English
Related papers

Related papers: ShadowBound: Efficient Heap Memory Protection Thro…

200 papers

While memory corruption bugs stemming from the use of unsafe programming languages are an old and well-researched problem, the resulting vulnerabilities still dominate real-world exploitation today. Various mitigations have been proposed to…

Cryptography and Security · Computer Science 2021-08-20 Emanuel Q. Vintila , Philipp Zieris , Julian Horsch

Unsafe memory accesses in programs written using popular programming languages like C/C++ have been among the leading causes for software vulnerability. Prior memory safety checkers such as SoftBound enforce memory spatial safety by…

Programming Languages · Computer Science 2019-07-10 Yurong Chen , Hongfa Xue , Tian Lan , Guru Venkataramani

The heap is a critical and widely used component of many applications. Due to its dynamic nature, combined with the complexity of heap management algorithms, it is also a frequent target for security exploits. To enhance the heap's…

Cryptography and Security · Computer Science 2024-06-06 Zhenpeng Lin , Zheng Yu , Ziyi Guo , Simone Campanoni , Peter Dinda , Xinyu Xing

Spatial safety violations are the root cause of many security attacks and unexpected behavior of applications. Existing techniques to enforce spatial safety work broadly at either object or pointer granularity. Object-based approaches tend…

Cryptography and Security · Computer Science 2023-08-30 Piyus Kedia , Rahul Purandare , Udit Kumar Agarwal , Rishabh

Microcontroller-based embedded systems are increasingly used for applications that can have serious and immediate consequences if compromised---including automobile control systems, smart locks, drones, and implantable medical devices. Due…

Cryptography and Security · Computer Science 2020-06-29 Jie Zhou , Yufei Du , Zhuojia Shen , Lele Ma , John Criswell , Robert J. Walls

Recent advances in foundation models have transformed LLMs from passive conversational systems into autonomous agents capable of reasoning and tool execution. While these capabilities unlock substantial practical value, they also introduce…

Cryptography and Security · Computer Science 2026-05-25 Zhe Liu , Zonghao Ying , Wenxin Zhang , Quanchen Zou , Deyue Zhang , Dongdong Yang , Xiangzheng Zhang , Hao Peng

Control-Flow Hijacking attacks are the dominant attack vector against C/C++ programs. Control-Flow Integrity (CFI) solutions mitigate these attacks on the forward edge,i.e., indirect calls through function pointers and virtual calls.…

Cryptography and Security · Computer Science 2019-11-26 Nathan Burow , Xinping Zhang , Mathias Payer

Despite the recent advances in pre-production bug detection, heap-use-after-free and heap-buffer-overflow bugs remain the primary problem for security, reliability, and developer productivity for applications written in C or C++, across all…

Memory corruption vulnerabilities in C/C++ applications enable attackers to execute code, change data, and leak information. Current memory sanitizers do no provide comprehensive coverage of a program's data. In particular, existing tools…

Cryptography and Security · Computer Science 2019-11-27 Nathan Burow , Derrick McKee , Scott A. Carr , Mathias Payer

Heap security has been a major concern since the past two decades. Recently many methods have been proposed to secure heap i.e. to avoid heap overrun and attacks. The paper describes a method suggested to secure heap at the operating system…

Cryptography and Security · Computer Science 2012-06-08 Arundhati Walia , Syed i. Ahson

In spite of years of improvements to software security, heap-related attacks still remain a severe threat. One reason is that many existing memory allocators fall short in a variety of aspects. For instance, performance-oriented allocators…

Operating Systems · Computer Science 2017-09-26 Sam Silvestro , Hongyu Liu , Corey Crosser , Zhiqiang Lin , Tongping Liu

Embedded and Internet-of-Things (IoT) devices play a critical role in modern life. Their software and firmware, often developed in memory-unsafe languages like C, are susceptible to memory safety vulnerabilities that can lead to…

Cryptography and Security · Computer Science 2026-05-12 Xi Tan , Sagar Mohan , Ziming Zhao

Heap memory errors remain a major source of software vulnerabilities. Existing memory safety defenses aim at protecting all objects, resulting in high performance cost and incomplete protection. Instead, we propose an approach that…

Cryptography and Security · Computer Science 2024-08-21 Kaiming Huang , Mathias Payer , Zhiyun Qian , Jack Sampson , Gang Tan , Trent Jaeger

RISC-V is a promising open-source architecture primarily targeted for embedded systems. Programs compiled using the RISC-V toolchain can run bare-metal on the system, and, as such, can be vulnerable to several memory corruption…

Cryptography and Security · Computer Science 2021-05-19 Asmit De , Swaroop Ghosh

Almost all modern hardware, from phone SoCs to high-end servers with accelerators, contain memory translation and protection hardware like IOMMUs, firewalls, and lookup tables which make it impossible to reason about, and enforce protection…

Operating Systems · Computer Science 2020-09-08 Reto Achermann , Nora Hossle , Lukas Humbel , Daniel Schwyn , David Cock , Timothy Roscoe

The most important security benefit of software memory safety is easy to state: for C and C++ software, attackers can exploit most bugs and vulnerabilities to gain full, unfettered control of software behavior, whereas this is not true for…

Cryptography and Security · Computer Science 2025-03-28 Úlfar Erlingsson

Heap-based exploits that leverage memory management errors continue to pose a significant threat to application security. The root cause of these vulnerabilities are the memory management errors within the applications, however various…

Operating Systems · Computer Science 2024-10-24 Stephan Bauroth

As an emerging application paradigm, serverless computing attracts attention from more and more attackers. Unfortunately, security tools for conventional applications cannot be easily ported to serverless, and existing serverless security…

Cryptography and Security · Computer Science 2020-11-11 Deepak Sirone Jegan , Liang Wang , Siddhant Bhagat , Thomas Ristenpart , Michael Swift

Many high end and next generation computing systems to incorporated alternative memory technologies to meet performance goals. Since these technologies present distinct advantages and tradeoffs compared to conventional DDR* SDRAM, such as…

Performance · Computer Science 2021-10-06 M. Ben Olson , Brandon Kammerdiener , Kshitij A. Doshi , Terry Jones , Michael R. Jantz

Privacy-preserving computation techniques like homomorphic encryption (HE) and secure multi-party computation (SMPC) enhance data security by enabling processing on encrypted data. However, the significant computational and CPU-DRAM data…

Cryptography and Security · Computer Science 2024-09-26 Mpoki Mwaisela
‹ Prev 1 2 3 10 Next ›