The paper proposes a tamper-proofing model for self-modifying code (SMC) by leveraging external timing, concurrency, and microarchitectural state to make non-SMC reproduction detectably expensive.

The paper introduces SCAgent, an automated framework that uses LLM-assisted agents to systematically discover, analyze, and assess side-channel leakage risks in complex systems like iOS, moving beyond…

The paper proposes a constant-time implementation methodology for activation functions on microcontrollers to prevent timing side-channel attacks during embedded neural-network inference.

The paper introduces SymTEE, an LLM-assisted symbolic execution framework that detects missing input validation vulnerabilities in TEE applications without needing complex, real TEE setups.

The paper introduces a novel memory forensics framework to perform runtime analysis of Go malware, successfully recovering critical execution state and artifacts that are invisible to traditional stat…

The paper proposes a novel framework, Speculative Non-Interference (SNI), and a tool, Spectector, to formally detect and verify security vulnerabilities arising from complex interactions of multiple s…

DuCodeMark introduces a robust, dual-purpose watermarking technique that embeds ownership signals into code datasets, ensuring protection across both source-code generation and decompilation tasks.

The paper introduces HPCCFA, a novel mechanism that leverages Hardware Performance Counters (HPCs) to provide hardware-backed Control Flow Attestation (CFA) on commodity CPUs, thereby enhancing the se…

QCIVET introduces a novel contract-based framework to ensure the integrity of hybrid quantum-classical pipelines by verifying both the structure (syntactic) and the behavior (semantic) of quantum stag…

This paper proposes training a single neural network using EM traces collected from multiple probe positions to detect cryptographic leakage across a larger area of a target device, validated by cross…

The paper proposes a novel symbolic execution technique that combines speculative library preloading and custom software hooks to recover Control Flow Graphs (CFGs) from binaries that use dynamic code…

The paper presents Broken Quantum, a comprehensive formal security audit that identifies 547 security vulnerabilities across 45 open-source quantum computing simulators, revealing critical flaws in me…

The paper introduces TLSCheck 2.0, an enhanced memory forensics plugin for Volatility 3, designed to efficiently detect and analyze suspicious TLS callbacks in process memory.

The paper proposes a method for bit-exact verification of AI inference outputs without sacrificing performance, demonstrating that deterministic, precise re-computation is possible even across differe…

The paper proposes a distributed, privacy-preserving monitoring architecture that uses secret-sharing to efficiently monitor systems with continuous state, overcoming the scalability issues of traditi…

This paper introduces a novel algorithm, CiSC, to efficiently and optimally synthesize circuit implementations of linear codes for hardware security, significantly outperforming existing state-of-the-…

LIPPEN introduces a novel hardware-software co-design that provides strong, zero-overhead pointer encryption for enhanced memory safety, achieving comprehensive pointer integrity and confidentiality.

The paper proposes a novel method to automatically enforce differential privacy in stream-based runtime monitoring specifications by analyzing temporal dependencies and injecting calibrated noise.

This paper systematically performs a differential fault analysis (DFA) on the lightweight block cipher Lilliput, demonstrating that it is significantly vulnerable to practical fault attacks even under…

The paper provides a formal proof that a single C program can contain a countably infinite number of distinct, independently assignable software vulnerabilities, suggesting the set of all software vul…