TY - CHAP AU - Abadi, M. AU - Budiu, M. AU - Erlingsson, U. AU - Ligatti, J. PY - 2005 DA - 2005// TI - Control-flow integrity BT - Proceedings of the 12th ACM Conference on Computer and Communications Security PB - ACM CY - Alexandria ID - Abadi2005 ER - TY - STD TI - Advanced Micro Devices, Inc (2018) An update on AMD processor security. https://www.amd.com/en/corporate/speculative-execution. UR - https://www.amd.com/en/corporate/speculative-execution ID - ref2 ER - TY - STD TI - Advanced Micro Devices, Inc (2018) Full security solutions that locks you down, not in. https://www.amd.com/en/technologies/security. UR - https://www.amd.com/en/technologies/security ID - ref3 ER - TY - STD TI - ARM Limited (2009) Building a secure system using TrustZone technology. http://infocenter.arm.com/help/topic/com.arm.doc.prd29-genc-009492c/PRD29-GENC-009492C_trustzone_security_whitepaper.pdf. UR - http://infocenter.arm.com/help/topic/com.arm.doc.prd29-genc-009492c/PRD29-GENC-009492C_trustzone_security_whitepaper.pdf ID - ref4 ER - TY - JOUR AU - Avanzi, R. PY - 2017 DA - 2017// TI - The QARMA block cipher family JO - IACR Transactions on Symmetric Cryptology VL - 1 ID - Avanzi2017 ER - TY - CHAP AU - Bletsch, T. AU - Jiang, X. AU - Freeh, V. W. AU - Liang, Z. PY - 2011 DA - 2011// TI - Jump-oriented programming: a new class of code-reuse attack BT - Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security PB - ACM CY - Hong Kong ID - Bletsch2011 ER - TY - STD TI - Bogowitz, B, Swinford T (2004) Intel®; active management technology reduces it costs with improved PC manageability. Technol@ Intel Mag. https://www.intel.com/content/dam/www/public/us/en/documents/solution-briefs/optimize-management-and-security-of-client-devices-solution-brief.pdf. UR - https://www.intel.com/content/dam/www/public/us/en/documents/solution-briefs/optimize-management-and-security-of-client-devices-solution-brief.pdf ID - ref7 ER - TY - STD TI - Burow, N, Carr SA, Nash J, Larsen P, Franz M, Brunthaler S, Payer M (2017) Control-flow integrity: Precision, security, and performance. ACM Comput Surv 50(1). ID - ref8 ER - TY - CHAP AU - Carlini, N. AU - Wagner, D. PY - 2014 DA - 2014// TI - ROP is still dangerous: Breaking modern defenses BT - Proceedings of the 23rd USENIX Conference on Security Symposium PB - ACM CY - San Diego ID - Carlini2014 ER - TY - CHAP AU - Checkoway, S. AU - Davi, L. AU - Dmitrienko, A. AU - Sadeghi, A. -. R. AU - Shacham, H. AU - Winandy, M. PY - 2010 DA - 2010// TI - Return-oriented programming without returns BT - Proceedings of the 17th ACM conference on Computer and communications security PB - ACM CY - Chicago ID - Checkoway2010 ER - TY - STD TI - Common Vulnerabilities and Exposures (2018) Linux kernel: Vulnerability statistics. https://www.cvedetails.com/product/47/Linux-Linux-Kernel.html?vendor_id=33. UR - https://www.cvedetails.com/product/47/Linux-Linux-Kernel.html?vendor_id=33 ID - ref11 ER - TY - STD TI - Datenschutz, HT, Pataky D (2017) Intel management engine. https://bitkeks.eu/docs/intelme-report.pdf/. UR - https://bitkeks.eu/docs/intelme-report.pdf/ ID - ref12 ER - TY - BOOK AU - David, C. AU - Kent, Y. AU - Ryan, C. AU - David, S. AU - Leendert, D. PY - 2008 DA - 2008// TI - A practical guide to trusted computing PB - IBM Press, first ed. CY - Boston ID - David2008 ER - TY - BOOK AU - Davi, L. V. PY - 2015 DA - 2015// TI - Code-Reuse Attacks and Defenses. PhD thesis PB - Technische Universität CY - Darmstadt ID - Davi2015 ER - TY - JOUR AU - Ehrenfeld, J. M. PY - 2017 DA - 2017// TI - Wannacry, cybersecurity and health information technology: A time to act JO - J Med Syst VL - 41 UR - https://doi.org/10.1007/s10916-017-0752-1 DO - 10.1007/s10916-017-0752-1 ID - Ehrenfeld2017 ER - TY - CHAP AU - Evans, I. AU - Long, F. AU - Otgonbaatar, U. AU - Shrobe, H. AU - Rinard, M. AU - Okhravi, H. AU - Sidiroglou-Douskos, S. PY - 2015 DA - 2015// TI - Control jujutsu: On the weaknesses of fine-grained control flow integrity BT - Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security PB - ACM CY - Denver ID - Evans2015 ER - TY - CHAP AU - Frantzen, M. AU - Shuey, M. PY - 2001 DA - 2001// TI - Stackghost: Hardware facilitated stack protection BT - Proceedings of the 10th Conference on USENIX Security Symposium PB - ACM CY - Washington ID - Frantzen2001 ER - TY - STD TI - Gellman, B, Poitras L (2013) US intelligence mining data from nine U.S. internet companies in broad secret program. The Washington Post. https://www.sanders.senate.gov/newsroom/must-read/us-intelligence-mining-data-from-nine-us-internet-companies-in-broad-secret-program. UR - https://www.sanders.senate.gov/newsroom/must-read/us-intelligence-mining-data-from-nine-us-internet-companies-in-broad-secret-program ID - ref18 ER - TY - CHAP AU - Halfond, W. G. AU - Viegas, J. AU - Orso, A. PY - 2006 DA - 2006// TI - A classification of SQL-injection attacks and countermeasures BT - Proceedings of the IEEE International Symposium on Secure Software Engineering, vol 1 PB - IEEE CY - Washington ID - Halfond2006 ER - TY - STD TI - Intel Corporation (2006) LaGrande technology preliminary architecture specification. http://kib.kiev.ua/x86docs/SDMs/315168-002.pdf. UR - http://kib.kiev.ua/x86docs/SDMs/315168-002.pdf ID - ref20 ER - TY - STD TI - Intel Corporation (2016) Control-flow enforcement technology preview. https://software.intel.com/sites/default/files/managed/4d/2a/control-flow-enforcement-technology-preview.pdf. UR - https://software.intel.com/sites/default/files/managed/4d/2a/control-flow-enforcement-technology-preview.pdf ID - ref21 ER - TY - STD TI - Intel Security, Center (2017) Intel active management technology, intel small business technology, and intel standard manageability escalation of privilege. https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00075&languageid=en-fr. UR - https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00075&languageid=en-fr ID - ref22 ER - TY - JOUR AU - Kim, Y. AU - Daly, R. AU - Kim, J. AU - Fallin, C. AU - Lee, J. H. AU - Lee, D. AU - Wilkerson, C. AU - Lai, K. AU - Mutlu, O. PY - 2014 DA - 2014// TI - Flipping bits in memory without accessing them: An experimental study of DRAM disturbance errors JO - ACM SIGARCH Computer Architecture News VL - 42 UR - https://doi.org/10.1145/2678373.2665726 DO - 10.1145/2678373.2665726 ID - Kim2014 ER - TY - STD TI - Kocher, P, Genkin D, Gruss D, Haas W, Hamburg M, Lipp M, Mangard S, Prescher T, Schwarz M, Yarom Y (2018) Spectre attacks: Exploiting speculative execution. ArXiv e-prints. https://spectreattack.com/spectre.pdf. UR - https://spectreattack.com/spectre.pdf ID - ref24 ER - TY - CHAP AU - Lin, X. AU - Zavarsky, P. AU - Ruhl, R. AU - Lindskog, D. PY - 2009 DA - 2009// TI - Threat modeling for CSRF attacks BT - International Conference on Computational Science and Engineering PB - IEEE CY - Vancouver. ID - Lin2009 ER - TY - STD TI - Lipp, M, Schwarz M, Gruss D, Prescher T, Haas W, Mangard S, Kocher P, Genkin D, Yarom Y, Hamburg M (2018) Meltdown. ArXiv e-prints. https://meltdownattack.com/meltdown.pdf. UR - https://meltdownattack.com/meltdown.pdf ID - ref26 ER - TY - CHAP AU - Liu, F. AU - Yarom, Y. AU - Ge, Q. AU - Heiser, G. AU - Lee, R. B. PY - 2015 DA - 2015// TI - Last-level cache side-channel attacks are practical BT - Proceedings of the IEEE Symposium on Security and Privacy PB - IEEE CY - San Jose ID - Liu2015 ER - TY - CHAP AU - McKeen, F. AU - Alexandrovich, I. AU - Berenzon, A. AU - Rozas, C. V. AU - Shafi, H. AU - Shanbhogue, V. AU - Savagaonkar, U. R. PY - 2013 DA - 2013// TI - Innovative instructions and software model for isolated execution BT - Proceedings of the 2nd International Workshop on Hardware and Architectural Support for Security and Privacy PB - ACM CY - Tel-Aviv ID - McKeen2013 ER - TY - STD TI - Mozilla Firefox (2018) Project summary. https://www.openhub.net/p/firefox. UR - https://www.openhub.net/p/firefox ID - ref29 ER - TY - STD TI - Oleksenko, O, Kuvaiskii D, Bhatotia P, Felber P, Fetzer C (2017) Intel MPX explained: An empirical study of intel MPX and software-based bounds checking approaches. arXiv preprint arXiv:1702.00719. https://arxiv.org/pdf/1702.00719.pdf. UR - https://arxiv.org/pdf/1702.00719.pdf ID - ref30 ER - TY - STD TI - Qualcomm Technologies, Inc (2017) Whitepaper: Pointer Authentication on ARMv8.3. https://www.qualcomm.com/documents/whitepaper-pointer-authentication-armv83. UR - https://www.qualcomm.com/documents/whitepaper-pointer-authentication-armv83 ID - ref31 ER - TY - CHAP AU - Schuster, F. AU - Tendyck, T. AU - Liebchen, C. AU - Davi, L. AU - Sadeghi, A. R. AU - Holz, T. PY - 2015 DA - 2015// TI - Counterfeit object-oriented programming: On the difficulty of preventing code reuse attacks in C++ applications BT - Proceedings of the IEEE Symposium on Security and Privacy PB - IEEE CY - San Jose ID - Schuster2015 ER - TY - CHAP AU - Seaborn, M. AU - Dullien, T. PY - 2015 DA - 2015// TI - Exploiting the DRAM rowhammer bug to gain kernel privileges BT - Black Hat PB - UBM CY - Las Vegas ID - Seaborn2015 ER - TY - CHAP AU - Shacham, H. PY - 2007 DA - 2007// TI - The geometry of innocent flesh on the bone: Return-into-libc without function calls (on the x86) BT - Proceedings of the 14th ACM Conference on Computer and Communications Security PB - ACM CY - Alexandria ID - Shacham2007 ER - TY - JOUR AU - Shin, Y. AU - Meneely, A. AU - Williams, L. AU - Osborne, J. PY - 2011 DA - 2011// TI - Evaluating complexity, code churn, and developer activity metrics as indicators of software vulnerabilities JO - IEEE Trans Softw Eng VL - 37 UR - https://doi.org/10.1109/TSE.2010.81 DO - 10.1109/TSE.2010.81 ID - Shin2011 ER - TY - JOUR AU - Sinharoy, B. AU - Swanberg, R. AU - Nayar, N. AU - Mealey, B. AU - Stuecheli, J. AU - Schiefer, B. AU - Leenstra, J. AU - Jann, J. AU - Oehler, P. AU - Levitan, D. AU - Eisen, S. AU - Sanner, D. AU - Pflueger, T. AU - Lichtenau, C. AU - Hall, W. AU - Block, T. PY - 2015 DA - 2015// TI - Advanced features in IBM POWER8 systems JO - IBM J Res Dev VL - 59 ID - Sinharoy2015 ER - TY - STD TI - Szekeres, L, Payer M, Wei T, Song D (2013) Sok: Eternal war in memory In: Proceedings of the IEEE Symposium on Security and Privacy, 48–62. ID - ref37 ER - TY - STD TI - Trusted Computing, GroupAdministration (2008) Trusted Platform Module (TPM) summary. https://trustedcomputinggroup.org/trusted-platform-module-tpm-summary/. UR - https://trustedcomputinggroup.org/trusted-platform-module-tpm-summary/ ID - ref38 ER - TY - STD TI - Trusted Computing Group, Incorporated (2003) TCG specification architecture overview. https://www.trustedcomputinggroup.org/wp-content/uploads/TCG_1_4_Architecture_Overview.pdf. UR - https://www.trustedcomputinggroup.org/wp-content/uploads/TCG_1_4_Architecture_Overview.pdf ID - ref39 ER - TY - CHAP AU - van der Veen, V. AU - dutt Sharma, N. AU - Cavallaro, L. AU - Bos, H. PY - 2012 DA - 2012// TI - Memory errors: the past, the present, and the future BT - Proceedings of the 15th ACM International Conference on Research in Attacks, Intrusions, and Defenses PB - Springer CY - Amsterdam UR - https://doi.org/10.1007/978-3-642-33338-5_5 DO - 10.1007/978-3-642-33338-5_5 ID - van der Veen2012 ER - TY - CHAP AU - Wang, W. AU - Chen, G. AU - Pan, X. AU - Zhang, Y. AU - Wang, X. AU - Bindschaedler, V. AU - Tang, H. AU - Gunter, C. A. PY - 2017 DA - 2017// TI - Leaky cauldron on the dark land: Understanding memory side-channel hazards in SGX BT - Proceedings of the ACM SIGSAC Conference on Computer and Communications Security PB - ACM CY - Dallas ID - Wang2017 ER - TY - STD TI - Whalen, S (2001) An introduction to ARP spoofing. Node99 [Online Document]. http://www.madchat.fr/reseau/arp/intro_to_arp_spoofing.pdf. UR - http://www.madchat.fr/reseau/arp/intro_to_arp_spoofing.pdf ID - ref42 ER - TY - STD TI - Wikimedia Foundation, Inc (2018) AMD Platform Security Processor. https://en.wikipedia.org/wiki/AMD_Platform_Security_Processor. UR - https://en.wikipedia.org/wiki/AMD_Platform_Security_Processor ID - ref43 ER - TY - STD TI - Wojtczuk, R, Rutkowska J (2017) SoC and CPU system-wide approach to security. https://www.arm.com/products/security-on-arm/trustzone. UR - https://www.arm.com/products/security-on-arm/trustzone ID - ref44 ER - TY - CHAP AU - Xu, Y. AU - Cui, W. AU - Peinado, M. PY - 2015 DA - 2015// TI - Controlled-channel attacks: Deterministic side channels for untrusted operating systems BT - Proceedings of the IEEE Symposium on Security and Privacy PB - IEEE CY - San Jose ID - Xu2015 ER - TY - CHAP AU - Yang, K. AU - Hicks, M. AU - Dong, Q. AU - Austin, T. AU - Sylvester, D. PY - 2016 DA - 2016// TI - A2: Analog malicious hardware BT - Proceedings of the IEEE Symposium on Security and Privacy PB - IEEE CY - San Jose ID - Yang2016 ER - TY - STD TI - Zhang, N, Sun K, Shands D, Lou W, Hou YT (2016) Truspy: Cache side-channel information leakage from the secure world on ARM devices. IACR Cryptol ePrint Arch:980. ID - ref47 ER - TY - CHAP AU - Zhang, N. AU - Sun, H. AU - Sun, K. AU - Lou, W. AU - Hou, Y. T. PY - 2016 DA - 2016// TI - Cachekit: Evading memory introspection using cache incoherence BT - Proceedings of the IEEE European Symposium on Security and Privacy PB - IEEE CY - Saarbrücken ID - Zhang2016 ER -