Research on transient execution attacks including Spectre and Meltdown showed that
exception or branch misprediction events might leave secret-dependent traces in the CPU's …

Sensitive data processing occurs more and more on machines or devices out of users
control. In the Internet of Things world, for example, the security of data could be posed at …

Run-time attacks against programs written in memory-unsafe programming languages (eg,
C and C++) remain a prominent threat against computer systems. The prevalence of …

The C and C++ programming languages are notoriously insecure yet remain indispensable.
Developers therefore resort to a multi-pronged approach to find security issues before …

Memory-safety violations are the primary cause of security and reliability issues in software
systems written in unsafe languages. Given the limited adoption of decades-long research in …

Shielded execution based on Intel SGX provides strong security guarantees for legacy
applications running on untrusted platforms. However, memory safety attacks such as …

Middleboxes that process confidential data cannot be securely deployed in untrusted cloud
environments. To securely outsource middleboxes to the cloud, state-of-the-art systems …

Low-level programming languages with weak/static type systems, such as C and C++, are
vulnerable to errors relating to the misuse of memory at runtime, such as (sub-) object …

CFI is an effective, generic defense against control-flow hijacking attacks, especially for
C/C++ programs. However, most previous CFI systems have poor security as demonstrated …

In recent years, program data attacks (PDA) have become a popular topic in the field of
network security. PDAs are memory corruption vulnerability exploitation techniques that …