Precise detection of side-channel vulnerabilities using quantitative cartesian hoare logic
This paper presents Themis, an end-to-end static analysis tool for finding resource-usage
side-channel vulnerabilities in Java applications. We introduce the notion of epsilon …
side-channel vulnerabilities in Java applications. We introduce the notion of epsilon …
Symbolic path cost analysis for side-channel detection
Side-channels in software are an increasingly significant threat to the confidentiality of
private user information, and the static detection of such vulnerabilities is a key challenge in …
private user information, and the static detection of such vulnerabilities is a key challenge in …
JIT leaks: Inducing timing side channels through just-in-time compilation
Side-channel vulnerabilities in software are caused by an observable imbalance in resource
usage across different program paths. We show that just-in-time (JIT) compilation, which is …
usage across different program paths. We show that just-in-time (JIT) compilation, which is …
Online synthesis of adaptive side-channel attacks based on noisy observations
L Bang, N Rosner, T Bultan - 2018 IEEE European Symposium …, 2018 - ieeexplore.ieee.org
We present an automated technique for synthesizing adaptive attacks to extract information
from program functions that leak secret data through a side channel. We synthesize attack …
from program functions that leak secret data through a side channel. We synthesize attack …
A monadic framework for relational verification: applied to information security, program equivalence, and optimizations
Relational properties describe multiple runs of one or more programs. They characterize
many useful notions of security, program refinement, and equivalence for programs with …
many useful notions of security, program refinement, and equivalence for programs with …
Software Side-Channel Analysis
LA Bang - 2018 - escholarship.org
Software side-channel attacks are able to recover confidential information by observing non-
functional computation characteristics of program execution such as elapsed time, amount of …
functional computation characteristics of program execution such as elapsed time, amount of …
[PDF][PDF] Inducing JIT-Based Side Channels for Inferring Predicates about Secrets
Side-channel vulnerabilities in software are caused by an observable imbalance in resource
usage across different program paths. In this paper we demonstrate that justin-time (JIT) …
usage across different program paths. In this paper we demonstrate that justin-time (JIT) …
Path cost analysis for side channel detection
T Brennan - Proceedings of the 26th ACM SIGSOFT International …, 2017 - dl.acm.org
Side-channels have been increasingly demonstrated as a practical threat to the
confidentiality of private user information. Being able to statically detect these kinds of …
confidentiality of private user information. Being able to statically detect these kinds of …
[PDF][PDF] A Monadic Framework for Relational Verification
N Grimm, K Maillard, C Fournet… - arXiv preprint arXiv …, 2017 - normalesup.org
Relational properties describe multiple runs of one or more programs. They characterize
many useful notions of security, program refinement, and equivalence for programs with …
many useful notions of security, program refinement, and equivalence for programs with …
[引用][C] A monadic framework for relational verification (functional pearl)
A Monadic Framework for Relational Verification (Functional Pearl) - CISPA CISPA Home About
Browse Data Privacy Policy Impressum Login A Monadic Framework for Relational Verification …
Browse Data Privacy Policy Impressum Login A Monadic Framework for Relational Verification …