var bibbase_data = {"data":"\"Loading..\"\n\n
\n\n \n\n \n\n \n \n\n \n\n \n \n\n \n\n \n
\n generated by\n \n \"bibbase.org\"\n\n \n
\n \n\n
\n\n \n\n\n
\n\n Excellent! Next you can\n create a new website with this list, or\n embed it in an existing web page by copying & pasting\n any of the following snippets.\n\n
\n JavaScript\n (easiest)\n
\n \n <script src=\"https://bibbase.org/show?bib=https%3A%2F%2Fdownload.vusec.net%2Fpapers%2Fzotero.php%3Fq%3DBos%26full%3D%26format%3Dbibtex%26sort%3Ddate&theme=default&jsonp=1&showSearch=1&owner=Bos&filter=keywords:type_paper,keywords:(type_tier1|type_award|type_press)&jsonp=1\"></script>\n \n
\n\n PHP\n
\n \n <?php\n $contents = file_get_contents(\"https://bibbase.org/show?bib=https%3A%2F%2Fdownload.vusec.net%2Fpapers%2Fzotero.php%3Fq%3DBos%26full%3D%26format%3Dbibtex%26sort%3Ddate&theme=default&jsonp=1&showSearch=1&owner=Bos&filter=keywords:type_paper,keywords:(type_tier1|type_award|type_press)\");\n print_r($contents);\n ?>\n \n
\n\n iFrame\n (not recommended)\n
\n \n <iframe src=\"https://bibbase.org/show?bib=https%3A%2F%2Fdownload.vusec.net%2Fpapers%2Fzotero.php%3Fq%3DBos%26full%3D%26format%3Dbibtex%26sort%3Ddate&theme=default&jsonp=1&showSearch=1&owner=Bos&filter=keywords:type_paper,keywords:(type_tier1|type_award|type_press)\"></iframe>\n \n
\n\n

\n For more details see the documention.\n

\n
\n
\n\n
\n\n This is a preview! To use this list on your own web site\n or create a new web site from it,\n create a free account. The file will be added\n and you will be able to edit it in the File Manager.\n We will show you instructions once you've created your account.\n
\n\n
\n\n

To the site owner:

\n\n

Action required! Mendeley is changing its\n API. In order to keep using Mendeley with BibBase past April\n 14th, you need to:\n

    \n
  1. renew the authorization for BibBase on Mendeley, and
    2. \n
  2. update the BibBase URL\n in your page the same way you did when you initially set up\n this page.\n
    3. \n
\n

\n\n

\n \n \n Fix it now\n

\n
\n\n
\n\n\n
\n \n \n
\n
\n  \n 2024\n \n \n (3)\n \n \n
\n
\n \n \n
\n \n\n \n \n \n \n \n \n InSpectre Gadget: Inspecting the Residual Attack Surface of Cross-privilege Spectre v2.\n \n \n \n \n\n\n \n Wiebing, S.; de Faveri Tron, A.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In USENIX Security, August 2024. \n \n\n\n\n
\n\n\n\n \n \n \"InSpectrePaper\n  \n \n \n \"InSpectreWeb\n  \n \n \n \"InSpectreCode\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 106 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{wiebing_inspectre_2024,\n\ttitle = {{InSpectre} {Gadget}: {Inspecting} the {Residual} {Attack} {Surface} of {Cross}-privilege {Spectre} v2},\n\turl = {Paper=https://download.vusec.net/papers/inspectre_sec24.pdf Web=https://vusec.net/projects/native-bhi Code=https://github.com/vusec/inspectre-gadget},\n\tbooktitle = {{USENIX} {Security}},\n\tauthor = {Wiebing, Sander and de Faveri Tron, Alvise and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = aug,\n\tyear = {2024},\n\tkeywords = {class\\_sidechannels, proj\\_allocamelus, proj\\_intersect, proj\\_rescale, type\\_ae, type\\_conf, type\\_cve\\_assigned, type\\_paper, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n Practical Data-Only Attack Generation.\n \n \n \n \n\n\n \n Johannesmeyer, B.; Slowinska, A.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In USENIX Security, August 2024. \n \n\n\n\n
\n\n\n\n \n \n \"PracticalPaper\n  \n \n \n \"PracticalCode\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 50 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{johannesmeyer_practical_2024,\n\ttitle = {Practical {Data}-{Only} {Attack} {Generation}},\n\turl = {Paper=https://download.vusec.net/papers/einstein_sec24.pdf Code=https://github.com/vusec/einstein},\n\tbooktitle = {{USENIX} {Security}},\n\tauthor = {Johannesmeyer, Brian and Slowinska, Asia and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = aug,\n\tyear = {2024},\n\tkeywords = {class\\_binary, proj\\_intersect, proj\\_theseus, type\\_ae, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n Sticky Tags: Efficient and Deterministic Spatial Memory Error Mitigation using Persistent Memory Tags.\n \n \n \n\n\n \n Gorter, F.; Kroes, T.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In S&P, May 2024. \n \n\n\n\n
\n\n\n\n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{gorter_sticky_2024,\n\ttitle = {Sticky {Tags}: {Efficient} and {Deterministic} {Spatial} {Memory} {Error} {Mitigation} using {Persistent} {Memory} {Tags}},\n\tbooktitle = {S\\&{P}},\n\tauthor = {Gorter, Floris and Kroes, Taddeus and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = may,\n\tyear = {2024},\n\tkeywords = {class\\_sanitizer, proj\\_allocamelus, proj\\_intersect, proj\\_rescale, proj\\_theseus, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n\n\n\n
\n
\n\n
\n
\n  \n 2023\n \n \n (4)\n \n \n
\n
\n \n \n
\n \n\n \n \n \n \n \n \n FloatZone: Accelerating Memory Error Detection using the Floating Point Unit.\n \n \n \n \n\n\n \n Gorter, F.; Barberis, E.; Isemann, R.; van der Kouwe, E.; Giuffrida, C.; and Bos, H.\n\n\n \n\n\n\n In USENIX Security, August 2023. \n \n\n\n\n
\n\n\n\n \n \n \"FloatZone:Paper\n  \n \n \n \"FloatZone:Code\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 339 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n Artifact Evaluation Badges:\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{gorter_floatzone_2023-1,\n\ttitle = {{FloatZone}: {Accelerating} {Memory} {Error} {Detection} using the {Floating} {Point} {Unit}},\n\turl = {Paper=https://download.vusec.net/papers/floatzone_sec23.pdf Code=https://github.com/vusec/floatzone},\n\tbooktitle = {{USENIX} {Security}},\n\tauthor = {Gorter, Floris and Barberis, Enrico and Isemann, Raphael and van der Kouwe, Erik and Giuffrida, Cristiano and Bos, Herbert},\n\tmonth = aug,\n\tyear = {2023},\n\tkeywords = {artifacts:available, artifacts:functional, artifacts:reproduced, class\\_sanitizer, proj\\_allocamelus, proj\\_intersect, proj\\_memo, proj\\_theseus, proj\\_tropics, type\\_ae, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n Uncontained: Uncovering Container Confusion in the Linux Kernel.\n \n \n \n \n\n\n \n Koschel, J.; Borrello, P.; D'Elia, D. C.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In USENIX Security, August 2023. \n Distinguished Artifact Award, Pwnie Award Nomination for Best Privilege Escalation\n\n\n\n
\n\n\n\n \n \n \"Uncontained:Paper\n  \n \n \n \"Uncontained:Web\n  \n \n \n \"Uncontained:Code\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 207 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n Artifact Evaluation Badges:\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{koschel_uncontained_2023,\n\ttitle = {Uncontained: {Uncovering} {Container} {Confusion} in the {Linux} {Kernel}},\n\turl = {Paper=https://download.vusec.net/papers/uncontained_sec23.pdf Web=https://vusec.net/projects/uncontained Code=https://github.com/vusec/uncontained},\n\tbooktitle = {{USENIX} {Security}},\n\tauthor = {Koschel, Jakob and Borrello, Pietro and D'Elia, Daniele Cono and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = aug,\n\tyear = {2023},\n\tnote = {Distinguished Artifact Award, Pwnie Award Nomination for Best Privilege Escalation},\n\tkeywords = {artifacts:available, artifacts:functional, artifacts:reproduced, class\\_sanitizer, proj\\_allocamelus, proj\\_intersect, proj\\_memo, proj\\_theseus, proj\\_tropics, research\\_uncontained, type\\_ae, type\\_award, type\\_conf, type\\_paper, type\\_tier1, type\\_top, type\\_uncontained},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n Don't Look UB: Exposing Sanitizer-Eliding Compiler Optimizations.\n \n \n \n \n\n\n \n Isemann, R.; Giuffrida, C.; Bos, H.; Van Der Kouwe, E.; and von Gleissenthall, K.\n\n\n \n\n\n\n In PLDI, June 2023. \n \n\n\n\n
\n\n\n\n \n \n \"Don'tPaper\n  \n \n \n \"Don'tCode\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 73 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n Artifact Evaluation Badges:\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{isemann_dont_2023,\n\ttitle = {Don't {Look} {UB}: {Exposing} {Sanitizer}-{Eliding} {Compiler} {Optimizations}},\n\turl = {Paper=https://download.vusec.net/papers/dontlookub_pldi23.pdf Code=https://github.com/vusec/LookUB},\n\tbooktitle = {{PLDI}},\n\tauthor = {Isemann, Raphael and Giuffrida, Cristiano and Bos, Herbert and Van Der Kouwe, Erik and von Gleissenthall, Klaus},\n\tmonth = jun,\n\tyear = {2023},\n\tkeywords = {artifacts:reusable, class\\_sanitizer, proj\\_allocamelus, proj\\_intersect, proj\\_memo, proj\\_theseus, type\\_ae, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n Copy-on-Flip: Hardening ECC Memory Against Rowhammer Attacks.\n \n \n \n \n\n\n \n Di Dio, A.; Koning, K.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In NDSS, February 2023. \n \n\n\n\n
\n\n\n\n \n \n \"Copy-on-Flip:Paper\n  \n \n \n \"Copy-on-Flip:Code\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 88 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{di_dio_copy--flip_2023,\n\ttitle = {Copy-on-{Flip}: {Hardening} {ECC} {Memory} {Against} {Rowhammer} {Attacks}},\n\turl = {Paper=https://download.vusec.net/papers/cof_ndss23.pdf Code=https://github.com/vusec/Copy-on-Flip},\n\tbooktitle = {{NDSS}},\n\tauthor = {Di Dio, Andrea and Koning, Koen and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = feb,\n\tyear = {2023},\n\tkeywords = {class\\_rowhammer, proj\\_intersect, proj\\_offcore, proj\\_theseus, type\\_conf, type\\_mscthesis, type\\_paper, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n\n\n\n
\n
\n\n
\n
\n  \n 2022\n \n \n (6)\n \n \n
\n
\n \n \n
\n \n\n \n \n \n \n \n \n DangZero: Efficient Use-After-Free Detection via Direct Page Table Access.\n \n \n \n \n\n\n \n Gorter, F.; Koning, K.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In CCS, November 2022. \n \n\n\n\n
\n\n\n\n \n \n \"DangZero:Paper\n  \n \n \n \"DangZero:Code\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 153 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{gorter_dangzero_2022,\n\ttitle = {{DangZero}: {Efficient} {Use}-{After}-{Free} {Detection} via {Direct} {Page} {Table} {Access}},\n\turl = {Paper=https://download.vusec.net/papers/dangzero_ccs22.pdf Code=https://github.com/vusec/dangzero},\n\tbooktitle = {{CCS}},\n\tauthor = {Gorter, Floris and Koning, Koen and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = nov,\n\tyear = {2022},\n\tkeywords = {class\\_sanitizer, proj\\_intersect, proj\\_memo, proj\\_theseus, proj\\_tropics, proj\\_unicore, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n Branch History Injection: On the Effectiveness of Hardware Mitigations Against Cross-Privilege Spectre-v2 Attacks.\n \n \n \n \n\n\n \n Barberis, E.; Frigo, P.; Muench, M.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In USENIX Security, August 2022. \n Pwnie Award Nomination for Epic Achievement, Intel Bounty Reward\n\n\n\n
\n\n\n\n \n \n \"BranchPaper\n  \n \n \n \"BranchWeb\n  \n \n \n \"BranchCode\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 572 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n Artifact Evaluation Badges:\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{barberis_branch_2022,\n\ttitle = {Branch {History} {Injection}: {On} the {Effectiveness} of {Hardware} {Mitigations} {Against} {Cross}-{Privilege} {Spectre}-v2 {Attacks}},\n\turl = {Paper=http://download.vusec.net/papers/bhi-spectre-bhb_sec22.pdf Web=https://www.vusec.net/projects/bhi-spectre-bhb Code=https://github.com/vusec/bhi-spectre-bhb},\n\tbooktitle = {{USENIX} {Security}},\n\tauthor = {Barberis, Enrico and Frigo, Pietro and Muench, Marius and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = aug,\n\tyear = {2022},\n\tnote = {Pwnie Award Nomination for Epic Achievement, Intel Bounty Reward},\n\tkeywords = {artifacts:available, artifacts:functional, artifacts:reproduced, class\\_sidechannels, proj\\_intersect, proj\\_offcore, proj\\_theseus, proj\\_tropics, proj\\_unicore, type\\_ae, type\\_award, type\\_bounty, type\\_conf, type\\_cve\\_assigned, type\\_paper, type\\_press, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n TLB;DR: Enhancing TLB-based Attacks with TLB Desynchronized Reverse Engineering.\n \n \n \n \n\n\n \n Tatar, A.; Trujillo, D.; Giuffrida, C.; and Bos, H.\n\n\n \n\n\n\n In USENIX Security, August 2022. \n \n\n\n\n
\n\n\n\n \n \n \"TLB;DR:Paper\n  \n \n \n \"TLB;DR:Code\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 108 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n Artifact Evaluation Badges:\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{tatar_tlbdr_2022,\n\ttitle = {{TLB};{DR}: {Enhancing} {TLB}-based {Attacks} with {TLB} {Desynchronized} {Reverse} {Engineering}},\n\turl = {Paper=https://download.vusec.net/papers/tlbdr_sec22.pdf Code=https://github.com/vusec/tlbdr},\n\tbooktitle = {{USENIX} {Security}},\n\tauthor = {Tatar, Andrei and Trujillo, Daniël and Giuffrida, Cristiano and Bos, Herbert},\n\tmonth = aug,\n\tyear = {2022},\n\tkeywords = {artifacts:available, artifacts:functional, artifacts:reproduced, class\\_sidechannels, proj\\_intersect, proj\\_offcore, proj\\_theseus, proj\\_tropics, proj\\_unicore, type\\_ae, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n Spring: Spectre Returning in the Browser with Speculative Load Queuing and Deep Stacks.\n \n \n \n \n\n\n \n Wikner, J.; Giuffrida, C.; Bos, H.; and Razavi, K.\n\n\n \n\n\n\n In WOOT, May 2022. \n Mozilla Bounty Reward\n\n\n\n
\n\n\n\n \n \n \"Spring:Paper\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 131 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{wikner_spring_2022,\n\ttitle = {Spring: {Spectre} {Returning} in the {Browser} with {Speculative} {Load} {Queuing} and {Deep} {Stacks}},\n\turl = {Paper=http://download.vusec.net/papers/spring_woot22.pdf},\n\tbooktitle = {{WOOT}},\n\tauthor = {Wikner, Johannes and Giuffrida, Cristiano and Bos, Herbert and Razavi, Kaveh},\n\tmonth = may,\n\tyear = {2022},\n\tnote = {Mozilla Bounty Reward},\n\tkeywords = {class\\_sidechannels, proj\\_intersect, proj\\_offcore, proj\\_tropics, type\\_award, type\\_bounty, type\\_mscthesis, type\\_paper, type\\_top, type\\_workshop},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n Kasper: Scanning for Generalized Transient Execution Gadgets in the Linux Kernel.\n \n \n \n \n\n\n \n Johannesmeyer, B.; Koschel, J.; Razavi, K.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In NDSS, April 2022. \n \n\n\n\n
\n\n\n\n \n \n \"Kasper:Paper\n  \n \n \n \"Kasper:Slides\n  \n \n \n \"Kasper:Web\n  \n \n \n \"Kasper:Code\n  \n \n \n \"Kasper:Video\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 516 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{johannesmeyer_kasper_2022,\n\ttitle = {Kasper: {Scanning} for {Generalized} {Transient} {Execution} {Gadgets} in the {Linux} {Kernel}},\n\turl = {Paper=https://download.vusec.net/papers/kasper_ndss22.pdf Slides=https://download.vusec.net/slides/kasper_ndss22.pdf Web=https://www.vusec.net/projects/kasper Code=https://github.com/vusec/kasper Video=https://www.youtube.com/watch?v=v89Zt3vxrww},\n\tbooktitle = {{NDSS}},\n\tauthor = {Johannesmeyer, Brian and Koschel, Jakob and Razavi, Kaveh and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = apr,\n\tyear = {2022},\n\tkeywords = {class\\_sidechannels, proj\\_intersect, proj\\_offcore, proj\\_theseus, proj\\_tropics, proj\\_unicore, proj\\_veripatch, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n DupeFS: Leaking Data Over the Network With Filesystem Deduplication Side Channels.\n \n \n \n \n\n\n \n Bacs, A.; Musaev, S.; Razavi, K.; Giuffrida, C.; and Bos, H.\n\n\n \n\n\n\n In FAST, February 2022. \n \n\n\n\n
\n\n\n\n \n \n \"DupeFS:Paper\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 127 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{bacs_dupefs_2022,\n\ttitle = {{DupeFS}: {Leaking} {Data} {Over} the {Network} {With} {Filesystem} {Deduplication} {Side} {Channels}},\n\turl = {Paper=https://download.vusec.net/papers/dupefs_fast22.pdf},\n\tbooktitle = {{FAST}},\n\tauthor = {Bacs, Andrei and Musaev, Saidgani and Razavi, Kaveh and Giuffrida, Cristiano and Bos, Herbert},\n\tmonth = feb,\n\tyear = {2022},\n\tkeywords = {class\\_sidechannels, proj\\_intersect, proj\\_offcore, proj\\_unicore, type\\_conf, type\\_mscthesis, type\\_paper, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n\n\n\n
\n
\n\n
\n
\n  \n 2021\n \n \n (5)\n \n \n
\n
\n \n \n
\n \n\n \n \n \n \n \n \n Rage Against the Machine Clear: A Systematic Analysis of Machine Clears and Their Implications for Transient Execution Attacks.\n \n \n \n \n\n\n \n Ragab, H.; Barberis, E.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In USENIX Security, August 2021. \n Distinguished Paper Award, Intel Bounty Reward, Mozilla Bounty Reward, Pwnie Award Nomination for Most Innovative Research, Pwnie Award Nomination for Best Privilege Escalation Bug, Pwnie Award Nomination for Best Client-Side Bug, Pwnie Award Nomination for Epic Achievement, DCSR Paper Award, CSAW Best Paper Award Runner-up\n\n\n\n
\n\n\n\n \n \n \"RagePaper\n  \n \n \n \"RageWeb\n  \n \n \n \"RageCode\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 296 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{ragab_rage_2021,\n\ttitle = {Rage {Against} the {Machine} {Clear}: {A} {Systematic} {Analysis} of {Machine} {Clears} and {Their} {Implications} for {Transient} {Execution} {Attacks}},\n\turl = {Paper=https://download.vusec.net/papers/fpvi-scsb_sec21.pdf Web=https://www.vusec.net/projects/fpvi-scsb Code=https://github.com/vusec/fpvi-scsb},\n\tbooktitle = {{USENIX} {Security}},\n\tauthor = {Ragab, Hany and Barberis, Enrico and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = aug,\n\tyear = {2021},\n\tnote = {Distinguished Paper Award, Intel Bounty Reward, Mozilla Bounty Reward, Pwnie Award Nomination for Most Innovative Research, Pwnie Award Nomination for Best Privilege Escalation Bug, Pwnie Award Nomination for Best Client-Side Bug, Pwnie Award Nomination for Epic Achievement, DCSR Paper Award, CSAW Best Paper Award Runner-up},\n\tkeywords = {class\\_sidechannels, proj\\_intersect, proj\\_offcore, proj\\_react, proj\\_unicore, type\\_award, type\\_bounty, type\\_conf, type\\_cve\\_assigned, type\\_paper, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n SMASH: Synchronized Many-sided Rowhammer Attacks From JavaScript.\n \n \n \n \n\n\n \n de Ridder, F.; Frigo, P.; Vannacci, E.; Bos, H.; Giuffrida, C.; and Razavi, K.\n\n\n \n\n\n\n In USENIX Security, August 2021. \n Pwnie Award Nomination for Most Under-Hyped Research, Best Faculty of Science Master Thesis Award\n\n\n\n
\n\n\n\n \n \n \"SMASH:Paper\n  \n \n \n \"SMASH:Web\n  \n \n \n \"SMASH:Code\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 796 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{de_ridder_smash_2021,\n\ttitle = {{SMASH}: {Synchronized} {Many}-sided {Rowhammer} {Attacks} {From} {JavaScript}},\n\turl = {Paper=https://download.vusec.net/papers/smash_sec21.pdf Web=https://www.vusec.net/projects/smash Code=https://github.com/vusec/smash},\n\tbooktitle = {{USENIX} {Security}},\n\tauthor = {de Ridder, Finn and Frigo, Pietro and Vannacci, Emanuele and Bos, Herbert and Giuffrida, Cristiano and Razavi, Kaveh},\n\tmonth = aug,\n\tyear = {2021},\n\tnote = {Pwnie Award Nomination for Most Under-Hyped Research, Best Faculty of Science Master Thesis Award},\n\tkeywords = {class\\_rowhammer, proj\\_offcore, proj\\_panta, proj\\_react, proj\\_unicore, type\\_award, type\\_conf, type\\_csec, type\\_mscthesis, type\\_paper, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n FIRestarter: Practical Software Crash Recovery with Targeted Library-level Fault Injection.\n \n \n \n \n\n\n \n Bhat, K.; van der Kouwe, E.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In DSN, June 2021. \n \n\n\n\n
\n\n\n\n \n \n \"FIRestarter:Paper\n  \n \n \n \"FIRestarter:Code\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 50 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{bhat_firestarter_2021,\n\ttitle = {{FIRestarter}: {Practical} {Software} {Crash} {Recovery} with {Targeted} {Library}-level {Fault} {Injection}},\n\turl = {Paper=https://download.vusec.net/papers/firestarter_dsn21.pdf Code=https://github.com/vusec/firestarter},\n\tbooktitle = {{DSN}},\n\tauthor = {Bhat, Koustubha and van der Kouwe, Erik and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = jun,\n\tyear = {2021},\n\tkeywords = {class\\_reliability, proj\\_binrec, proj\\_panta, proj\\_react, proj\\_tropics, proj\\_unicore, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n CrossTalk: Speculative Data Leaks Across Cores Are Real.\n \n \n \n \n\n\n \n Ragab, H.; Milburn, A.; Razavi, K.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In S&P, May 2021. \n Intel Bounty Reward\n\n\n\n
\n\n\n\n \n \n \"CrossTalk:Paper\n  \n \n \n \"CrossTalk:Web\n  \n \n \n \"CrossTalk:Code\n  \n \n \n \"CrossTalk:Press\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 541 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{ragab_crosstalk_2021,\n\ttitle = {{CrossTalk}: {Speculative} {Data} {Leaks} {Across} {Cores} {Are} {Real}},\n\turl = {Paper=https://download.vusec.net/papers/crosstalk_sp21.pdf Web=https://www.vusec.net/projects/crosstalk Code=https://github.com/vusec/ridl Press=https://bit.ly/3frdRuV},\n\tbooktitle = {S\\&{P}},\n\tauthor = {Ragab, Hany and Milburn, Alyssa and Razavi, Kaveh and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = may,\n\tyear = {2021},\n\tnote = {Intel Bounty Reward},\n\tkeywords = {class\\_sidechannels, proj\\_binrec, proj\\_offcore, proj\\_panta, proj\\_panta\\_list, proj\\_react, proj\\_unicore, type\\_award, type\\_bounty, type\\_conf, type\\_cve\\_assigned, type\\_paper, type\\_press, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n PIBE: Practical Kernel Control-flow Hardening with Profile-guided Indirect Branch Elimination.\n \n \n \n \n\n\n \n Duta, V.; Giuffrida, C.; Bos, H.; and van der Kouwe, E.\n\n\n \n\n\n\n In ASPLOS, April 2021. \n \n\n\n\n
\n\n\n\n \n \n \"PIBE:Paper\n  \n \n \n \"PIBE:Code\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 11 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n Artifact Evaluation Badges:\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{duta_pibe_2021,\n\ttitle = {{PIBE}: {Practical} {Kernel} {Control}-flow {Hardening} with {Profile}-guided {Indirect} {Branch} {Elimination}},\n\turl = {Paper=https://download.vusec.net/papers/pibe_asplos21.pdf Code=https://github.com/vusec/pibe},\n\tbooktitle = {{ASPLOS}},\n\tauthor = {Duta, Victor and Giuffrida, Cristiano and Bos, Herbert and van der Kouwe, Erik},\n\tmonth = apr,\n\tyear = {2021},\n\tkeywords = {artifacts:available, artifacts:functional, artifacts:reproduced, class\\_sanitizer, proj\\_binrec, proj\\_offcore, proj\\_panta, proj\\_react, proj\\_tropics, proj\\_unicore, type\\_ae, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n\n\n\n
\n
\n\n
\n
\n  \n 2020\n \n \n (6)\n \n \n
\n
\n \n \n
\n \n\n \n \n \n \n \n \n Speculative Probing: Hacking Blind in the Spectre Era.\n \n \n \n \n\n\n \n Goktas, E.; Razavi, K.; Portokalidis, G.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In CCS, November 2020. \n Pwnie Award for Most Innovative Research\n\n\n\n
\n\n\n\n \n \n \"SpeculativePaper\n  \n \n \n \"SpeculativeWeb\n  \n \n \n \"SpeculativeCode\n  \n \n \n \"SpeculativePress\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 676 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{goktas_speculative_2020,\n\ttitle = {Speculative {Probing}: {Hacking} {Blind} in the {Spectre} {Era}},\n\turl = {Paper=https://download.vusec.net/papers/blindside_ccs20.pdf Web=https://www.vusec.net/projects/blindside Code=https://github.com/vusec/blindside Press=https://bit.ly/3c4MkhU},\n\tbooktitle = {{CCS}},\n\tauthor = {Goktas, Enes and Razavi, Kaveh and Portokalidis, Georgios and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = nov,\n\tyear = {2020},\n\tnote = {Pwnie Award for Most Innovative Research},\n\tkeywords = {class\\_sidechannels, proj\\_offcore, proj\\_panta, proj\\_panta\\_list, proj\\_react, proj\\_unicore, type\\_award, type\\_conf, type\\_csec, type\\_paper, type\\_press, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n ParmeSan: Sanitizer-guided Greybox Fuzzing.\n \n \n \n \n\n\n \n Österlund, S.; Razavi, K.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In USENIX Security, August 2020. \n \n\n\n\n
\n\n\n\n \n \n \"ParmeSan:Paper\n  \n \n \n \"ParmeSan:Code\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 78 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{osterlund_parmesan_2020,\n\ttitle = {{ParmeSan}: {Sanitizer}-guided {Greybox} {Fuzzing}},\n\turl = {Paper=https://download.vusec.net/papers/parmesan_sec20.pdf Code=https://github.com/vusec/parmesan},\n\tbooktitle = {{USENIX} {Security}},\n\tauthor = {Österlund, Sebastian and Razavi, Kaveh and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = aug,\n\tyear = {2020},\n\tkeywords = {class\\_testing, proj\\_binrec, proj\\_panta, proj\\_react, proj\\_securecode, proj\\_vici, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n NetCAT: Practical Cache Attacks from the Network.\n \n \n \n \n\n\n \n Kurth, M.; Gras, B.; Andriesse, D.; Giuffrida, C.; Bos, H.; and Razavi, K.\n\n\n \n\n\n\n In S&P, May 2020. \n Intel Bounty Reward, Pwnie Award Nomination for Most Innovative Research\n\n\n\n
\n\n\n\n \n \n \"NetCAT:Paper\n  \n \n \n \"NetCAT:Slides\n  \n \n \n \"NetCAT:Web\n  \n \n \n \"NetCAT:Press\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 367 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{kurth_netcat_2020,\n\ttitle = {{NetCAT}: {Practical} {Cache} {Attacks} from the {Network}},\n\turl = {Paper=https://download.vusec.net/papers/netcat_sp20.pdf Slides=https://download.vusec.net/slides/netcat_sp20.pdf Web=https://www.vusec.net/projects/netcat Press=https://bit.ly/2LULskB},\n\tbooktitle = {S\\&{P}},\n\tauthor = {Kurth, Michael and Gras, Ben and Andriesse, Dennis and Giuffrida, Cristiano and Bos, Herbert and Razavi, Kaveh},\n\tmonth = may,\n\tyear = {2020},\n\tnote = {Intel Bounty Reward, Pwnie Award Nomination for Most Innovative Research},\n\tkeywords = {class\\_sidechannels, proj\\_offcore, proj\\_panta, proj\\_react, proj\\_unicore, proj\\_vici, type\\_award, type\\_bounty, type\\_conf, type\\_csec, type\\_cve\\_assigned, type\\_mscthesis, type\\_paper, type\\_press, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n TRRespass: Exploiting the Many Sides of Target Row Refresh.\n \n \n \n \n\n\n \n Frigo, P.; Vannacci, E.; Hassan, H.; van der Veen, V.; Mutlu, O.; Giuffrida, C.; Bos, H.; and Razavi, K.\n\n\n \n\n\n\n In S&P, May 2020. \n Best Paper Award, Pwnie Award for Most Innovative Research, IEEE Micro Top Picks Honorable Mention, DCSR Paper Award\n\n\n\n
\n\n\n\n \n \n \"TRRespass:Paper\n  \n \n \n \"TRRespass:Slides\n  \n \n \n \"TRRespass:Web\n  \n \n \n \"TRRespass:Code\n  \n \n \n \"TRRespass:Press\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 856 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{frigo_trrespass_2020,\n\ttitle = {{TRRespass}: {Exploiting} the {Many} {Sides} of {Target} {Row} {Refresh}},\n\turl = {Paper=https://download.vusec.net/papers/trrespass_sp20.pdf Slides=https://download.vusec.net/slides/trrespass_sp20.pdf Web=https://www.vusec.net/projects/trrespass Code=https://github.com/vusec/trrespass Press=https://bit.ly/2UXWKJ4},\n\tbooktitle = {S\\&{P}},\n\tauthor = {Frigo, Pietro and Vannacci, Emanuele and Hassan, Hasan and van der Veen, Victor and Mutlu, Onur and Giuffrida, Cristiano and Bos, Herbert and Razavi, Kaveh},\n\tmonth = may,\n\tyear = {2020},\n\tnote = {Best Paper Award, Pwnie Award for Most Innovative Research, IEEE Micro Top Picks Honorable Mention, DCSR Paper Award},\n\tkeywords = {class\\_rowhammer, proj\\_offcore, proj\\_panta, proj\\_react, proj\\_unicore, proj\\_vici, type\\_award, type\\_conf, type\\_cve\\_assigned, type\\_paper, type\\_press, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n BinRec: Dynamic Binary Lifting and Recompilation.\n \n \n \n \n\n\n \n Altinay, A.; Nash, J.; Kroes, T.; Rajasekaran, P.; Zhou, D.; Dabrowski, A.; Gens, D.; Na, Y.; Volckaert, S.; Giuffrida, C.; Bos, H.; and Franz, M.\n\n\n \n\n\n\n In EuroSys, April 2020. \n \n\n\n\n
\n\n\n\n \n \n \"BinRec:Paper\n  \n \n \n \"BinRec:Code\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 88 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{altinay_binrec_2020,\n\ttitle = {{BinRec}: {Dynamic} {Binary} {Lifting} and {Recompilation}},\n\turl = {Paper=https://download.vusec.net/papers/binrec_eurosys20.pdf Code=https://github.com/securesystemslab/BinRec},\n\tbooktitle = {{EuroSys}},\n\tauthor = {Altinay, Anil and Nash, Joseph and Kroes, Taddeus and Rajasekaran, Prabhu and Zhou, Dixin and Dabrowski, Adrian and Gens, David and Na, Yeoul and Volckaert, Stijn and Giuffrida, Cristiano and Bos, Herbert and Franz, Michael},\n\tmonth = apr,\n\tyear = {2020},\n\tkeywords = {class\\_binary, proj\\_binrec, proj\\_vici, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n ABSynthe: Automatic Blackbox Side-channel Synthesis on Commodity Microarchitectures.\n \n \n \n \n\n\n \n Gras, B.; Giuffrida, C.; Kurth, M.; Bos, H.; and Razavi, K.\n\n\n \n\n\n\n In NDSS, February 2020. \n \n\n\n\n
\n\n\n\n \n \n \"ABSynthe:Paper\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 65 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{gras_absynthe_2020,\n\ttitle = {{ABSynthe}: {Automatic} {Blackbox} {Side}-channel {Synthesis} on {Commodity} {Microarchitectures}},\n\turl = {https://download.vusec.net/papers/absynthe_ndss20.pdf},\n\tbooktitle = {{NDSS}},\n\tauthor = {Gras, Ben and Giuffrida, Cristiano and Kurth, Michael and Bos, Herbert and Razavi, Kaveh},\n\tmonth = feb,\n\tyear = {2020},\n\tkeywords = {class\\_sidechannels, proj\\_offcore, proj\\_panta, proj\\_react, proj\\_unicore, proj\\_vici, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n\n\n\n
\n
\n\n
\n
\n  \n 2019\n \n \n (5)\n \n \n
\n
\n \n \n
\n \n\n \n \n \n \n \n \n SoK: Benchmarking Flaws in Systems Security.\n \n \n \n \n\n\n \n van der Kouwe, E.; Heiser, G.; Andriesse, D.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In EuroS&P, June 2019. \n \n\n\n\n
\n\n\n\n \n \n \"SoK:Paper\n  \n \n \n \"SoK:Slides\n  \n \n \n \"SoK:Web\n  \n \n \n \"SoK:Press\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 148 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{van_der_kouwe_sok_2019,\n\ttitle = {{SoK}: {Benchmarking} {Flaws} in {Systems} {Security}},\n\turl = {Paper=https://download.vusec.net/papers/benchmarking-crimes_eurosp19.pdf  Slides=https://www.vusec.net/wp-content/uploads/2019/06/Benchmarking-Flaws-in-Systems-Security-EuroSP2019.pdf Web=https://www.vusec.net/projects/benchmarking-crimes Press=https://bit.ly/3knxXIk},\n\tbooktitle = {{EuroS}\\&{P}},\n\tauthor = {van der Kouwe, Erik and Heiser, Gernot and Andriesse, Dennis and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = jun,\n\tyear = {2019},\n\tkeywords = {class\\_sanitizer, class\\_sok, proj\\_binrec, proj\\_panta, proj\\_react, proj\\_securecode, proj\\_unicore, proj\\_vici, type\\_conf, type\\_csec, type\\_paper, type\\_press, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n Exploiting Correcting Codes: On the Effectiveness of ECC Memory Against Rowhammer Attacks.\n \n \n \n \n\n\n \n Cojocar, L.; Razavi, K.; Giuffrida, C.; and Bos, H.\n\n\n \n\n\n\n In S&P, May 2019. \n Best Practical Paper Award, Pwnie Award Nomination for Most Innovative Research\n\n\n\n
\n\n\n\n \n \n \"ExploitingPaper\n  \n \n \n \"ExploitingSlides\n  \n \n \n \"ExploitingWeb\n  \n \n \n \"ExploitingPress\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 362 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{cojocar_exploiting_2019,\n\ttitle = {Exploiting {Correcting} {Codes}: {On} the {Effectiveness} of {ECC} {Memory} {Against} {Rowhammer} {Attacks}},\n\turl = {Paper=https://download.vusec.net/papers/eccploit_sp19.pdf Slides=https://www.ieee-security.org/TC/SP2019/SP19-Slides-pdfs/Lucian_Cojocar_Exploiting_Correcting_Codes_slides-ecc-new.pdf Web=https://www.vusec.net/projects/eccploit Press=https://bit.ly/2UcucNv},\n\tbooktitle = {S\\&{P}},\n\tauthor = {Cojocar, Lucian and Razavi, Kaveh and Giuffrida, Cristiano and Bos, Herbert},\n\tmonth = may,\n\tyear = {2019},\n\tnote = {Best Practical Paper Award, Pwnie Award Nomination for Most Innovative Research},\n\tkeywords = {class\\_rowhammer, proj\\_panta, proj\\_react, proj\\_unicore, proj\\_vici, type\\_award, type\\_conf, type\\_csec, type\\_cve\\_assigned, type\\_paper, type\\_press, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n RIDL: Rogue In-flight Data Load.\n \n \n \n \n\n\n \n van Schaik, S.; Milburn, A.; Österlund, S.; Frigo, P.; Maisuradze, G.; Razavi, K.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In S&P, May 2019. \n Intel Bounty Reward (Highest To Date), Pwnie Award Nomination for Most Innovative Research, CSAW Best Paper Award Runner-up, DCSR Paper Award\n\n\n\n
\n\n\n\n \n \n \"RIDL:Paper\n  \n \n \n \"RIDL:Slides\n  \n \n \n \"RIDL:Web\n  \n \n \n \"RIDL:Code\n  \n \n \n \"RIDL:Press\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 108 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{van_schaik_ridl_2019,\n\ttitle = {{RIDL}: {Rogue} {In}-flight {Data} {Load}},\n\turl = {Paper=https://mdsattacks.com/files/ridl.pdf Slides=https://mdsattacks.com/slides/slides.html Web=https://mdsattacks.com Code=https://github.com/vusec/ridl Press=http://mdsattacks.com},\n\tbooktitle = {S\\&{P}},\n\tauthor = {van Schaik, Stephan and Milburn, Alyssa and Österlund, Sebastian and Frigo, Pietro and Maisuradze, Giorgi and Razavi, Kaveh and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = may,\n\tyear = {2019},\n\tnote = {Intel Bounty Reward (Highest To Date), Pwnie Award Nomination for Most Innovative Research, CSAW Best Paper Award Runner-up, DCSR Paper Award},\n\tkeywords = {class\\_sidechannels, proj\\_offcore, proj\\_panta, proj\\_panta\\_list, proj\\_react, proj\\_unicore, proj\\_vici, type\\_award, type\\_bounty, type\\_conf, type\\_cve\\_assigned, type\\_paper, type\\_press, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n ProbeGuard: Mitigating Probing Attacks Through Reactive Program Transformations.\n \n \n \n \n\n\n \n Bhat, K.; van der Kouwe, E.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In ASPLOS, April 2019. \n \n\n\n\n
\n\n\n\n \n \n \"ProbeGuard:Paper\n  \n \n \n \"ProbeGuard:Web\n  \n \n \n \"ProbeGuard:Code\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 31 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{bhat_probeguard_2019,\n\ttitle = {{ProbeGuard}: {Mitigating} {Probing} {Attacks} {Through} {Reactive} {Program} {Transformations}},\n\turl = {Paper=https://download.vusec.net/papers/probeguard_asplos19.pdf Web=https://www.vusec.net/projects/nowhere-to-hide Code=https://github.com/vusec/probeguard},\n\tbooktitle = {{ASPLOS}},\n\tauthor = {Bhat, Koustubha and van der Kouwe, Erik and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = apr,\n\tyear = {2019},\n\tkeywords = {class\\_ih, proj\\_binrec, proj\\_panta, proj\\_panta\\_list, proj\\_react, proj\\_securecode, proj\\_vici, type\\_conf, type\\_csec, type\\_paper, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n kMVX: Detecting Kernel Information Leaks with Multi-variant Execution.\n \n \n \n \n\n\n \n Österlund, S.; Koning, K.; Olivier, P.; Barbalace, A.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In ASPLOS, April 2019. \n \n\n\n\n
\n\n\n\n \n \n \"kMVX:Paper\n  \n \n \n \"kMVX:Web\n  \n \n \n \"kMVX:Code\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 68 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{osterlund_kmvx_2019,\n\ttitle = {{kMVX}: {Detecting} {Kernel} {Information} {Leaks} with {Multi}-variant {Execution}},\n\turl = {Paper=https://download.vusec.net/papers/kmvx_asplos19.pdf Web=https://www.vusec.net/projects/kmvx Code=https://github.com/vusec/kmvx},\n\tbooktitle = {{ASPLOS}},\n\tauthor = {Österlund, Sebastian and Koning, Koen and Olivier, Pierre and Barbalace, Antonio and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = apr,\n\tyear = {2019},\n\tkeywords = {class\\_armor, proj\\_panta, proj\\_react, proj\\_securecode, proj\\_unicore, proj\\_vici, type\\_conf, type\\_mscthesis, type\\_paper, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n\n\n\n
\n
\n\n
\n
\n  \n 2018\n \n \n (9)\n \n \n
\n
\n \n \n
\n \n\n \n \n \n \n \n \n ZebRAM: Comprehensive and Compatible Software Protection Against Rowhammer Attacks.\n \n \n \n \n\n\n \n Konoth, R. K.; Oliverio, M.; Tatar, A.; Andriesse, D.; Bos, H.; Giuffrida, C.; and Razavi, K.\n\n\n \n\n\n\n In OSDI, October 2018. \n \n\n\n\n
\n\n\n\n \n \n \"ZebRAM:Paper\n  \n \n \n \"ZebRAM:Code\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 40 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{konoth_zebram_2018,\n\ttitle = {{ZebRAM}: {Comprehensive} and {Compatible} {Software} {Protection} {Against} {Rowhammer} {Attacks}},\n\turl = {Paper=https://download.vusec.net/papers/zebram_osdi18.pdf Code=https://github.com/vusec/zebram},\n\tbooktitle = {{OSDI}},\n\tauthor = {Konoth, Radhesh Krishnan and Oliverio, Marco and Tatar, Andrei and Andriesse, Dennis and Bos, Herbert and Giuffrida, Cristiano and Razavi, Kaveh},\n\tmonth = oct,\n\tyear = {2018},\n\tkeywords = {class\\_rowhammer, proj\\_parallax, proj\\_protasis, proj\\_react, proj\\_unicore, proj\\_vici, type\\_conf, type\\_csec, type\\_paper, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n MineSweeper: An In-depth Look into Drive-by Cryptocurrency Mining and Its Defense.\n \n \n \n \n\n\n \n Konoth, R. K.; Vineti, E.; Moonsamy, V.; Lindorfer, M.; Kruegel, C.; Bos, H.; and Vigna, G.\n\n\n \n\n\n\n In CCS, October 2018. \n \n\n\n\n
\n\n\n\n \n \n \"MineSweeper:Paper\n  \n \n \n \"MineSweeper:Code\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 11 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{konoth_minesweeper_2018,\n\ttitle = {{MineSweeper}: {An} {In}-depth {Look} into {Drive}-by {Cryptocurrency} {Mining} and {Its} {Defense}},\n\turl = {Paper=https://download.vusec.net/papers/minesweeper_ccs18.pdf Code=https://github.com/vusec/minesweeper},\n\tbooktitle = {{CCS}},\n\tauthor = {Konoth, Radhesh Krishnan and Vineti, Emanuele and Moonsamy, Veelasha and Lindorfer, Martina and Kruegel, Christopher and Bos, Herbert and Vigna, Giovanni},\n\tmonth = oct,\n\tyear = {2018},\n\tkeywords = {class\\_malware, proj\\_protasis, type\\_conf, type\\_csec, type\\_paper, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n Defeating Software Mitigations against Rowhammer: A Surgical Precision Hammer.\n \n \n \n \n\n\n \n Tatar, A.; Giuffrida, C.; Bos, H.; and Razavi, K.\n\n\n \n\n\n\n In RAID, September 2018. \n Best Paper Award\n\n\n\n
\n\n\n\n \n \n \"DefeatingPaper\n  \n \n \n \"DefeatingCode\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 37 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{tatar_defeating_2018,\n\ttitle = {Defeating {Software} {Mitigations} against {Rowhammer}: {A} {Surgical} {Precision} {Hammer}},\n\turl = {Paper=https://download.vusec.net/papers/hammertime_raid18.pdf Code=https://github.com/vusec/hammertime},\n\tbooktitle = {{RAID}},\n\tauthor = {Tatar, Andrei and Giuffrida, Cristiano and Bos, Herbert and Razavi, Kaveh},\n\tmonth = sep,\n\tyear = {2018},\n\tnote = {Best Paper Award},\n\tkeywords = {class\\_rowhammer, proj\\_parallax, proj\\_react, proj\\_unicore, proj\\_vici, type\\_award, type\\_conf, type\\_mscthesis, type\\_paper, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n Malicious Management Unit: Why Stopping Cache Attacks in Software is Harder Than You Think.\n \n \n \n \n\n\n \n van Schaik, S.; Giuffrida, C.; Bos, H.; and Razavi, K.\n\n\n \n\n\n\n In USENIX Security, August 2018. \n \n\n\n\n
\n\n\n\n \n \n \"MaliciousPaper\n  \n \n \n \"MaliciousWeb\n  \n \n \n \"MaliciousCode\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 91 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{van_schaik_malicious_2018,\n\ttitle = {Malicious {Management} {Unit}: {Why} {Stopping} {Cache} {Attacks} in {Software} is {Harder} {Than} {You} {Think}},\n\turl = {Paper=https://download.vusec.net/papers/xlate_sec18.pdf Web=https://www.vusec.net/projects/xlate Code=https://github.com/vusec/xlate},\n\tbooktitle = {{USENIX} {Security}},\n\tauthor = {van Schaik, Stephan and Giuffrida, Cristiano and Bos, Herbert and Razavi, Kaveh},\n\tmonth = aug,\n\tyear = {2018},\n\tkeywords = {class\\_sidechannels, proj\\_parallax, proj\\_react, proj\\_vici, type\\_conf, type\\_mscthesis, type\\_paper, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n Translation Leak-aside Buffer: Defeating Cache Side-channel Protections with TLB Attacks.\n \n \n \n \n\n\n \n Gras, B.; Razavi, K.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In USENIX Security, August 2018. \n Pwnie Award Nomination for Most Innovative Research\n\n\n\n
\n\n\n\n \n \n \"TranslationPaper\n  \n \n \n \"TranslationSlides\n  \n \n \n \"TranslationWeb\n  \n \n \n \"TranslationCode\n  \n \n \n \"TranslationPress\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 459 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{gras_translation_2018,\n\ttitle = {Translation {Leak}-aside {Buffer}: {Defeating} {Cache} {Side}-channel {Protections} with {TLB} {Attacks}},\n\turl = {Paper=https://download.vusec.net/papers/tlbleed_sec18.pdf Slides=https://www.usenix.org/sites/default/files/conference/protected-files/security18_slides_gras.pdf Web=https://www.vusec.net/projects/tlbleed Code=https://github.com/vusec/tlbkit Press=https://goo.gl/eepq1y},\n\tbooktitle = {{USENIX} {Security}},\n\tauthor = {Gras, Ben and Razavi, Kaveh and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = aug,\n\tyear = {2018},\n\tnote = {Pwnie Award Nomination for Most Innovative Research},\n\tkeywords = {class\\_sidechannels, proj\\_parallax, proj\\_react, proj\\_vici, type\\_award, type\\_conf, type\\_paper, type\\_press, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n Throwhammer: Rowhammer Attacks over the Network and Defenses.\n \n \n \n \n\n\n \n Tatar, A.; Konoth, R. K.; Athanasopoulos, E.; Giuffrida, C.; Bos, H.; and Razavi, K.\n\n\n \n\n\n\n In USENIX ATC, July 2018. \n Pwnie Award Nomination for Most Innovative Research\n\n\n\n
\n\n\n\n \n \n \"Throwhammer:Paper\n  \n \n \n \"Throwhammer:Web\n  \n \n \n \"Throwhammer:Code\n  \n \n \n \"Throwhammer:Press\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 295 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{tatar_throwhammer_2018,\n\ttitle = {Throwhammer: {Rowhammer} {Attacks} over the {Network} and {Defenses}},\n\turl = {Paper=https://download.vusec.net/papers/throwhammer_atc18.pdf Web=https://www.vusec.net/projects/throwhammer Code=https://github.com/vusec/alis Press=https://goo.gl/GrZ87e},\n\tbooktitle = {{USENIX} {ATC}},\n\tauthor = {Tatar, Andrei and Konoth, Radhesh Krishnan and Athanasopoulos, Elias and Giuffrida, Cristiano and Bos, Herbert and Razavi, Kaveh},\n\tmonth = jul,\n\tyear = {2018},\n\tnote = {Pwnie Award Nomination for Most Innovative Research},\n\tkeywords = {class\\_rowhammer, proj\\_parallax, proj\\_vici, type\\_award, type\\_conf, type\\_csec, type\\_paper, type\\_press, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n GuardION: Practical Mitigation of DMA-based Rowhammer Attacks on ARM.\n \n \n \n \n\n\n \n van der Veen, V.; Lindorfer, M.; Fratantonio, Y.; Padmanabha Pillai, H.; Vigna, G.; Kruegel, C.; Bos, H.; and Razavi, K.\n\n\n \n\n\n\n In DIMVA, June 2018. \n Pwnie Award Nomination for Best Privilege Escalation Bug\n\n\n\n
\n\n\n\n \n \n \"GuardION:Paper\n  \n \n \n \"GuardION:Web\n  \n \n \n \"GuardION:Code\n  \n \n \n \"GuardION:Press\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 82 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{van_der_veen_guardion_2018,\n\ttitle = {{GuardION}: {Practical} {Mitigation} of {DMA}-based {Rowhammer} {Attacks} on {ARM}},\n\turl = {Paper=https://vvdveen.com/publications/dimva2018.pdf Web=https://rampageattack.com Code=https://github.com/vusec/guardion Press=https://bit.ly/2H6QhqX},\n\tbooktitle = {{DIMVA}},\n\tauthor = {van der Veen, Victor and Lindorfer, Martina and Fratantonio, Yanick and Padmanabha Pillai, Harikrishnan and Vigna, Giovanni and Kruegel, Christopher and Bos, Herbert and Razavi, Kaveh},\n\tmonth = jun,\n\tyear = {2018},\n\tnote = {Pwnie Award Nomination for Best Privilege Escalation Bug},\n\tkeywords = {class\\_mobile, class\\_rowhammer, type\\_award, type\\_conf, type\\_paper, type\\_press},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n Grand Pwning Unit: Accelerating Microarchitectural Attacks with the GPU.\n \n \n \n \n\n\n \n Frigo, P.; Giuffrida, C.; Bos, H.; and Razavi, K.\n\n\n \n\n\n\n In S&P, May 2018. \n Pwnie Award Nomination for Most Innovative Research\n\n\n\n
\n\n\n\n \n \n \"GrandPaper\n  \n \n \n \"GrandWeb\n  \n \n \n \"GrandPress\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 145 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{frigo_grand_2018,\n\ttitle = {Grand {Pwning} {Unit}: {Accelerating} {Microarchitectural} {Attacks} with the {GPU}},\n\turl = {Paper=https://download.vusec.net/papers/glitch_sp18.pdf Web=https://www.vusec.net/projects/glitch Press=https://goo.gl/SkD9er},\n\tbooktitle = {S\\&{P}},\n\tauthor = {Frigo, Pietro and Giuffrida, Cristiano and Bos, Herbert and Razavi, Kaveh},\n\tmonth = may,\n\tyear = {2018},\n\tnote = {Pwnie Award Nomination for Most Innovative Research},\n\tkeywords = {class\\_rowhammer, class\\_sidechannels, proj\\_sharcs, proj\\_vici, type\\_award, type\\_conf, type\\_cve\\_assigned, type\\_mscthesis, type\\_paper, type\\_press, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n Delta Pointers: Buffer Overflow Checks Without the Checks.\n \n \n \n \n\n\n \n Kroes, T.; Koning, K.; van der Kouwe, E.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In EuroSys, April 2018. \n \n\n\n\n
\n\n\n\n \n \n \"DeltaPaper\n  \n \n \n \"DeltaSlides\n  \n \n \n \"DeltaCode\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 52 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{kroes_delta_2018,\n\ttitle = {Delta {Pointers}: {Buffer} {Overflow} {Checks} {Without} the {Checks}},\n\turl = {Paper=https://download.vusec.net/papers/delta-pointers_eurosys18.pdf Slides=https://download.vusec.net/slides/delta-pointers-eurosys18.pdf Code=https://github.com/vusec/deltapointers},\n\tbooktitle = {{EuroSys}},\n\tauthor = {Kroes, Taddeus and Koning, Koen and van der Kouwe, Erik and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = apr,\n\tyear = {2018},\n\tkeywords = {class\\_sanitizer, proj\\_binrec, proj\\_panta, proj\\_panta\\_list, proj\\_securecode, proj\\_vici, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n\n\n\n
\n
\n\n
\n
\n  \n 2017\n \n \n (8)\n \n \n
\n
\n \n \n
\n \n\n \n \n \n \n \n \n The Dynamics of Innocent Flesh on the Bone: Code Reuse Ten Years Later.\n \n \n \n \n\n\n \n van der Veen, V.; Andriesse, D.; Stamatogiannakis, M.; Chen, X.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In CCS, October 2017. \n \n\n\n\n
\n\n\n\n \n \n \"ThePaper\n  \n \n \n \"TheWeb\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 67 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{van_der_veen_dynamics_2017,\n\ttitle = {The {Dynamics} of {Innocent} {Flesh} on the {Bone}: {Code} {Reuse} {Ten} {Years} {Later}},\n\turl = {Paper=http://vvdveen.com/publications/newton.pdf Web=https://www.vusec.net/projects/newton},\n\tbooktitle = {{CCS}},\n\tauthor = {van der Veen, Victor and Andriesse, Dennis and Stamatogiannakis, Manolis and Chen, Xi and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = oct,\n\tyear = {2017},\n\tkeywords = {class\\_binary, proj\\_sharcs, proj\\_vici, type\\_conf, type\\_csec, type\\_paper, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n Secure Page Fusion with VUsion.\n \n \n \n \n\n\n \n Oliverio, M.; Razavi, K.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In SOSP, October 2017. \n \n\n\n\n
\n\n\n\n \n \n \"SecurePaper\n  \n \n \n \"SecureSlides\n  \n \n \n \"SecurePoster\n  \n \n \n \"SecureWeb\n  \n \n \n \"SecureCode\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 67 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{oliverio_secure_2017,\n\ttitle = {Secure {Page} {Fusion} with {VUsion}},\n\turl = {Paper=https://download.vusec.net/papers/vusion_sosp17.pdf Slides=https://docs.google.com/presentation/d/1Erf1r9gCtkj-JuCBT7BW93W7YjGiplkO8GHAAT56W9s/edit#slide=id.p3 Poster=https://vusec.net/wp-content/uploads/2017/10/poster.pdf Web=https://www.vusec.net/projects/vusion Code=https://github.com/vusec/vusion},\n\tbooktitle = {{SOSP}},\n\tauthor = {Oliverio, Marco and Razavi, Kaveh and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = oct,\n\tyear = {2017},\n\tkeywords = {class\\_rowhammer, class\\_sidechannels, proj\\_sharcs, proj\\_vici, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n Compiler-Agnostic Function Detection in Binaries.\n \n \n \n \n\n\n \n Andriesse, D.; Slowinska, A.; and Bos, H.\n\n\n \n\n\n\n In EuroS&P, April 2017. \n Best Paper Award\n\n\n\n
\n\n\n\n \n \n \"Compiler-AgnosticPaper\n  \n \n \n \"Compiler-AgnosticCode\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 22 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{andriesse_compiler-agnostic_2017,\n\ttitle = {Compiler-{Agnostic} {Function} {Detection} in {Binaries}},\n\turl = {Paper=https://mistakenot.net/papers/eurosp-2017.pdf Code=https://github.com/vusec/nucleus},\n\tbooktitle = {{EuroS}\\&{P}},\n\tauthor = {Andriesse, Dennis and Slowinska, Asia and Bos, Herbert},\n\tmonth = apr,\n\tyear = {2017},\n\tnote = {Best Paper Award},\n\tkeywords = {class\\_binary, class\\_reveng, disassembly, type\\_award, type\\_conf, type\\_csec, type\\_paper},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n No Need to Hide: Protecting Safe Regions on Commodity Hardware.\n \n \n \n \n\n\n \n Koning, K.; Chen, X.; Bos, H.; Giuffrida, C.; and Athanasopoulos, E.\n\n\n \n\n\n\n In EuroSys, April 2017. \n \n\n\n\n
\n\n\n\n \n \n \"NoPaper\n  \n \n \n \"NoWeb\n  \n \n \n \"NoCode\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 15 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{koning_no_2017,\n\ttitle = {No {Need} to {Hide}: {Protecting} {Safe} {Regions} on {Commodity} {Hardware}},\n\turl = {Paper=https://download.vusec.net/papers/memsentry_eurosys17.pdf Web=https://www.vusec.net/projects/nowhere-to-hide Code=https://github.com/vusec/memsentry},\n\tbooktitle = {{EuroSys}},\n\tauthor = {Koning, Koen and Chen, Xi and Bos, Herbert and Giuffrida, Cristiano and Athanasopoulos, Elias},\n\tmonth = apr,\n\tyear = {2017},\n\tkeywords = {class\\_ih, proj\\_sharcs, proj\\_vici, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n ASLR on the Line: Practical Cache Attacks on the MMU.\n \n \n \n \n\n\n \n Gras, B.; Razavi, K.; Bosman, E.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In NDSS, February 2017. \n Pwnie Award for Most Innovative Research, DCSR Paper Award\n\n\n\n
\n\n\n\n \n \n \"ASLRPaper\n  \n \n \n \"ASLRSlides\n  \n \n \n \"ASLRWeb\n  \n \n \n \"ASLRCode\n  \n \n \n \"ASLRPress\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 253 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{gras_aslr_2017,\n\ttitle = {{ASLR} on the {Line}: {Practical} {Cache} {Attacks} on the {MMU}},\n\turl = {Paper=https://download.vusec.net/papers/anc_ndss17.pdf Slides=https://vusec.net/wp-content/uploads/2016/11/TalkGras.pdf Web=https://www.vusec.net/projects/anc Code=https://github.com/vusec/revanc Press=https://goo.gl/KL4Bta},\n\tbooktitle = {{NDSS}},\n\tauthor = {Gras, Ben and Razavi, Kaveh and Bosman, Erik and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = feb,\n\tyear = {2017},\n\tnote = {Pwnie Award for Most Innovative Research, DCSR Paper Award},\n\tkeywords = {class\\_sidechannels, proj\\_sharcs, proj\\_vici, type\\_award, type\\_conf, type\\_csec, type\\_cve\\_assigned, type\\_paper, type\\_press, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n VUzzer: Application-aware Evolutionary Fuzzing.\n \n \n \n \n\n\n \n Rawat, S.; Jain, V.; Kumar, A.; Cojocar, L.; Giuffrida, C.; and Bos, H.\n\n\n \n\n\n\n In NDSS, February 2017. \n \n\n\n\n
\n\n\n\n \n \n \"VUzzer:Paper\n  \n \n \n \"VUzzer:Code\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 12 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{rawat_vuzzer_2017,\n\ttitle = {{VUzzer}: {Application}-aware {Evolutionary} {Fuzzing}},\n\turl = {Paper=https://download.vusec.net/papers/vuzzer_ndss17.pdf Code=https://github.com/vusec/vuzzer64},\n\tbooktitle = {{NDSS}},\n\tauthor = {Rawat, Sanjay and Jain, Vivek and Kumar, Ashish and Cojocar, Lucian and Giuffrida, Cristiano and Bos, Herbert},\n\tmonth = feb,\n\tyear = {2017},\n\tkeywords = {class\\_testing, proj\\_sharcs, proj\\_vici, type\\_conf, type\\_csec, type\\_paper, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n SafeInit: Comprehensive and Practical Mitigation of Uninitialized Read Vulnerabilities.\n \n \n \n \n\n\n \n Milburn, A.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In NDSS, February 2017. \n \n\n\n\n
\n\n\n\n \n \n \"SafeInit:Paper\n  \n \n \n \"SafeInit:Code\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 6 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{milburn_safeinit_2017,\n\ttitle = {{SafeInit}: {Comprehensive} and {Practical} {Mitigation} of {Uninitialized} {Read} {Vulnerabilities}},\n\turl = {Paper=https://download.vusec.net/papers/safeinit_ndss17.pdf Code=https://github.com/vusec/safeinit},\n\tbooktitle = {{NDSS}},\n\tauthor = {Milburn, Alyssa and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = feb,\n\tyear = {2017},\n\tkeywords = {class\\_sanitizer, proj\\_sharcs, proj\\_vici, type\\_conf, type\\_mscthesis, type\\_paper, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n MARX: Uncovering Class Hierarchies in C++ Programs.\n \n \n \n \n\n\n \n Pawlowski, A.; Contag, M.; van der Veen, V.; Ouwehand, C.; Holz, T.; Bos, H.; Athanasopoulos, E.; and Giuffrida, C.\n\n\n \n\n\n\n In NDSS, February 2017. \n \n\n\n\n
\n\n\n\n \n \n \"MARX:Paper\n  \n \n \n \"MARX:Code\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 3 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{pawlowski_marx_2017,\n\ttitle = {{MARX}: {Uncovering} {Class} {Hierarchies} in {C}++ {Programs}},\n\turl = {Paper=https://download.vusec.net/papers/marx_ndss17.pdf Code=https://github.com/RUB-SysSec/Marx},\n\tbooktitle = {{NDSS}},\n\tauthor = {Pawlowski, Andre and Contag, Moritz and van der Veen, Victor and Ouwehand, Chris and Holz, Thorsten and Bos, Herbert and Athanasopoulos, Elias and Giuffrida, Cristiano},\n\tmonth = feb,\n\tyear = {2017},\n\tkeywords = {class\\_armor, proj\\_sharcs, proj\\_vici, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n\n\n\n
\n
\n\n
\n
\n  \n 2016\n \n \n (3)\n \n \n
\n
\n \n \n
\n \n\n \n \n \n \n \n \n Drammer: Deterministic Rowhammer Attacks on Mobile Platforms.\n \n \n \n \n\n\n \n van der Veen, V.; Fratantonio, Y.; Lindorfer, M.; Gruss, D.; Maurice, C.; Vigna, G.; Bos, H.; Razavi, K.; and Giuffrida, C.\n\n\n \n\n\n\n In CCS, October 2016. \n Pwnie Award for Best Privilege Escalation Bug, Android Security Reward, CSAW Best Paper Award, DCSR Paper Award\n\n\n\n
\n\n\n\n \n \n \"Drammer:Paper\n  \n \n \n \"Drammer:Web\n  \n \n \n \"Drammer:Code\n  \n \n \n \"Drammer:Press\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 222 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{van_der_veen_drammer_2016,\n\ttitle = {Drammer: {Deterministic} {Rowhammer} {Attacks} on {Mobile} {Platforms}},\n\turl = {Paper=https://vvdveen.com/publications/drammer.pdf Web=https://www.vusec.net/projects/drammer Code=https://github.com/vusec/drammer Press=https://goo.gl/y0lZ3l},\n\tbooktitle = {{CCS}},\n\tauthor = {van der Veen, Victor and Fratantonio, Yanick and Lindorfer, Martina and Gruss, Daniel and Maurice, Clementine and Vigna, Giovanni and Bos, Herbert and Razavi, Kaveh and Giuffrida, Cristiano},\n\tmonth = oct,\n\tyear = {2016},\n\tnote = {Pwnie Award for Best Privilege Escalation Bug, Android Security Reward, CSAW Best Paper Award, DCSR Paper Award},\n\tkeywords = {class\\_mobile, class\\_rowhammer, proj\\_sharcs, type\\_award, type\\_bounty, type\\_conf, type\\_cve\\_assigned, type\\_paper, type\\_press, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n TypeSan: Practical Type Confusion Detection.\n \n \n \n \n\n\n \n Haller, I.; Yuseok, J.; Peng, H.; Payer, M.; Giuffrida, C.; Bos, H.; and van der Kouwe, E.\n\n\n \n\n\n\n In CCS, October 2016. \n \n\n\n\n
\n\n\n\n \n \n \"TypeSan:Paper\n  \n \n \n \"TypeSan:Code\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 14 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{haller_typesan_2016,\n\ttitle = {{TypeSan}: {Practical} {Type} {Confusion} {Detection}},\n\turl = {Paper=https://download.vusec.net/papers/typesan_ccs16.pdf Code=https://github.com/vusec/typesan},\n\tbooktitle = {{CCS}},\n\tauthor = {Haller, Istvan and Yuseok, Jeon and Peng, Hui and Payer, Mathias and Giuffrida, Cristiano and Bos, Herbert and van der Kouwe, Erik},\n\tmonth = oct,\n\tyear = {2016},\n\tkeywords = {class\\_sanitizer, class\\_testing, proj\\_sharcs, proj\\_vici, type\\_conf, type\\_csec, type\\_paper, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n Undermining Information Hiding (And What to do About it).\n \n \n \n \n\n\n \n Goktas, E.; Gawlik, R.; Kollenda, B.; Athanasopoulos, E.; Portokalidis, G.; Giuffrida, C.; and Bos, H.\n\n\n \n\n\n\n In USENIX Security, August 2016. \n \n\n\n\n
\n\n\n\n \n \n \"UnderminingPaper\n  \n \n \n \"UnderminingWeb\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 9 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{goktas_undermining_2016,\n\ttitle = {Undermining {Information} {Hiding} ({And} {What} to do {About} it)},\n\turl = {Paper=https://download.vusec.net/papers/thread-spraying_sec16.pdf Web=https://www.vusec.net/projects/nowhere-to-hide},\n\tbooktitle = {{USENIX} {Security}},\n\tauthor = {Goktas, Enes and Gawlik, Robert and Kollenda, Benjamin and Athanasopoulos, Elias and Portokalidis, Georgios and Giuffrida, Cristiano and Bos, Herbert},\n\tmonth = aug,\n\tyear = {2016},\n\tkeywords = {class\\_ih, class\\_rand, class\\_sidechannels, proj\\_sharcs, proj\\_vici, type\\_conf, type\\_csec, type\\_paper, type\\_tier1, type\\_top},\n}\n
\n
\n\n\n\n
\n\n\n\n\n\n
\n
\n\n\n\n\n
\n\n\n \n\n \n \n \n \n\n
\n"}; document.write(bibbase_data.data);