Eliminating timing side-channel leaks using program repair
We propose a method, based on program analysis and transformation, for eliminating timing
side channels in software code that implements security-critical applications. Our method …
side channels in software code that implements security-critical applications. Our method …
{CacheQL}: Quantifying and Localizing Cache {Side-Channel} Vulnerabilities in Production Software
Cache side-channel attacks extract secrets by examining how victim software accesses
cache. To date, practical attacks on crypto systems and media libraries are demonstrated …
cache. To date, practical attacks on crypto systems and media libraries are demonstrated …
Guaranteeing timed opacity using parametric timed model checking
Information leakage can have dramatic consequences on systems security. Among harmful
information leaks, the timing information leakage occurs whenever an attacker successfully …
information leaks, the timing information leakage occurs whenever an attacker successfully …
Abstract interpretation under speculative execution
M Wu, C Wang - Proceedings of the 40th ACM SIGPLAN Conference on …, 2019 - dl.acm.org
Analyzing the behavior of a program running on a processor that supports speculative
execution is crucial for applications such as execution time estimation and side channel …
execution is crucial for applications such as execution time estimation and side channel …
Adversarial symbolic execution for detecting concurrency-related cache timing leaks
The timing characteristics of cache, a high-speed storage between the fast CPU and the
slow memory, may reveal sensitive information of a program, thus allowing an adversary to …
slow memory, may reveal sensitive information of a program, thus allowing an adversary to …
Verifying and quantifying side-channel resistance of masked software implementations
Power side-channel attacks, capable of deducing secret data using statistical analysis, have
become a serious threat. Random masking is a widely used countermeasure for removing …
become a serious threat. Random masking is a widely used countermeasure for removing …
Fast and exact analysis for LRU caches
V Touzeau, C Maïza, D Monniaux… - Proceedings of the ACM on …, 2019 - dl.acm.org
For applications in worst-case execution time analysis and in security, it is desirable to
statically classify memory accesses into those that result in cache hits, and those that result …
statically classify memory accesses into those that result in cache hits, and those that result …
CANAL: a cache timing analysis framework via LLVM transformation
A unified modeling framework for non-functional properties of a program is essential for
research in software analysis and verification, since it reduces burdens on individual …
research in software analysis and verification, since it reduces burdens on individual …
Configuring Timing Parameters to Ensure Execution-Time Opacity in Timed Automata
Timing information leakage occurs whenever an attacker successfully deduces confidential
internal information by observing some timed information such as events with timestamps …
internal information by observing some timed information such as events with timestamps …
[PDF][PDF] TracerX: Dynamic symbolic execution with interpolation (competition contribution)
Dynamic Symbolic Execution (DSE) is an important method for testing of programs. An
important system on DSE is KLEE [1] which inputs a C/C++ program annotated with …
important system on DSE is KLEE [1] which inputs a C/C++ program annotated with …