English
Related papers

Related papers: Libra: Architectural Support For Principled, Secur…

200 papers

Recent Pwn2Own competitions have demonstrated the continued effectiveness of control hijacking attacks despite deployed countermeasures including stack canaries and ASLR. A powerful defense called Control flow Integrity (CFI) offers a…

Cryptography and Security · Computer Science 2014-08-08 Ali Jose Mashtizadeh , Andrea Bittau , David Mazieres , Dan Boneh

With the improvements in computing technologies, edge devices in the Internet-of-Things have become more complex. The enabler technology for these complex systems are powerful application core processors with operating system support, such…

Cryptography and Security · Computer Science 2023-01-13 Robert Schilling , Pascal Nasahl , Martin Unterguggenberger , Stefan Mangard

Speculative execution attacks undermine the security of constant-time programming, the standard technique used to prevent microarchitectural side channels in security-sensitive software such as cryptographic code. Constant-time code must…

Cryptography and Security · Computer Science 2023-12-18 Rutvik Choudhary , Alan Wang , Zirui Neil Zhao , Adam Morrison , Christopher W. Fletcher

The design of tiny trust anchors has received significant attention over the past decade, to secure low-end MCU-s that cannot afford expensive security mechanisms. In particular, hardware/software (hybrid) co-designs offer low hardware…

Cryptography and Security · Computer Science 2020-12-16 Ivan De Oliveira Nunes , Sashidhar Jakkamsetti , Gene Tsudik

Microcontroller-based embedded systems are vital in daily life, but are especially vulnerable to control-flow hijacking attacks due to hardware and software constraints. Control-Flow Attestation (CFA) aims to precisely attest the execution…

Cryptography and Security · Computer Science 2025-01-22 Md Armanuzzaman , Engin Kirda , Ziming Zhao

Applications written in low-level languages without type or memory safety are especially prone to memory corruption. Attackers gain code execution capabilities through such applications despite all currently deployed defenses by exploiting…

Cryptography and Security · Computer Science 2014-07-03 Mathias Payer , Antonio Barresi , Thomas R. Gross

Attacks targeting software on embedded systems are becoming increasingly prevalent. Remote attestation is a mechanism that allows establishing trust in embedded devices. However, existing attestation schemes are either static and cannot…

Cryptography and Security · Computer Science 2018-10-04 Ghada Dessouky , Shaza Zeitouni , Thomas Nyman , Andrew Paverd , Lucas Davi , Patrick Koeberl , N. Asokan , Ahmad-Reza Sadeghi

Dynamic program analysis is invaluable for malware detection, debugging, and performance profiling. However, software-based instrumentation incurs high overhead and can be evaded by anti-analysis techniques. In this paper, we propose…

Cryptography and Security · Computer Science 2025-10-21 Changyu Zhao , Yohan Beugin , Jean-Charles Noirot Ferrand , Quinn Burke , Guancheng Li , Patrick McDaniel

Control Flow Graphs are one of the main data sources for software analysis that use dynamic and static software analysis methods. Protected software and modern malware increasingly depend on dynamic code loading techniques to evade static…

Cryptography and Security · Computer Science 2026-05-29 Oleksandr Mostovyi

The power consumption of a microprocessor is a huge channel for information leakage. While the most popular exploitation of this channel is to recover cryptographic keys from embedded devices, other applications such as mobile app…

Cryptography and Security · Computer Science 2021-08-27 Muhammad Arsath K F , Vinod Ganesan , Rahul Bodduna , Chester Rebeiro

Reading or writing outside the bounds of a buffer is a serious security vulnerability that has been exploited in numerous occasions. These attacks can be prevented by ensuring that every buffer is only accessed within its specified bounds.…

Cryptography and Security · Computer Science 2017-02-24 Gnanambikai Krishnakumar , Patanjali SLPSK , Prasanna Karthik Vairam , Chester Rebeiro

Memory corruption is an important class of vulnerability that can be leveraged to craft control flow hijacking attacks. Control Flow Integrity (CFI) provides protection against such attacks. Application of type-based CFI policies requires…

Cryptography and Security · Computer Science 2024-01-17 Ruturaj K. Vaidya , Prasad A. Kulkarni

The increasing use of cloud computing and remote execution have made program security especially important. Code obfuscation has been proposed to make the understanding of programs more complicated to attackers. In this paper, we exploit…

Cryptography and Security · Computer Science 2013-11-04 Rasha Salah Omar , Ahmed El-Mahdy , Erven Rohou

Memory corruption vulnerabilities often enable attackers to take control of a target system by overwriting control-flow relevant data (such as return addresses and function pointers), which are potentially stored in close proximity of…

Cryptography and Security · Computer Science 2019-09-10 Marie-Therese Walter , David Pfaff , Stefan Nürnberger , Michael Backes

Jump-Oriented Programming (JOP) attacks exploit indirect control transfers to bypass backward-edge defenses, yet existing forward-edge CFI mechanisms lack precise source-domain authorization: type-based CFI admits all same-signature…

Cryptography and Security · Computer Science 2026-04-28 You Wu , Peter Beerel

Methods for proving that concurrent software does not leak its secrets has remained an active topic of research for at least the past four decades. Despite an impressive array of work, the present situation remains highly unsatisfactory.…

Logic in Computer Science · Computer Science 2020-01-31 Daniel Schoepe , Toby Murray , Andrei Sabelfeld

Micro-architectural attacks use information leaked through shared resources to break hardware-enforced isolation. These attacks have been used to steal private information ranging from cryptographic keys to privileged Operating System (OS)…

Cryptography and Security · Computer Science 2021-09-21 Nikhilesh Singh , Chester Rebeiro

Smart contracts are frequently vulnerable to control-flow attacks based on confused deputies, reentrancy, and incorrect error handling. These attacks exploit the complexity of interactions among multiple possibly unknown contracts. Existing…

Cryptography and Security · Computer Science 2025-04-24 Siqiu Yao , Haobin Ni , Stephanie Ma , Noah Schiff , Andrew C. Myers , Ethan Cecchetti

Computing systems, including real-time embedded systems, are becoming increasingly connected to allow for more advanced and safer operation. Such embedded systems are resource-constrained, such as lower processing capabilities, as compared…

Cryptography and Security · Computer Science 2022-08-09 Tanmaya Mishra , Thidapat Chantem , Ryan Gerdes

Contemporary computing employs cache hierarchy to fill the speed gap between processors and main memories. In order to optimise system performance, Last Level Caches(LLC) are shared among all the cores. Cache sharing has made them an…

Hardware Architecture · Computer Science 2022-03-24 Jaspinder Kaur , Shirshendu Das