Information security

Related publications (344)

Graph Chatbot

Chat with Graph Search

Ask any question about EPFL courses, lectures, exercises, research, news, etc. or try the example questions below.

DISCLAIMER: The Graph Chatbot is not programmed to provide explicit or categorical answers to your questions. Rather, it transforms your questions into API requests that are distributed across the various IT services officially administered by EPFL. Its purpose is solely to collect and recommend relevant references to content that you can explore to help you answer your questions.

A Visionary Look at the Security of Reconfigurable Cloud Computing

Francesco Regazzoni, Mirjana Stojilovic

Field-programmable gate arrays (FPGAs) have become critical components in many cloud computing platforms. These devices possess the fine-grained parallelism and specialization needed to accelerate applications ranging from machine learning to networking an ...

2023

A RISC-V Extension to Minimize Privileges of Enclave Runtimes

Edouard Bugnion, Neelu Shivprakash Kalani

In confidential computing, the view of the system software is Manichean: the host operating system is untrusted and the TEE runtime system is fully trusted. However, the runtime system is often as complex as a full operating system, and thus is not free fr ...

ACM2023

TEEzz: Fuzzing Trusted Applications on COTS Android Devices

Mathias Josef Payer, Marcel Busch

Security and privacy-sensitive smartphone applications use trusted execution environments (TEEs) to protect sensitive operations from malicious code. By design, TEEs have privileged access to the entire system but expose little to no insight into their inn ...

IEEE COMPUTER SOC2023

Challenging the Assumptions: Rethinking Privacy, Bias, and Security in Machine Learning

Bogdan Kulynych

Predictive models based on machine learning (ML) offer a compelling promise: bringing clarity and structure to complex natural and social environments. However, the use of ML poses substantial risks related to the privacy of their training data as well as ...

EPFL2023

Silent Bugs Matter: A Study of Compiler-Introduced Security Bugs

Mathias Josef Payer, Jianhao Xu

Compilers assure that any produced optimized code is semantically equivalent to the original code. However, even "correct" compilers may introduce security bugs as security properties go beyond translation correctness. Security bugs introduced by such corr ...

Berkeley2023

Anonymous Tokens with Stronger Metadata Bit Hiding from Algebraic MACs

Serge Vaudenay, Fatma Betül Durak

On the one hand, the web needs to be secured from malicious activities such as bots or DoS attacks; on the other hand, such needs ideally should not justify services tracking people's activities on the web. Anonymous tokens provide a nice tradeoff between ...

2023

Machine Learning Security in Industry: A Quantitative Survey

Kathrin Grosse

Despite the large body of academic work on machine learning security, little is known about the occurrence of attacks on machine learning systems in the wild. In this paper, we report on a quantitative study with 139 industrial practitioners. We analyze at ...

IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC2023

Climate risk and vulnerability assessment tool

Changing climatic conditions and increase of extreme events induced by climate change have impacts on non- adapted infrastructures, leading to destruction, damage costs and indirect impacts. To adapt infrastructures to those new conditions, there is a need ...

2023

Evaluating, Exploiting, and Hiding Power Side-Channel Leakage of Remote FPGAs

Ognjen Glamocanin

The pervasive adoption of field-programmable gate arrays (FPGAs) in both cyber-physical systems and the cloud has raised many security issues. Being integrated circuits, FPGAs are susceptible to fault and power side-channel attacks, which require physical ...

EPFL2023

Bayes Security: A Not So Average Metric

Carmela González Troncoso, Giovanni Cherubin

Security system designers favor worst-case security metrics, such as those derived from differential privacy (DP), due to the strong guarantees they provide. On the downside, these guarantees result in a high penalty on the system's performance. In this pa ...

IEEE2023