LIPPEN introduces a novel hardware-software co-design that provides strong, zero-overhead pointer encryption for enhanced memory safety, achieving comprehensive pointer integrity and confidentiality.

Janus is a compiler-based security framework for ARM64 that mitigates transient execution attacks like Spectre by integrating PA and BTI microarchitectural features, achieving strong security with low…

PoisonCap introduces a new 'poison' capability format for CHERI systems to provide efficient, strict use-after-free and initialization safety, surpassing existing temporal safety solutions.

The paper introduces a novel toolkit to enhance RISC-V Trusted Execution Environments (TEEs) by adding modular extensions for secure enclave update, migration, state continuity, and trusted time, ther…

The paper proposes a novel hardware extension that enables deterministic, kernel-bypass switching to user-level protection domains upon interrupt arrival, significantly reducing worst-case latency for…

The Device Context Protocol (DCP) introduces a compact, safety-first communication standard designed to allow LLMs to reliably control resource-constrained physical microcontrollers, significantly imp…

The paper introduces BOUNDARY FLOW, an LLVM-based framework that enhances kernel fuzzing and analysis by extracting per-task, state-aware data-flow information (arguments and return values) at functio…

The paper introduces uGen, the first LLM-driven framework that uses a retrieval-augmented, multi-agent design to automatically generate functionally correct microarchitectural attack Proof-of-Concepts…

The paper introduces Heimdall, an automated pipeline that uses LLMs and formal verification to safely and automatically migrate legacy, potentially buggy eBPF programs written in C to memory-safe Rust…

The paper proposes a tamper-proofing model for self-modifying code (SMC) by leveraging external timing, concurrency, and microarchitectural state to make non-SMC reproduction detectably expensive.

LiteAtt introduces a verifier-less, Peer-to-Peer Self-Attestation (P2P-SA) framework for modern IoT MCUs, enabling mutual authentication and firmware attestation directly within the connection handsha…

The paper proposes a novel framework, Speculative Non-Interference (SNI), and a tool, Spectector, to formally detect and verify security vulnerabilities arising from complex interactions of multiple s…

AutoSOUP is a system that automates component-level memory-safety verification by generating Safety-Oriented Unit Proofs, leveraging a hybrid LLM-based architecture to overcome manual workflow limitat…

The paper presents a highly optimized, low-stack implementation of the HAETAE signature scheme, reducing peak stack usage significantly to enable its use on severely memory-constrained microcontroller…

The paper introduces MAGE, a novel defensive framework that uses a dedicated 'shadow memory' to proactively detect and mitigate long-horizon threats against LLM agents during complex, multi-step inter…

The paper introduces Sentinel, a novel proxy-based system that achieves comprehensive, type-agnostic reentrancy protection for smart contracts by intercepting all external calls.

This paper systematizes two decades of hardware reverse engineering research by analyzing 187 publications, identifying key technical methods and recommending improvements for reproducibility, standar…

The paper introduces SecPI, a fine-tuning pipeline that teaches reasoning language models (RLMs) to autonomously internalize structured security reasoning, significantly improving secure code generati…

The paper demonstrates that LoRA adapters can be backdoored via data poisoning, showing the backdoor generalizes at the token feature level, and proposes robust behavioral and weight-level detectors f…

This paper demonstrates that LoRA adapters can be backdoored via data poisoning, showing that the resulting backdoor generalizes at the token feature level, and proposes robust behavioral and weight-l…