English
Related papers

Related papers: Shrinking the Kernel Attack Surface Through Static…

200 papers

With the development of Internet of Things (IoT), it is gaining a lot of attention. It is important to secure the embedded systems with low overhead. The Linux Seccomp is widely used by developers to secure the kernels by blocking the…

Cryptography and Security · Computer Science 2025-10-07 Dongyang Zhan , Zhaofeng Yu , Xiangzhan Yu , Hongli Zhang , Lin Ye , Likun Liu

Software vulnerabilities in applications undermine the security of applications. By blocking unused functionality, the impact of potential exploits can be reduced. While seccomp provides a solution for filtering syscalls, it requires manual…

Cryptography and Security · Computer Science 2020-12-07 Claudio Canella , Mario Werner , Daniel Gruss , Michael Schwarz

Restricting the system calls available to applications reduces the attack surface of the kernel and limits the functionality available to compromised applications. Recent approaches automatically identify the system calls required by…

Cryptography and Security · Computer Science 2023-09-28 Vidya Lakshmi Rajagopalan , Konstantinos Kleftogiorgos , Enes Göktaş , Jun Xu , Georgios Portokalidis

Browsers, Library OSes, and system emulators rely on sandboxes and in-process isolation to emulate system resources and securely isolate untrusted components. All access to system resources like system calls (syscall) need to be securely…

Cryptography and Security · Computer Science 2024-06-12 Fangfei Yang , Anjo Vahldiek-Oberwagner , Chia-Che Tsai , Kelly Kaoudis , Nathan Dautenhahn

Growing code bases of modern applications have led to a steady increase in the number of vulnerabilities. Control-Flow Integrity (CFI) is one promising mitigation that is more and more widely deployed and prevents numerous exploits. CFI…

Cryptography and Security · Computer Science 2022-03-01 Claudio Canella , Sebastian Dorn , Daniel Gruss , Michael Schwarz

Recent Microsoft security bulletins show that kernel vulnerabilities are becoming more and more important security threats. Despite the pretty extensive security mitigations many of the kernel vulnerabilities are still exploitable.…

Cryptography and Security · Computer Science 2011-05-11 Piotr Bania

Rootkits are among the most elusive types of malware, capable of bypassing traditional static analysis methods due to their metamorphic behavior. Signature-based detection techniques struggle against these threats, necessitating a shift…

Cryptography and Security · Computer Science 2026-04-28 Paras Ghodeshwar , Sandeep K Shukla , Anand Handa , Nitesh Kumar

Developers today use significant amounts of open source code, surfacing the need for ways to automatically audit and upgrade library dependencies, and giving rise to the subfield of Software Composition Analysis (SCA). SCA products are…

Software Engineering · Computer Science 2019-10-01 Darius Foo , Jason Yeo , Hao Xiao , Asankhaya Sharma

Current Continuous Integration processes face significant intrinsic cybersecurity challenges. The idea is not only to solve and test formal or regulatory security requirements of source code but also to adhere to the same principles to the…

Cryptography and Security · Computer Science 2021-12-14 David Fernández González , Francisco Javier Rodríguez Lera , Gonzalo Esteban , Camino Fernández Llamas

A container is a group of processes isolated from other groups via distinct kernel namespaces and resource allocation quota. Attacks against containers often leverage kernel exploits through system call interface. In this paper, we present…

Cryptography and Security · Computer Science 2017-12-18 Zhiyuan Wan , David Lo , Xin Xia , Liang Cai , Shanping Li

We address the problem of preserving non-interference across compiler transformations under speculative semantics. We develop a proof method that ensures the preservation uniformly across all source programs. The basis of our proof method…

Programming Languages · Computer Science 2024-11-22 Sören van der Wall , Roland Meyer

With the improvements in computing technologies, edge devices in the Internet-of-Things have become more complex. The enabler technology for these complex systems are powerful application core processors with operating system support, such…

Cryptography and Security · Computer Science 2023-01-13 Robert Schilling , Pascal Nasahl , Martin Unterguggenberger , Stefan Mangard

Do Linux distribution package managers need the privileged operations they request to actually happen? Apparently not, at least for building container images for HPC applications. We use this observation to implement a root emulation mode…

Distributed, Parallel, and Cluster Computing · Computer Science 2024-05-13 Reid Priedhorsky , Michael Jennings , Megan Phinney

As a result of decades of research, Windows malware detection is approached through a plethora of techniques. However, there is an ongoing mismatch between academia -- which pursues an optimal performances in terms of detection rate and low…

Cryptography and Security · Computer Science 2024-12-20 Andrea Ponte , Dmitrijs Trizna , Luca Demetrio , Battista Biggio , Ivan Tesfai Ogbu , Fabio Roli

More and more industrial devices are connected to IP-based networks, as this is essential for the success of Industry 4.0. However, this interconnection also results in an increased attack surface for various network-based attacks. One of…

Cryptography and Security · Computer Science 2020-07-20 Florian Fischer , Matthias Niedermaier , Thomas Hanka , Peter Knauer , Dominik Merli

Modern malware poses a severe threat to cybersecurity, continually evolving in sophistication. To combat this threat, researchers and security professionals continuously explore advanced techniques for malware detection and analysis.…

Cryptography and Security · Computer Science 2024-04-26 Pasquale Caporaso , Giuseppe Bianchi , Francesco Quaglia

Intel SGX is known to be vulnerable to a class of practical attacks exploiting memory access pattern side-channels, notably page-fault attacks and cache timing attacks. A promising hardening scheme is to wrap applications in hardware…

Cryptography and Security · Computer Science 2022-12-29 Yuzhe Tang , Kai Li , Yibo Wang , Jiaqi Chen , Cheng Xu

Cross-app collaboration via inter-component communication is a fundamental mechanism on Android. Although it brings the benefits such as functionality reuse and data sharing, a threat called component hijacking is also introduced. By…

Cryptography and Security · Computer Science 2016-09-14 Daoyuan Wu , Debin Gao , Yingjiu Li , Robert H. Deng

The Linux kernel is one of the most important Free/Libre Open Source Software (FLOSS) projects. It is installed on billions of devices all over the world, which process various sensitive, confidential or simply private data. It is crucial…

Software Engineering · Computer Science 2020-01-07 Denis Efremov , Ilya Shchepetkov

Nowadays, in operating systems, numerous protection mechanisms prevent or limit the user-mode applicationsto access the kernels internal information. This is regularlycarried out by software-based defenses such as Address Space Layout…

Cryptography and Security · Computer Science 2021-04-23 Mohammad Sina Karvandi , Saleh Khalaj Monfared , Mohammad Sina Kiarostami , Dara Rahmati , Saeid Gorgin
‹ Prev 1 2 3 10 Next ›