Publications associées (58)

X-Attack 2.0: The Risk of Power Wasters and Satisfiability Don’t-Care Hardware Trojans to Shared Cloud FPGAs

Mirjana Stojilovic, Dina Gamaleldin Ahmed Shawky Mahmoud, Beatrice Shokry Samir Shokry, Wei Hu

Cloud computing environments increasingly provision field-programmable gate arrays (FPGAs) for their programmability and hardware-level parallelism. While FPGAs are typically used by one tenant at a time, multitenant schemes supporting spatial sharing of c ...
2024

Towards more Practical Threat Models in Artificial Intelligence Security

Alexandre Massoud Alahi, Kathrin Grosse

Recent works have identified a gap between research and practice in artificial intelligence security: threats studied in academia do not always reflect the practical use and security risks of AI. For example, while models are often studied in isolation, th ...
arXiv2023

Thwarting Malicious Adversaries in Homomorphic Encryption Pipelines

Sylvain Chatel

Homomorphic Encryption (HE) enables computations to be executed directly on encrypted data. As such, it is an auspicious solution for protecting the confidentiality of sensitive data without impeding its usability. However, HE does not provide any guarante ...
EPFL2023

Bayes Security: A Not So Average Metric

Carmela González Troncoso, Giovanni Cherubin

Security system designers favor worst-case security metrics, such as those derived from differential privacy (DP), due to the strong guarantees they provide. On the downside, these guarantees result in a high penalty on the system's performance. In this pa ...
IEEE2023

WarpAttack: Bypassing CFI through Compiler-Introduced Double-Fetches

Mathias Josef Payer, Flavio Toffalini, Luca Di Bartolomeo, Jianhao Xu

Code-reuse attacks are dangerous threats that attracted the attention of the security community for years. These attacks aim at corrupting important control-flow transfers for taking control of a process without injecting code. Nowadays, the combinations o ...
IEEE COMPUTER SOC2023

Privacy-preserving federated neural network training and inference

Sinem Sav

Training accurate and robust machine learning models requires a large amount of data that is usually scattered across data silos. Sharing, transferring, and centralizing the data from silos, however, is difficult due to current privacy regulations (e.g., H ...
EPFL2023

Security Measures for Grids Against Rank-1 Undetectable Time-Synchronization Attacks

Jean-Yves Le Boudec, Marguerite Marie Nathalie Delcourt

Time-synchronization attacks on phasor measurement units (PMUs) pose a real threat to smart grids; it was shown that they are feasible in practice and that they can have a nonnegligible negative impact on state estimation, without triggering the bad data d ...
IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC2022

Electrical-Level Attacks on CPUs, FPGAs, and GPUs: Survey and Implications in the Heterogeneous Era

Mirjana Stojilovic, Dina Gamaleldin Ahmed Shawky Mahmoud

Given the need for efficient high-performance computing, computer architectures combining CPUs, GPUs, and FPGAs are nowadays prevalent. However, each of these components suffers from electrical-level security risks. Moving to heterogeneous systems, with th ...
2022

Emerging Threats of Synthetic Biology and Biotechnology. Addressing Security and Resilience Issues

Synthetic biology is a field of biotechnology that is rapidly growing in various applications, such as in medicine, environmental sustainability, and energy production. However these technologies also have unforeseen risks and applications to humans and th ...
Springer2021

Malware in the SGX supply chain: Be careful when signing enclaves!

Rafael Pereira Pires, Pascal Felber

Malware attacks are a significant part of the new software security threats detected each year. Intel Software Guard Extensions (SGX) are a set of hardware instructions introduced by Intel in their recent lines of processors that are intended to provide a ...
2020

Graph Chatbot

Chattez avec Graph Search

Posez n’importe quelle question sur les cours, conférences, exercices, recherches, actualités, etc. de l’EPFL ou essayez les exemples de questions ci-dessous.

AVERTISSEMENT : Le chatbot Graph n'est pas programmé pour fournir des réponses explicites ou catégoriques à vos questions. Il transforme plutôt vos questions en demandes API qui sont distribuées aux différents services informatiques officiellement administrés par l'EPFL. Son but est uniquement de collecter et de recommander des références pertinentes à des contenus que vous pouvez explorer pour vous aider à répondre à vos questions.