2025
SCAD: Towards a Universal and Automated Network Side-Channel Vulnerability Detection
Keyu Man, Zhongjie Wang, Yu Hao, Shenghan Zheng, Yue Cao, Xin'an Zhou, Zhiyun Qian
IEEE Symposium on Security and Privacy (IEEE S&P) 2025
Network side-channel attacks, such as SADDNS enabling off-path cache poisoning, are notoriously difficult to detect because current automated techniques require extensive, error-prone modeling that oversimplifies network protocols. In response, we introduce SCAD—the first solution leveraging dynamic symbolic execution to efficiently identify non-interference violations across multiple execution traces—uncovering previously unknown vulnerabilities with significantly reduced manual effort.
SCAD: Towards a Universal and Automated Network Side-Channel Vulnerability Detection
Keyu Man, Zhongjie Wang, Yu Hao, Shenghan Zheng, Yue Cao, Xin'an Zhou, Zhiyun Qian
IEEE Symposium on Security and Privacy (IEEE S&P) 2025
Network side-channel attacks, such as SADDNS enabling off-path cache poisoning, are notoriously difficult to detect because current automated techniques require extensive, error-prone modeling that oversimplifies network protocols. In response, we introduce SCAD—the first solution leveraging dynamic symbolic execution to efficiently identify non-interference violations across multiple execution traces—uncovering previously unknown vulnerabilities with significantly reduced manual effort.