Computers & Security最新文献

{"title":"Folded-tag: Enhancing memory safety with efficient hardware-supported memory tagging","authors":"Sumin Yang,&nbsp;Hongjoo Jin,&nbsp;Wonsuk Choi,&nbsp;Dong Hoon Lee","doi":"10.1016/j.cose.2025.104822","DOIUrl":"10.1016/j.cose.2025.104822","url":null,"abstract":"<div><div>Memory corruption vulnerabilities, such as out-of-bound memory access, are widely exploited by attackers to compromise system security. Numerous software-based techniques have been developed to prevent such vulnerabilities, but they often require a trade-off between security and performance. In response, Memory Tagging Extension (MTE) is one hardware-based technology that has been introduced to improve memory safety on the ARM architecture efficiently. However, ARM MTE suffers from low entropy and side-channel attacks. Consequently, additional techniques are urgent to enhance protection against pointer misuse arising from memory corruption.</div><div>In this paper, we present Folded-Tag, a technique designed to efficiently safeguard pointers against unauthorized out-of-bounds access. Our method addresses the issue of low entropy 4-bit tag in ARM MTE, which makes the system vulnerable, by introducing <span>folding</span> and <span>unfolding</span> mechanisms for pointers. These mechanisms mitigate both speculative execution attacks and pointer guessing attacks. We implemented Folded-Tag in the LLVM compiler framework without requiring kernel modifications, making it suitable for deployment in systems supporting ARM MTE and Pointer Authentication (PA). To assess its effectiveness, we evaluated Folded-Tag on SPEC CPU2017 and NBench-byte benchmarks on an ARM-based Apple Silicon platform. We also applied Folded-Tag to real-world applications, including the NginX web server and ProFTPD FTP server, to demonstrate its compatibility and efficiency. Our experimental results show that Folded-Tag effectively mitigates attacks against existing hardware-assisted security features with a geometric mean performance overhead of less than 1%.</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"163 ","pages":"Article 104822"},"PeriodicalIF":5.4,"publicationDate":"2026-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145928817","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Public auditing with semantic secure data privacy for low-entropy files in cloud storage","authors":"Xiao Tan ,&nbsp;Qi Xie ,&nbsp;Lidong Han ,&nbsp;Shengbao Wang","doi":"10.1016/j.cose.2026.104826","DOIUrl":"10.1016/j.cose.2026.104826","url":null,"abstract":"<div><div>Public auditing enables a third-party auditor delegated by the data owner to efficiently verify the integrity of data outsourced to a remote server, and thus suits for numerous applications in cloud storage. By a comprehensive survey on the literature, we found that none of existing public auditing schemes provide semantic security of data privacy, namely low-entropy data cannot preserve indistinguishability against the auditor. To capture this security weakness, we define the notion <em>public auditing with semantic secure data privacy</em> (PA-SSDP) by a formal adversarial model to guarantee that it is impossible for the auditor to learn any non-trivial information about the data, even if the audited file has only two possible versions. Then we propose a concrete PA-SSDP scheme with two variants of provable security under the new model, which offer improved data privacy and the same level of efficiency as most of related works. Besides, our schemes support some other useful features, such as server-side deduplication, dynamic data update, and batch auditing.</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"163 ","pages":"Article 104826"},"PeriodicalIF":5.4,"publicationDate":"2026-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145979825","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Certificate revocation – search for a way forward","authors":"Takahito Yoshizawa ,&nbsp;Himanshu Agarwal ,&nbsp;Dave Singelée ,&nbsp;Bart Preneel","doi":"10.1016/j.cose.2025.104814","DOIUrl":"10.1016/j.cose.2025.104814","url":null,"abstract":"<div><div>Revocation of digital certificates represents a series of improvements by IETF in order to standardize a complete and effective solution. This applies to the context of Internet web sites in which web servers and browsers use digital certificates to establish Transport Layer Security (TLS). Despite IETF’s effort over the years to establish a reliable revocation mechanism, including Certificate Revocation List (CRL), Online Certificate Status Protocol (OCSP) and its variants, various technical issues hinder complete resolution of the revocation problem. At the same time, all major browser vendors implement their own proprietary solutions to address the revocation problem. As a result, revocation solutions are fragmented, incomplete, and ineffective, and the level of real-world acceptance of standardized solutions is limited. To address this situation, in 2020, IETF has introduced <em>short-term certificate</em> concept to avoid revocation altogether. It is called Support for Short-Term, Automatically Renewed (STAR) which recommends a validity period of 4 days. To measure the level of adoption of this new approach in the Internet, we collected and analyzed web server certificates from 1 million websites; the result of our extensive analysis indicates that this scheme has not gained traction in reality. In fact, we found no implementation of a 4-day validity period out of more than 1.5 million server certificates that we collected. This situation indicates that the latest IETF effort to promote short-term certificates has not materialized, with no clear alternative solution in sight to resolve the revocation issue. We present our insights into the reasons for this absence of traction in reality and present our view of a possible way forward.</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"163 ","pages":"Article 104814"},"PeriodicalIF":5.4,"publicationDate":"2026-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145979826","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"GLRA: Graph-based leakage risk assessment via minimal transmission cost path analysis","authors":"Xing Hu ,&nbsp;Yang Zhang ,&nbsp;Sheng Liu ,&nbsp;Xiaowen Chen ,&nbsp;Yaohua Wang ,&nbsp;Shaoqing Li ,&nbsp;Zhenyu Zhao ,&nbsp;Keqin Li","doi":"10.1016/j.cose.2025.104816","DOIUrl":"10.1016/j.cose.2025.104816","url":null,"abstract":"<div><div>As integrated circuits are increasingly deployed in security-critical applications, assessing the risk of information leakage introduced during the design phase has become a key challenge. Logic-level structures may inadvertently enable sensitive data to propagate to externally observable points, posing serious security risks. Although anomaly-based techniques such as taint tracking and machine learning have been developed to detect or mitigate leakage threats, the absence of a unified and quantitative metric for evaluating leakage risk remains a major limitation. Without such a metric, existing methods can neither effectively identify real threats nor compare the effectiveness of protection strategies in a principled manner, leading to limited reliability and comparability in hardware security analysis.</div><div>To overcome these challenges, we propose GLRA, a graph-based methodology for leakage risk assessment via minimal transmission cost path analysis. Departing from the traditional “path existence” criterion used in anomaly label-based taint tracking, GLRA quantifies leakage risk by evaluating the difficulty of information propagation. A central premise of GLRA is that the transmission cost-defined as the effort required to propagate signals from sensitive sources to observable outputs-is inversely correlated with leakage likelihood: lower costs imply higher risks. Accordingly, we define controllability-based transmission cost metrics for basic logical units such as AND, OR, NOT, and DFF, which quantify the propagation effort imposed by each logic unit. By modeling the circuit as an edge-weighted graph where edges are annotated with the aforementioned transmission cost values, GLRA identifies the minimal path from sensitive sources to potential leakage points. In addition, to accurately quantify the risk of leakage, GLRA establishes a formulaic correlation between the transmission cost and the design’s overall risk of information leakage. Experiments on cryptographic cores, debug infrastructure, and non-cryptographic logic demonstrate that GLRA accurately quantifies maximum-risk leakage paths, achieving a 18.75% improvement in detection precision over traditional anomaly-based approaches. GLRA correctly determines the presence or absence of leakage risks across all 16 evaluated benchmarks. Furthermore, it supports comparative analysis of leakage mitigation strategies across diverse hardware designs, providing quantitative insights into the effectiveness of protection mechanisms.</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"163 ","pages":"Article 104816"},"PeriodicalIF":5.4,"publicationDate":"2026-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145928815","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"SemTaint: A scalable taint analysis approach for JavaWeb frameworks and composite containers","authors":"Haotian Huang ,&nbsp;Ruibin Yan ,&nbsp;Jian Gao","doi":"10.1016/j.cose.2025.104821","DOIUrl":"10.1016/j.cose.2025.104821","url":null,"abstract":"<div><div>Static taint analysis serves as a fundamental technique for detecting security vulnerabilities in JavaWeb applications. However, existing approaches suffer from two critical limitations. First, incomplete modeling of framework mechanisms results in unsound call graphs and value flows. Second, element-insensitive analysis of composite containers leads to imprecise data flows and over-taint. To address these limitations, we propose SemTaint, a unified scalable taint analysis approach based on pointer analysis systems. SemTaint enhances Anderson-style analysis through two key innovations. First, we design rule-based framework modeling that captures implicit data and control flows introduced by JavaWeb mechanisms including dependency injection, dynamic proxy, and data persistence frameworks. Second, we develop the on-demand and element-sensitive container modeling based on the access pattern, which integrates the semantic model, access pattern abstraction and sparse tracking model. It efficiently maintains precision against dynamic state changes, thereby balancing scalability and accuracy. Our evaluation on 20 real-world JavaWeb applications demonstrates that SemTaint achieves higher coverage of intra-app reachable methods, while reducing analysis time by an average of 56.4 % compared to state-of-the-art approach. In precision testing on composite containers, SemTaint achieves 96.7 % accuracy and 100 % recall, substantially outperforming FlowDroid (67.6 % accuracy, 82.8 % recall) and Tai-e (65.7 % accuracy, 79.3 % recall). On security benchmarks, SemTaint attains perfect vulnerability detection recall while maintaining superior efficiency. Case studies on real-world vulnerabilities further confirm SemTaint’s effectiveness in detecting taint flows.</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"163 ","pages":"Article 104821"},"PeriodicalIF":5.4,"publicationDate":"2026-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145928703","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A comprehensive view of software vulnerability risks through enterprise knowledge graphs","authors":"Mikel Egaña Aranguren ,&nbsp;Jesualdo Tomás Fernández-Breis ,&nbsp;Bidane Leon Balentzia ,&nbsp;Markus Rompe ,&nbsp;Alexander García Castro","doi":"10.1016/j.cose.2025.104815","DOIUrl":"10.1016/j.cose.2025.104815","url":null,"abstract":"<div><div>Cybersecurity has emerged as a critical concern for modern enterprises due to the increasing complexity and diversity of threats. These risks exploit multiple attack vectors, such as phishing, unpatched vulnerabilities, and malware distribution, necessitating a comprehensive and unified approach to threat modeling. However, cybersecurity data is often siloed across disparate sources–ranging from JSON vulnerability reports (e.g., Amazon Inspector, CycloneDX) and dependency files (e.g., NPM) to relational databases and manual assessments–making integration a significant challenge. Knowledge Graphs offer the technological framework to successfully integrate disparate data. This work presents a KG-based solution for software vulnerability data integration at Siemens Energy, leveraging Enterprise Knowledge Graphs to unify heterogeneous datasets under a shared semantic model. Our approach consists of: (1) a Cybersecurity Ontology Network defining core entities and relationships, (2) an automated pipeline converting diverse data sources into a (3) scalable EKG that enables advanced threat analysis, and (4) competency questions and data quality rules validating the system’s effectiveness. By adopting a Data-Centric Architecture, EKGs provide a flexible, future-proof framework for cybersecurity intelligence, overcoming the limitations of traditional Application-Centric systems, and ultimately providing FAIR data (Findable, Accessible, Interoperable, Reusable). This work offers actionable insights for organizations seeking to enhance cyber threat visibility while managing complex, evolving data landscapes.</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"163 ","pages":"Article 104815"},"PeriodicalIF":5.4,"publicationDate":"2026-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145928702","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Attacks, defenses and perspectives for the runtime security of RISC-V IoT devices: A review","authors":"Wei Wang ,&nbsp;Weike Wang ,&nbsp;Jiameng Liu ,&nbsp;Lin Li ,&nbsp;Bingzheng Li ,&nbsp;Zirui Liu ,&nbsp;Xiang Wang","doi":"10.1016/j.cose.2025.104817","DOIUrl":"10.1016/j.cose.2025.104817","url":null,"abstract":"<div><div>With the extensive application of embedded devices in daily life, the security issues have gained escalating significance. There are numerous researches and countermeasures dealing with the security problems of mainstream processor architectures. As an emerging Instruction Set Architecture (ISA), RISC-V has drawn widespread attention owing to its openness, flexibility, and extensibility. With its popularization in diverse fields, ensuring the security becomes crucially important. Aiming at the runtime security of RISC-V IoT devices, this paper reviews all the published papers in RISC-V security, and investigates three mainstream attack approaches and corresponding defense solutions. We analyze five common side-channel attacks with distinct attack focuses, categorize defense schemes into three types based on different levels and strategies of defense technology, and summarize several existing defense schemes on RISC-V platforms. Then, in the context of program vulnerability exploitation attacks, we present the attack process and offer a comprehensive overview and comparison of hardware-assisted defense mechanisms that have been implemented on RISC-V platforms in the recent years. This analysis is carried out from four key strategies, namely Code Integrity, Control Flow Integrity, Data Flow Integrity, and Information Confidentiality. For higher-level network attacks that are less correlated with the underlying ISA, we provide a brief statement and introduce two mainstream mechanisms, namely Intrusion Detection System and Data Encryption. Besides, this paper offers the critical perspectives and future development directions for the defense strategies corresponding to each type of attack. It is convinced that this review will act as a valuable resource for fellow researchers in RISC-V security.</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"163 ","pages":"Article 104817"},"PeriodicalIF":5.4,"publicationDate":"2026-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145928816","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A systematic review on adversarial thinking in cyber security education: Themes and potential frameworks","authors":"Thomas Oakley Browne,&nbsp;Eric Pardede","doi":"10.1016/j.cose.2025.104803","DOIUrl":"10.1016/j.cose.2025.104803","url":null,"abstract":"<div><div><em>Background:</em> Adversarial thinking is a key component of cybersecurity education, yet its definition and effective teaching approaches remain unclear. This study aims to clarify this concept and provide directions for future research in cybersecurity education.</div><div><em>Methods:</em> A systematic review and thematic analysis were conducted to examine the relevant literature. The study focused on identifying descriptive and analytical themes, as well as potential frameworks for instruction.</div><div><em>Results:</em> A total of 95 articles were analysed, yielding 89 concepts grouped into 4 main themes and 15 sub-themes. Analysis identified 2 analytical themes and 17 frameworks utilised in interventions.</div><div><em>Discussion:</em> The identified themes provide a basis for defining learning objectives and developing validated assessments. While some frameworks show promise, they are most effective for specific aspects of adversarial thinking. The creation of an overarching educational framework is recommended.</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"163 ","pages":"Article 104803"},"PeriodicalIF":5.4,"publicationDate":"2026-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145897888","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A survey on network flow watermarking: A problem-oriented perspective","authors":"Tengyao Li ,&nbsp;Kaiyue Liu ,&nbsp;Shaoyong Du","doi":"10.1016/j.cose.2025.104813","DOIUrl":"10.1016/j.cose.2025.104813","url":null,"abstract":"<div><div>Network flow watermarking is an active tracing approach by embedding the source node identity information into network flows invisibly. The embedded watermarks coexist with the original network traffic, which are designed with robustness against network noises and active interferences. In recent years, network flow watermarking enters a phase of profound development in face of various challenges on practical applications (e.g. deanonymization, data leakage tracing, malicious behavior monitoring) in Internet. However, to our best knowledge, there are very few surveys for the network flow watermarking methods after 2018, for which the systematic survey covering the entire developments is absent. Meanwhile, current surveys classify and analyze network flow watermarking based on embedding patterns, which ignore different methods correlations on critical problems for watermarking. To this end, the paper reviews and analyzes the papers from 2001 to 2025 on network flow watermarking in perspective of problem-orientations. The threat model and theoretical framework are established to model the watermarking embedding and detecting procedures, which offer a consistent model for watermarking design. From three core problems on robustness, invisibility and adaptation, network flow watermarking methods are classified into different solutions to these problems, which depict an explicit network flow watermarking development roadmap. For sake of facilitating practical applications, five open problems as the critical challenges are discussed, providing references for the future work on network flow watermarking.</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"163 ","pages":"Article 104813"},"PeriodicalIF":5.4,"publicationDate":"2026-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145897840","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Memory under siege: A comprehensive survey of side-Channel attacks on memory","authors":"Mahady Hassan ,&nbsp;Shanto Roy ,&nbsp;Reza Rahaeimehr","doi":"10.1016/j.cose.2025.104810","DOIUrl":"10.1016/j.cose.2025.104810","url":null,"abstract":"<div><div>Side-channel attacks on memory (SCAM) exploit unintended data leaks from memory subsystems to infer sensitive information, posing significant threats to system security. These attacks exploit vulnerabilities in memory access patterns, cache behaviors, and other microarchitectural features to bypass traditional security measures. The purpose of this research is to examine SCAM, classify various attack techniques, and evaluate existing defense mechanisms. It guides researchers and industry professionals in improving memory security and mitigating emerging threats. We begin by identifying the major vulnerabilities in the memory system that are frequently exploited in SCAM, such as cache timing, speculative execution, <em>Rowhammer</em>, and other sophisticated approaches. Next, we outline a comprehensive taxonomy that systematically classifies these attacks based on their types, target systems, attack vectors, and adversarial capabilities required to execute them. In addition, we review the current landscape of mitigation strategies, emphasizing their strengths and limitations. This work aims to provide a comprehensive overview of memory-based side-channel attacks with the goal of providing significant insights for researchers and practitioners to better understand, detect, and mitigate SCAM risks.</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"163 ","pages":"Article 104810"},"PeriodicalIF":5.4,"publicationDate":"2026-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145928905","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}