Zobrazeno 1 - 10
of 95
pro vyhledávání: '"Cristiano Giuffrida"'
Publikováno v:
EUROSEC 2023: Proceedings of the 2023 European Workshop on System Security, 8-14
STARTPAGE=8;ENDPAGE=14;TITLE=EUROSEC 2023
Gorter, F, Giuffrida, C & van der Kouwe, E 2023, Enviral: Fuzzing the Environment for Evasive Malware Analysis . in EUROSEC 2023 : Proceedings of the 2023 European Workshop on System Security . Association for Computing Machinery, Inc, pp. 8-14, 16th European Workshop on Systems Security, EUROSEC 2023, Rome, Italy, 8/05/23 . https://doi.org/10.1145/3578357.3589455
STARTPAGE=8;ENDPAGE=14;TITLE=EUROSEC 2023
Gorter, F, Giuffrida, C & van der Kouwe, E 2023, Enviral: Fuzzing the Environment for Evasive Malware Analysis . in EUROSEC 2023 : Proceedings of the 2023 European Workshop on System Security . Association for Computing Machinery, Inc, pp. 8-14, 16th European Workshop on Systems Security, EUROSEC 2023, Rome, Italy, 8/05/23 . https://doi.org/10.1145/3578357.3589455
Analyzing malicious behavior is vital to effectively safeguard computer systems against malware. However, contemporary malware frequently contains evasive behavior, which allows it to hide its malicious intent from analysis. More specifically, if the
Publikováno v:
Proceedings 2023 Network and Distributed System Security Symposium.
Publikováno v:
Proceedings 2023 Network and Distributed System Security Symposium.
Publikováno v:
ACSAC '22: Proceedings of the 38th Annual Computer Security Applications Conference, 375-387
STARTPAGE=375;ENDPAGE=387;TITLE=ACSAC '22
Geretto, E, Giuffrida, C, Bos, H & Van Der Kouwe, E 2022, Snappy: Efficient Fuzzing with Adaptive and Mutable Snapshots . in ACSAC '22 : Proceedings of the 38th Annual Computer Security Applications Conference . ACM International Conference Proceeding Series, Association for Computing Machinery, pp. 375-387, 38th Annual Computer Security Applications Conference, ACSAC 2022, Austin, United States, 5/12/22 . https://doi.org/10.1145/3564625.3564639
STARTPAGE=375;ENDPAGE=387;TITLE=ACSAC '22
Geretto, E, Giuffrida, C, Bos, H & Van Der Kouwe, E 2022, Snappy: Efficient Fuzzing with Adaptive and Mutable Snapshots . in ACSAC '22 : Proceedings of the 38th Annual Computer Security Applications Conference . ACM International Conference Proceeding Series, Association for Computing Machinery, pp. 375-387, 38th Annual Computer Security Applications Conference, ACSAC 2022, Austin, United States, 5/12/22 . https://doi.org/10.1145/3564625.3564639
Modern coverage-oriented fuzzers play a crucial role in vulnerability finding. While much research focuses on improving the core fuzzing techniques, some fundamental speed bottlenecks, such as the redundant computations incurred by re-executing the t
Externí odkaz:
https://explore.openaire.eu/search/publication?articleId=doi_dedup___::a94673dfbd115528484133d3854354b9
https://research.vu.nl/en/publications/9e79a9af-ef78-45e4-a722-24bc95f3f5e7
https://research.vu.nl/en/publications/9e79a9af-ef78-45e4-a722-24bc95f3f5e7
Publikováno v:
Gorter, F, Koning, K, Bos, H & Giuffrida, C 2022, DangZero: Efficient Use-After-Free Detection via Direct Page Table Access . in CCS '22: Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security . Proceedings of the ACM Conference on Computer and Communications Security, Association for Computing Machinery, pp. 1307-1321, 28th ACM SIGSAC Conference on Computer and Communications Security, CCS 2022, Los Angeles, United States, 7/11/22 . https://doi.org/10.1145/3548606.3560625
CCS '22: Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security, 1307-1321
STARTPAGE=1307;ENDPAGE=1321;TITLE=CCS '22: Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security
CCS '22: Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security, 1307-1321
STARTPAGE=1307;ENDPAGE=1321;TITLE=CCS '22: Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security
Use-after-free vulnerabilities remain difficult to detect and mitigate, making them a popular source of exploitation. Existing solutions incur impractical performance/memory overhead, require specialized hardware, and/or guarantee only protection, bu
Publikováno v:
Milburn, A, Van Der Kouwe, E & Giuffrida, C 2022, Mitigating Information Leakage Vulnerabilities with Type-based Data Isolation . in 2022 IEEE Symposium on Security and Privacy (SP) : [Proceedings] . Proceedings-IEEE Symposium on Security and Privacy, no. May, vol. 2022, Institute of Electrical and Electronics Engineers Inc., pp. 1049-1065, 43rd IEEE Symposium on Security and Privacy, SP 2022, San Francisco, United States, 23/05/22 . https://doi.org/10.1109/SP46214.2022.9833675
2022 IEEE Symposium on Security and Privacy (SP): [Proceedings], 1049-1065
STARTPAGE=1049;ENDPAGE=1065;TITLE=2022 IEEE Symposium on Security and Privacy (SP)
2022 IEEE Symposium on Security and Privacy (SP): [Proceedings], 1049-1065
STARTPAGE=1049;ENDPAGE=1065;TITLE=2022 IEEE Symposium on Security and Privacy (SP)
Information leakage vulnerabilities (or simply info leaks) such as out-of-bounds/uninitialized reads in the architectural or speculative domain pose a significant security threat, allowing attackers to leak sensitive data such as crypto keys. At the
Externí odkaz:
https://explore.openaire.eu/search/publication?articleId=doi_dedup___::b17788edfd00fc2bc61ad2c8e72979dc
https://hdl.handle.net/1871.1/05fa6149-2233-41e1-bab6-b6170a8d61a9
https://hdl.handle.net/1871.1/05fa6149-2233-41e1-bab6-b6170a8d61a9
Publikováno v:
EuroSec '22: Proceedings of the 15th European Workshop on Systems Security, 29-35
STARTPAGE=29;ENDPAGE=35;TITLE=EuroSec '22
Costi, A, Johannesmeyer, B, Bosman, E, Giuffrida, C & Bos, H 2022, On the Effectiveness of Same-Domain Memory Deduplication . in EuroSec '22 : Proceedings of the 15th European Workshop on Systems Security . Association for Computing Machinery, Inc, pp. 29-35, 15th European Workshop on Systems Security, EuroSec 2022, Virtual, Online, France, 5/04/22 . https://doi.org/10.1145/3517208.3523754
STARTPAGE=29;ENDPAGE=35;TITLE=EuroSec '22
Costi, A, Johannesmeyer, B, Bosman, E, Giuffrida, C & Bos, H 2022, On the Effectiveness of Same-Domain Memory Deduplication . in EuroSec '22 : Proceedings of the 15th European Workshop on Systems Security . Association for Computing Machinery, Inc, pp. 29-35, 15th European Workshop on Systems Security, EuroSec 2022, Virtual, Online, France, 5/04/22 . https://doi.org/10.1145/3517208.3523754
Memory deduplication, an OS memory optimization technique that merges identical pages into a single Copy-on-Write (CoW) page, has been shown to be susceptible to a variety of timing side channel attacks, all of which stem from the differences between
Externí odkaz:
https://explore.openaire.eu/search/publication?articleId=doi_dedup___::9cf5cf2fc3a67284b58a28c93fd37512
https://research.vu.nl/en/publications/42915386-649d-43c1-a438-4271ea248d04
https://research.vu.nl/en/publications/42915386-649d-43c1-a438-4271ea248d04
Autor:
Cristiano Giuffrida, Emanuele Vannacc, Pietro Frigo, Kaveh Razavi, Hasan Hassan, Victor van der Veen, Herbert Bos, Onur Mutlu
Publikováno v:
2020 IEEE Symposium on Security and Privacy (SP)
IEEE Symposium on Security and Privacy
Frigo, P, Vannacci, E, Hassan, H, Der Veen, V V, Mutlu, O, Giuffrida, C, Bos, H & Razavi, K 2020, TRRespass : Exploiting the many sides of target row refresh . in 2020 IEEE Symposium on Security and Privacy (SP) : Proceedings ., 9152631, Proceedings-IEEE Symposium on Security and Privacy, no. May, vol. 2020, Institute of Electrical and Electronics Engineers Inc., pp. 747-762, 41st IEEE Symposium on Security and Privacy, SP 2020, San Francisco, United States, 18/05/20 . https://doi.org/10.1109/SP40000.2020.00090
2020 IEEE Symposium on Security and Privacy (SP): Proceedings, 747-762
STARTPAGE=747;ENDPAGE=762;TITLE=2020 IEEE Symposium on Security and Privacy (SP)
IEEE Symposium on Security and Privacy
Frigo, P, Vannacci, E, Hassan, H, Der Veen, V V, Mutlu, O, Giuffrida, C, Bos, H & Razavi, K 2020, TRRespass : Exploiting the many sides of target row refresh . in 2020 IEEE Symposium on Security and Privacy (SP) : Proceedings ., 9152631, Proceedings-IEEE Symposium on Security and Privacy, no. May, vol. 2020, Institute of Electrical and Electronics Engineers Inc., pp. 747-762, 41st IEEE Symposium on Security and Privacy, SP 2020, San Francisco, United States, 18/05/20 . https://doi.org/10.1109/SP40000.2020.00090
2020 IEEE Symposium on Security and Privacy (SP): Proceedings, 747-762
STARTPAGE=747;ENDPAGE=762;TITLE=2020 IEEE Symposium on Security and Privacy (SP)
After a plethora of high-profile RowHammer attacks, CPU and DRAM vendors scrambled to deliver what was meant to be the definitive hardware solution against the RowHammer problem: Target Row Refresh (TRR). A common belief among practitioners is that,
Publikováno v:
Proceedings 2022 Network and Distributed System Security Symposium.
Publikováno v:
CCS '21: Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security, 715-733
STARTPAGE=715;ENDPAGE=733;TITLE=CCS '21
CCS
Borrello, P, D'Elia, D C, Querzoni, L & Giuffrida, C 2021, Constantine: Automatic Side-Channel Resistance Using Efficient Control and Data Flow Linearization . in CCS '21 : Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security . Proceedings of the ACM Conference on Computer and Communications Security, vol. 2021, Association for Computing Machinery, pp. 715-733, 27th ACM Annual Conference on Computer and Communication Security, CCS 2021, Virtual, Online, Korea, Republic of, 15/11/21 . https://doi.org/10.1145/3460120.3484583
Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security
STARTPAGE=715;ENDPAGE=733;TITLE=CCS '21
CCS
Borrello, P, D'Elia, D C, Querzoni, L & Giuffrida, C 2021, Constantine: Automatic Side-Channel Resistance Using Efficient Control and Data Flow Linearization . in CCS '21 : Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security . Proceedings of the ACM Conference on Computer and Communications Security, vol. 2021, Association for Computing Machinery, pp. 715-733, 27th ACM Annual Conference on Computer and Communication Security, CCS 2021, Virtual, Online, Korea, Republic of, 15/11/21 . https://doi.org/10.1145/3460120.3484583
Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security
In the era of microarchitectural side channels, vendors scramble to deploy mitigations for transient execution attacks, but leave traditional side-channel attacks against sensitive software (e.g., crypto programs) to be fixed by developers by means o
Externí odkaz:
https://explore.openaire.eu/search/publication?articleId=doi_dedup___::cd5f40c21a663bf59d3546aa59683456
https://research.vu.nl/en/publications/8df1370a-5797-49f1-86c8-203a6e8a3d93
https://research.vu.nl/en/publications/8df1370a-5797-49f1-86c8-203a6e8a3d93