English
Related papers

Related papers: S2malloc: Statistically Secure Allocator for Use-A…

200 papers

Heap-based exploits that leverage memory management errors continue to pose a significant threat to application security. The root cause of these vulnerabilities are the memory management errors within the applications, however various…

Operating Systems · Computer Science 2024-10-24 Stephan Bauroth

Use-after-free (UAF) is a critical and prevalent problem in memory unsafe languages. While many solutions have been proposed, balancing security, run-time cost, and memory overhead (an impossible trinity) is hard. In this paper, we show one…

Cryptography and Security · Computer Science 2024-05-27 Ruizhe Wang , Meng Xu , N. Asokan

In spite of years of improvements to software security, heap-related attacks still remain a severe threat. One reason is that many existing memory allocators fall short in a variety of aspects. For instance, performance-oriented allocators…

Operating Systems · Computer Science 2017-09-26 Sam Silvestro , Hongyu Liu , Corey Crosser , Zhiqiang Lin , Tongping Liu

Heap memory errors remain a major source of software vulnerabilities. Existing memory safety defenses aim at protecting all objects, resulting in high performance cost and incomplete protection. Instead, we propose an approach that…

Cryptography and Security · Computer Science 2024-08-21 Kaiming Huang , Mathias Payer , Zhiyun Qian , Jack Sampson , Gang Tan , Trent Jaeger

Heap security has been a major concern since the past two decades. Recently many methods have been proposed to secure heap i.e. to avoid heap overrun and attacks. The paper describes a method suggested to secure heap at the operating system…

Cryptography and Security · Computer Science 2012-06-08 Arundhati Walia , Syed i. Ahson

Stack-based memory corruption vulnerabilities have long been exploited by attackers to execute arbitrary code or perform unauthorized memory operations. Various defense mechanisms have been introduced to mitigate stack memory errors, but…

Cryptography and Security · Computer Science 2025-03-24 Lei Chong

The proliferation of fast, dense, byte-addressable nonvolatile memory suggests that data might be kept in pointer-rich "in-memory" format across program runs and even process and system crashes. For full generality, such data requires…

Distributed, Parallel, and Cluster Computing · Computer Science 2020-03-17 Wentao Cai , Haosen Wen , H. Alan Beadle , Chris Kjellqvist , Mohammad Hedayati , Michael L. Scott

Caches have been exploited to leak secret information due to the different times they take to handle memory accesses. Cache timing attacks include non-speculative cache side and covert channel attacks and cache-based speculative execution…

Cryptography and Security · Computer Science 2024-04-23 Guangyuan Hu , Ruby B. Lee

Memory allocation, though constituting only a small portion of the executed code, can have a "butterfly effect" on overall program performance, leading to significant and far-reaching impacts. Despite accounting for just approximately 5% of…

Distributed, Parallel, and Cluster Computing · Computer Science 2025-08-29 Ruihao Li , Qinzhe Wu , Krishna Kavi , Gayatri Mehta , Jonathan C. Beard , Neeraja J. Yadwadkar , Lizy K. John

With the widespread deployment of Control-Flow Integrity (CFI), control-flow hijacking attacks, and consequently code reuse attacks, are significantly more difficult. CFI limits control flow to well-known locations, severely restricting…

Cryptography and Security · Computer Science 2019-11-26 Kyriakos Ispoglou , Bader AlBassam , Trent Jaeger , Mathias Payer

Vulnerabilities emanating from DRAM errors pose a vexing problem that remains, as of yet, unsolved and elusive but cannot be ignored. Prior defenses focused on specific details of early RowHammer attacks and fail to generalize with the…

Cryptography and Security · Computer Science 2026-03-12 Manuel Wiesinger , Daniel Dorfmeister , Stefan Brunthaler

This article considers the problem of risk-optimal allocation of security measures when the actuators of an uncertain control system are under attack. We consider an adversary injecting false data into the actuator channels. The attack…

Systems and Control · Electrical Eng. & Systems 2023-08-22 Sribalaji C. Anand , André M. H. Teixeira

In this work, we present StarMalloc, a verified, security-oriented, concurrent memory allocator that can be used as a drop-in replacement in real-world projects. Using the Steel separation logic framework, we show how to specify and verify…

Programming Languages · Computer Science 2024-03-15 Antonin Reitz , Aymeric Fromherz , Jonathan Protzenko

The last level cache is vulnerable to timing based side channel attacks because it is shared by the attacker and the victim processes even if they are located on different cores. These timing attacks evict the victim cache lines using small…

Cryptography and Security · Computer Science 2019-09-30 Kartik Ramkrishnan , Antonia Zhai , Stephen McCamant , Pen Chung Yew

Heap layout randomization renders a good portion of heap vulnerabilities unexploitable. However, some remnants of the vulnerabilities are still exploitable even under the randomized layout. According to our analysis, such heap exploits…

Cryptography and Security · Computer Science 2018-08-09 Daehee Jang , Jonghwan Kim , Minjoon Park , Yunjong Jung , Hojoon Lee , Brent Byunghoon Kang

This paper addresses the security allocation problem in a networked control system under stealthy injection attacks. The networked system is comprised of interconnected subsystems which are represented by nodes in a digraph. An adversary…

Systems and Control · Electrical Eng. & Systems 2025-12-03 Anh Tung Nguyen , Sribalaji C. Anand , André M. H. Teixeira

Many cache designs have been proposed to guard against contention-based side-channel attacks. One well-known type of cache is the randomized remapping cache. Many randomized remapping caches provide fixed or over protection, which leads to…

Cryptography and Security · Computer Science 2024-05-31 Xiao Liu , Mark Zwolinski , Basel Halak

Randomizing the address-to-set mapping and partitioning of the cache has been shown to be an effective mechanism in designing secured caches. Several designs have been proposed on a variety of rationales: (1) randomized design, (2)…

Cryptography and Security · Computer Science 2025-01-31 Anirban Chakraborty , Nimish Mishra , Sayandeep Saha , Sarani Bhattacharya , Debdeep Mukhopadhyay

The heap is a critical and widely used component of many applications. Due to its dynamic nature, combined with the complexity of heap management algorithms, it is also a frequent target for security exploits. To enhance the heap's…

Cryptography and Security · Computer Science 2024-06-06 Zhenpeng Lin , Zheng Yu , Ziyi Guo , Simone Campanoni , Peter Dinda , Xinyu Xing

Hardware caches are essential performance optimization features in modern processors to reduce the effective memory access time. Unfortunately, they are also the prime targets for attacks on computer processors because they are…

Cryptography and Security · Computer Science 2023-06-06 Guangyuan Hu , Ruby B. Lee
‹ Prev 1 2 3 10 Next ›