中文 English

PTAuth: Temporal Memory Safety via Robust Points-to Authentication


Authors: Reza Mirzazade Farkhani, Mansour Ahmadi, and Long Lu, Northeastern University Abstract: "Temporal memory corruptions are commonly exploited software vulnerabilities that can lead to powerful attacks. Despite significant progress made by decades of research on mitigation techniques, existing countermeasures fall short due to either limited coverage or overly high overhead. Further... » read more

Database Reconstruction from Noisy Volumes: A Cache Side-Channel Attack on SQLite


Authors: Aria Shahverdi, University of Maryland; Mahammad Shirinov, Bilkent University; Dana Dachman-Soled, University of Maryland Abstract: "We demonstrate the feasibility of database reconstruction under a cache side-channel attack on SQLite. Specifically, we present a Flush+Reload attack on SQLite that obtains approximate (or "noisy") volumes of range queries made to a private database... » read more

SMASH: Synchronized Many-sided Rowhammer Attacks from JavaScript


Authors: Finn de Ridder, ETH Zurich and VU Amsterdam; Pietro Frigo, Emanuele Vannacci, Herbert Bos, and Cristiano Giuffrida, VU Amsterdam; Kaveh Razavi, ETH Zurich Abstract: "Despite their in-DRAM Target Row Refresh (TRR) mitigations, some of the most recent DDR4 modules are still vulnerable to many-sided Rowhammer bit flips. While these bit flips are exploitable from native code, tri... » read more

Usability of Authenticity Checks for Hardware Security Tokens


Abstract:  "The final responsibility to verify whether a newly purchased hardware security token (HST) is authentic and unmodified lies with the end user. However, recently reported attacks on such tokens suggest that users cannot take the security guarantees of their HSTs for granted, even despite widely deployed authenticity checks. We present the first comprehensive market review eva... » read more