Kirill Kononenko scite author profile

The security of software systems is threatened by a wide range of attack vectors, such as buffer overflows, insecure information flow, and side channels, which can leak private information, e.g., by monitoring a program's execution time. Even if programmers manage to avoid such vulnerabilities in a program's source code or bytecode, new vulnerabilities can arise as compilers generate machine code from those representations.We propose a virtual execution environment for x86 machine code that combines information from compositional, static, and dynamic program analysis to identify vulnerabilities and timing channels, and uses code transformations to prevent those from being exploited. To achieve an appropriate level of performance as well as combine analysis results, our approach stores summary information in the form of conditional rules that can be shared among analyses.

show abstract

Predictive Mitigation of Timing Channels - Threat Defense for Machine Codes

Kananizadeh

Kononenko

2017

J Grid Computing

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Kirill Kononenko

An approach to error correction in program code using dynamic optimization in a virtual execution environment

Development of dynamic protection against timing channels

A unified approach to identifying and healing vulnerabilities in x86 machine code

Predictive Mitigation of Timing Channels - Threat Defense for Machine Codes

Contact Info

Product

Resources

About