A systematic evaluation of transient execution attacks and defenses
Research on transient execution attacks including Spectre and Meltdown showed that
exception or branch misprediction events might leave secret-dependent traces in the CPU's …
exception or branch misprediction events might leave secret-dependent traces in the CPU's …
A comprehensive survey of hardware-assisted security: From the edge to the cloud
Sensitive data processing occurs more and more on machines or devices out of users
control. In the Internet of Things world, for example, the security of data could be posed at …
control. In the Internet of Things world, for example, the security of data could be posed at …
{PAC} it up: Towards pointer integrity using {ARM} pointer authentication
H Liljestrand, T Nyman, K Wang, CC Perez… - 28th USENIX Security …, 2019 - usenix.org
Run-time attacks against programs written in memory-unsafe programming languages (eg,
C and C++) remain a prominent threat against computer systems. The prevalence of …
C and C++) remain a prominent threat against computer systems. The prevalence of …
SoK: Sanitizing for security
The C and C++ programming languages are notoriously insecure yet remain indispensable.
Developers therefore resort to a multi-pronged approach to find security issues before …
Developers therefore resort to a multi-pronged approach to find security issues before …
Intel mpx explained: A cross-layer analysis of the intel mpx system stack
Memory-safety violations are the primary cause of security and reliability issues in software
systems written in unsafe languages. Given the limited adoption of decades-long research in …
systems written in unsafe languages. Given the limited adoption of decades-long research in …
SGXBOUNDS: Memory safety for shielded execution
D Kuvaiskii, O Oleksenko, S Arnautov, B Trach… - Proceedings of the …, 2017 - dl.acm.org
Shielded execution based on Intel SGX provides strong security guarantees for legacy
applications running on untrusted platforms. However, memory safety attacks such as …
applications running on untrusted platforms. However, memory safety attacks such as …
Shieldbox: Secure middleboxes using shielded execution
B Trach, A Krohmer, F Gregor, S Arnautov… - Proceedings of the …, 2018 - dl.acm.org
Middleboxes that process confidential data cannot be securely deployed in untrusted cloud
environments. To securely outsource middleboxes to the cloud, state-of-the-art systems …
environments. To securely outsource middleboxes to the cloud, state-of-the-art systems …
EffectiveSan: type and memory error detection using dynamically typed C/C++
Low-level programming languages with weak/static type systems, such as C and C++, are
vulnerable to errors relating to the misuse of memory at runtime, such as (sub-) object …
vulnerable to errors relating to the misuse of memory at runtime, such as (sub-) object …
Origin-sensitive control flow integrity
CFI is an effective, generic defense against control-flow hijacking attacks, especially for
C/C++ programs. However, most previous CFI systems have poor security as demonstrated …
C/C++ programs. However, most previous CFI systems have poor security as demonstrated …
A survey of exploitation techniques and defenses for program data attacks
Y Wang, Q Li, Z Chen, P Zhang, G Zhang - Journal of Network and …, 2020 - Elsevier
In recent years, program data attacks (PDA) have become a popular topic in the field of
network security. PDAs are memory corruption vulnerability exploitation techniques that …
network security. PDAs are memory corruption vulnerability exploitation techniques that …