English
Related papers

Related papers: ENOLA: Efficient Control-Flow Attestation for Embe…

200 papers

Embedded, smart, and IoT devices are increasingly popular in numerous everyday settings. Since lower-end devices have the most strict cost constraints, they tend to have few, if any, security features. This makes them attractive targets for…

Cryptography and Security · Computer Science 2023-09-21 Sashidhar Jakkamsetti , Youngil Kim , Andrew Searles , Gene Tsudik

The widespread adoption of embedded systems has led to their deployment in critical real-world applications, making them attractive targets for malicious actors. These devices face unique challenges in mitigating vulnerabilities due to…

Cryptography and Security · Computer Science 2025-12-16 André Cirne , Patrícia R. Sousa , João S. Resende , Luís Antunes

Recent Pwn2Own competitions have demonstrated the continued effectiveness of control hijacking attacks despite deployed countermeasures including stack canaries and ASLR. A powerful defense called Control flow Integrity (CFI) offers a…

Cryptography and Security · Computer Science 2014-08-08 Ali Jose Mashtizadeh , Andrea Bittau , David Mazieres , Dan Boneh

Fault attacks enable adversaries to manipulate the control-flow of security-critical applications. By inducing targeted faults into the CPU, the software's call graph can be escaped and the control-flow can be redirected to arbitrary…

Cryptography and Security · Computer Science 2023-03-27 Pascal Nasahl , Salmin Sultana , Hans Liljestrand , Karanvir Grewal , Michael LeMay , David M. Durham , David Schrammel , Stefan Mangard

Control-flow leakage (CFL) attacks enable an attacker to expose control-flow decisions of a victim program via side-channel observations. Linearization (i.e., elimination) of secret-dependent control flow is the main countermeasure against…

Cryptography and Security · Computer Science 2025-02-12 Hans Winderix , Marton Bognar , Lesly-Ann Daniel , Frank Piessens

Recent advances in deep learning have produced highly accurate but increasingly large and complex DNNs, making traditional fault-injection techniques impractical. Accurate fault analysis requires RTL-accurate hardware models. However, this…

Hardware Architecture · Computer Science 2026-02-03 Rafael Billig Tonetto , Marcello Traiola , Fernando Fernandes dos Santos , Angeliki Kritikakou

Fault injection attacks represent an effective threat to embedded systems. Recently, Laurent et al. have reported that fault injection attacks can leverage faults inside the microarchitecture. However, state-of-the-art counter-measures,…

Cryptography and Security · Computer Science 2023-09-06 Thomas Chamelot , Damien Couroussé , Karine Heydemann

An essential part of cyber-physical systems is the online evaluation of real-time data streams. Especially in systems that are intrinsically safety-critical, a dedicated monitoring component inspecting data streams to detect problems at…

Distributed, Parallel, and Cluster Computing · Computer Science 2021-04-13 Jan Baumeister , Bernd Finkbeiner , Maximilian Schwenger , Hazem Torfah

Guaranteeing runtime integrity of embedded system software is an open problem. Trade-offs between security and other priorities (e.g., cost or performance) are inherent, and resolving them is both challenging and important. The…

Cryptography and Security · Computer Science 2022-09-05 Ivan De Oliveira Nunes , Sashidhar Jakkamsetti , Youngil Kim , Gene Tsudik

Modern society is getting accustomed to the Internet of Things (IoT) and Cyber-Physical Systems (CPS) for a variety of applications that involves security-critical user data and information transfers. In the lower end of the spectrum, these…

Cryptography and Security · Computer Science 2023-05-08 Avani Dave Nilanjan Banerjee Chintan Patel

Hardware and software of secured embedded systems are prone to physical attacks. In particular, fault injection attacks revealed vulnerabilities on the data and the control flow allowing an attacker to break cryptographic or secured…

Cryptography and Security · Computer Science 2015-10-07 Lionel Rivière , Zakaria Najm , Pablo Rauzy , Jean-Luc Danger , Julien Bringer , Laurent Sauvage

The introduction of remote attestation (RA) schemes has allowed academia and industry to enhance the security of their systems. The commercial products currently available enable only the validation of static properties, such as…

Cryptography and Security · Computer Science 2019-04-04 Flavio Toffalini , Eleonora Losiouk , Andrea Biondo , Jianying Zhou , Mauro Conti

Memory corruption errors in C/C++ programs remain the most common source of security vulnerabilities in today's systems. Control-flow hijacking attacks exploit memory corruption vulnerabilities to divert program execution away from the…

Cryptography and Security · Computer Science 2019-11-26 Nathan Burow , Scott A. Carr , Joseph Nash , Per Larsen , Michael Franz , Stefan Brunthaler , Mathias Payer

Interconnected embedded devices are increasingly used invarious scenarios, including industrial control, building automation, or emergency communication. As these systems commonly process sensitive information or perform safety critical…

Cryptography and Security · Computer Science 2017-01-30 Florian Kohnhäuser , Niklas Büscher , Sebastian Gabmeyer , Stefan Katzenbeisser

Certification through auditing allows to ensure that critical embedded systems are secure. This entails reviewing their critical components and checking for dangerous execution paths. This latter task requires the use of specialized tools…

Software Engineering · Computer Science 2023-03-08 Guilhem Lacombe , David Feliot , Etienne Boespflug , Marie-Laure Potet

Random Access (RA) Medium Access (MAC) protocols are simple and effective when the nature of the traffic is unpredictable and random. In the following paper, a novel RA protocol called Enhanced Contention Resolution ALOHA (ECRA) is…

Information Theory · Computer Science 2012-11-22 Federico Clazzer , Christian Kissling

Traditional control-flow analysis (CFA) for higher-order languages, whether implemented by constraint-solving or abstract interpretation, introduces spurious connections between callers and callees. Two distinct invocations of a function…

Programming Languages · Computer Science 2016-03-23 Thomas Gilray , Steven Lyde , Michael D. Adams , Matthew Might , David Van Horn

Applications written in low-level languages without type or memory safety are especially prone to memory corruption. Attackers gain code execution capabilities through such applications despite all currently deployed defenses by exploiting…

Cryptography and Security · Computer Science 2014-07-03 Mathias Payer , Antonio Barresi , Thomas R. Gross

CFI is a computer security technique that detects runtime attacks by monitoring a program's branching behavior. This work presents a detailed analysis of the security policies enforced by 21 recent hardware-based CFI architectures. The goal…

Cryptography and Security · Computer Science 2017-08-01 Ruan de Clercq , Ingrid Verbauwhede

FPGAs are well-suited for dataflow architectures that process data in a streaming or pipelined manner, thus satisfying the high computational and communication demands of emerging applications. However, manually implementing an efficient…

Hardware Architecture · Computer Science 2026-04-15 Weichuang Zhang , Yiquan Wang , Xinzhou Zhang , Chi Zhang , Yu Feng , Xiaofeng Hou , Chao Li , Jieru Zhao , Minyi Guo