Automated bug hunting with data-driven symbolic root cause analysis
The increasing cost of successful cyberattacks has caused a mindset shift, whereby
defenders now employ proactive defenses, namely software bug hunting, alongside existing …
defenders now employ proactive defenses, namely software bug hunting, alongside existing …
[HTML][HTML] Building trust for smart connected devices: The challenges and pitfalls of TrustZone
TrustZone-based Trusted Execution Environments (TEEs) have been utilized extensively for
the implementation of security-oriented solutions for several smart intra and inter-connected …
the implementation of security-oriented solutions for several smart intra and inter-connected …
Cache refinement type for side-channel detection of cryptographic software
Cache side-channel attacks exhibit severe threats to software security and privacy,
especially for cryptosystems. In this paper, we propose CaType, a novel refinement type …
especially for cryptosystems. In this paper, we propose CaType, a novel refinement type …
Automated side channel analysis of media software with manifold learning
The prosperous development of cloud computing and machine learning as a service has led
to the widespread use of media software to process confidential media data. This paper …
to the widespread use of media software to process confidential media data. This paper …
Phased-guard: Multi-phase machine learning framework for detection and identification of zero-day microarchitectural side-channel attacks
Microarchitectural Side-Channel Attacks (SCAs) have emerged recently to compromise the
security of computer systems by exploiting the existing processors' hardware vulnerabilities …
security of computer systems by exploiting the existing processors' hardware vulnerabilities …
Identifying {Cache-Based} Side Channels through {Secret-Augmented} Abstract Interpretation
Cache-based side channels enable a dedicated attacker to reveal program secrets by
measuring the cache access patterns. Practical attacks have been shown against real-world …
measuring the cache access patterns. Practical attacks have been shown against real-world …
Memory-safe elimination of side channels
L Soares, FMQ Pereira - 2021 IEEE/ACM International …, 2021 - ieeexplore.ieee.org
A program is said to be isochronous if its running time does not depend on classified
information. The programming languages literature contains much work that transforms …
information. The programming languages literature contains much work that transforms …
Untangle: A principled framework to design low-leakage, high-performance dynamic partitioning schemes
Partitioning a hardware structure dynamically among multiple security domains leaks some
information but can deliver high performance. To understand the performance-security …
information but can deliver high performance. To understand the performance-security …
Hybridg: Hybrid dynamic time warping and gaussian distribution model for detecting emerging zero-day microarchitectural side-channel attacks
Microarchitectural Side-channel Attacks (SCAs) benefit from emerging hardware
vulnerabilities in modern microprocessors to steal critical information from users, posing …
vulnerabilities in modern microprocessors to steal critical information from users, posing …
Timing Side-Channel Mitigation via Automated Program Repair
H Ruan, Y Noller, S Tizpaz-Niari… - ACM Transactions on …, 2024 - dl.acm.org
Side-channel vulnerability detection has gained prominence recently due to Spectre and
Meltdown attacks. Techniques for side-channel detection range from fuzz testing to program …
Meltdown attacks. Techniques for side-channel detection range from fuzz testing to program …