262 Hits in 10.1 sec

SCRAP: Architecture for signature-based protection from Code Reuse Attacks

M. Kayaalp, T. Schmitt, J. Nomani, D. Ponomarev, N. Abu-Ghazaleh
2013 2013 IEEE 19th International Symposium on High Performance Computer Architecture (HPCA)  
Code Reuse Attacks (CRAs) recently emerged as a new class of security exploits.  ...  CRAs construct malicious programs out of small fragments (gadgets) of existing code, thus eliminating the need for code injection.  ...  Acknowledgements We would like to thank the anonymous reviewers for their comments and suggestions.  ... 
doi:10.1109/hpca.2013.6522324 dblp:conf/hpca/KayaalpSNPA13 fatcat:7o6qlxdfyfcitgbmchhbxwzhfa

Signature-Based Protection from Code Reuse Attacks

Mehmet Kayaalp, Timothy Schmitt, Junaid Nomani, Dmitry Ponomarev, Nael Abu Ghazaleh
2015 IEEE transactions on computers  
Code Reuse Attacks (CRAs) recently emerged as a new class of security exploits.  ...  We first demonstrate that naive signature-based defenses can be defeated by introducing special "delay gadgets" as part of the attack.  ...  ACKNOWLEDGEMENTS This material is based on research sponsored by Air Force Research Laboratory under agreement number FA8750-09-1-0137 and by National Science Foundation grants CNS-1018496 and CNS-0958501  ... 
doi:10.1109/tc.2013.230 fatcat:mui3iuwvnzdprdvq3t7aompviy

Securing Runtime Memory via MMU Manipulation

Marinos Tsantekidis, Vassilis Prevelakis
2021 Zenodo  
t is often useful for a code component (e.g., a library) to be able to maintain information that is hidden from the rest of the program (e.g., private keys used for signing, or usage counters used for  ...  When running code outside the address space of a given library, the pages containing the private memory of that library are not mapped into the program's address space, hence are not accessible to the  ...  Then, they propose and develop the Signature-based CRA Protection (SCRAP) hardware-based architecture for detecting such stealth JOP attacks.  ... 
doi:10.5281/zenodo.5834069 fatcat:n5ftvxayobddbgcmlfe7y2iv4a

Dwarf Frankenstein is still in your memory: tiny code reuse attacks

AliAkbar Sadeghi, Farzane Aminmansour, Hamid Reza Shahriari
2017 Isecure  
The main contribution of this paper is to provide a tricky aspect of code reuse techniques, called tiny code reuse attacks (Tiny-CRA) that demonstrates the ineffectiveness of the threshold based detection  ...  A B S T R A C T Code reuse attacks such as return oriented programming and jump oriented programming are the most popular exploitation methods among attackers.  ...  SCRAP SCRAP is a signature based protection from code reuse attacks that can be implemented entirely in hardware.  ... 
doi:10.22042/isecure.2017.0.0.4 dblp:journals/isecure/SadeghiAS17 fatcat:mxatws2wg5bfxof7wk7lgxljae

Hardware supported Software and Control Flow Integrity

Ruan de Clercq
2017 Zenodo  
Finally, we develop an architectural feature which provides interrupt support for a program counter-based Protected Module Architectures (PMAs) by means of processor modifications.  ...  We focus on enhancing the security of microprocessors to detect runtime attacks, prevent malicious modification of software, and develop support for isolating software from malware.  ...  The CFI mechanism presented in this section provides protection from attacks based on code injection and code reuse.  ... 
doi:10.5281/zenodo.2643373 fatcat:3elmla7my5fa5jyeti73b7pnkm

SIGDROP: Signature-based ROP Detection using Hardware Performance Counters [article]

Xueyang Wang, Jerry Backer
2016 arXiv   pre-print
Such hardware event-based patterns form signatures to flag ROP attacks at runtime.  ...  By chaining short instruction sequences from existing code pieces, ROP can bypass static code-integrity checking approaches and non-executable page protections.  ...  SIGNATURE-BASED DETECTION OF ROP ATTACKS A.  ... 
arXiv:1609.02667v1 fatcat:ug7mqhaoozht7bnwfhpja65dfi

A Novel NFC based Secure Protocol for Merchant Transactions

Shaik Shakeel Ahamad
2021 IEEE Access  
our proposed protocol overcome multi-protocol attack, RAM (Random Access Memory) scrapping attack, DOS (Denial Of Service), DDOS (Distributed Denial Of Service), and Phlashing attacks.  ...  The current research works in mobile payments and commerce are prone to reverse-engineering attacks and lacked transport layer protection, so these research works do not ensure security.  ...  The proposed protocol is formally proven using both BAN logic and the Scyther tool. [31] proposes a secure operational model for mobile payments based on a serviceoriented architecture based on a two-dimensional  ... 
doi:10.1109/access.2021.3139065 fatcat:qzskxxbpgrb27btkxgjxcec4mi

Research on In-Vehicle Key Management System under Upcoming Vehicle Network Architecture

Wu, Zhao, Zhu, Lu, Shi
2019 Electronics  
The simulation analysis for the proposed OTA-based key update protocol verifies the protocol's security.  ...  After describing previous research on vehicle key management and the development trend of vehicle network architecture, a key management scheme for in-vehicle multi-layer electronic control units (ECUs  ...  Moreover, the public keys or certificates used for verifying signatures are secured by the HSM, TPM, and CRL of entities. Prevention for replay attacks.  ... 
doi:10.3390/electronics8091026 fatcat:n6rw7dbopfhnnbjpb56qqojpq4

Boosting the precision of virtual call integrity protection with partial pointer analysis for C++

Xiaokang Fan, Yulei Sui, Xiangke Liao, Jingling Xue
2017 Proceedings of the 26th ACM SIGSOFT International Symposium on Software Testing and Analysis - ISSTA 2017  
VIP raises the bar against vtable hijacking attacks by providing stronger security guarantees than the CHA-based approach with comparable performance overhead.  ...  VIP introduces two new techniques: (1) a sound and scalable partial pointer analysis for discovering statically the sets of legitimate targets at virtual callsites from separately compiled C++ modules  ...  a wide range of attacks such as code injection attacks and code reuse attacks. 2.2.1 Code Injection Attacks. 2.2.2 Code Reuse Attacks.  ... 
doi:10.1145/3092703.3092729 dblp:conf/issta/FanSLX17 fatcat:zftjdbi225bs5ouy2spucwvb2a

Secure and Efficient Audit Service Outsourcing for Data Integrity in Clouds

Gyan Prakash, Bhaskar Vyas
2014 International Journal of MC Square Scientific Research  
Cloud-based outsourced storage relieves the client's load for storage management and maintenance by providing a comparably low-cost, scalable, locationindependent platform.  ...  In this project, profiting from the interactive zero-knowledge proof system, the construction of an interactive PDP protocol to prevent the fraudulence of prover (soundness property) and the leakage of  ...  The scheme is based on two concepts: (a) the signature of a record is derived from its digest as well as its left and right neighbors'.  ... 
doi:10.20894/ijmsr. fatcat:pboekdtqcffojjclnupz6yu6dq

CoSMIX: A Compiler-based System for Secure Memory Instrumentation and Execution in Enclaves

Meni Orenbach, Yan Michalevsky, Christof Fetzer, Mark Silberstein
2019 USENIX Annual Technical Conference  
CoSMIX is a Compiler-based system for Secure Memory Instrumentation and eXecution of applications in secure enclaves.  ...  Similarly, annotating a single line of code in a biometric verification server changes it to store its sensitive data in Oblivious RAM and makes it resilient against SGX side-channel attacks.  ...  The enclave hardware protects them from attacks by a powerful privileged adversary, such as a malicious OS or a hypervisor.  ... 
dblp:conf/usenix/OrenbachMFS19 fatcat:ob4yxnubrjgc7olenvi422kt2a

Comparative Analysis and Enhancement of CFG-based Hardware-Assisted CFI Schemes [article]

Mario Telesklav, Stefan Tauner
2021 arXiv   pre-print
., by use of code-reuse attacks) still poses a serious threat to the security of today's systems.  ...  For this paper, we have implemented multiple promising CFG-based CFI schemes on a common platform comprising a RISC-V SoC within an FPGA.  ...  The authors would also like to thank Andreas Steininger and all other reviewers of the manuscript for their helpful feedback.  ... 
arXiv:2103.04456v1 fatcat:sj3zohk3znhq3nocuc65xb275u

Appendix [chapter]

2010 Smart Card Handbook  
The objective of the activation sequence is to protect the smart card microcontroller, which is sensitive to charges and voltages on its contacts.  ...  Access control Access control consists of using equipment and/or services to control the entry and exit of employees or customers to or from secure locations.  ...  manipulation and interception. 87 Secure signature creation device (SSCD) A signature generation device, such as a → smart card, that is protected against attacks.  ... 
doi:10.1002/9780470660911.app1 fatcat:qy7ioz5aofhg7pem45tp42tulu

A Hybrid Dynamic Encryption Scheme for Multi-Factor Verification: A Novel Paradigm for Remote Authentication

Muath Obaidat, Joseph Brown, Suhaib Obeidat, Majdi Rawashdeh
2020 Sensors  
The proposed scheme uses a hybrid, layered encryption technique alongside a two-part verification process, and provides dynamic protection against interception-based cyber-attacks such as replay or MiTM  ...  attacks, without creating additional vulnerabilities for other attacks such as bruteforcing.  ...  Code of client. Figure 6 . 6 Figure 6. Code of client. Figure 7 . 7 Figure 7. Code of server. Figure 7 . 7 Figure 7. Code of server. Figure 8 . 8 Figure 8.  ... 
doi:10.3390/s20154212 pmid:32751189 fatcat:aiiqtue2hrahdm2e4khmyylzhq

Reuse and Abuse

Susan Eisenbach, Chris Sadler
2007 Journal of Object Technology  
Some of this work is based on more formal work done with Sophia Drossopoulou and the Slurp research group.  ...  Initially, it implied some kind of code scrap-heap where a developer could find some bits and pieces to help get a job done.  ...  But entry 0 will actually point to the code for SndMsg, and, when invoked from a client, a type violation will occur.  ... 
doi:10.5381/jot.2007.6.1.a5 fatcat:qhpx4hi5fja4vooeqdu5hjqxli
« Previous Showing results 1 — 15 out of 262 results