies on memory isolation, e.g., kernel address ranges are marked as non-accessible and are protected from user access. In this paper, we present Meltdown. Meltdown exploits side effects of…

Cryptography and Security · Computer Science 2018-01-08 Moritz Lipp , Michael Schwarz , Daniel Gruss , Thomas Prescher , Werner Haas , Stefan Mangard , Paul Kocher , Daniel Genkin , Yuval Yarom , Mike Hamburg

Operating system kernels are the security keystone of most computer systems, as they provide the core protection mechanisms. Kernels are in particular responsible for their own security, i.e. they must prevent untrusted user tasks from…

Cryptography and Security · Computer Science 2020-03-20 Olivier Nicole , Matthieu Lemerre , Sébastien Bardin , Xavier Rival

Most existing solutions for protecting VMs assume known attack patterns or signatures and focus on detecting malicious manipulations of system files and kernel level memory structures. In this research we develop a system called ferify,…

Cryptography and Security · Computer Science 2020-04-21 Alexis Peppas , Geoffrey G. Xie , Charles Prince

Binary analysis is traditionally used in the realm of malware detection. However, the same technique may be employed by an attacker to analyze the original binaries in order to reverse engineer them and extract exploitable weaknesses. When…

Distributed, Parallel, and Cluster Computing · Computer Science 2019-12-04 Novak Boskov , Mihailo Isakov , Michel A. Kinsy

We describe a tracking technique for Linux devices, exploiting a new TCP source port generation mechanism recently introduced to the Linux kernel. This mechanism is based on an algorithm, standardized in RFC 6056, for boosting security by…

Cryptography and Security · Computer Science 2022-12-23 Moshe Kol , Amit Klein , Yossi Gilad

Malicious attacks on open-source software packages are a growing concern. The discovery of the XZ Utils backdoor intensified these concerns because of the potential widespread impact. This study, therefore, explores the challenges of…

Cryptography and Security · Computer Science 2025-07-22 Duc-Ly Vu , Trevor Dunlap , Karla Obermeier-Velazquez , Thanh-Cong Nguyen , Paul Gibert , John Speed Meyers , Santiago Torres-Arias

In 2024, the Linux kernel became its own Common Vulnerabilities and Exposures (CVE) Numbering Authority (CNA), formalizing how kernel vulnerabilities are identified and tracked. We analyze the anatomy and dynamics of kernel CVEs using…

Software Engineering · Computer Science 2026-05-26 Piotr Przymus , Witold Weiner , Krzysztof Rykaczewski , Gunnar Kudrjavets

We analyze the prandom pseudo random number generator (PRNG) in use in the Linux kernel (which is the kernel of the Linux operating system, as well as of Android) and demonstrate that this PRNG is weak. The prandom PRNG is in use by many…

Cryptography and Security · Computer Science 2020-12-15 Amit Klein

Microarchitectural side channel attacks have been very prominent in security research over the last few years. Caches have been an outstanding covert channel, as they provide high resolution and generic cross-core leakage even with simple…

Cryptography and Security · Computer Science 2020-08-28 Samira Briongos , Ida Bruhns , Pedro Malagón , Thomas Eisenbarth , José M. Moya

Over the years, adversarial attempts against critical services have become more effective and sophisticated in launching low-profile attacks. This trend has always been concerning. However, an even more alarming trend is the increasing…

Cryptography and Security · Computer Science 2025-05-20 Javad Zandi , Lalchandra Rampersaud , Amin Kharraz

Administrating and monitoring New Technology File System (NTFS) permissions can be a cumbersome and convoluted task. In today's data rich world there has never been a more important time to ensure that data is secured against unwanted…

Software Engineering · Computer Science 2013-12-11 Simon Parkinson , Andrew Crampton

One of the most elusive types of malware in recent times that pose significant challenges in the computer security system is the kernel-level rootkits. The kernel-level rootkits can hide its presence and malicious activities by modifying…

Cryptography and Security · Computer Science 2023-04-04 Mohammad Nadim , Wonjun Lee , David Akopian

In this paper, we present the results of using bags of system calls for learning the behavior of Linux containers for use in anomaly-detection based intrusion detection system. By using system calls of the containers monitored from the host…

Cryptography and Security · Computer Science 2017-01-05 Amr S. Abed , T. Charles Clancy , David S. Levy

Operating Systems enforce logical isolation using abstractions such as processes, containers, and isolation technologies to protect a system from malicious or buggy code. In this paper, we show new types of side channels through the file…

Cryptography and Security · Computer Science 2025-04-29 Cheng Gu , Yicheng Zhang , Nael Abu-Ghazaleh

Cache side-channel attacks extract secrets by examining how victim software accesses cache. To date, practical attacks on cryptosystems and media libraries are demonstrated under different scenarios, inferring secret keys and reconstructing…

Cryptography and Security · Computer Science 2022-10-04 Yuanyuan Yuan , Zhibo Liu , Shuai Wang

Fileless malware predominantly relies on PowerShell scripts, leveraging the native capabilities of Windows systems to execute stealthy attacks that leave no traces on the victim's system. The effectiveness of the fileless method lies in its…

Cryptography and Security · Computer Science 2024-02-22 Said Varlioglu , Nelly Elsayed , Eva Ruhsar Varlioglu , Murat Ozer , Zag ElSayed

Monitoring kernel object modification of virtual machine is widely used by virtual-machine-introspection-based security monitors to protect virtual machines in cloud computing, such as monitoring dentry objects to intercept file operations,…

Cryptography and Security · Computer Science 2019-02-15 Dongyang Zhan , Huhua Li , Lin Ye , Hongli Zhang , Binxing Fang , Xiaojiang Du

Data-oriented attacks manipulate non-control data to alter a program's benign behavior without violating its control-flow integrity. It has been shown that such attacks can cause significant damage even in the presence of control-flow…

Cryptography and Security · Computer Science 2019-03-26 Long Cheng , Hans Liljestrand , Thomas Nyman , Yu Tsung Lee , Danfeng Yao , Trent Jaeger , N. Asokan

Software-controlled heterogeneous memory systems have the potential to improve performance, efficiency, and cost tradeoffs in emerging systems. Delivering on this promise requires an efficient operating system (OS) mechanisms and policies…

Operating Systems · Computer Science 2020-04-13 Sudarsun Kannan , Yujie Ren , Abhishek Bhatacharjee

With the broad application of deep neural networks (DNNs), backdoor attacks have gradually attracted attention. Backdoor attacks are insidious, and poisoned models perform well on benign samples and are only triggered when given specific…

Machine Learning · Computer Science 2022-07-12 Chang Yue , Peizhuo Lv , Ruigang Liang , Kai Chen