2025
February
|
CounterSEVeillance: Performance-Counter Attacks on AMD SEV-SNP
Stefan Gast, Hannes Weissteiner, Robin Leander Schröder, Daniel Gruss.
NDSS'25, San Diego, CA, USA, February 23-28, 2024 (AR: 16.5%).
[Conference]
|
|
A Systematic Evaluation of Novel and Existing Cache Side Channels
Fabian Rauscher, Carina Fiedler, Andreas Kogler, Daniel Gruss.
NDSS'25, San Diego, CA, USA, February 23-28, 2024 (AR: 16.5%).
[Conference]
|
|
Secret Spilling Drive: Leaking User Behavior through SSD Contention
Jonas Juffinger, Fabian Rauscher, Giuseppe La Manna, Daniel Gruss.
NDSS'25, San Diego, CA, USA, February 23-28, 2024 (AR: 16.5%).
[Conference]
|
|
KernelSnitch: Side-Channel Attacks on Kernel Data Structures
Lukas Maar, Jonas Juffinger, Thomas Steinbauer, Daniel Gruss, Stefan Mangard.
NDSS'25, San Diego, CA, USA, February 23-28, 2024 (AR: 16.5%).
[Conference]
|
2024
October
|
Cross-Core Interrupt Detection: Exploiting User and Virtualized IPIs
Fabian Rauscher, Daniel Gruss.
CCS'24, Salt Lake City, UT, USA, October 14-18, 2024 (AR: 16.7%).
[Conference]
|
August
|
SnailLoad: Exploiting Remote Network Latency Measurements without JavaScript
Stefan Gast, Roland Czerny, Jonas Juffinger, Fabian Rauscher, Simone Franza, Daniel Gruss.
33rd USENIX Security Symposium, Philadelphia, PA, USA, August 14-16, 2024.
[Conference]
[Website]
|
July
|
Presshammer: Rowhammer and Rowpress without Physical Address Information
Jonas Juffinger, Sudheendra Raghav Neela, Martin Heckel, Lukas Schwarz, Florian Adamsky, and Daniel Gruss.
DIMVA'24, Lausanne, Switzerland, July 17-19, 2024 (AR: 23.9%).
[Conference]
|
|
Generic and Automated Drive-by GPU Cache Attacks from the Browser
Lukas Giner, Roland Czerny, Christoph Gruber, Fabian Rauscher, Andreas Kogler, Daniel De Almeida Braga, Daniel Gruss.
AsiaCCS'24, Singapore, July 1-5, 2024 (AR: 22.1%).
[Conference]
[Demo Website]
|
April
|
SUIT: Secure Undervolting with Instruction Traps
Jonas Juffinger, Stepan Kalinin, Daniel Gruss, Frank Mueller.
ASPLOS'24, San Diego, CA, USA, April 27 - May 1, 2024 (AR: 18.4%).
[Conference]
|
March
|
JavaSQUIP: Remote Scheduler Contention Attacks
Stefan Gast, Jonas Juffinger, Lukas Maar, Christoph Royer, Andreas Kogler, Daniel Gruss.
FC'24, Willemstad, Curaçao, March 4-8, 2024 (AR: 21.1%).
[Conference]
|
February
|
IdleLeak: Exploiting Idle State Side Effects for Information Leakage
Fabian Rauscher, Andreas Kogler, Jonas Juffinger, Daniel Gruss.
NDSS'24, San Diego, CA, USA, February 26 - March 1, 2024 (AR: 20.6%).
[Conference]
|
2023
December
|
DOPE: DOmain Protection Enforcement with PKS
Lukas Maar, Martin Schwarzl, Fabian Rauscher, Daniel Gruss, Stefan Mangard.
Annual Computer Security Applications Conference (ACSAC), Austin, TX, USA, December 4-8, 2023 (AR: 23.3%).
[Conference]
|
August
|
Collide+Power: Leaking Inaccessible Data with Software-based Power Side Channels
Andreas Kogler, Jonas Juffinger, Lukas Giner, Lukas Gerlach, Martin Schwarzl, Michael Schwarz, Daniel Gruss, Stefan Mangard.
32nd USENIX Security Symposium, Anaheim, CA, USA, August 9-11, 2023 (AR: 29.0%).
[Conference]
|
|
Side-Channel Attacks on Optane Persistent Memory
Sihang Liu, Suraaj Kanniwadi, Martin Schwarzl, Andreas Kogler, Daniel Gruss, Samira Khan.
32nd USENIX Security Symposium, Anaheim, CA, USA, August 9-11, 2023 (AR: 29.0%).
[Conference]
|
June
|
PT-Guard: Integrity-Protected Page Tables to Defend Against Breakthrough Rowhammer Attacks
Anish Saxena, Gururaj Saileshwar, Jonas Juffinger, Andreas Kogler, Daniel Gruss, Moinuddin Qureshi.
DSN, Porto, Portugal, June 27-30, 2023 (AR: 19.6%).
[Conference]
|
|
Layered Binary Templating
Martin Schwarzl, Erik Kraft, Daniel Gruss.
ACNS, Kyoto, Japan, June 19-22, 2023 (AR: 20.2%).
[Conference]
|
May
|
Practical Timing Side-Channel Attacks on Memory Compression
Martin Schwarzl, Pietro Borrello, Gururaj Saileshwar, Hanna Müller, Michael Schwarz, Daniel Gruss.
S&P'23, San Francisco, CA, USA, May 22-26, 2023 (AR: 17.0%).
[Conference]
|
|
Scatter and Split Securely: Defeating Cache Contention and Occupancy Attacks
Lukas Giner, Stefan Steinegger, Antoon Purnal, Maria Eichlseder, Thomas Unterluggauer, Stefan Mangard, Daniel Gruss.
S&P'23, San Francisco, CA, USA, May 22-26, 2023 (AR: 17.0%).
[Conference]
|
|
CSI:Rowhammer - Cryptographic Security and Integrity against Rowhammer
Jonas Juffinger, Lukas Lamster, Andreas Kogler, Maria Eichlseder, Moritz Lipp, Daniel Gruss.
S&P'23, San Francisco, CA, USA, May 22-26, 2023 (AR: 17.0%).
[Conference]
|
|
SQUIP: Exploiting the Scheduler Queue Contention Side Channel
Stefan Gast, Jonas Juffinger, Martin Schwarzl, Gururaj Saileshwar, Andreas Kogler, Simone Franza, Markus Köstl, Daniel Gruss.
S&P'23, San Francisco, CA, USA, May 22-26, 2023 (AR: 17.0%).
[Conference]
|
February
|
Programmable System Call Security with eBPF
Jinghao Jia, YiFei Zhu, Dan Williams, Andrea Arcangeli, Claudio Canella, Hubertus Franke, Tobin Feldman-Fitzthum, Dimitrios Skarlatos, Daniel Gruss, Tianyin Xu.
arXiv, 2302.10366.
[arXiv]
|
2022
September
|
Robust and Scalable Process Isolation against Spectre in the Cloud
Martin Schwarzl, Pietro Borrello, Andreas Kogler, Kenton Varda, Thomas Schuster, Michael Schwarz, Daniel Gruss.
ESORICS, Copenhagen, Denmark, September 26-30, 2022 (AR: 18.5%).
[Conference]
|
August
|
Half-Double: Hammering From the Next Row Over
Andreas Kogler, Jonas Juffinger, Salman Qazi, Yoongu Kim, Moritz Lipp, Nicolas Boichat, Eric Shiu, Mattias Nissler, Daniel Gruss.
31st USENIX Security Symposium, Boston, MA, USA, August 10-12, 2022 (AR: 18.1%).
[Conference]
|
|
ÆPIC Leak: Architecturally Leaking Uninitialized Data from the Microarchitecture
Pietro Borrello, Andreas Kogler, Martin Schwarzl, Moritz Lipp, Daniel Gruss, Michael Schwarz.
31st USENIX Security Symposium, Boston, MA, USA, August 10-12, 2022 (AR: 18.1%).
[Conference]
|
|
Minefield: A Software-only Protection for SGX Enclaves against DVFS Attacks
Andreas Kogler, Daniel Gruss, Michael Schwarz.
31st USENIX Security Symposium, Boston, MA, USA, August 10-12, 2022 (AR: 18.1%).
[Conference]
|
|
AMD Prefetch Attacks through Power and Time
Moritz Lipp, Daniel Gruss, Michael Schwarz.
31st USENIX Security Symposium, Boston, MA, USA, August 10-12, 2022 (AR: 18.1%).
[Conference]
|
|
Rapid Prototyping for Microarchitectural Attacks
Catherine Easdon, Michael Schwarz, Martin Schwarzl, Daniel Gruss.
31st USENIX Security Symposium, Boston, MA, USA, August 10-12, 2022 (AR: 18.1%).
[Conference]
|
|
Repurposing Segmentation as a Practical LVI-NULL Mitigation in SGX
Lukas Giner, Andreas Kogler, Claudio Canella, Michael Schwarz, Daniel Gruss.
31st USENIX Security Symposium, Boston, MA, USA, August 10-12, 2022 (AR: 18.1%).
[Conference]
|
May
|
Finding and Exploiting CPU Features using MSR Templating
Andreas Kogler, Daniel Weber, Martin Haubenwallner, Moritz Lipp, Daniel Gruss, Michael Schwarz.
S&P'22, San Francisco, CA, USA, May 23-26, 2022 (AR: 14.6%).
[Conference]
|
April
|
Remote Memory-Deduplication Attacks
Martin Schwarzl, Erik Kraft, Moritz Lipp, Daniel Gruss.
NDSS'22, San Diego, CA, USA, April 24-28, 2022 (AR: 16.2%).
[Conference]
|
February
|
SFIP: Coarse-Grained Syscall-Flow-Integrity Protection in Modern Systems
Claudio Canella, Sebastian Dorn, Daniel Gruss, Michael Schwarz.
arXiv, 2202.13716.
[arXiv]
|
|
Systematic Analysis of Programming Languages and Their Execution Environments for Spectre Attacks
Amir Naseredini, Stefan Gast, Martin Schwarzl, Pedro Miguel Sousa Bernardo, Amel Smajic, Claudio Canella, Martin Berger, Daniel Gruss.
ICISSP'22, Virtual, February 9-11, 2022.
[Conference]
|
2021
November
|
Automating Seccomp Filter Generation for Linux Applications
Claudio Canella, Mario Werner, Daniel Gruss, Michael Schwarz.
CCSW'21, Seoul, Korea (AR: 32.3%).
[Proceedings]
|
May
|
PLATYPUS: With Great Power comes Great Leakage
Moritz Lipp, Andreas Kogler, David Oswald, Michael Schwarz, Catherine Easdon, Claudio Canella, Daniel Gruss.
S&P'21, San Francisco, CA, USA, May 23-27, 2021 (AR: 10.0%).
[Conference]
|
|
Systematic Analysis of Randomization-based Protected Cache Architectures
Antoon Purnal, Lukas Giner, Daniel Gruss, Ingrid Verbauwhede.
S&P'21, San Francisco, CA, USA, May 23-27, 2021 (AR: 10.0%).
[Conference]
|
March
|
Speculative Dereferencing of Registers: Reviving Foreshadow
Martin Schwarzl, Thomas Schuster, Michael Schwarz, Daniel Gruss.
FC'21, Grenada, March 1-5, 2021 (AR: 24.7%).
[Program]
|
|
Specfuscator: Evaluating Branch Removal as a Spectre Mitigation
Martin Schwarzl, Canella Claudio, Daniel Gruss, Michael Schwarz.
FC'21, Grenada, March 1-5, 2021 (AR: 24.7%).
[Program]
|
2020
November
|
Transient-Execution Attacks
Daniel Gruss.
Habilitation Thesis, Graz University of Technology. June 12, 2020. Venia Docendi: November 27, 2020.
[Part I only]
|
September
|
Plundervolt: How a Little Bit of Undervolting Can Create a Lot of Trouble
Kit Murdock, David Oswald, Flavio D. Garcia, Jo Van Bulck, Daniel Gruss, Frank Piessens.
IEEE Security & Privacy, Vol. 18, No. 5, Sept.-Oct. 2020.
[Journal]
|
|
How Trusted Execution Environments Fuel Research on Microarchitectural Attacks
Michael Schwarz, Daniel Gruss.
IEEE Security & Privacy, Vol. 18, No. 5, Sept.-Oct. 2020.
[Journal]
|
|
The Evolution of Transient-Execution Attacks
Claudio Canella, Khaled N. Khasawneh, Daniel Gruss.
GLSVLSI'20, Beijing, China, September 8-11, 2020.
[Conference]
|
|
Evolution of Defenses against Transient-Execution Attacks
Claudio Canella, Sai Manoj Pudukotai Dinakarrao, Daniel Gruss, Khaled N. Khasawneh.
GLSVLSI'20, Beijing, China, September 8-11, 2020.
[Conference]
|
August
|
Donky: Domain Keys - Efficient In-Process Isolation for RISC-V and x86
David Schrammel, Samuel Weiser, Stefan Steinegger, Martin Schwarzl, Michael Schwarz, Stefan Mangard, Daniel Gruss.
29th USENIX Security Symposium, Boston, MA, USA, August 12-14, 2020 (AR: 16.1%).
[Conference]
|
July
|
Spectre Attacks: Exploiting Speculative Execution
Paul Kocher, Jann Horn, Anders Fogh, Daniel Genkin, Daniel Gruss, Werner Haas, Mike Hamburg, Moritz Lipp, Stefan Mangard, Thomas Prescher, Michael Schwarz, Yuval Yarom.
Communications of the ACM, Vol. 63 No. 7, Pages 93-101.
[Journal]
|
June
|
Meltdown: Reading Kernel Memory from User Space
Moritz Lipp, Michael Schwarz, Daniel Gruss, Thomas Prescher, Werner Haas, Anders Fogh, Jann Horn, Stefan Mangard, Paul Kocher, Daniel Genkin, Yuval Yarom, Mike Hamburg, Raoul Strackx.
Communications of the ACM, Vol. 63 No. 6, Pages 46-56.
[Journal]
|
|
Nethammer: Inducing Rowhammer Faults through Network Requests
Moritz Lipp, Michael Schwarz, Lukas Raab, Lukas Lamster, Misiker Tadesse Aga, Clémentine Maurice, Daniel Gruss.
SILM Workshop'20, Genova, Italy, June 19, 2020.
[Conference Program]
[Pre-print (May'18)]
|
|
Take A Way: Exploring the Security Implications of AMD's Cache Way Predictors
Moritz Lipp, Vedad Hadzic, Michael Schwarz, Arthur Perais, Clémentine Maurice, Daniel Gruss.
AsiaCCS'20, Taipei, Taiwan, June 1-5, 2020 (AR: 21.8%).
[Conference]
|
|
KASLR: Break It, Fix It, Repeat
Claudio Canella, Michael Schwarz, Martin Haubenwallner, Martin Schwarzl, Daniel Gruss.
AsiaCCS'20, Taipei, Taiwan, June 1-5, 2020 (AR: 21.8%).
[Conference]
|
May
|
LVI: Hijacking Transient Execution through Microarchitectural Load Value Injection
Jo Van Bulck, Daniel Moghimi, Michael Schwarz, Moritz Lipp, Marina Minkin, Daniel Genkin, Yuval Yarom, Berk Sunar, Daniel Gruss, Frank Piessens.
S&P'20, San Francisco, CA, USA, May 18-20, 2020 (AR: 12.3%).
[Website]
[Conference]
|
|
Plundervolt: Software-based Fault Injection Attacks against Intel SGX
Kit Murdock, David Oswald, Flavio D. Garcia, Jo Van Bulck, Daniel Gruss, Frank Piessens.
S&P'20, San Francisco, CA, USA, May 18-20, 2020 (AR: 12.3%).
[Conference]
|
|
RAMBleed: Reading Bits in Memory Without Accessing Them
Andrew Kwong, Daniel Genkin, Daniel Gruss, Yuval Yarom.
S&P'20, San Francisco, CA, USA, May 18-20, 2020 (AR: 12.3%).
[Conference]
|
February
|
ConTExT: A Generic Approach for Mitigating Spectre
Michael Schwarz, Moritz Lipp, Claudio Canella, Robert Schilling, Florian Kargl, Daniel Gruss.
NDSS'20, San Diego, CA, USA, February 23-26, 2020 (AR: 17.4%).
[Conference]
|
January
|
Malware Guard Extension: abusing Intel SGX to conceal cache attacks
Michael Schwarz, Samuel Weiser, Daniel Gruss, Clémentine Maurice, Stefan Mangard.
SpringerOpen Cybersecurity, Vol. 3.
[Journals]
|
2019
November
|
ZombieLoad: Cross-Privilege-Boundary Data Sampling
Michael Schwarz, Moritz Lipp, Daniel Moghimi, Jo Van Bulck, Julian Stecklina, Thomas Prescher, Daniel Gruss.
CCS'19, London, UK, November 11-15, 2019 (AR: 15.7%).
[Pre-print (May'19)]
[Conference]
|
|
Page Cache Attacks
Daniel Gruss, Erik Kraft, Trishita Tiwari, Michael Schwarz, Ari Trachtenberg, Jason Hennessey, Alex Ionescu, Anders Fogh.
CCS'19, London, UK, November 11-15, 2019 (AR: 15.7%).
[Conference]
|
|
Fallout: Leaking Data on Meltdown-resistant CPUs
Claudio Canella, Daniel Genkin, Lukas Giner, Daniel Gruss, Moritz Lipp, Marina Minkin, Daniel Moghimi, Frank Piessens, Michael Schwarz, Berk Sunar, Jo Van Bulck, Yuval Yarom.
CCS'19, London, UK, November 11-15, 2019 (AR: 15.7%).
[Conference]
|
September
|
SGXJail: Defeating Enclave Malware via Confinement
Samuel Weiser, Luca Mayr, Michael Schwarz, Daniel Gruss.
RAID'19, Beijing, China, September 23-25, 2019 (AR: 22.3%).
[Conference]
|
|
NetSpectre: Read Arbitrary Memory over Network
Michael Schwarz, Martin Schwarzl, Moritz Lipp, Jon Masters, Daniel Gruss.
ESORICS'19, Luxembourg, September 23-27, 2019 (AR: 19.5%).
[Conference]
[Pre-print (Jul'18)]
|
August
|
Wait a Second: Playing Hanabi without Giving Hints
Markus Eger, Daniel Gruss.
Foundations of Digital Games 2019, San Luis Obispo, CA, USA, August 26-30, 2019 (AR: 31.7%).
[Conference]
|
|
ScatterCache: Thwarting Cache Attacks via Cache Set Randomization
Mario Werner, Thomas Unterluggauer, Lukas Giner, Michael Schwarz, Daniel Gruss, Stefan Mangard.
28th USENIX Security Symposium, Santa Clara, CA, USA, August 14-16, 2019 (AR: 15.7%).
[Conference]
|
|
A Systematic Evaluation of Transient Execution Attacks and Defenses
Claudio Canella, Jo Van Bulck, Michael Schwarz, Moritz Lipp, Benjamin von Berg, Philipp Ortner, Frank Piessens, Dmitry Evtyushkin, Daniel Gruss.
28th USENIX Security Symposium, Santa Clara, CA, USA, August 14-16, 2019 (AR: 15.7%).
[Conference]
[Pre-print (Nov'18)]
|
June
|
Practical Enclave Malware with Intel SGX
Michael Schwarz, Samuel Weiser, Daniel Gruss.
DIMVA'19, Gothenburg, Sweden, June 19-20, 2019 (AR: 28.8%).
[Conference]
|
May
|
Fallout: Reading Kernel Writes From User Space
Marina Minkin, Daniel Moghimi, Moritz Lipp, Michael Schwarz, Jo Van Bulck, Daniel Genkin, Daniel Gruss, Frank Piessens, Berk Sunar, Yuval Yarom.
arXiv, 1905.12701.
[Pre-print (May'19)]
|
|
Store-to-Leak Forwarding: Leaking Data on Meltdown-resistant CPUs
Michael Schwarz, Claudio Canella, Lukas Giner, Daniel Gruss.
arXiv, 1905.05725.
[Pre-print (May'19)]
|
|
Spectre Attacks: Exploiting Speculative Execution
Paul Kocher, Jann Horn, Anders Fogh, Daniel Genkin, Daniel Gruss, Werner Haas, Mike Hamburg, Moritz Lipp, Stefan Mangard, Thomas Prescher, Michael Schwarz, Yuval Yarom.
S&P'19, Best Paper, San Francisco, CA, USA, May 20-22, 2019 (AR: 11.5%).
[Conference]
[Pre-print (Jan'18)]
[Wikipedia]
|
February
|
JavaScript Template Attacks: Automatically Inferring Host Information for Targeted Exploits
Michael Schwarz, Florian Lackner, Daniel Gruss.
NDSS'19, San Diego, CA, USA, February 24-27, 2019 (AR: 17.1%).
[Conference]
|
2018
December
|
Kernel Isolation: From an Academic Idea to an Efficient Patch for Every Computer
Daniel Gruss, Dave Hansen, Brendan Gregg.
USENIX ;login, issue: Winter 2018, Vol. 43, No. 4.
[Issue]
|
November
|
Software-based microarchitectural attacks
Daniel Gruss.
it - Information Technology, Volume 60: Issue 5-6, November 2018.
[DOI]
|
September
|
Software-basierte Mikroarchitekturangriffe
Daniel Gruss.
Ausgezeichnete Informatikdissertationen 2017, Lecture Notes in Informatics (LNI), Gesellschaft für Informatik, Bonn, Germany, 2018. Presented at INFORMATIK2018 in Berlin, Germany, September 26-27, 2018.
[LNI Digital Library]
|
August
|
Meltdown: Reading Kernel Memory from User Space
Moritz Lipp, Michael Schwarz, Daniel Gruss, Thomas Prescher, Werner Haas, Anders Fogh, Jann Horn, Stefan Mangard, Paul Kocher, Daniel Genkin, Yuval Yarom, Mike Hamburg.
27th USENIX Security Symposium, Baltimore, MD, USA, August 15-17, 2018 (AR: 19.2%).
[Conference]
[Code Examples]
[Wikipedia]
|
June
|
Automated Detection, Exploitation, and Elimination of Double-Fetch Bugs using Modern CPU Features
Michael Schwarz, Daniel Gruss, Moritz Lipp, Clémentine Maurice, Thomas Schuster, Anders Fogh, Stefan Mangard.
AsiaCCS'18, Songdo, Incheon, Korea, Jun 4-8, 2018 (AR: 20.0%).
[Conference]
|
|
Use-After-FreeMail: Generalizing the Use-After-Free Problem and Applying it to Email Services
Daniel Gruss, Michael Schwarz, Matthias Wübbeling, Simon Guggi, Timo Malderle, Stefan More, Moritz Lipp.
AsiaCCS'18, Songdo, Incheon, Korea, Jun 4-8, 2018 (AR: 20.0%).
[Conference]
|
|
ProcHarvester: Fully Automated Analysis of Procfs Side-Channel Leaks on Android
Raphael Spreitzer, Felix Kirchengast, Daniel Gruss, Stefan Mangard.
AsiaCCS'18, Songdo, Incheon, Korea, Jun 4-8, 2018 (AR: 20.0%).
[Conference]
|
May
|
Another Flip in the Wall of Rowhammer Defenses
Daniel Gruss, Moritz Lipp, Michael Schwarz, Daniel Genkin, Jonas Juffinger, Sioli O'Connell, Wolfgang Schoechl, Yuval Yarom.
S&P'18, San Francisco, CA, USA, May 21-23, 2018 (AR: 11.5%).
[Conference]
[Code Examples]
[Pre-print (Oct'17)]
|
February
|
JavaScript Zero: Real JavaScript and Zero Side-Channel Attacks
Michael Schwarz, Moritz Lipp, Daniel Gruss.
NDSS'18, San Diego, CA, USA, February 18-21, 2018 (AR: 21.5%).
[Program]
[Github]
|
|
KeyDrown: Eliminating Software-Based Keystroke Timing Side-Channel Attacks
Michael Schwarz, Moritz Lipp, Daniel Gruss, Samuel Weiser, Clémentine Maurice, Raphael Spreitzer, Stefan Mangard.
NDSS'18, San Diego, CA, USA, February 18-21, 2018 (AR: 21.5%).
[Program]
[Github]
[Pre-print (Jun'17)]
|
2017
September
|
Practical Keystroke Timing Attacks in Sandboxed JavaScript
Moritz Lipp, Daniel Gruss, Michael Schwarz, David Bidner, Clémentine Maurice, Stefan Mangard.
ESORICS'17, Oslo, Norway, September 11-15, 2017 (AR: 15.9%).
[Program]
|
August
|
Strong and Efficient Cache Side-Channel Protection using Hardware Transactional Memory
Daniel Gruss, Julian Lettner, Felix Schuster, Olya Ohrimenko, Istvan Haller, Manuel Costa.
26th USENIX Security Symposium, Vancouver, BC, Canada, August 16-18, 2017 (AR: 16.3%).
[Session]
|
July
|
KASLR is Dead: Long Live KASLR
Daniel Gruss, Moritz Lipp, Michael Schwarz, Richard Fellner, Clémentine Maurice, Stefan Mangard.
ESSoS'17, Bonn, Germany, July 2017 (AR: 46.9%).
[Program]
[Github]
[Wikipedia]
|
|
Malware Guard Extension: Using SGX to Conceal Cache Attacks
Michael Schwarz, Samuel Weiser, Daniel Gruss, Clémentine Maurice, Stefan Mangard.
DIMVA'17, Bonn, Germany, July 6-7, 2017 (AR: 26.9%).
[Program]
[Slides]
[Extended Version]
|
June
|
Software-based Microarchitectural Attacks
Daniel Gruss.
PhD Thesis, Graz University of Technology. June 14, 2017.
[Slides]
[Part I only]
|
April
|
Fantastic Timers and Where to Find Them: High-Resolution Microarchitectural Attacks in JavaScript
Michael Schwarz, Clémentine Maurice, Daniel Gruss, Stefan Mangard.
FC'17, Malta, April 2017 (AR: 26.5%).
[Program]
[Slides]
|
February
|
Hello from the Other Side: SSH over Robust Cache Covert Channels in the Cloud
Clémentine Maurice, Manuel Weber, Michael Schwarz, Lukas Giner, Daniel Gruss, Carlo Alberto Boano, Kay Römer, Stefan Mangard.
NDSS'17, San Diego, CA, USA, February 2017 (AR: 16.1%).
[Session]
[Slides]
[Github]
[BlackHat Asia]
[BlackHat Asia Recording]
[Live Demo]
[Pwnie Award for Best Song]
|
2016
October
|
Prefetch Side-Channel Attacks: Bypassing SMAP and Kernel ASLR
Daniel Gruss, Anders Fogh, Clémentine Maurice, Moritz Lipp, Stefan Mangard.
CCS'16, Vienna, Austria, October 24-28, 2016 (AR: 16.4%).
[Slides]
[Github]
|
|
Drammer: Deterministic Rowhammer Attacks on Mobile Platforms
Victor van der Veen, Yanick Fratantonio, Martina Lindorfer, Daniel Gruss, Clementine Maurice, Giovanni Vigna, Herbert Bos, Kaveh Razavi, Cristiano Giuffrida.
CCS'16, Vienna, Austria, October 24-28, 2016 (AR: 16.4%).
[Project Website]
|
August
|
DRAMA: Exploiting DRAM Addressing for Cross-CPU Attacks
Peter Pessl, Daniel Gruss, Clémentine Maurice, Michael Schwarz, Stefan Mangard.
25th USENIX Security Symposium, Austin, Texas, USA, August 10-12, 2016 (AR: 15.6%).
[Session]
[Pre-print (Nov'15)]
[Slides]
[Github]
[BlackHat Europe]
|
|
ARMageddon: Cache Attacks on Mobile Devices
Moritz Lipp, Daniel Gruss, Raphael Spreitzer, Clémentine Maurice, Stefan Mangard.
25th USENIX Security Symposium, Austin, Texas, USA, August 10-12, 2016 (AR: 15.6%).
[Session]
[Pre-print (Nov'15)]
[Slides]
[Github]
[BlackHat Europe]
|
July
|
Rowhammer.js: A Remote Software-Induced Fault Attack in JavaScript
Daniel Gruss, Clémentine Maurice, Stefan Mangard.
DIMVA'16, Donostia-San Sebastián, Spain, July 7-8, 2016 (AR: 31.8%).
[Conference]
[Github]
[Pre-print (Jul'15)]
[Golem]
[Slate]
[Heise]
[c't]
[Vice]
[Wikipedia]
|
|
Flush+Flush: A Fast and Stealthy Cache Attack
Daniel Gruss, Clémentine Maurice, Klaus Wagner, Stefan Mangard.
DIMVA'16, Donostia-San Sebastián, Spain, July 7-8, 2016 (AR: 31.8%).
[Conference]
[Pre-print (Nov'15)]
[Github]
|
2015
September
|
Practical Memory Deduplication Attacks in Sandboxed Javascript
Daniel Gruss, David Bidner, Stefan Mangard.
ESORICS'15, Vienna, Austria, September 23-25, 2015 (AR: 20.1%).
[Conference]
[Slides]
[PoC by David Bidner]
|
August
|
Cache Template Attacks: Automating Attacks on Inclusive Last-Level Caches
Daniel Gruss, Raphael Spreitzer, Stefan Mangard.
24th USENIX Security Symposium, Washington, D.C., USA, August 12-14, 2015 (AR: 15.7%).
[Session]
[Lightning Talk]
[Slides]
[Github]
|