English
Related papers

Related papers: Oreo: Protecting ASLR Against Microarchitectural A…

200 papers

Address Space Layout Randomization (ASLR) is a crucial defense mechanism employed by modern operating systems to mitigate exploitation by randomizing processes' memory layouts. However, the stark reality is that real-world implementations…

Cryptography and Security · Computer Science 2024-08-30 Lorenzo Binosi , Gregorio Barzasi , Michele Carminati , Stefano Zanero , Mario Polino

Modern x86 processors support an AVX instruction set to boost performance. However, this extension may cause security issues. We discovered that there are vulnerable properties in implementing masked load/store instructions. Based on this,…

Cryptography and Security · Computer Science 2023-04-18 Hyunwoo Choi , Suryeon Kim , Seungwon Shin

While address space layout randomization (ASLR) has been extensively studied for user-space programs, the corresponding OS kernel's KASLR support remains very limited, making the kernel vulnerable to just-in-time (JIT) return-oriented…

Operating Systems · Computer Science 2022-01-21 Ruslan Nikolaev , Hassan Nadeem , Cathlyn Stone , Binoy Ravindran

Unikernels are single-purpose library operating systems that run the kernel and application in one address space, but often omit security mitigations such as address space layout randomization (ASLR). In OSv, boot, program loading, and…

Cryptography and Security · Computer Science 2026-02-13 Alex Wollman , John Hastings

With the discovery of new exploit techniques, new protection mechanisms are needed as well. Mitigations like DEP (Data Execution Prevention) or ASLR (Address Space Layout Randomization) created a significantly more difficult environment for…

Cryptography and Security · Computer Science 2010-08-25 Piotr Bania

Micro-architectural attacks use information leaked through shared resources to break hardware-enforced isolation. These attacks have been used to steal private information ranging from cryptographic keys to privileged Operating System (OS)…

Cryptography and Security · Computer Science 2021-09-21 Nikhilesh Singh , Chester Rebeiro

Meltdown and Spectre exploit microarchitectural changes the CPU makes during transient out-of-order execution. Using side-channel techniques, these attacks enable leaking arbitrary data from memory. As state-of-the-art software mitigations…

Cryptography and Security · Computer Science 2021-03-08 Michael Schwarz , Claudio Canella , Lukas Giner , Daniel Gruss

Defense techniques such as Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR) were the early role models preventing primitive code injection and return-oriented programming (ROP) attacks. Notably, these techniques…

Cryptography and Security · Computer Science 2019-09-23 Christopher Jelesnianski , Jinwoo Yom , Changwoo Min , Yeongjin Jang

As cache-based side-channel attacks become serious security problems, various defenses have been proposed and deployed in both software and hardware. Consequently, cache-based side-channel attacks on processes co-residing on the same core…

Cryptography and Security · Computer Science 2022-11-14 Wei Song , Rui Hou , Peng Liu , Xiaoxin Li , Peinan Li , Lutan Zhao , Xiaofei Fu , Yifei Sun , Dan Meng

Modern processors are highly optimized systems where every single cycle of computation time matters. Many optimizations depend on the data that is being processed. Software-based microarchitectural attacks exploit effects of these…

Cryptography and Security · Computer Science 2017-06-20 Daniel Gruss

Memory corruption attacks have been prevalent in software for a long time. Some mitigation strategies against these attacks do exist, but they are not as far-reaching or as efficient as the CHERI architecture. CHERI uses capabilities to…

Cryptography and Security · Computer Science 2026-01-28 Dariy Guzairov , Alex Potanin , Stephen Kell , Alwen Tiu

In this paper, we introduce a formal notion of partial compliance, called Attack-resistance, of a computer program running together with a defense mechanism w.r.t a non-exploitability specification. In our setting, a program may contain…

Cryptography and Security · Computer Science 2015-06-15 Vijay Ganesh , Sebastian Banescu , Martín Ochoa

Side-channel attacks have become a severe threat to the confidentiality of computer applications and systems. One popular type of such attacks is the microarchitectural attack, where the adversary exploits the hardware features to break the…

Cryptography and Security · Computer Science 2021-03-29 Xiaoxuan Lou , Tianwei Zhang , Jun Jiang , Yinqian Zhang

Algebraic Manipulation Detection (AMD) Codes detect adversarial noise that is added to a coded message and stored in a storage that is opaque to the adversary. We study AMD codes when the storage can leak up to \rho\log|G| bits of…

Information Theory · Computer Science 2016-07-08 Fuchun Lin , Reihaneh Safavi-Naini , Pengwei Wang

Memory utilization can be reduced by merging identical memory blocks into copy-on-write mappings. Previous work showed that this so-called memory deduplication can be exploited in local attacks to break ASLR, spy on other programs,and…

Cryptography and Security · Computer Science 2021-11-17 Martin Schwarzl , Erik Kraft , Moritz Lipp , Daniel Gruss

In the last years, a series of side channels have been discovered on CPUs. These side channels have been used in powerful attacks, e.g., on cryptographic implementations, or as building blocks in transient-execution attacks such as Spectre…

Cryptography and Security · Computer Science 2021-06-08 Daniel Weber , Ahmad Ibrahim , Hamed Nemati , Michael Schwarz , Christian Rossow

Hardware IP protection has been one of the most critical areas of research in the past years. Recently, attacks on hardware IPs (such as reverse engineering or cloning) have evolved as attackers have developed sophisticated techniques.…

Cryptography and Security · Computer Science 2020-10-30 Abdulrahman Alaql , Swarup Bhunia

In mobile ad hoc networks, by attacking the corresponding routing protocol, an attacker can easily disturb the operations of the network. For ad hoc networks, till now many secured routing protocols have been proposed which contains some…

Cryptography and Security · Computer Science 2010-07-15 M. Rajesh Babu , S. Selvan

A modern GPU aims to simultaneously execute more warps for higher Thread-Level Parallelism (TLP) and performance. When generating many memory requests, however, warps contend for limited cache space and thrash cache, which in turn severely…

Hardware Architecture · Computer Science 2018-05-22 Jie Zhang , Shuwen Gao , Nam Sung Kim , Myoungsoo Jung

Nowadays, in operating systems, numerous protection mechanisms prevent or limit the user-mode applicationsto access the kernels internal information. This is regularlycarried out by software-based defenses such as Address Space Layout…

Cryptography and Security · Computer Science 2021-04-23 Mohammad Sina Karvandi , Saleh Khalaj Monfared , Mohammad Sina Kiarostami , Dara Rahmati , Saeid Gorgin
‹ Prev 1 2 3 10 Next ›