Search Results - "Social and professional topics Computing technology policy Computer crime"

Security analysis of logic obfuscation by Rajendran, Jeyavijayan, Pino, Youngok, Sinanoglu, Ozgur, Karri, Ramesh

“…Due to globalization of Integrated Circuit (IC) design flow, rogue elements in the supply chain can pirate ICs, overbuild ICs, and insert hardware trojans…”
Get full text

Smart Contract Security: A Practitioners' Perspective by Wan, Zhiyuan, Xia, Xin, Lo, David, Chen, Jiachi, Luo, Xiapu, Yang, Xiaohu

“…Smart contracts have been plagued by security incidents, which resulted in substantial financial losses. Given numerous research efforts in addressing the…”
Get full text

New Attacks and Defense for Encrypted-Address Cache by Qureshi, Moinuddin K.

“…Conflict-based cache attacks can allow an adversary to infer the access pattern of a co-running application by orchestrating evictions via cache conflicts…”
Get full text

TyTAN: Tiny trust anchor for tiny devices by Brasser, Ferdinand, El Mahjoub, Brahim, Sadeghi, Ahmad-Reza, Wachsmann, Christian, Koeberl, Patrick

“…Embedded systems are at the core of many security-sensitive and safety-critical applications, including automotive, industrial control systems, and critical…”
Get full text

Containing Malicious Package Updates in npm with a Lightweight Permission System by Ferreira, Gabriel, Jia, Limin, Sunshine, Joshua, Kastner, Christian

“…The large amount of third-party packages available in fast-moving software ecosystems, such as Node.js/npm, enables attackers to compromise applications by…”
Get full text

AVFSM: A framework for identifying and mitigating vulnerabilities in FSMs by Nahiyan, Adib, Kan Xiao, Kun Yang, Yier Jin, Forte, Domenic, Tehranipoor, Mark

“…A finite state machine (FSM) is responsible for controlling the overall functionality of most digital systems and, therefore, the security of the whole system…”
Get full text

The state-of-the-art in semiconductor reverse engineering by Torrance, Randy, James, Dick

“…This presentation gives an overview of the place of reverse engineering (RE) in the semiconductor industry, and the techniques used to obtain information from…”
Get full text

Detecting malicious modifications of data in third-party intellectual property cores by Rajendran, Jeyavijayan, Vedula, Vivekananda, Karri, Ramesh

“…Globalization of the system-on-chip (SoC) design flow has created opportunities for rogue elements in the intellectual property (IP) vendor companies to insert…”
Get full text

Fort-NoCs: Mitigating the threat of a compromised NoC by Ancajas, Dean Michael, Chakraborty, Koushik, Roy, Sanghamitra

“…In this paper, we uncover a novel and imminent threat to an emerging computing paradigm: MPSoCs built with 3rd party IP NoCs. We demonstrate that a compromised…”
Get full text

Remote Inter-Chip Power Analysis Side-Channel Attacks at Board-Level by Schellenberg, Falk, Gnad, Dennis R.E., Moradi, Amir, Tahoori, Mehdi B.

“…The current practice in board-level integration is to incorporate chips and components from numerous vendors. A fully trusted supply chain for all used…”
Get full text

A Passion for Security: Intervening to Help Software Developers by Weir, Charles, Becker, Ingolf, Blair, Lynne

“…While the techniques to achieve secure, privacy-preserving software are now well understood, evidence shows that many software development teams do not use…”
Get full text

Human-in-the-Loop XAI-enabled Vulnerability Detection, Investigation, and Mitigation by Nguyen, Tien N., Choo, Raymond

“…The need for cyber resilience is increasingly important in our technology-dependent society, where computing systems, devices and data will continue to be the…”
Get full text

Leaky Way: A Conflict-Based Cache Covert Channel Bypassing Set Associativity by Guo, Yanan, Xin, Xin, Zhang, Youtao, Yang, Jun

“…Modern \times86 processors feature many prefetch instructions that developers can use to enhance performance. However, with some prefetch instructions, users…”
Get full text

Efficient Detection of Toxic Prompts in Large Language Models by Liu, Yi, Yu, Junzhe, Sun, Huijia, Shi, Ling, Deng, Gelei, Chen, Yuqi, Liu, Yang

“…Large language models (LLMs) like ChatGPT and Gemini have significantly advanced natural language processing, enabling various applications such as chatbots…”
Get full text

Evaluating the Security of eFPGA-based Redaction Algorithms by Rezaei, Amin, Afsharmazayejani, Raheel, Maynard, Jordan

“…Hardware IP owners must envision procedures to avoid piracy and overproduction of their designs under a fabless paradigm. A newly proposed technique to…”
Get full text

DIALED: Data Integrity Attestation for Low-end Embedded Devices by De Oliveira Nunes, Ivan, Jakkamsetti, Sashidhar, Tsudik, Gene

“…Verifying integrity of software execution in low-end microcontroller units (MCUs) is a well-known open problem. The central challenge is how to securely detect…”
Get full text

Accounting for Missing Events in Statistical Information Leakage Analysis by Lee, Seongmin, Minocha, Shreyas, Bohme, Marcel

“…The leakage of secret information via a public channel is a critical privacy flaw in software systems. The more information is leaked per observation, the less…”
Get full text

SCONE: A Logic Locking Technique Utilizing SMT Solver and Circuit Encoding Scheme for Efficient Hardware IP Protection by Han, Zhaokun, Xing, Daniel, Amberiadis, Kostas, Srivastava, Ankur, Rajendran, Jeyavijayan Jv

“…Multiple intellectual property (IP) protections have emerged to defeat security threats in integrated circuit (IC) supply chain. Among these, logic locking is…”
Get full text

Query-Based Black-Box Stealthy Sensor Attacks on Cyber-Physical Systems by Jiang, Shixiong, Xu, Weizhe, Liu, Mengyu, Kong, Fanxin

“…We study the vulnerability of Cyber-physical systems (CPS) under stealthy sensor attacks in black-box scenarios. "Black-box" refers to scenarios where the…”
Get full text

PUFatt: Embedded platform attestation based on novel processor-based PUFs by Kong, Joonho, Koushanfar, Farinaz, Pendyala, Praveen K., Sadeghi, Ahmad-Reza, Wachsmann, Christian

“…Software-based attestation schemes aim at proving the integrity of code and data residing on a platform to a verifying party. However, they do not bind the…”
Get full text