@inproceedings{688dc46e7f6d44d385a5e8e27f194ff5,
title = "Detection of leaks through exception mechanisms",
abstract = "A timing attack is a security exploit that allows an attacker to discover vulnerabilities in the security of a computer or network system by analysing the execution time of algorithms. This is because each operation in a program takes time to be executed, and this time may vary depending on its inputs and the characteristics of the microprocessor on which it runs. With accurate time measurements for each operation, it may be possible for an attacker to discover secrets through the analysis of the execution time of a program. This paper presents an automatable approach for detecting information leakage in programs through timing information. It is based on the Z3-SMT solver. It allows to detect vulnerabilities in a software code according to a given security specification and target architecture. This paper also features some research issues that will be addressed during my thesis.",
keywords = "Exception, Execution environment, Formal analysis, Timing information, Vulnerabilities detection",
author = "Kissi, \{Salim Yahia\} and Yassamine Seladji and Rabea Ameur-Boulifa",
note = "Publisher Copyright: {\textcopyright} 2022 IEEE.; 5th Edition of the International Conference on Advanced Aspects of Software Engineering, ICAASE 2022 ; Conference date: 17-09-2022 Through 18-09-2022",
year = "2022",
month = jan,
day = "1",
doi = "10.1109/ICAASE56196.2022.9931592",
language = "English",
series = "ICAASE 2022 - 5th Edition of the International Conference on Advanced Aspects of Software Engineering, Proceedings",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
booktitle = "ICAASE 2022 - 5th Edition of the International Conference on Advanced Aspects of Software Engineering, Proceedings",
}