English
Related papers

Related papers: SpecCFA: Enhancing Control Flow Attestation/Auditi…

200 papers

As currently classical malware detection methods based on signatures fail to detect new malware, they are not always efficient with new obfuscation techniques. Besides, new malware is easily created and old malware can be recoded to produce…

Cryptography and Security · Computer Science 2016-09-13 Andree Linke , Nhien-An Le-Khac

Speculative execution techniques have been a cornerstone of modern processors to improve instruction-level parallelism. However, recent studies showed that this kind of techniques could be exploited by attackers to leak secret data via…

Cryptography and Security · Computer Science 2021-07-20 Bowen Tang , Chenggang Wu , Zhe Wang , Lichen Jia , Pen-Chung Yew , Yueqiang Cheng , Yinqian Zhang , Chenxi Wang , Guoqing Harry Xu

Nowadays, cyberattacks are growing exponentially, causing havoc to Internet users. In particular, authentication attacks constitute the major attack vector where intruders impersonate legitimate users to maliciously access systems or…

Cryptography and Security · Computer Science 2025-06-18 Ang Kok Wee , Eyasu Getahun Chekole , Jianying Zhou

Modern RISC-V platforms control and monitor security-critical systems such as industrial controllers and autonomous vehicles. While these platforms feature a Root-of-Trust (RoT) to store authentication secrets and enable secure boot…

Cryptography and Security · Computer Science 2024-01-08 Emanuele Parisi , Alberto Musa , Simone Manoni , Maicol Ciani , Davide Rossi , Francesco Barchi , Andrea Bartolini , Andrea Acquaviva

With the improvements in computing technologies, edge devices in the Internet-of-Things have become more complex. The enabler technology for these complex systems are powerful application core processors with operating system support, such…

Cryptography and Security · Computer Science 2023-01-13 Robert Schilling , Pascal Nasahl , Martin Unterguggenberger , Stefan Mangard

Recent Pwn2Own competitions have demonstrated the continued effectiveness of control hijacking attacks despite deployed countermeasures including stack canaries and ASLR. A powerful defense called Control flow Integrity (CFI) offers a…

Cryptography and Security · Computer Science 2014-08-08 Ali Jose Mashtizadeh , Andrea Bittau , David Mazieres , Dan Boneh

With the increasing scale of deployment of Internet of Things (IoT), concerns about IoT security have become more urgent. In particular, memory corruption attacks play a predominant role as they allow remote compromise of IoT devices.…

Cryptography and Security · Computer Science 2017-06-20 Thomas Nyman , Jan-Erik Ekberg , Lucas Davi , N. Asokan

Embedded devices in the Internet of Things (IoT) face a wide variety of security challenges. For example, software attackers perform code injection and code-reuse attacks on their remote interfaces, and physical access to IoT devices allows…

Cryptography and Security · Computer Science 2018-02-20 Mario Werner , Thomas Unterluggauer , David Schaffenrath , Stefan Mangard

Rising device use and third-party IP integration in semiconductors raise security concerns. Unauthorized access, fault injection, and privacy invasion are potential threats from untrusted actors. Different security techniques have been…

Cryptography and Security · Computer Science 2023-11-20 Geraldine Shirley Nicholas , Dhruvakumar Vikas Aklekar , Bhavin Thakar , Fareena Saqib

SpecFuzz is the first tool that enables dynamic testing for speculative execution vulnerabilities (e.g., Spectre). The key is a novel concept of speculation exposure: The program is instrumented to simulate speculative execution in software…

Cryptography and Security · Computer Science 2020-03-11 Oleksii Oleksenko , Bohdan Trach , Mark Silberstein , Christof Fetzer

The introduction of remote attestation (RA) schemes has allowed academia and industry to enhance the security of their systems. The commercial products currently available enable only the validation of static properties, such as…

Cryptography and Security · Computer Science 2019-04-04 Flavio Toffalini , Eleonora Losiouk , Andrea Biondo , Jianying Zhou , Mauro Conti

In a functional language, the dominant control-flow mechanism is function call and return. Most higher-order flow analyses, including k-CFA, do not handle call and return well: they remember only a bounded number of pending calls because…

Programming Languages · Computer Science 2015-07-01 Dimitrios Vardoulakis , Olin Shivers

Control flow coverage criteria are an important part of the process of qualifying embedded software for safety-critical systems. Criteria such as modified condition/decision coverage (MC/DC) as defined by DO-178B are used by regulators to…

Software Engineering · Computer Science 2024-10-01 Sean Kauffman , Carlos Moreno , Sebastian Fischmeister

Practical attacks that exploit speculative execution can leak confidential information via microarchitectural side channels. The recently-demonstrated Spectre attacks leverage speculative loads which circumvent access checks to read…

Cryptography and Security · Computer Science 2018-07-11 Vladimir Kiriansky , Carl Waldspurger

Vision-Language-Action (VLA) models, as large foundation models for embodied control, have shown strong performance in manipulation tasks. However, their performance comes at high inference cost. To improve efficiency, recent methods adopt…

Robotics · Computer Science 2026-04-06 Zihua Wang , Zhitao Lin , Ruibo Li , Yu Zhang , Xu Yang , Siya Mi , Xiu-Shen Wei

Microservice systems have become the backbone of cloud-native enterprise applications due to their resource elasticity, loosely coupled architecture, and lightweight deployment. Yet, the intrinsic complexity and dynamic runtime interactions…

Software Engineering · Computer Science 2026-01-07 Lingzhe Zhang , Tong Jia , Yunpeng Zhai , Leyi Pan , Chiming Duan , Minghua He , Pei Xiao , Ying Li

Prior research yielded many techniques to mitigate software compromise for low-end Internet of Things (IoT) devices. Some of them detect software modifications via remote attestation and similar services, while others preventatively ensure…

Cryptography and Security · Computer Science 2025-01-17 Sashidhar Jakkamsetti , Youngil Kim , Andrew Searles , Gene Tsudik

Recent optical flow methods are almost exclusively judged in terms of accuracy, while their robustness is often neglected. Although adversarial attacks offer a useful tool to perform such an analysis, current attacks on optical flow methods…

Computer Vision and Pattern Recognition · Computer Science 2022-07-19 Jenny Schmalfuss , Philipp Scholze , Andrés Bruhn

Background: Debugging is a key task during the software development cycle. Spectrum-based Fault Localization (SFL) is a promising technique to improve and automate debugging. SFL techniques use control-flow spectra to pinpoint the most…

Runtime verification or runtime monitoring equips safety-critical cyber-physical systems to augment design assurance measures and ensure operational safety and security. Cyber-physical systems have interaction failures, attack surfaces, and…

Software Engineering · Computer Science 2022-06-23 Smitha Gautham , Georgios Bakirtzis , Alexander Will , Athira V. Jayakumar , Carl R. Elks