International audienceEven if a software is proven sound and secure, an attacker can still insert vulnerabilities with fault attacks. In this paper, we propose HAPEI, an Instruction Set Randomization scheme to guarantee Program Execution Integrity even in the presence of hardware fault injection. In particular, we propose a new solution to the multi-predecessors problem. This scheme is then implemented as a hardened CHIP-8 virtual machine, able to ensure program execution integrity, to prove the viability and to explore the limits of HAPEI
Microprocessors used in safety-critical systems are extremely sensitive to software vulnerabilities,...
Cyber attacks are based on intrusions into digital systems by exploiting bugs to take control over t...
Fault injection attacks alter the intended behavior of micro- controllers, compromising their securi...
International audienceEven if a software is proven sound and secure, an attacker can still insert vu...
International audienceCyber-attacks are widely known to be a major threat on computing devi...
Bugs are prevalent in a large amount of deployed software. These bugs often introduce vulnerabilitie...
International audienceMany fault injection techniques have been proposed in the recent years to atta...
The root causes of many security vulnerabilities include a pernicious combination of two problems, o...
We describe Instruction-Set Randomization (ISR), a general approach for safeguarding systems against...
We describe a new, general approach for safeguarding systems against any type of code-injection atta...
Instruction set randomization offers a way to combat code-injection attacks by separating code from ...
We describe a new, general approach for safeguarding systems against any type of code-injection atta...
The complexity of computer programs has been increasing for multiple decades. As a result, the numbe...
Defenses such as Address Space Layout Randomization (ASLR), Data Execution Prevention (DEP), and sta...
Abstract—A new binary software randomization and Control-Flow Integrity (CFI) enforcement system is ...
Microprocessors used in safety-critical systems are extremely sensitive to software vulnerabilities,...
Cyber attacks are based on intrusions into digital systems by exploiting bugs to take control over t...
Fault injection attacks alter the intended behavior of micro- controllers, compromising their securi...
International audienceEven if a software is proven sound and secure, an attacker can still insert vu...
International audienceCyber-attacks are widely known to be a major threat on computing devi...
Bugs are prevalent in a large amount of deployed software. These bugs often introduce vulnerabilitie...
International audienceMany fault injection techniques have been proposed in the recent years to atta...
The root causes of many security vulnerabilities include a pernicious combination of two problems, o...
We describe Instruction-Set Randomization (ISR), a general approach for safeguarding systems against...
We describe a new, general approach for safeguarding systems against any type of code-injection atta...
Instruction set randomization offers a way to combat code-injection attacks by separating code from ...
We describe a new, general approach for safeguarding systems against any type of code-injection atta...
The complexity of computer programs has been increasing for multiple decades. As a result, the numbe...
Defenses such as Address Space Layout Randomization (ASLR), Data Execution Prevention (DEP), and sta...
Abstract—A new binary software randomization and Control-Flow Integrity (CFI) enforcement system is ...
Microprocessors used in safety-critical systems are extremely sensitive to software vulnerabilities,...
Cyber attacks are based on intrusions into digital systems by exploiting bugs to take control over t...
Fault injection attacks alter the intended behavior of micro- controllers, compromising their securi...