This paper studies the synergies between memory corruption vulnerabilities and speculative
execution vulnerabilities. We leverage speculative execution attacks to bypass an important …

With embedded devices becoming more pervasive and entrenched in society, it is
paramount to keep these systems secure. A threat plaguing these systems consists of …

Sensitive data processing occurs more and more on machines or devices out of users
control. In the Internet of Things world, for example, the security of data could be posed at …

Despite their in-DRAM Target Row Refresh (TRR) mitigations, some of the most recent
DDR4 modules are still vulnerable to many-sided Rowhammer bit flips. While these bit flips …

Commodity operating system kernels remain monolithic for practical and historical reasons.
All kernel code shares a single address space, executes with elevated processor privileges …

Memory safety is a key security property that stops memory corruption vulnerabilities.
Different types of memory safety enforcement solutions have been proposed and adopted by …

A wide range of Arm endpoints leverage integrated and discrete GPUs to accelerate
computation such as image processing and numerical processing applications. However, in …

This paper presents an in-kernel, hardware-based control-flow integrity (CFI) protection,
called PAL, that utilizes ARM's Pointer Authentication (PA). It provides three important …

Attackers leverage memory corruption vulnerabilities to establish primitives for reading from
or writing to the address space of a vulnerable process. These primitives form the foundation …

Shadow stacks are the go-to solution for perfect backward-edge control-flow integrity (CFI).
Software shadow stacks trade off security for performance. Hardware-assisted shadow …