Concept
Threat (computer)
Publications associées (58)
X-Attack 2.0: The Risk of Power Wasters and Satisfiability Don’t-Care Hardware Trojans to Shared Cloud FPGAs
Mirjana Stojilovic, Dina Gamaleldin Ahmed Shawky Mahmoud, Beatrice Shokry Samir Shokry, Wei Hu
Cloud computing environments increasingly provision field-programmable gate arrays (FPGAs) for their programmability and hardware-level parallelism. While FPGAs are typically used by one tenant at a time, multitenant schemes supporting spatial sharing of c ...
2024Towards more Practical Threat Models in Artificial Intelligence Security
Alexandre Massoud Alahi, Kathrin Grosse
Recent works have identified a gap between research and practice in artificial intelligence security: threats studied in academia do not always reflect the practical use and security risks of AI. For example, while models are often studied in isolation, th ...
arXiv2023Thwarting Malicious Adversaries in Homomorphic Encryption Pipelines
Homomorphic Encryption (HE) enables computations to be executed directly on encrypted data. As such, it is an auspicious solution for protecting the confidentiality of sensitive data without impeding its usability. However, HE does not provide any guarante ...
EPFL2023Bayes Security: A Not So Average Metric
Carmela González Troncoso, Giovanni Cherubin
Security system designers favor worst-case security metrics, such as those derived from differential privacy (DP), due to the strong guarantees they provide. On the downside, these guarantees result in a high penalty on the system's performance. In this pa ...
IEEE2023WarpAttack: Bypassing CFI through Compiler-Introduced Double-Fetches
Mathias Josef Payer, Flavio Toffalini, Luca Di Bartolomeo, Jianhao Xu
Code-reuse attacks are dangerous threats that attracted the attention of the security community for years. These attacks aim at corrupting important control-flow transfers for taking control of a process without injecting code. Nowadays, the combinations o ...
IEEE COMPUTER SOC2023Privacy-preserving federated neural network training and inference
Training accurate and robust machine learning models requires a large amount of data that is usually scattered across data silos. Sharing, transferring, and centralizing the data from silos, however, is difficult due to current privacy regulations (e.g., H ...
EPFL2023Security Measures for Grids Against Rank-1 Undetectable Time-Synchronization Attacks
Jean-Yves Le Boudec, Marguerite Marie Nathalie Delcourt
Time-synchronization attacks on phasor measurement units (PMUs) pose a real threat to smart grids; it was shown that they are feasible in practice and that they can have a nonnegligible negative impact on state estimation, without triggering the bad data d ...
IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC2022Electrical-Level Attacks on CPUs, FPGAs, and GPUs: Survey and Implications in the Heterogeneous Era
Mirjana Stojilovic, Dina Gamaleldin Ahmed Shawky Mahmoud
Given the need for efficient high-performance computing, computer architectures combining CPUs, GPUs, and FPGAs are nowadays prevalent. However, each of these components suffers from electrical-level security risks. Moving to heterogeneous systems, with th ...
2022Emerging Threats of Synthetic Biology and Biotechnology. Addressing Security and Resilience Issues
Synthetic biology is a field of biotechnology that is rapidly growing in various applications, such as in medicine, environmental sustainability, and energy production. However these technologies also have unforeseen risks and applications to humans and th ...
Springer2021Malware in the SGX supply chain: Be careful when signing enclaves!
Rafael Pereira Pires, Pascal Felber
Malware attacks are a significant part of the new software security threats detected each year. Intel Software Guard Extensions (SGX) are a set of hardware instructions introduced by Intel in their recent lines of processors that are intended to provide a ...
2020