7 research outputs found
Comment on "Topological Nodal-Net Semimetal in a Graphene Network Structure"
Recently, a distinct topological semimetal, nodal-net semimetal, has been
identified by Wang et al. through ab initio calculations [Phys. Rev. Lett. 120,
026402 (2018)]. The authors claimed that a new body-centered tetragonal carbon
allotrope with I4/mmm symmetry, termed bct-C40, can host this novel state
exhibiting boxed-astrisk shaped nodal nets. In this Comment, we demonstrate
that bct-C40 is in fact a nodal surface semimetal, the concept of which has
been proposed as early as 2016 [Phys. Rev. B 93, 085427 (2016)]
SoK: Using Dynamic Binary Instrumentation for Security (And How You May Get Caught Red Handed)
Dynamic binary instrumentation (DBI) techniques allow for monitoring and possibly altering the execution of a running program up to the instruction level granularity. The ease of use and flexibility of DBI primitives has made them popular in a large body of research in different domains, including software security. Lately, the suitability of DBI for security has been questioned in light of transparency concerns from artifacts that popular frameworks introduce in the execution: while they do not perturb benign programs, a dedicated adversary may detect their presence and defeat the analysis.
The contributions we provide are two-fold. We first present the abstraction and inner workings of DBI frameworks, how DBI assisted prominent security research works, and alternative solutions. We then dive into the DBI evasion and escape problems, discussing attack surfaces, transparency concerns, and possible mitigations.
We make available to the community a library of detection patterns and stopgap measures that could be of interest to DBI users
Preventing Use-after-free with Dangling Pointers Nullification
Abstract—Many system components and network applications are written in languages that are prone to memory corruption vulnerabilities. There have been countless cases where simple mistakes by developers resulted in memory corruption vulnera-bilities and consequently security exploits. While there have been tremendous research efforts to mitigate these vulnerabilities, use-after-free still remains one of the most critical and popular attack vectors because existing proposals have not adequately addressed the challenging program analysis and runtime performance issues. In this paper we present DANGNULL, a system that detects temporal memory safety violations—in particular, use-after-free and double-free—during runtime. DANGNULL relies on the key observation that the root cause of these violations is that pointers are not nullified after the target object is freed. Based on this observation, DANGNULL automatically traces the object’s rela-tionships via pointers and automatically nullifies all pointers when the target object is freed. DANGNULL offers several benefits. First, DANGNULL addresses the root cause of temporal memory safety violations. It does not rely on the side effects of violations, which can vary and may be masked by attacks. Thus, DANGNULL is ef-fective against even the most sophisticated exploitation techniques. Second, DANGNULL checks object relationship information using runtime object range analysis on pointers, and thus is able to keep track of pointer semantics more robustly even in complex and large scale software. Lastly, DANGNULL does not require numerous explicit sanity checks on memory accesses because it can detect a violation with implicit exception handling, and thus its detection capabilities only incur moderate performance overhead. I
From Topological Nodal-Line Semimetal to Insulator in ABW-Ge<sub>4</sub>: A New Member of the Germanium Allotrope
Topological semimetals have attracted much attention
because of
their excellent properties, such as ultra-high speed, low energy consumption
quantum transport, and negative reluctance. Searching materials with
topological semimetallic properties has become a new research field
for Group-IV materials. Herein, using first-principles calculations
and tight-binding modeling, we proposed a topological nodal-line semimetal
ABW-Ge4 when spin–orbit coupling (SOC) is ignored,
which is composed of pure germanium atoms in a zeolite framework ABW.
It holds excellent dynamic and thermal stability. In its electronic
band structure, there exists a stable Dirac linear band crossing near
the Fermi energy level, which forms a closed ring in the kx = 0 plane of the Brillouin zone (BZ).
Our symmetry analysis reveals that the nodal ring is protected by Mx mirror symmetry. Furthermore,
by examining the slope index in all possible k paths through the considered Dirac point, we find that
the band dispersion near the Dirac point is greatly anisotropic. In
some direction, the Fermi velocity is even larger than that of graphene,
being promising for the future ultra-high speed device. When spin–orbit
coupling is included, the nodal line is gapped and the system becomes
a topological insulator with topological invariants Z2 = 1. Our findings not only identify a new Ge allotrope
but also establish a promising topological material in Group-IV materials,
which may have the desirable compatibility with the traditional semiconductor
industry
SoK: Using Dynamic Binary Instrumentation for Security (And How You May Get Caught Red Handed)
Dynamic binary instrumentation (DBI) techniques allow for monitoring and possibly altering the execution of a running program up to the instruction level granularity. The ease of use and flexibility of DBI primitives has made them popular in a large body of research in different domains, including software security. Lately, the suitability of DBI for security has been questioned in light of transparency concerns from artifacts that popular frameworks introduce in the execution: while they do not perturb benign programs, a dedicated adversary may detect their presence and defeat the analysis.
The contributions we provide are two-fold. We first present the abstraction and inner workings of DBI frameworks, how DBI assisted prominent security research works, and alternative solutions. We then dive into the DBI evasion and escape problems, discussing attack surfaces, transparency concerns, and possible mitigations.
We make available to the community a library of detection patterns and stopgap measures that could be of interest to DBI users