I'm an infosec researcher working as a postdoc in the Secure Systems group at the Graz University of Technology, Institute of Applied Information Processing and Communications (see my profile there), where I also obtained my PhD in June 2017. In summer 2016 I've been an intern at Microsoft Research Cambridge. In my research I explore software-based microarchitectural attacks and operating system features.

I teach undergraduate courses (Operating Systems, System-Level Programming) and graduate courses (Embedded Security, Security Aspects in Software Development).

Publications

2017
September
  Practical Keystroke Timing Attacks in Sandboxed JavaScript
Moritz Lipp, Daniel Gruss, Michael Schwarz, David Bidner, Clémentine Maurice, Stefan Mangard
22nd European Symposium on Research in Computer Security (ESORICS), Oslo, Norway, September 11-15, 2017 (AR: 15.9%)
Resources: [Program] [Slides]
 
August
  Strong and Efficient Cache Side-Channel Protection using Hardware Transactional Memory
Daniel Gruss, Julian Lettner, Felix Schuster, Olya Ohrimenko, Istvan Haller, Manuel Costa
26th USENIX Security Symposium, Vancouver, BC, Canada, August 16-18, 2017 (AR: 16.3%)
Resources: [Program] [Slides]
 
July
  KASLR is Dead: Long Live KASLR
Daniel Gruss, Moritz Lipp, Michael Schwarz, Richard Fellner, Clémentine Maurice, Stefan Mangard
International Symposium on Engineering Secure Software and Systems (ESSoS'17), Bonn, Germany, July 2017 (AR: 46.9%)
Resources: [Program] [Slides] [Github]
 
 
  Malware Guard Extension: Using SGX to Conceal Cache Attacks
Michael Schwarz, Samuel Weiser, Daniel Gruss, Clémentine Maurice, Stefan Mangard
14th Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), Bonn, Germany, July 6-7, 2017 (AR: 26.9%)
Resources: [Program] [Slides] [Extended Version]
 
June
  Software-based Microarchitectural Attacks
Daniel Gruss
PhD Thesis. Graz University of Technology. June 14, 2017
Resources: [Slides] [Part I only]
April   Fantastic Timers and Where to Find Them: High-Resolution Microarchitectural Attacks in JavaScript
Michael Schwarz, Clémentine Maurice, Daniel Gruss, Stefan Mangard
Financial Cryptography and Data Security 2017 (FC'17), Malta, April 2017
Resources: [Program] [Slides]
February   Hello from the Other Side: SSH over Robust Cache Covert Channels in the Cloud
Clémentine Maurice, Manuel Weber, Michael Schwarz, Lukas Giner, Daniel Gruss, Carlo Alberto Boano, Kay Römer, Stefan Mangard
Network and Distributed System Security Symposium 2017 (NDSS'17), San Diego, California, USA, February 2017 (AR: 16.1%)
Resources: [Session] [Slides] [Github] [BlackHat Asia] [BlackHat Asia Recording] [Live Demo] [Pwnie Award for Best Song]
2016
October
  Prefetch Side-Channel Attacks: Bypassing SMAP and Kernel ASLR
Daniel Gruss, Anders Fogh, Clémentine Maurice, Moritz Lipp, Stefan Mangard
23rd ACM Conference on Computer and Communications Security, Vienna, Austria, October 24-28, 2016 (AR: 16.4%)
Resources: [Slides] [Github]
  Drammer: Deterministic Rowhammer Attacks on Mobile Platforms
Victor van der Veen, Yanick Fratantonio, Martina Lindorfer, Daniel Gruss, Clementine Maurice, Giovanni Vigna, Herbert Bos, Kaveh Razavi, Cristiano Giuffrida
23rd ACM Conference on Computer and Communications Security, Vienna, Austria, October 24-28, 2016 (AR: 16.4%)
Resources: [Project Website]
August   DRAMA: Exploiting DRAM Addressing for Cross-CPU Attacks
Peter Pessl, Daniel Gruss, Clémentine Maurice, Michael Schwarz, Stefan Mangard
25th USENIX Security Symposium, Austin, Texas, USA, August 10-12, 2016 (AR: 15.6%)
Resources: [Session] [Pre-print (Nov'15)] [Slides] [Github] [BlackHat Europe]
  ARMageddon: Cache Attacks on Mobile Devices
Moritz Lipp, Daniel Gruss, Raphael Spreitzer, Clémentine Maurice, Stefan Mangard
25th USENIX Security Symposium, Austin, Texas, USA, August 10-12, 2016 (AR: 15.6%)
Resources: [Session] [Pre-print (Nov'15)] [Slides] [Github] [BlackHat Europe]
July   Rowhammer.js: A Remote Software-Induced Fault Attack in JavaScript
Daniel Gruss, Clémentine Maurice, Stefan Mangard
13th Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), Donostia-San Sebastián, Spain, July 7-8, 2016 (AR: 31.8%)
Resources: [Conference] [Github] [Pre-print (Jul'15)]
Media: [Golem] [Slate] [Heise] [c't] [Vice] [Wikipedia]
  Flush+Flush: A Fast and Stealthy Cache Attack
Daniel Gruss, Clémentine Maurice, Klaus Wagner, Stefan Mangard
13th Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), Donostia-San Sebastián, Spain, July 7-8, 2016 (AR: 31.8%)
Resources: [Conference] [Pre-print (Nov'15)] [Github]
2015
September
  Practical Memory Deduplication Attacks in Sandboxed Javascript
Daniel Gruss, David Bidner, Stefan Mangard
20th European Symposium on Research in Computer Security (ESORICS), Vienna, Austria, September 23-25, 2015 (AR: 20.1%)
Resources: [Conference] [Slides] [PoC by David Bidner]
August   Cache Template Attacks: Automating Attacks on Inclusive Last-Level Caches
Daniel Gruss, Raphael Spreitzer, Stefan Mangard
24th USENIX Security Symposium, Washington, D.C., USA, August 12-14, 2015 (AR: 15.7%)
Resources: [Session] [Lightning Talk] [Slides] [Github]

Presentations

2017
May
  How processor performance is tied to side-channel leakage: With great speed comes great leakage
Joint presentation with Moritz Lipp @ Qualcomm Mobile Security Summit 2017, San Diego, CA, USA, May 18-19, 2017
  Rowhammer Attacks: A Walkthrough Guide
Joint presentation with Clémentine Maurice @ RuhrSec 2017, Bochum, Germany, May 4-5, 2017
2016
October
  Microarchitectural Incontinence - You would leak too if you were so fast!
Invited talk @ 13th Hacktivity conference, Budapest, Hungary, October 21-22, 2016
  Oh my Cache! - Introduction to having fun with your Cache.
Guest Talk @ QSP Lab, University of Innsbruck, Innsbruck, Austria, October 21, 2016
August   Microarchitectural Attacks (and what we can do against them)
Guest Talk @ Constructive Security Group, Microsoft Research Cambridge, UK, August 25, 2016
  Software-based Microarchitectural Attacks
Guest Talk @ Qualcomm, San Diego, California, USA, August 8, 2016
  Using Undocumented CPU Behavior to See into Kernel Mode and Break KASLR in the Process
Joint presentation with Anders Fogh @ BlackHat USA 2016, Las Vegas, USA, July 30 - August 4, 2016
April   Cache Side-Channel Attacks and the case of Rowhammer
Invited talk @ RuhrSec, Bochum, Germany, April 28-29, 2016
2015
December
  Rowhammer.js: Root privileges for web apps?
Joint presentation with Clémentine Maurice @ 32nd Chaos Communication Congress, Hamburg, Germany, December 27-30, 2015
November   Software-based Side-Channel and Fault Attacks
Invited Talk @ MooseCon 2015, Palo Alto, California, USA, November 19-20, 2015

Service

  • Reviewer for AJSE
  • External reviewer for EUROCRYPT'17, CHES'16, CT-RSA'16, DATE'16, CT-RSA'15, DATE'15, Indocrypt'15
  • On-size organization for Cosade 2016