I'm an associate professor in the Secure Systems group (Team Gruss/CoreSec) at the Graz University of Technology, Institute of Applied Information Processing and Communications. In my research I explore software-based microarchitectural attacks and operating system features. I teach undergraduate courses such as Operating Systems (see Hall of Fame), and System-Level Programming, and graduate courses such as Embedded Security, and Security Aspects in Software Development.

Publications

2023
August
  Collide+Power: Leaking Inaccessible Data with Software-based Power Side Channels
Andreas Kogler, Jonas Juffinger, Lukas Giner, Lukas Gerlach, Martin Schwarzl, Michael Schwarz, Daniel Gruss, Stefan Mangard.
32nd USENIX Security Symposium, Anaheim, CA, USA, August 9-11, 2023.     [Conference]
  Side-Channel Attacks on Optane Persistent Memory
Sihang Liu, Suraaj Kanniwadi, Martin Schwarzl, Andreas Kogler, Daniel Gruss, Samira Khan.
32nd USENIX Security Symposium, Anaheim, CA, USA, August 9-11, 2023.     [Conference]
June   Layered Binary Templating
Martin Schwarzl, Erik Kraft, Daniel Gruss.
ACNS, Kyoto, Japan, June 19-22, 2023.     [Conference]
May   Practical Timing Side-Channel Attacks on Memory Compression
Martin Schwarzl, Pietro Borrello, Gururaj Saileshwar, Hanna Müller, Michael Schwarz, Daniel Gruss.
S&P'23, San Francisco, California, USA, May 22-26, 2023.     [Conference]
  Scatter and Split Securely: Defeating Cache Contention and Occupancy Attacks
Lukas Giner, Stefan Steinegger, Antoon Purnal, Maria Eichlseder, Thomas Unterluggauer, Stefan Mangard, Daniel Gruss.
S&P'23, San Francisco, California, USA, May 22-26, 2023.     [Conference]
  CSI:Rowhammer - Cryptographic Security and Integrity against Rowhammer
Jonas Juffinger, Lukas Lamster, Andreas Kogler, Maria Eichlseder, Moritz Lipp, Daniel Gruss.
S&P'23, San Francisco, California, USA, May 22-26, 2023.     [Conference]
  SQUIP: Exploiting the Scheduler Queue Contention Side Channel
Stefan Gast, Jonas Juffinger, Martin Schwarzl, Gururaj Saileshwar, Andreas Kogler, Simone Franza, Markus Köstl, Daniel Gruss.
S&P'23, San Francisco, California, USA, May 22-26, 2023.     [Conference]
2022
September
  Robust and Scalable Process Isolation against Spectre in the Cloud
Martin Schwarzl, Pietro Borrello, Andreas Kogler, Kenton Varda, Thomas Schuster, Michael Schwarz, Daniel Gruss.
ESORICS, Copenhagen, Denmark, September 26-30, 2022 (AR: 18.5%).     [Conference]
August   Half-Double: Hammering From the Next Row Over
Andreas Kogler, Jonas Juffinger, Salman Qazi, Yoongu Kim, Moritz Lipp, Nicolas Boichat, Eric Shiu, Mattias Nissler, Daniel Gruss.
31st USENIX Security Symposium, Boston, MA, USA, August 10-12, 2022 (AR: 18.1%).     [Conference]
  ÆPIC Leak: Architecturally Leaking Uninitialized Data from the Microarchitecture
Pietro Borrello, Andreas Kogler, Martin Schwarzl, Moritz Lipp, Daniel Gruss, Michael Schwarz.
31st USENIX Security Symposium, Boston, MA, USA, August 10-12, 2022 (AR: 18.1%).     [Conference]
  Minefield: A Software-only Protection for SGX Enclaves against DVFS Attacks
Andreas Kogler, Daniel Gruss, Michael Schwarz.
31st USENIX Security Symposium, Boston, MA, USA, August 10-12, 2022 (AR: 18.1%).     [Conference]
  AMD Prefetch Attacks through Power and Time
Moritz Lipp, Daniel Gruss, Michael Schwarz.
31st USENIX Security Symposium, Boston, MA, USA, August 10-12, 2022 (AR: 18.1%).     [Conference]
  Rapid Prototyping for Microarchitectural Attacks
Catherine Easdon, Michael Schwarz, Martin Schwarzl, Daniel Gruss.
31st USENIX Security Symposium, Boston, MA, USA, August 10-12, 2022 (AR: 18.1%).     [Conference]
  Repurposing Segmentation as a Practical LVI-NULL Mitigation in SGX
Lukas Giner, Andreas Kogler, Claudio Canella, Michael Schwarz, Daniel Gruss.
31st USENIX Security Symposium, Boston, MA, USA, August 10-12, 2022 (AR: 18.1%).     [Conference]
May   Finding and Exploiting CPU Features using MSR Templating
Andreas Kogler, Daniel Weber, Martin Haubenwallner, Moritz Lipp, Daniel Gruss, Michael Schwarz.
S&P'22, San Francisco, California, USA, May 23-26, 2022 (AR: 14.6%).     [Conference]
April   Remote Memory-Deduplication Attacks
Martin Schwarzl, Erik Kraft, Moritz Lipp, Daniel Gruss.
NDSS'22, San Diego, California, USA, April 24-28, 2022 (AR: 16.2%).     [Conference]
February   Systematic Analysis of Programming Languages and Their Execution Environments for Spectre Attacks
Amir Naseredini, Stefan Gast, Martin Schwarzl, Pedro Miguel Sousa Bernardo, Amel Smajic, Claudio Canella, Martin Berger, Daniel Gruss.
ICISSP'22, Virtual, February 9-11, 2022.     [Conference]
2021
November
  Automating Seccomp Filter Generation for Linux Applications
Claudio Canella, Mario Werner, Daniel Gruss, Michael Schwarz.
CCSW'21, Seoul, Korea (AR: 32.3%).     [Proceedings]
May   PLATYPUS: With Great Power comes Great Leakage
Moritz Lipp, Andreas Kogler, David Oswald, Michael Schwarz, Catherine Easdon, Claudio Canella, Daniel Gruss.
S&P'21, San Francisco, California, USA, May 23-27, 2021 (AR: 10.0%).     [Conference]
  Systematic Analysis of Randomization-based Protected Cache Architectures
Antoon Purnal, Lukas Giner, Daniel Gruss, Ingrid Verbauwhede.
S&P'21, San Francisco, California, USA, May 23-27, 2021 (AR: 10.0%).     [Conference]
March   Speculative Dereferencing of Registers: Reviving Foreshadow
Martin Schwarzl, Thomas Schuster, Michael Schwarz, Daniel Gruss.
FC'21, Grenada, March 1-5, 2021 (AR: 24.7%).     [Program]
  Specfuscator: Evaluating Branch Removal as a Spectre Mitigation
Martin Schwarzl, Canella Claudio, Daniel Gruss, Michael Schwarz.
FC'21, Grenada, March 1-5, 2021 (AR: 24.7%).     [Program]
2020
November
  Transient-Execution Attacks
Daniel Gruss.
Habilitation Thesis, Graz University of Technology. June 12, 2020. Venia Docendi: November 27, 2020.     [Part I only]
September   Plundervolt: How a Little Bit of Undervolting Can Create a Lot of Trouble
Kit Murdock, David Oswald, Flavio D. Garcia, Jo Van Bulck, Daniel Gruss, Frank Piessens.
IEEE Security & Privacy, Vol. 18, No. 5, Sept.-Oct. 2020.     [Journal]
  How Trusted Execution Environments Fuel Research on Microarchitectural Attacks
Michael Schwarz, Daniel Gruss.
IEEE Security & Privacy, Vol. 18, No. 5, Sept.-Oct. 2020.     [Journal]
  The Evolution of Transient-Execution Attacks
Claudio Canella, Khaled N. Khasawneh, Daniel Gruss.
GLSVLSI'20, Beijing, China, September 8-11, 2020.     [Conference]
  Evolution of Defenses against Transient-Execution Attacks
Claudio Canella, Sai Manoj Pudukotai Dinakarrao, Daniel Gruss, Khaled N. Khasawneh.
GLSVLSI'20, Beijing, China, September 8-11, 2020.     [Conference]
August   Donky: Domain Keys - Efficient In-Process Isolation for RISC-V and x86
David Schrammel, Samuel Weiser, Stefan Steinegger, Martin Schwarzl, Michael Schwarz, Stefan Mangard, Daniel Gruss.
29th USENIX Security Symposium, Boston, MA, USA, August 12-14, 2020 (AR: 16.1%).     [Conference]
July   Spectre Attacks: Exploiting Speculative Execution
Paul Kocher, Jann Horn, Anders Fogh, Daniel Genkin, Daniel Gruss, Werner Haas, Mike Hamburg, Moritz Lipp, Stefan Mangard, Thomas Prescher, Michael Schwarz, Yuval Yarom.
Communications of the ACM, Vol. 63 No. 7, Pages 93-101.     [Journal]
June   Meltdown: Reading Kernel Memory from User Space
Moritz Lipp, Michael Schwarz, Daniel Gruss, Thomas Prescher, Werner Haas, Anders Fogh, Jann Horn, Stefan Mangard, Paul Kocher, Daniel Genkin, Yuval Yarom, Mike Hamburg, Raoul Strackx.
Communications of the ACM, Vol. 63 No. 6, Pages 46-56.     [Journal]
  Nethammer: Inducing Rowhammer Faults through Network Requests
Moritz Lipp, Michael Schwarz, Lukas Raab, Lukas Lamster, Misiker Tadesse Aga, Clémentine Maurice, Daniel Gruss.
SILM Workshop'20, Genova, Italy, June 19, 2020.     [Conference Program] [Pre-print (May'18)]
  Take A Way: Exploring the Security Implications of AMD's Cache Way Predictors
Moritz Lipp, Vedad Hadzic, Michael Schwarz, Arthur Perais, Clémentine Maurice, Daniel Gruss.
AsiaCCS'20, Taipei, Taiwan, June 1-5, 2020 (AR: 21.8%).     [Conference]
  KASLR: Break It, Fix It, Repeat
Claudio Canella, Michael Schwarz, Martin Haubenwallner, Martin Schwarzl, Daniel Gruss.
AsiaCCS'20, Taipei, Taiwan, June 1-5, 2020 (AR: 21.8%).     [Conference]
May   LVI: Hijacking Transient Execution through Microarchitectural Load Value Injection
Jo Van Bulck, Daniel Moghimi, Michael Schwarz, Moritz Lipp, Marina Minkin, Daniel Genkin, Yuval Yarom, Berk Sunar, Daniel Gruss, Frank Piessens.
S&P'20, San Francisco, California, USA, May 18-20, 2020 (12.3%).     [Website] [Conference]
  Plundervolt: Software-based Fault Injection Attacks against Intel SGX
Kit Murdock, David Oswald, Flavio D. Garcia, Jo Van Bulck, Daniel Gruss, Frank Piessens.
S&P'20, San Francisco, California, USA, May 18-20, 2020 (12.3%).     [Conference]
  RAMBleed: Reading Bits in Memory Without Accessing Them
Andrew Kwong, Daniel Genkin, Daniel Gruss, Yuval Yarom.
S&P'20, San Francisco, California, USA, May 18-20, 2020 (AR: 12.3%).     [Conference]
February   ConTExT: A Generic Approach for Mitigating Spectre
Michael Schwarz, Moritz Lipp, Claudio Canella, Robert Schilling, Florian Kargl, Daniel Gruss.
NDSS'20, San Diego, California, USA, February 23-26, 2020 (AR 17.4%).     [Conference]
January   Malware Guard Extension: abusing Intel SGX to conceal cache attacks
Michael Schwarz, Samuel Weiser, Daniel Gruss, Clémentine Maurice, Stefan Mangard.
SpringerOpen Cybersecurity, Vol. 3.     [Journals]
2019
November
  ZombieLoad: Cross-Privilege-Boundary Data Sampling
Michael Schwarz, Moritz Lipp, Daniel Moghimi, Jo Van Bulck, Julian Stecklina, Thomas Prescher, Daniel Gruss.
CCS'19, London, UK, November 11-15, 2019 (AR: 15.7%).     [Pre-print (May'19)] [Conference]
  Page Cache Attacks
Daniel Gruss, Erik Kraft, Trishita Tiwari, Michael Schwarz, Ari Trachtenberg, Jason Hennessey, Alex Ionescu, Anders Fogh.
CCS'19, London, UK, November 11-15, 2019 (AR: 15.7%).     [Conference]
  Fallout: Leaking Data on Meltdown-resistant CPUs
Claudio Canella, Daniel Genkin, Lukas Giner, Daniel Gruss, Moritz Lipp, Marina Minkin, Daniel Moghimi, Frank Piessens, Michael Schwarz, Berk Sunar, Jo Van Bulck, Yuval Yarom.
CCS'19, London, UK, November 11-15, 2019 (AR: 15.7%).     [Conference]
September   SGXJail: Defeating Enclave Malware via Confinement
Samuel Weiser, Luca Mayr, Michael Schwarz, Daniel Gruss.
RAID'19, Beijing, China, September 23-25, 2019 (AR: 22.3%).     [Conference]
  NetSpectre: Read Arbitrary Memory over Network
Michael Schwarz, Martin Schwarzl, Moritz Lipp, Jon Masters, Daniel Gruss.
ESORICS'19, Luxembourg, September 23-27, 2019 (AR: 19.5%).     [Conference] [Pre-print (Jul'18)]
August   Wait a Second: Playing Hanabi without Giving Hints
Markus Eger, Daniel Gruss.
Foundations of Digital Games 2019, San Luis Obispo, California, USA, August 26-30, 2019 (AR: 31.7%).     [Conference]
  ScatterCache: Thwarting Cache Attacks via Cache Set Randomization
Mario Werner, Thomas Unterluggauer, Lukas Giner, Michael Schwarz, Daniel Gruss, Stefan Mangard.
28th USENIX Security Symposium, Santa Clara, California, USA, August 14-16, 2019 (AR: 15.7%).     [Conference]
  A Systematic Evaluation of Transient Execution Attacks and Defenses
Claudio Canella, Jo Van Bulck, Michael Schwarz, Moritz Lipp, Benjamin von Berg, Philipp Ortner, Frank Piessens, Dmitry Evtyushkin, Daniel Gruss.
28th USENIX Security Symposium, Santa Clara, California, USA, August 14-16, 2019 (AR: 15.7%).     [Conference] [Pre-print (Nov'18)]
June   Practical Enclave Malware with Intel SGX
Michael Schwarz, Samuel Weiser, Daniel Gruss.
DIMVA'19, Gothenburg, Sweden, June 19-20, 2019 (AR: 28.8%).     [Conference]
May   Fallout: Reading Kernel Writes From User Space
Marina Minkin, Daniel Moghimi, Moritz Lipp, Michael Schwarz, Jo Van Bulck, Daniel Genkin, Daniel Gruss, Frank Piessens, Berk Sunar, Yuval Yarom.
arXiv, 1905.12701.     [Pre-print (May'19)]
  Store-to-Leak Forwarding: Leaking Data on Meltdown-resistant CPUs
Michael Schwarz, Claudio Canella, Lukas Giner, Daniel Gruss.
arXiv, 1905.05725.     [Pre-print (May'19)]
  Spectre Attacks: Exploiting Speculative Execution
Paul Kocher, Jann Horn, Anders Fogh, Daniel Genkin, Daniel Gruss, Werner Haas, Mike Hamburg, Moritz Lipp, Stefan Mangard, Thomas Prescher, Michael Schwarz, Yuval Yarom.
S&P'19, Best Paper, San Francisco, California, USA, May 20-22, 2019 (AR: 11.5%).     [Conference] [Pre-print (Jan'18)] [Wikipedia]
February   JavaScript Template Attacks: Automatically Inferring Host Information for Targeted Exploits
Michael Schwarz, Florian Lackner, Daniel Gruss.
NDSS'19, San Diego, California, USA, February 24-27, 2019 (AR: 17.1%).     [Conference]
2018
December
  Kernel Isolation: From an Academic Idea to an Efficient Patch for Every Computer
Daniel Gruss, Dave Hansen, Brendan Gregg.
USENIX ;login, issue: Winter 2018, Vol. 43, No. 4.     [Issue]
November   Software-based microarchitectural attacks
Daniel Gruss.
it - Information Technology, Volume 60: Issue 5-6, November 2018.     [DOI]
September   Software-basierte Mikroarchitekturangriffe
Daniel Gruss.
Ausgezeichnete Informatikdissertationen 2017, Lecture Notes in Informatics (LNI), Gesellschaft für Informatik, Bonn, Germany, 2018. Presented at INFORMATIK2018 in Berlin, Germany, September 26-27, 2018.     [LNI Digital Library]
August   Meltdown: Reading Kernel Memory from User Space
Moritz Lipp, Michael Schwarz, Daniel Gruss, Thomas Prescher, Werner Haas, Anders Fogh, Jann Horn, Stefan Mangard, Paul Kocher, Daniel Genkin, Yuval Yarom, Mike Hamburg.
27th USENIX Security Symposium, Baltimore, MD, USA, August 15-17, 2018 (AR: 19.2%).     [Conference] [Code Examples] [Wikipedia]
June   Automated Detection, Exploitation, and Elimination of Double-Fetch Bugs using Modern CPU Features
Michael Schwarz, Daniel Gruss, Moritz Lipp, Clémentine Maurice, Thomas Schuster, Anders Fogh, Stefan Mangard.
AsiaCCS'18, Songdo, Incheon, Korea, Jun 4-8, 2018 (AR: 20.0%).     [Conference]
  Use-After-FreeMail: Generalizing the Use-After-Free Problem and Applying it to Email Services
Daniel Gruss, Michael Schwarz, Matthias Wübbeling, Simon Guggi, Timo Malderle, Stefan More, Moritz Lipp.
AsiaCCS'18, Songdo, Incheon, Korea, Jun 4-8, 2018 (AR: 20.0%).     [Conference]
  ProcHarvester: Fully Automated Analysis of Procfs Side-Channel Leaks on Android
Raphael Spreitzer, Felix Kirchengast, Daniel Gruss, Stefan Mangard.
AsiaCCS'18, Songdo, Incheon, Korea, Jun 4-8, 2018 (AR: 20.0%).     [Conference]
May   Another Flip in the Wall of Rowhammer Defenses
Daniel Gruss, Moritz Lipp, Michael Schwarz, Daniel Genkin, Jonas Juffinger, Sioli O'Connell, Wolfgang Schoechl, Yuval Yarom.
S&P'18, San Francisco, California, USA, May 21-23, 2018 (AR: 11.5%).     [Conference] [Code Examples] [Pre-print (Oct'17)]
February   JavaScript Zero: Real JavaScript and Zero Side-Channel Attacks
Michael Schwarz, Moritz Lipp, Daniel Gruss.
NDSS'18, San Diego, California, USA, February 18-21, 2018 (AR: 21.5%).     [Program] [Github]
  KeyDrown: Eliminating Software-Based Keystroke Timing Side-Channel Attacks
Michael Schwarz, Moritz Lipp, Daniel Gruss, Samuel Weiser, Clémentine Maurice, Raphael Spreitzer, Stefan Mangard.
NDSS'18, San Diego, California, USA, February 18-21, 2018 (AR: 21.5%).     [Program] [Github] [Pre-print (Jun'17)]
2017
September
  Practical Keystroke Timing Attacks in Sandboxed JavaScript
Moritz Lipp, Daniel Gruss, Michael Schwarz, David Bidner, Clémentine Maurice, Stefan Mangard.
ESORICS'17, Oslo, Norway, September 11-15, 2017 (AR: 15.9%).     [Program]
August   Strong and Efficient Cache Side-Channel Protection using Hardware Transactional Memory
Daniel Gruss, Julian Lettner, Felix Schuster, Olya Ohrimenko, Istvan Haller, Manuel Costa.
26th USENIX Security Symposium, Vancouver, BC, Canada, August 16-18, 2017 (AR: 16.3%).     [Session]
July   KASLR is Dead: Long Live KASLR
Daniel Gruss, Moritz Lipp, Michael Schwarz, Richard Fellner, Clémentine Maurice, Stefan Mangard.
ESSoS'17, Bonn, Germany, July 2017 (AR: 46.9%).     [Program] [Github] [Wikipedia]
  Malware Guard Extension: Using SGX to Conceal Cache Attacks
Michael Schwarz, Samuel Weiser, Daniel Gruss, Clémentine Maurice, Stefan Mangard.
DIMVA'17, Bonn, Germany, July 6-7, 2017 (AR: 26.9%).     [Program] [Slides] [Extended Version]
June   Software-based Microarchitectural Attacks
Daniel Gruss.
PhD Thesis, Graz University of Technology. June 14, 2017.     [Slides] [Part I only]
April   Fantastic Timers and Where to Find Them: High-Resolution Microarchitectural Attacks in JavaScript
Michael Schwarz, Clémentine Maurice, Daniel Gruss, Stefan Mangard.
FC'17, Malta, April 2017 (AR: 26.5%).     [Program] [Slides]
February   Hello from the Other Side: SSH over Robust Cache Covert Channels in the Cloud
Clémentine Maurice, Manuel Weber, Michael Schwarz, Lukas Giner, Daniel Gruss, Carlo Alberto Boano, Kay Römer, Stefan Mangard.
NDSS'17, San Diego, California, USA, February 2017 (AR: 16.1%).     [Session] [Slides] [Github] [BlackHat Asia] [BlackHat Asia Recording] [Live Demo] [Pwnie Award for Best Song]
2016
October
  Prefetch Side-Channel Attacks: Bypassing SMAP and Kernel ASLR
Daniel Gruss, Anders Fogh, Clémentine Maurice, Moritz Lipp, Stefan Mangard.
CCS'16, Vienna, Austria, October 24-28, 2016 (AR: 16.4%).     [Slides] [Github]
  Drammer: Deterministic Rowhammer Attacks on Mobile Platforms
Victor van der Veen, Yanick Fratantonio, Martina Lindorfer, Daniel Gruss, Clementine Maurice, Giovanni Vigna, Herbert Bos, Kaveh Razavi, Cristiano Giuffrida.
CCS'16, Vienna, Austria, October 24-28, 2016 (AR: 16.4%).     [Project Website]
August   DRAMA: Exploiting DRAM Addressing for Cross-CPU Attacks
Peter Pessl, Daniel Gruss, Clémentine Maurice, Michael Schwarz, Stefan Mangard.
25th USENIX Security Symposium, Austin, Texas, USA, August 10-12, 2016 (AR: 15.6%).     [Session] [Pre-print (Nov'15)] [Slides] [Github] [BlackHat Europe]
  ARMageddon: Cache Attacks on Mobile Devices
Moritz Lipp, Daniel Gruss, Raphael Spreitzer, Clémentine Maurice, Stefan Mangard.
25th USENIX Security Symposium, Austin, Texas, USA, August 10-12, 2016 (AR: 15.6%).     [Session] [Pre-print (Nov'15)] [Slides] [Github] [BlackHat Europe]
July   Rowhammer.js: A Remote Software-Induced Fault Attack in JavaScript
Daniel Gruss, Clémentine Maurice, Stefan Mangard.
DIMVA'16, Donostia-San Sebastián, Spain, July 7-8, 2016 (AR: 31.8%).     [Conference] [Github] [Pre-print (Jul'15)] [Golem] [Slate] [Heise] [c't] [Vice] [Wikipedia]
  Flush+Flush: A Fast and Stealthy Cache Attack
Daniel Gruss, Clémentine Maurice, Klaus Wagner, Stefan Mangard.
DIMVA'16, Donostia-San Sebastián, Spain, July 7-8, 2016 (AR: 31.8%).     [Conference] [Pre-print (Nov'15)] [Github]
2015
September
  Practical Memory Deduplication Attacks in Sandboxed Javascript
Daniel Gruss, David Bidner, Stefan Mangard.
ESORICS'15, Vienna, Austria, September 23-25, 2015 (AR: 20.1%).     [Conference] [Slides] [PoC by David Bidner]
August   Cache Template Attacks: Automating Attacks on Inclusive Last-Level Caches
Daniel Gruss, Raphael Spreitzer, Stefan Mangard.
24th USENIX Security Symposium, Washington, D.C., USA, August 12-14, 2015 (AR: 15.7%).     [Session] [Lightning Talk] [Slides] [Github]

Presentations

2021
September
  Rowhammer is here to stay
Talk @ DEEP conference, Virtual (PetrĨane, Croatia), September 29-30, 2021
June   Platypus
Talk @ Red Hat Research Days 2021, Virtual, June 23, 2021
  Inspectre Gadget
Talk @ ICHSA 2021, Virtual (Beer Sheva, Israel), June 1-2, 2021
2020
November
  Faulting Hardware from Software
Talk @ SBA Research 2020, Virtual (Vienna, Austria), November 23, 2020
October   Complexity Killed Security
Keynote @ BlackHat Asia 2020, Virtual (Marina Bay Sands, Singapore), September 29 - October 2, 2020
  Page Cache Attacks: Microarchitectural Attacks on Flawless Hardware
Talk @ BlackHat Asia 2020, Virtual (Marina Bay Sands, Singapore), September 29 - October 2, 2020
September   Faulting Hardware from Software
Keynote @ FDTC 2020, Virtual, September 13, 2020
August   Panel: The Joy of Coordinating Vulnerability Disclosure
Panelist @ DEF CON 2020, Virtual (Las Vegas, USA), August 6 - August 9, 2020
  Plundervolt: Flipping Bits from Software without Rowhammer
Talk @ BlackHat USA 2020, Virtual (Las Vegas, USA), August 1 - August 6, 2020
April   LVI: Hijacking Transient Execution with Load Value Injection
Talk @ Hardwear.io Virtual Con, Online, April 30, 2020
Janaury   Leaky Processors: Lessons from Spectre, Meltdown, and Foreshadow
Talk @ Redhat Research Day Europe, Brno, Czech Republic, January 23, 2020
2019
December
  ZombieLoad Attack
Talk @ 36th Chaos Communication Congress, Leipzig, Germany, December 27-30, 2019
  Plundervolt: Flipping Bits from Software without Rowhammer
Talk @ 36th Chaos Communication Congress, Leipzig, Germany, December 27-30, 2019
  Side Channels and Transient Execution Attacks
Guest Talk @ Spritz Group, Padova, Italy, December 11, 2019
  Side Channels and Transient Execution Attacks
Guest Talk @ IST Austria, Klosterneuburg, Austria, December 5, 2019
November   Panel: Trade-offs in Cyber Security: what is the cost of security?
Panelist @ CYSARM, London, UK, November 15, 2019
  Panel: Speculative Execution Attacks and Cloud Security
Panelist @ ACM CCSW, London, UK, November 11, 2019
October   Meltdown, Spectre, ZombieLoad
Invited Talk @ IKT-Sicherheitskonferenz, Fürstenfeld, Austria, October 1-2, 2019
  SGX - Secure Enclaves als Angriffsvektor
Invited Talk @ IKT-Sicherheitskonferenz, Fürstenfeld, Austria, October 1-2, 2019
September   Cards Against Confusion
Talk @ SHARD Workshop, Leiden, Netherlands, September 23-27, 2019
  Jumping Abstraction Layers: Microarchitectural Attacks in JavaScript
Guest Talk @ KU Leuven, Leuven, Belgium, September 18, 2019
  Side Channels and Transient Execution Attacks
Keynote @ No Hat 2019, Bergamo, Italy, September 14, 2019
  Hardware-Software Co-Design against Microarchitectural Attacks
Guest Talk @ KU Leuven, Leuven, Belgium, September 4, 2019
August   Microarchitectural Attacks
Talk / Lab @ FOSAD Summer School, Bertinoro, Italy, August 26-30, 2019
July   Side Channels and Transient Execution Attacks
Guest Talk @ University of Lübeck, Lübeck, Germany, July 30, 2019
  Software-based Microarchitectural Attacks and Operating System Features
Keynote @ International Conference on Software Security and Assurance, St. Pölten, Austria, July 25-26, 2019
  Mitigation Plans for Microarchitectural Attacks
Talk @ Security Group, ARM Research, Cambridge, UK, July 15, 2019
  Transient Execution Attacks
Guest Talk @ Ruhr-University Bochum, Bochum, Germany, July 11, 2019
  Software-based Microarchitectural Attacks
Invited Talk @ Huawei Trusted Computing Workshop, Leuven, Belgium, July 8, 2019
June   Transient Execution Attacks
Invited Talk @ Summer School on Real-World Crypto and Privacy, Šibenik, Croatia, June 17-21, 2019
  Introduction to Microarchitectural Attacks
Invited Talk @ Summer School on Real-World Crypto and Privacy, Šibenik, Croatia, June 17-21, 2019
  Hardware-Software Co-Design to Eliminate Cache Leakage
Talk @ Intel Side Channel Academic Program (SCAP) Annual Meeting, Hillsboro, OR, US, June 11-13, 2019
May   Microarchitectural Attacks
Training @ RuhrSec, Bochum, Germany, May 27-29, 2019
  Meltdown, Spectre, ZombieLoad
Guest Talk @ VOICE CISO Meeting Berlin, Graz, Austria, May 16, 2019
April   A Christmas Carol - The Spectres of the Past, Present, and Future
Talk @ Grazer Linuxtage, Graz, Austria, April 26-27, 2019
March   Software-based Microarchitectural Attacks: What do we learn from Meltdown and Spectre?
Invited Talk @ #LetsCluster, Graz, Austria, March 26, 2019
  How the Hardware undermines Software Security
Keynote @ ACM EuroSec'19 Workshop, Dresden, Germany, March 25, 2019
February   Microarchitectural Attacks and Beyond
Guest Talk @ CSAIL, MIT, Cambridge, MA, USA, February 21, 2019
  Microarchitectural Security
Keynote @ Boston University Red Hat Collaboratory Microarchitecture Workshop, Boston, MA, USA, February 20, 2019
January   Software-based Microarchitectural Attacks
Guest Talk @ SBAPrime, Vienna, Austria, January 23, 2019
2018
December
  A Christmas Carol - The Spectres of the Past, Present, and Future
Talk @ 35th Chaos Communication Congress, Leipzig, Germany, December 27-30, 2018
  Meltdown, Spectre and Beyond
Invited Talk @ The Digital Society Conference 2018: Empowering Ecosystems, Berlin, Germany, December 10-11, 2018
November   Software-based Microarchitectural Attacks: What do we learn from Meltdown and Spectre?
Keynote @ inday students 2018, Innsbruck, Austria, November 29, 2018
  Transient Execution Attacks: Meltdown, Spectre, and how to mitigate them
Invited Talk @ German OWASP Day 2018, Muenster, Germany, November 20, 2018
October   Software-based Microarchitectural Attacks: What do we learn from Meltdown and Spectre?
Invited Talk @ Aarhus University CS Colloqium, Aarhus, Denmark, October 26, 2018
September   Recent Developments in Microarchitectural Attacks: Meltdown, Spectre, and Rowhammer
Invited Talk @ Conference on Cryptanalysis in Ubiquitous Computing Systems (CRYPTACUS), Rennes, France, September 18 - September 20, 2018
  Software-based Microarchitectural Attacks: Meltdown and Spectre
Invited Talk @ Riscure User Workshop 2018, Amsterdam, Netherlands, September 13 - September 14, 2018
  Transient Execution Attacks
Guest Talk @ VUsec, Amsterdam, Netherlands, September 12, 2018
  (Why) Are Microarchitectural Attacks Really Different than Physical Side-Channel Attacks?
Invited Talk @ CHES (Conference on Cryptographic Hardware and Embedded Systems) 2018, Amsterdam, Netherlands, September 9 - September 12, 2018
  Side-Channel Lab
Lab @ Graz Security Week 2018, Graz, Austria, September 3 - September 7, 2018
  Software-based Microarchitectural Attacks
Invited Talk @ Graz Security Week 2018, Graz, Austria, September 3 - September 7, 2018
  Hacking (in) Games - Protecting your Games and your Gamers
Invited Talk @ Game Dev Days Graz 2018, Graz, Austria, August 31 - September 2, 2018
August   Another Flip in the Row
Talk @ BlackHat USA 2018, Las Vegas, USA, August 4 - August 9, 2018
  Meltdown: Basics, Details, Consequences
Talk @ BlackHat USA 2018, Las Vegas, USA, August 4 - August 9, 2018
June   Microarchitectural Attacks: From the Basics to Arbitrary Read and Write Primitives without any Software Bugs
Talk @ Radboud University Digital Security Group, Nijmegen, Netherlands, June 19, 2018
  Microarchitectural Attacks: From the Basics to Arbitrary Read and Write Primitives without any Software Bugs
Invited Talk @ Austrian Computer Science Day, Salzburg, Austria, June 15, 2018
  Software-based Microarchitectural Attacks
Shortlisted Candidate Talk @ Forum Technik und Gesellschaft, Received the Graz University of Technology Förderpreis 2017/18 (Best Dissertation), Graz, Austria, June 6, 2018
May   Software-based Microarchitectural Attacks
Shortlisted Candidate Talk @ Oesterreichische Computer Gesellschaft, Received the Heinz Zemanek Preis for the Best Dissertation in Computer Science in Austria in 2016/2017, Vienna, Austria, May 30, 2018
  Fehlerfreie Software und trotzdem unsicher? Eine Einführung in die Mikroarchitekturangriffe anhand von Meltdown, Spectre, und Rowhammer
Talk @ Monat der freien Bildung, Graz, Austria, May 25, 2018
  The Story of Meltdown and Spectre
Talk @ RuhrSec, Bochum, Germany, May 17-18, 2018
  Software-basierte Mikroarchitekturangriffe
Shortlisted Candidate Talk @ GI-Dissertationspreis 2017 Kolloquium, Dagstuhl, Germany, May 6-9, 2018
April   Microarchitectural Attacks: Meltdown and Spectre
Invited Talk @ Natixis Open Day, Porto, Portugal, April 21, 2018
  How to have a Meltdown
Training @ CRYPTACUS Training School, Azores, Portugal, April 16-20, 2018
  Software-based Microarchitectural Attacks
Invited Talk @ CRYPTACUS Training School, Azores, Portugal, April 16-20, 2018
  Microarchitectural Attacks: From the Basics to Arbitrary Read and Write Primitives without any Software Bugs
Invited Talk @ Symposium and Bootcamp on the Science of Security (HotSoS), Raleigh, NC, USA, April 10-11, 2018
March   Software-based Microarchitectural Attacks
Invited Talk @ RISE Spring School, Cambridge, UK, March 28-29, 2018
  Software-based Microarchitectural Attacks: What do we learn from Meltdown and Spectre?
Guest Talk @ Apple, Cupertino, California, USA, March 27, 2018
  Microarchitectural Attacks and the Case of Meltdown and Spectre
Invited Talk @ Insomni'hack, Geneva, Switzerland, March 22-23, 2018
  Software-based Microarchitectural Attacks
Talk @ Security and Privacy Group, University of Birmingham, UK, March 21, 2018
  Microarchitectural Attacks: Meltdown, Spectre, Rowhammer
Talk @ King's College London, UK, March 20, 2018
  Microarchitectural Attacks: From the Basics to Arbitrary Read and Write Primitives without any Software Bugs
Talk @ CISPA Saarland, Saarbrücken, Germany, March 16, 2018
  Microarchitectural Attacks: Meltdown, Spectre, Rowhammer
Invited Talk @ Austrian Trust Circle der öffentlichen Verwaltung, Salzburg, Austria, March 1, 2018
February   Kurzüberblick zu Meltdown und Spectre
Invited Talk @ Digitaldialog, Graz, Austria, February 27, 2018
  Software-based Microarchitectural Attacks
Invited Talk @ NeCS Cyber Security Winter School, Trento, Italy, February 12-16, 2018
  Microarchitectural Attacks: From the Basics to Arbitrary Read and Write Primitives
Guest Talk @ Microsoft Research Cambridge, UK, February 05, 2018
January   Brief Overview on Meltdown and Spectre
Talk @ European Government CERT Meeting, Vienna, Austria, January 26, 2018
  Microarchitectural Attacks and Defenses in JavaScript
Guest Talk @ Google, Munich, Germany, January 25, 2018
  Beyond Belief: The Case of Spectre and Meltdown
Keynote @ BlueHat IL, Tel Aviv, Israel, January 24, 2018
  Software-based Microarchitectural Attacks
Invited Talk @ CERT.at IT Security Stammtisch, Vienna, Austria, January 10, 2018
2017
November
  Why SGX design flaws hinder its application in cloud computing
Invited Talk @ Workshop on Cryptography for the Internet of Things and Cloud, Bochum, Germany, November 06-07, 2017
October   Oh my Cache! 2 - More fun with caches.
Guest Talk @ QSP Lab, University of Innsbruck, Innsbruck, Austria, October 13, 2017
September   Cash Attacks on SGX
Invited Talk @ Breaking Bitcoin, Paris, France, September 09-10, 2017
June   Rowhammer Attacks: An Extended Walkthrough Guide
Guest Talk @ SBA Research, Vienna, Austria, June 27, 2017
May   How processor performance is tied to side-channel leakage: With great speed comes great leakage
Talk @ Qualcomm Mobile Security Summit, San Diego, CA, USA, May 18-19, 2017
  Rowhammer Attacks: A Walkthrough Guide
Talk @ RuhrSec, Bochum, Germany, May 4-5, 2017
2016
October
  Microarchitectural Incontinence - You would leak too if you were so fast!
Invited talk @ 13th Hacktivity conference, Budapest, Hungary, October 21-22, 2016
  Oh my Cache! - Introduction to having fun with your Cache.
Guest Talk @ QSP Lab, University of Innsbruck, Innsbruck, Austria, October 21, 2016
August   Microarchitectural Attacks (and what we can do against them)
Guest Talk @ Constructive Security Group, Microsoft Research Cambridge, UK, August 25, 2016
  Software-based Microarchitectural Attacks
Guest Talk @ Qualcomm, San Diego, California, USA, August 8, 2016
  Using Undocumented CPU Behavior to See into Kernel Mode and Break KASLR in the Process
Talk @ BlackHat USA 2016, Las Vegas, USA, July 30 - August 4, 2016
April   Cache Side-Channel Attacks and the case of Rowhammer
Invited talk @ RuhrSec, Bochum, Germany, April 28-29, 2016
2015
December
  Rowhammer.js: Root privileges for web apps?
Talk @ 32nd Chaos Communication Congress, Hamburg, Germany, December 27-30, 2015
November   Software-based Side-Channel and Fault Attacks
Invited Talk @ MooseCon 2015, Palo Alto, California, USA, November 19-20, 2015

Service

  • Conference Chair: DIMVA'23 (PC chair), DIMVA'22 (PC co-chair)
  • Technical Program Committee: DIMVA'23, DIMVA'22, SEC'22, AsiaCCS'22, CCS'21, SEC'21, AsiaCCS'21, WOOT'21, EuroSec'21, ESORICS'21, EuroSec'20, SEC'20, TCHES'20, WOOT'20, DIMVA'20, WOOT'19, SEC'19, CARDS'19, BlueHat IL'19, CCS'18, WOOT '18, SPACE'18, WoSSCA'18, Kangacrypt'18