Zobrazeno 1 - 10
of 35
pro vyhledávání: '"Boris Köpf"'
Publikováno v:
Logical Methods in Computer Science, Vol Volume 15, Issue 1 (2019)
Modern computer architectures rely on caches to reduce the latency gap between the CPU and main memory. While indispensable for performance, caches pose a serious threat to security because they leak information about memory access patterns of progra
Externí odkaz:
https://doaj.org/article/7386db0afc8e4f61a5c9979d7427f1b3
Speculative vulnerabilities such as Spectre and Meltdown expose speculative execution state that can be exploited to leak information across security domains via side-channels. Such vulnerabilities often stay undetected for a long time as we lack the
Externí odkaz:
https://explore.openaire.eu/search/publication?articleId=doi_dedup___::19d7fc7f71caa9397e3a3cf0c35f5120
http://arxiv.org/abs/2105.06872
http://arxiv.org/abs/2105.06872
Publikováno v:
IEEE Symposium on Security and Privacy
Since the discovery of Spectre, a large number of hardware mechanisms for secure speculation has been proposed. Intuitively, more defensive mechanisms are less efficient but can securely execute a larger class of programs, while more permissive mecha
Autor:
Marc Brockschmidt, Santiago Zanella-Béguelin, Andrew Paverd, Lukas Wutschitz, Victor Rühle, Olga Ohrimenko, Boris Köpf, Shruti Tople
Publikováno v:
CCS
To continuously improve quality and reflect changes in data, machine learning applications have to regularly retrain and update their core models. We show that a differential analysis of language model snapshots before and after an update can reveal
Publikováno v:
PLDI
We show how to infer deterministic cache replacement policies using off-the-shelf automata learning and program synthesis techniques. For this, we construct and chain two abstractions that expose the cache replacement policy of any set in the cache h
Autor:
Boris Köpf, Itsaka Rakotonirina
Publikováno v:
EuroS&P
A key question for characterising a system's vulnerability against timing attacks is whether or not it allows an adversary to aggregate information about a secret over multiple timing measurements. Existing approaches for reasoning about this aggrega
Publikováno v:
CSF
Vasilikos, P, Nielson, H R, Nielson, F & Kopf, B 2019, Timing leaks and coarse-grained clocks . in Proceedings of 2019 IEEE 32 nd Computer Security Foundations Symposium ., 8823781, IEEE Computer Society Press, Proceedings-IEEE Computer Security Foundations Symposium, vol. 2019-June, pp. 32-47, 2019 IEEE 32nd Computer Security Foundations Symposium, Hoboken, New Jersey, United States, 25/06/2019 . https://doi.org/10.1109/CSF.2019.00010
Vasilikos, P, Nielson, H R, Nielson, F & Kopf, B 2019, Timing leaks and coarse-grained clocks . in Proceedings of 2019 IEEE 32 nd Computer Security Foundations Symposium ., 8823781, IEEE Computer Society Press, Proceedings-IEEE Computer Security Foundations Symposium, vol. 2019-June, pp. 32-47, 2019 IEEE 32nd Computer Security Foundations Symposium, Hoboken, New Jersey, United States, 25/06/2019 . https://doi.org/10.1109/CSF.2019.00010
Timing-based side-channel attacks have matured from an academic exercise to a powerful attack vector in the hand of real-world adversaries. A widely deployed countermeausure against such attacks is to reduce the accuracy of the clocks that are availa
Publikováno v:
IEEE Symposium on Security and Privacy
Many micro-architectural attacks rely on the capability of an attacker to efficiently find small eviction sets: groups of virtual addresses that map to the same cache set. This capability has become a decisive primitive for cache side-channel, rowham
Externí odkaz:
https://explore.openaire.eu/search/publication?articleId=doi_dedup___::e172675c72c89370f7578e81c3853e3e
Publikováno v:
ACM Transactions on Information and System Security. 18:1-32
We present CacheAudit, a versatile framework for the automatic, static analysis of cache side channels. CacheAudit takes as input a program binary and a cache configuration and derives formal, quantitative security guarantees for a comprehensive set
Autor:
Michael Backes, Boris Köpf
Publikováno v:
Mathematical Structures in Computer Science. 25:457-479
We provide a novel definition of quantitative information flow, called transmissible information, that is suitable for reasoning about informational-theoretically secure (or non-cryptographic) systems, as well as about cryptographic systems with thei