var bibbase_data = {"data":"\"Loading..\"\n\n
\n\n \n\n \n\n \n \n\n \n\n \n \n\n \n\n \n
\n generated by\n \n \"bibbase.org\"\n\n \n
\n \n\n
\n\n \n\n\n
\n\n Excellent! Next you can\n create a new website with this list, or\n embed it in an existing web page by copying & pasting\n any of the following snippets.\n\n
\n JavaScript\n (easiest)\n
\n \n <script src=\"https://bibbase.org/show?bib=https%3A%2F%2Fdownload.vusec.net%2Fpapers%2Fzotero.php%3Fq%3DGiuffrida%26full%3D1%26format%3Dbibtex%26sort%3Ddate&theme=default&jsonp=1&showSearch=1&owner=Giuffrida&filter=keywords:type_paper,&jsonp=1\"></script>\n \n
\n\n PHP\n
\n \n <?php\n $contents = file_get_contents(\"https://bibbase.org/show?bib=https%3A%2F%2Fdownload.vusec.net%2Fpapers%2Fzotero.php%3Fq%3DGiuffrida%26full%3D1%26format%3Dbibtex%26sort%3Ddate&theme=default&jsonp=1&showSearch=1&owner=Giuffrida&filter=keywords:type_paper,\");\n print_r($contents);\n ?>\n \n
\n\n iFrame\n (not recommended)\n
\n \n <iframe src=\"https://bibbase.org/show?bib=https%3A%2F%2Fdownload.vusec.net%2Fpapers%2Fzotero.php%3Fq%3DGiuffrida%26full%3D1%26format%3Dbibtex%26sort%3Ddate&theme=default&jsonp=1&showSearch=1&owner=Giuffrida&filter=keywords:type_paper,\"></iframe>\n \n
\n\n

\n For more details see the documention.\n

\n
\n
\n\n
\n\n This is a preview! To use this list on your own web site\n or create a new web site from it,\n create a free account. The file will be added\n and you will be able to edit it in the File Manager.\n We will show you instructions once you've created your account.\n
\n\n
\n\n

To the site owner:

\n\n

Action required! Mendeley is changing its\n API. In order to keep using Mendeley with BibBase past April\n 14th, you need to:\n

    \n
  1. renew the authorization for BibBase on Mendeley, and
    2. \n
  2. update the BibBase URL\n in your page the same way you did when you initially set up\n this page.\n
    3. \n
\n

\n\n

\n \n \n Fix it now\n

\n
\n\n
\n\n\n
\n \n \n
\n
\n  \n 2024\n \n \n (7)\n \n \n
\n
\n \n \n
\n \n\n \n \n \n \n \n SafeFetch: Practical Double-Fetch Protection with Kernel-Fetch Caching.\n \n \n \n\n\n \n Duta, V.; Aloserij, M.; and Giuffrida, C.\n\n\n \n\n\n\n In USENIX Security, August 2024. \n \n\n\n\n
\n\n\n\n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n  \n Artifact Evaluation Badges:\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{duta_safefetch_2024,\n\ttitle = {{SafeFetch}: {Practical} {Double}-{Fetch} {Protection} with {Kernel}-{Fetch} {Caching}},\n\tbooktitle = {{USENIX} {Security}},\n\tauthor = {Duta, Victor and Aloserij, Mitchel and Giuffrida, Cristiano},\n\tmonth = aug,\n\tyear = {2024},\n\tkeywords = {artifacts:available, artifacts:functional, artifacts:reproduced, class\\_sanitizer, proj\\_allocamelus, proj\\_intersect, proj\\_rescale, proj\\_theseus, type\\_ae, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n Practical Data-Only Attack Generation.\n \n \n \n \n\n\n \n Johannesmeyer, B.; Slowinska, A.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In USENIX Security, August 2024. \n \n\n\n\n
\n\n\n\n \n \n \"PracticalPaper\n  \n \n \n \"PracticalCode\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 55 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n Artifact Evaluation Badges:\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{johannesmeyer_practical_2024,\n\ttitle = {Practical {Data}-{Only} {Attack} {Generation}},\n\turl = {Paper=https://download.vusec.net/papers/einstein_sec24.pdf Code=https://github.com/vusec/einstein},\n\tbooktitle = {{USENIX} {Security}},\n\tauthor = {Johannesmeyer, Brian and Slowinska, Asia and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = aug,\n\tyear = {2024},\n\tkeywords = {artifacts:available, artifacts:functional, artifacts:reproduced, class\\_binary, proj\\_intersect, proj\\_theseus, type\\_ae, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n InSpectre Gadget: Inspecting the Residual Attack Surface of Cross-privilege Spectre v2.\n \n \n \n \n\n\n \n Wiebing, S.; de Faveri Tron, A.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In USENIX Security, August 2024. \n \n\n\n\n
\n\n\n\n \n \n \"InSpectrePaper\n  \n \n \n \"InSpectreWeb\n  \n \n \n \"InSpectreCode\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 123 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n Artifact Evaluation Badges:\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{wiebing_inspectre_2024,\n\ttitle = {{InSpectre} {Gadget}: {Inspecting} the {Residual} {Attack} {Surface} of {Cross}-privilege {Spectre} v2},\n\turl = {Paper=https://download.vusec.net/papers/inspectre_sec24.pdf Web=https://vusec.net/projects/native-bhi Code=https://github.com/vusec/inspectre-gadget},\n\tbooktitle = {{USENIX} {Security}},\n\tauthor = {Wiebing, Sander and de Faveri Tron, Alvise and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = aug,\n\tyear = {2024},\n\tkeywords = {artifacts:available, artifacts:functional, artifacts:reproduced, class\\_sidechannels, proj\\_allocamelus, proj\\_intersect, proj\\_rescale, type\\_ae, type\\_conf, type\\_cve\\_assigned, type\\_paper, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n GhostRace: Exploiting and Mitigating Speculative Race Conditions.\n \n \n \n \n\n\n \n Ragab, H.; Mambretti, A.; Kurmus, A.; and Giuffrida, C.\n\n\n \n\n\n\n In USENIX Security, August 2024. \n \n\n\n\n
\n\n\n\n \n \n \"GhostRace:Paper\n  \n \n \n \"GhostRace:Web\n  \n \n \n \"GhostRace:Code\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 361 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{ragab_ghostrace_2024,\n\ttitle = {{GhostRace}: {Exploiting} and {Mitigating} {Speculative} {Race} {Conditions}},\n\turl = {Paper=https://download.vusec.net/papers/ghostrace_sec24.pdf Web=https://www.vusec.net/projects/ghostrace Code=https://github.com/vusec/ghostrace},\n\tbooktitle = {{USENIX} {Security}},\n\tauthor = {Ragab, Hany and Mambretti, Andrea and Kurmus, Anil and Giuffrida, Cristiano},\n\tmonth = aug,\n\tyear = {2024},\n\tkeywords = {class\\_sidechannels, proj\\_allocamelus, proj\\_intersect, proj\\_rescale, type\\_conf, type\\_cve\\_assigned, type\\_paper, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n Sticky Tags: Efficient and Deterministic Spatial Memory Error Mitigation using Persistent Memory Tags.\n \n \n \n\n\n \n Gorter, F.; Kroes, T.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In S&P, May 2024. \n \n\n\n\n
\n\n\n\n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{gorter_sticky_2024,\n\ttitle = {Sticky {Tags}: {Efficient} and {Deterministic} {Spatial} {Memory} {Error} {Mitigation} using {Persistent} {Memory} {Tags}},\n\tbooktitle = {S\\&{P}},\n\tauthor = {Gorter, Floris and Kroes, Taddeus and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = may,\n\tyear = {2024},\n\tkeywords = {class\\_sanitizer, proj\\_allocamelus, proj\\_intersect, proj\\_rescale, proj\\_theseus, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n Leaky Address Masking: Exploiting Unmasked Spectre Gadgets with Noncanonical Address Translation.\n \n \n \n \n\n\n \n Hertogh, M.; Wiebing, S.; and Giuffrida, C.\n\n\n \n\n\n\n In S&P, May 2024. \n \n\n\n\n
\n\n\n\n \n \n \"LeakyPaper\n  \n \n \n \"LeakyWeb\n  \n \n \n \"LeakyCode\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 373 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{hertogh_leaky_2024,\n\ttitle = {Leaky {Address} {Masking}: {Exploiting} {Unmasked} {Spectre} {Gadgets} with {Noncanonical} {Address} {Translation}},\n\turl = {Paper=https://download.vusec.net/papers/slam_sp24.pdf Web=https://www.vusec.net/projects/slam Code=https://github.com/vusec/slam},\n\tbooktitle = {S\\&{P}},\n\tauthor = {Hertogh, Mathé and Wiebing, Sander and Giuffrida, Cristiano},\n\tmonth = may,\n\tyear = {2024},\n\tkeywords = {class\\_sidechannels, proj\\_allocamelus, proj\\_intersect, proj\\_rescale, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n Predictive Context-sensitive Fuzzing.\n \n \n \n \n\n\n \n Borrello, P.; Fioraldi, A.; D'Elia, D. C.; Balzarotti, D.; Querzoni, L.; and Giuffrida, C.\n\n\n \n\n\n\n In NDSS, February 2024. \n \n\n\n\n
\n\n\n\n \n \n \"PredictivePaper\n  \n \n \n \"PredictiveCode\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 44 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{borrello_predictive_2024,\n\ttitle = {Predictive {Context}-sensitive {Fuzzing}},\n\turl = {Paper=https://download.vusec.net/papers/pcsfuzzing_ndss24.pdf Code=https://github.com/eurecom-s3/predictive-cs-fuzzing},\n\tbooktitle = {{NDSS}},\n\tauthor = {Borrello, Pietro and Fioraldi, Andrea and D'Elia, Daniele Cono and Balzarotti, Davide and Querzoni, Leonardo and Giuffrida, Cristiano},\n\tmonth = feb,\n\tyear = {2024},\n\tkeywords = {class\\_testing, proj\\_intersect, proj\\_memo, proj\\_rescale, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n\n\n\n
\n
\n\n
\n
\n  \n 2023\n \n \n (9)\n \n \n
\n
\n \n \n
\n \n\n \n \n \n \n \n \n Triereme: Speeding up Hybrid Fuzzing through Efficient Query Scheduling.\n \n \n \n \n\n\n \n Geretto, E.; Hohnerlein, J.; Giuffrida, C.; Bos, H.; Van Der Kouwe, E.; and von Gleissenthall, K.\n\n\n \n\n\n\n In ACSAC, December 2023. \n \n\n\n\n
\n\n\n\n \n \n \"Triereme:Paper\n  \n \n \n \"Triereme:Code\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 22 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n Artifact Evaluation Badges:\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{geretto_triereme_2023,\n\ttitle = {Triereme: {Speeding} up {Hybrid} {Fuzzing} through {Efficient} {Query} {Scheduling}},\n\turl = {Paper=https://download.vusec.net/papers/triereme_acsac23.pdf Code=https://github.com/vusec/triereme},\n\tbooktitle = {{ACSAC}},\n\tauthor = {Geretto, Elia and Hohnerlein, Julius and Giuffrida, Cristiano and Bos, Herbert and Van Der Kouwe, Erik and von Gleissenthall, Klaus},\n\tmonth = dec,\n\tyear = {2023},\n\tkeywords = {artifacts:reproduced, artifacts:reusable, class\\_testing, proj\\_intersect, proj\\_memo, type\\_ae, type\\_conf, type\\_paper, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n FloatZone: How Floating Point Additions can Detect Memory Errors.\n \n \n \n \n\n\n \n Gorter, F.; Barberis, E.; Isemann, R.; van der Kouwe, E.; Giuffrida, C.; and Bos, H.\n\n\n \n\n\n\n ;login:. November 2023.\n \n\n\n\n
\n\n\n\n \n \n \"FloatZone:Paper\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 21 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@article{gorter_floatzone_2023,\n\ttitle = {{FloatZone}: {How} {Floating} {Point} {Additions} can {Detect} {Memory} {Errors}},\n\turl = {https://www.usenix.org/publications/loginonline/floatzone-how-floating-point-additions-can-detect-memory-errors},\n\tjournal = {;login:},\n\tauthor = {Gorter, Floris and Barberis, Enrico and Isemann, Raphael and van der Kouwe, Erik and Giuffrida, Cristiano and Bos, Herbert},\n\tmonth = nov,\n\tyear = {2023},\n\tkeywords = {class\\_sanitizer, proj\\_allocamelus, proj\\_intersect, proj\\_memo, proj\\_theseus, proj\\_tropics, type\\_mag, type\\_paper},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n Quarantine: Mitigating Transient Execution Attacks with Physical Domain Isolation.\n \n \n \n \n\n\n \n Hertogh, M.; Wiesinger, M.; Österlund, S.; Muench, M.; Amit, N.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In RAID, October 2023. \n \n\n\n\n
\n\n\n\n \n \n \"Quarantine:Paper\n  \n \n \n \"Quarantine:Code\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 54 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{hertogh_quarantine_2023,\n\ttitle = {Quarantine: {Mitigating} {Transient} {Execution} {Attacks} with {Physical} {Domain} {Isolation}},\n\turl = {Paper=https://download.vusec.net/papers/quarantine_raid23.pdf Code=https://github.com/vusec/quarantine},\n\tbooktitle = {{RAID}},\n\tauthor = {Hertogh, Mathé and Wiesinger, Manuel and Österlund, Sebastian and Muench, Marius and Amit, Nadav and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = oct,\n\tyear = {2023},\n\tkeywords = {class\\_sidechannels, proj\\_allocamelus, proj\\_intersect, proj\\_vmware, type\\_conf, type\\_paper, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n FloatZone: Accelerating Memory Error Detection using the Floating Point Unit.\n \n \n \n \n\n\n \n Gorter, F.; Barberis, E.; Isemann, R.; van der Kouwe, E.; Giuffrida, C.; and Bos, H.\n\n\n \n\n\n\n In USENIX Security, August 2023. \n \n\n\n\n
\n\n\n\n \n \n \"FloatZone:Paper\n  \n \n \n \"FloatZone:Code\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 340 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n Artifact Evaluation Badges:\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{gorter_floatzone_2023-1,\n\ttitle = {{FloatZone}: {Accelerating} {Memory} {Error} {Detection} using the {Floating} {Point} {Unit}},\n\turl = {Paper=https://download.vusec.net/papers/floatzone_sec23.pdf Code=https://github.com/vusec/floatzone},\n\tbooktitle = {{USENIX} {Security}},\n\tauthor = {Gorter, Floris and Barberis, Enrico and Isemann, Raphael and van der Kouwe, Erik and Giuffrida, Cristiano and Bos, Herbert},\n\tmonth = aug,\n\tyear = {2023},\n\tkeywords = {artifacts:available, artifacts:functional, artifacts:reproduced, class\\_sanitizer, proj\\_allocamelus, proj\\_intersect, proj\\_memo, proj\\_theseus, proj\\_tropics, type\\_ae, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n Uncontained: Uncovering Container Confusion in the Linux Kernel.\n \n \n \n \n\n\n \n Koschel, J.; Borrello, P.; D'Elia, D. C.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In USENIX Security, August 2023. \n Distinguished Artifact Award, Pwnie Award Nomination for Best Privilege Escalation\n\n\n\n
\n\n\n\n \n \n \"Uncontained:Paper\n  \n \n \n \"Uncontained:Web\n  \n \n \n \"Uncontained:Code\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 207 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n Artifact Evaluation Badges:\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{koschel_uncontained_2023,\n\ttitle = {Uncontained: {Uncovering} {Container} {Confusion} in the {Linux} {Kernel}},\n\turl = {Paper=https://download.vusec.net/papers/uncontained_sec23.pdf Web=https://vusec.net/projects/uncontained Code=https://github.com/vusec/uncontained},\n\tbooktitle = {{USENIX} {Security}},\n\tauthor = {Koschel, Jakob and Borrello, Pietro and D'Elia, Daniele Cono and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = aug,\n\tyear = {2023},\n\tnote = {Distinguished Artifact Award, Pwnie Award Nomination for Best Privilege Escalation},\n\tkeywords = {artifacts:available, artifacts:functional, artifacts:reproduced, class\\_sanitizer, proj\\_allocamelus, proj\\_intersect, proj\\_memo, proj\\_theseus, proj\\_tropics, research\\_uncontained, type\\_ae, type\\_award, type\\_conf, type\\_paper, type\\_tier1, type\\_top, type\\_uncontained},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n Don't Look UB: Exposing Sanitizer-Eliding Compiler Optimizations.\n \n \n \n \n\n\n \n Isemann, R.; Giuffrida, C.; Bos, H.; Van Der Kouwe, E.; and von Gleissenthall, K.\n\n\n \n\n\n\n In PLDI, June 2023. \n \n\n\n\n
\n\n\n\n \n \n \"Don'tPaper\n  \n \n \n \"Don'tCode\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 74 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n Artifact Evaluation Badges:\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{isemann_dont_2023,\n\ttitle = {Don't {Look} {UB}: {Exposing} {Sanitizer}-{Eliding} {Compiler} {Optimizations}},\n\turl = {Paper=https://download.vusec.net/papers/dontlookub_pldi23.pdf Code=https://github.com/vusec/LookUB},\n\tbooktitle = {{PLDI}},\n\tauthor = {Isemann, Raphael and Giuffrida, Cristiano and Bos, Herbert and Van Der Kouwe, Erik and von Gleissenthall, Klaus},\n\tmonth = jun,\n\tyear = {2023},\n\tkeywords = {artifacts:reusable, class\\_sanitizer, proj\\_allocamelus, proj\\_intersect, proj\\_memo, proj\\_theseus, type\\_ae, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n Enviral: Fuzzing the Environment for Evasive Malware Analysis.\n \n \n \n \n\n\n \n Gorter, F.; Giuffrida, C.; and van der Kouwe, E.\n\n\n \n\n\n\n In EuroSec, April 2023. \n \n\n\n\n
\n\n\n\n \n \n \"Enviral:Paper\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 56 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{gorter_enviral_2023,\n\ttitle = {Enviral: {Fuzzing} the {Environment} for {Evasive} {Malware} {Analysis}},\n\turl = {Paper=https://download.vusec.net/papers/enviral_eurosec23.pdf},\n\tbooktitle = {{EuroSec}},\n\tauthor = {Gorter, Floris and Giuffrida, Cristiano and van der Kouwe, Erik},\n\tmonth = apr,\n\tyear = {2023},\n\tkeywords = {class\\_malware, proj\\_intersect, proj\\_memo, proj\\_theseus, proj\\_tropics, type\\_mscthesis, type\\_paper, type\\_workshop},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n Copy-on-Flip: Hardening ECC Memory Against Rowhammer Attacks.\n \n \n \n \n\n\n \n Di Dio, A.; Koning, K.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In NDSS, February 2023. \n \n\n\n\n
\n\n\n\n \n \n \"Copy-on-Flip:Paper\n  \n \n \n \"Copy-on-Flip:Code\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 88 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{di_dio_copy--flip_2023,\n\ttitle = {Copy-on-{Flip}: {Hardening} {ECC} {Memory} {Against} {Rowhammer} {Attacks}},\n\turl = {Paper=https://download.vusec.net/papers/cof_ndss23.pdf Code=https://github.com/vusec/Copy-on-Flip},\n\tbooktitle = {{NDSS}},\n\tauthor = {Di Dio, Andrea and Koning, Koen and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = feb,\n\tyear = {2023},\n\tkeywords = {class\\_rowhammer, proj\\_intersect, proj\\_offcore, proj\\_theseus, type\\_conf, type\\_mscthesis, type\\_paper, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n Let Me Unwind That For You: Exceptions to Backward-Edge Protection.\n \n \n \n \n\n\n \n Duta, V.; Freyer, F.; Pagani, F.; Muench, M.; and Giuffrida, C.\n\n\n \n\n\n\n In NDSS, February 2023. \n Intel Bounty Reward\n\n\n\n
\n\n\n\n \n \n \"LetPaper\n  \n \n \n \"LetCode\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 100 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{duta_let_2023,\n\ttitle = {Let {Me} {Unwind} {That} {For} {You}: {Exceptions} to {Backward}-{Edge} {Protection}},\n\turl = {Paper=https://download.vusec.net/papers/chop_ndss23.pdf Code=https://github.com/chop-project/chop},\n\tbooktitle = {{NDSS}},\n\tauthor = {Duta, Victor and Freyer, Fabian and Pagani, Fabio and Muench, Marius and Giuffrida, Cristiano},\n\tmonth = feb,\n\tyear = {2023},\n\tnote = {Intel Bounty Reward},\n\tkeywords = {class\\_binary, proj\\_intersect, proj\\_memo, proj\\_offcore, proj\\_theseus, proj\\_tropics, type\\_award, type\\_bounty, type\\_conf, type\\_cve\\_assigned, type\\_paper, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n\n\n\n
\n
\n\n
\n
\n  \n 2022\n \n \n (11)\n \n \n
\n
\n \n \n
\n \n\n \n \n \n \n \n Unwinding the Stack for Fun and Profit.\n \n \n \n\n\n \n Duta, V.; Freyer, F.; Pagani, F.; Muench, M.; and Giuffrida, C.\n\n\n \n\n\n\n In Black Hat Europe, December 2022. \n \n\n\n\n
\n\n\n\n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{duta_unwinding_2022,\n\ttitle = {Unwinding the {Stack} for {Fun} and {Profit}},\n\tbooktitle = {Black {Hat} {Europe}},\n\tauthor = {Duta, Victor and Freyer, Fabian and Pagani, Fabio and Muench, Marius and Giuffrida, Cristiano},\n\tmonth = dec,\n\tyear = {2022},\n\tkeywords = {class\\_binary, proj\\_intersect, proj\\_memo, proj\\_theseus, proj\\_tropics, type\\_conf, type\\_paper},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n Snappy: Efficient Fuzzing with Adaptive and Mutable Snapshots.\n \n \n \n \n\n\n \n Geretto, E.; Giuffrida, C.; Bos, H.; and van der Kouwe, E.\n\n\n \n\n\n\n In ACSAC, December 2022. \n \n\n\n\n
\n\n\n\n \n \n \"Snappy:Paper\n  \n \n \n \"Snappy:Code\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 87 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n Artifact Evaluation Badges:\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{geretto_snappy_2022,\n\ttitle = {Snappy: {Efficient} {Fuzzing} with {Adaptive} and {Mutable} {Snapshots}},\n\turl = {Paper=https://download.vusec.net/papers/snappy_acsac22.pdf Code=https://github.com/vusec/snappy},\n\tbooktitle = {{ACSAC}},\n\tauthor = {Geretto, Elia and Giuffrida, Cristiano and Bos, Herbert and van der Kouwe, Erik},\n\tmonth = dec,\n\tyear = {2022},\n\tkeywords = {artifacts:functional, class\\_testing, proj\\_intersect, proj\\_memo, proj\\_theseus, proj\\_tropics, type\\_ae, type\\_conf, type\\_paper, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n DangZero: Efficient Use-After-Free Detection via Direct Page Table Access.\n \n \n \n \n\n\n \n Gorter, F.; Koning, K.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In CCS, November 2022. \n \n\n\n\n
\n\n\n\n \n \n \"DangZero:Paper\n  \n \n \n \"DangZero:Code\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 154 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{gorter_dangzero_2022,\n\ttitle = {{DangZero}: {Efficient} {Use}-{After}-{Free} {Detection} via {Direct} {Page} {Table} {Access}},\n\turl = {Paper=https://download.vusec.net/papers/dangzero_ccs22.pdf Code=https://github.com/vusec/dangzero},\n\tbooktitle = {{CCS}},\n\tauthor = {Gorter, Floris and Koning, Koen and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = nov,\n\tyear = {2022},\n\tkeywords = {class\\_sanitizer, proj\\_intersect, proj\\_memo, proj\\_theseus, proj\\_tropics, proj\\_unicore, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n Branch History Injection: On the Effectiveness of Hardware Mitigations Against Cross-Privilege Spectre-v2 Attacks.\n \n \n \n \n\n\n \n Barberis, E.; Frigo, P.; Muench, M.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In USENIX Security, August 2022. \n Pwnie Award Nomination for Epic Achievement, Intel Bounty Reward\n\n\n\n
\n\n\n\n \n \n \"BranchPaper\n  \n \n \n \"BranchWeb\n  \n \n \n \"BranchCode\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 573 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n Artifact Evaluation Badges:\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{barberis_branch_2022,\n\ttitle = {Branch {History} {Injection}: {On} the {Effectiveness} of {Hardware} {Mitigations} {Against} {Cross}-{Privilege} {Spectre}-v2 {Attacks}},\n\turl = {Paper=http://download.vusec.net/papers/bhi-spectre-bhb_sec22.pdf Web=https://www.vusec.net/projects/bhi-spectre-bhb Code=https://github.com/vusec/bhi-spectre-bhb},\n\tbooktitle = {{USENIX} {Security}},\n\tauthor = {Barberis, Enrico and Frigo, Pietro and Muench, Marius and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = aug,\n\tyear = {2022},\n\tnote = {Pwnie Award Nomination for Epic Achievement, Intel Bounty Reward},\n\tkeywords = {artifacts:available, artifacts:functional, artifacts:reproduced, class\\_sidechannels, proj\\_intersect, proj\\_offcore, proj\\_theseus, proj\\_tropics, proj\\_unicore, type\\_ae, type\\_award, type\\_bounty, type\\_conf, type\\_cve\\_assigned, type\\_paper, type\\_press, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n TLB;DR: Enhancing TLB-based Attacks with TLB Desynchronized Reverse Engineering.\n \n \n \n \n\n\n \n Tatar, A.; Trujillo, D.; Giuffrida, C.; and Bos, H.\n\n\n \n\n\n\n In USENIX Security, August 2022. \n \n\n\n\n
\n\n\n\n \n \n \"TLB;DR:Paper\n  \n \n \n \"TLB;DR:Code\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 108 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n Artifact Evaluation Badges:\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{tatar_tlbdr_2022,\n\ttitle = {{TLB};{DR}: {Enhancing} {TLB}-based {Attacks} with {TLB} {Desynchronized} {Reverse} {Engineering}},\n\turl = {Paper=https://download.vusec.net/papers/tlbdr_sec22.pdf Code=https://github.com/vusec/tlbdr},\n\tbooktitle = {{USENIX} {Security}},\n\tauthor = {Tatar, Andrei and Trujillo, Daniël and Giuffrida, Cristiano and Bos, Herbert},\n\tmonth = aug,\n\tyear = {2022},\n\tkeywords = {artifacts:available, artifacts:functional, artifacts:reproduced, class\\_sidechannels, proj\\_intersect, proj\\_offcore, proj\\_theseus, proj\\_tropics, proj\\_unicore, type\\_ae, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n BugsBunny: Hopping to RTL Targets with a Directed Hardware-Design Fuzzer.\n \n \n \n \n\n\n \n Ragab, H.; Koning, K.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In SILM, June 2022. \n \n\n\n\n
\n\n\n\n \n \n \"BugsBunny:Paper\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 59 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{ragab_bugsbunny_2022,\n\ttitle = {{BugsBunny}: {Hopping} to {RTL} {Targets} with a {Directed} {Hardware}-{Design} {Fuzzer}},\n\turl = {https://download.vusec.net/papers/bugsbunny_silm22.pdf},\n\tbooktitle = {{SILM}},\n\tauthor = {Ragab, Hany and Koning, Koen and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = jun,\n\tyear = {2022},\n\tkeywords = {class\\_testing, proj\\_intersect, proj\\_offcore, proj\\_tropics, type\\_paper, type\\_workshop},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n Spring: Spectre Returning in the Browser with Speculative Load Queuing and Deep Stacks.\n \n \n \n \n\n\n \n Wikner, J.; Giuffrida, C.; Bos, H.; and Razavi, K.\n\n\n \n\n\n\n In WOOT, May 2022. \n Mozilla Bounty Reward\n\n\n\n
\n\n\n\n \n \n \"Spring:Paper\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 132 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{wikner_spring_2022,\n\ttitle = {Spring: {Spectre} {Returning} in the {Browser} with {Speculative} {Load} {Queuing} and {Deep} {Stacks}},\n\turl = {Paper=http://download.vusec.net/papers/spring_woot22.pdf},\n\tbooktitle = {{WOOT}},\n\tauthor = {Wikner, Johannes and Giuffrida, Cristiano and Bos, Herbert and Razavi, Kaveh},\n\tmonth = may,\n\tyear = {2022},\n\tnote = {Mozilla Bounty Reward},\n\tkeywords = {class\\_sidechannels, proj\\_intersect, proj\\_offcore, proj\\_tropics, type\\_award, type\\_bounty, type\\_mscthesis, type\\_paper, type\\_top, type\\_workshop},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n Mitigating Information Leakage Vulnerabilities with Type-based Data Isolation.\n \n \n \n \n\n\n \n Milburn, A.; van der Kouwe, E.; and Giuffrida, C.\n\n\n \n\n\n\n In S&P, May 2022. \n \n\n\n\n
\n\n\n\n \n \n \"MitigatingPaper\n  \n \n \n \"MitigatingCode\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 196 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{milburn_mitigating_2022,\n\ttitle = {Mitigating {Information} {Leakage} {Vulnerabilities} with {Type}-based {Data} {Isolation}},\n\turl = {Paper=https://download.vusec.net/papers/tdi_sp22.pdf Code=https://github.com/vusec/typeisolation},\n\tbooktitle = {S\\&{P}},\n\tauthor = {Milburn, Alyssa and van der Kouwe, Erik and Giuffrida, Cristiano},\n\tmonth = may,\n\tyear = {2022},\n\tkeywords = {class\\_sanitizer, proj\\_binrec, proj\\_offcore, proj\\_securecode, proj\\_theseus, proj\\_tropics, proj\\_veripatch, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n On the Effectiveness of Same-Domain Memory Deduplication.\n \n \n \n \n\n\n \n Costi, A.; Johannesmeyer, B.; Bosman, E.; Giuffrida, C.; and Bos, H.\n\n\n \n\n\n\n In EuroSec, April 2022. \n \n\n\n\n
\n\n\n\n \n \n \"OnPaper\n  \n \n \n \"OnSlides\n  \n \n \n \"OnWeb\n  \n \n \n \"OnCode\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 57 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{costi_effectiveness_2022,\n\ttitle = {On the {Effectiveness} of {Same}-{Domain} {Memory} {Deduplication}},\n\turl = {Paper=https://download.vusec.net/papers/dedupestreturns_eurosec22.pdf Slides=https://download.vusec.net/slides/dedup_eurosec22.pdf Web=https://www.vusec.net/projects/dedup-est-machina-returns/ Code=https://github.com/vusec/dedup-est-returns},\n\tbooktitle = {{EuroSec}},\n\tauthor = {Costi, Andreas and Johannesmeyer, Brian and Bosman, Erik and Giuffrida, Cristiano and Bos, Herbert},\n\tmonth = apr,\n\tyear = {2022},\n\tkeywords = {class\\_sidechannels, proj\\_intersect, proj\\_unicore, type\\_mscthesis, type\\_paper, type\\_workshop},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n Kasper: Scanning for Generalized Transient Execution Gadgets in the Linux Kernel.\n \n \n \n \n\n\n \n Johannesmeyer, B.; Koschel, J.; Razavi, K.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In NDSS, April 2022. \n \n\n\n\n
\n\n\n\n \n \n \"Kasper:Paper\n  \n \n \n \"Kasper:Slides\n  \n \n \n \"Kasper:Web\n  \n \n \n \"Kasper:Code\n  \n \n \n \"Kasper:Video\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 520 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{johannesmeyer_kasper_2022,\n\ttitle = {Kasper: {Scanning} for {Generalized} {Transient} {Execution} {Gadgets} in the {Linux} {Kernel}},\n\turl = {Paper=https://download.vusec.net/papers/kasper_ndss22.pdf Slides=https://download.vusec.net/slides/kasper_ndss22.pdf Web=https://www.vusec.net/projects/kasper Code=https://github.com/vusec/kasper Video=https://www.youtube.com/watch?v=v89Zt3vxrww},\n\tbooktitle = {{NDSS}},\n\tauthor = {Johannesmeyer, Brian and Koschel, Jakob and Razavi, Kaveh and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = apr,\n\tyear = {2022},\n\tkeywords = {class\\_sidechannels, proj\\_intersect, proj\\_offcore, proj\\_theseus, proj\\_tropics, proj\\_unicore, proj\\_veripatch, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n DupeFS: Leaking Data Over the Network With Filesystem Deduplication Side Channels.\n \n \n \n \n\n\n \n Bacs, A.; Musaev, S.; Razavi, K.; Giuffrida, C.; and Bos, H.\n\n\n \n\n\n\n In FAST, February 2022. \n \n\n\n\n
\n\n\n\n \n \n \"DupeFS:Paper\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 127 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{bacs_dupefs_2022,\n\ttitle = {{DupeFS}: {Leaking} {Data} {Over} the {Network} {With} {Filesystem} {Deduplication} {Side} {Channels}},\n\turl = {Paper=https://download.vusec.net/papers/dupefs_fast22.pdf},\n\tbooktitle = {{FAST}},\n\tauthor = {Bacs, Andrei and Musaev, Saidgani and Razavi, Kaveh and Giuffrida, Cristiano and Bos, Herbert},\n\tmonth = feb,\n\tyear = {2022},\n\tkeywords = {class\\_sidechannels, proj\\_intersect, proj\\_offcore, proj\\_unicore, type\\_conf, type\\_mscthesis, type\\_paper, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n\n\n\n
\n
\n\n
\n
\n  \n 2021\n \n \n (9)\n \n \n
\n
\n \n \n
\n \n\n \n \n \n \n \n \n Constantine: Automatic Side-Channel Resistance Using Efficient Control and Data Flow Linearization.\n \n \n \n \n\n\n \n Borrello, P.; D'Elia, D. C.; Querzoni, L.; and Giuffrida, C.\n\n\n \n\n\n\n In CCS, November 2021. \n \n\n\n\n
\n\n\n\n \n \n \"Constantine:Paper\n  \n \n \n \"Constantine:Code\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 92 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{borrello_constantine_2021,\n\ttitle = {Constantine: {Automatic} {Side}-{Channel} {Resistance} {Using} {Efficient} {Control} and {Data} {Flow} {Linearization}},\n\turl = {Paper=https://download.vusec.net/papers/constantine_ccs21.pdf Code=https://github.com/pietroborrello/constantine},\n\tbooktitle = {{CCS}},\n\tauthor = {Borrello, Pietro and D'Elia, Daniele Cono and Querzoni, Leonardo and Giuffrida, Cristiano},\n\tmonth = nov,\n\tyear = {2021},\n\tkeywords = {class\\_sidechannels, proj\\_offcore, proj\\_react, proj\\_unicore, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n LeanSym: Efficient Hybrid Fuzzing Through Conservative Constraint Debloating.\n \n \n \n \n\n\n \n Mi, X.; Rawat, S.; Giuffrida, C.; and Bos, H.\n\n\n \n\n\n\n In RAID, October 2021. \n \n\n\n\n
\n\n\n\n \n \n \"LeanSym:Paper\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 41 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{mi_leansym_2021,\n\ttitle = {{LeanSym}: {Efficient} {Hybrid} {Fuzzing} {Through} {Conservative} {Constraint} {Debloating}},\n\turl = {https://download.vusec.net/papers/leansym_raid21.pdf},\n\tbooktitle = {{RAID}},\n\tauthor = {Mi, Xianya and Rawat, Sanjay and Giuffrida, Cristiano and Bos, Herbert},\n\tmonth = oct,\n\tyear = {2021},\n\tkeywords = {class\\_testing, proj\\_intersect, proj\\_memo, proj\\_theseus, proj\\_tropics, type\\_conf, type\\_paper, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n Rage Against the Machine Clear: A Systematic Analysis of Machine Clears and Their Implications for Transient Execution Attacks.\n \n \n \n \n\n\n \n Ragab, H.; Barberis, E.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In USENIX Security, August 2021. \n Distinguished Paper Award, Intel Bounty Reward, Mozilla Bounty Reward, Pwnie Award Nomination for Most Innovative Research, Pwnie Award Nomination for Best Privilege Escalation Bug, Pwnie Award Nomination for Best Client-Side Bug, Pwnie Award Nomination for Epic Achievement, DCSR Paper Award, CSAW Best Paper Award Runner-up\n\n\n\n
\n\n\n\n \n \n \"RagePaper\n  \n \n \n \"RageWeb\n  \n \n \n \"RageCode\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 297 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{ragab_rage_2021,\n\ttitle = {Rage {Against} the {Machine} {Clear}: {A} {Systematic} {Analysis} of {Machine} {Clears} and {Their} {Implications} for {Transient} {Execution} {Attacks}},\n\turl = {Paper=https://download.vusec.net/papers/fpvi-scsb_sec21.pdf Web=https://www.vusec.net/projects/fpvi-scsb Code=https://github.com/vusec/fpvi-scsb},\n\tbooktitle = {{USENIX} {Security}},\n\tauthor = {Ragab, Hany and Barberis, Enrico and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = aug,\n\tyear = {2021},\n\tnote = {Distinguished Paper Award, Intel Bounty Reward, Mozilla Bounty Reward, Pwnie Award Nomination for Most Innovative Research, Pwnie Award Nomination for Best Privilege Escalation Bug, Pwnie Award Nomination for Best Client-Side Bug, Pwnie Award Nomination for Epic Achievement, DCSR Paper Award, CSAW Best Paper Award Runner-up},\n\tkeywords = {class\\_sidechannels, proj\\_intersect, proj\\_offcore, proj\\_react, proj\\_unicore, type\\_award, type\\_bounty, type\\_conf, type\\_cve\\_assigned, type\\_paper, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n SMASH: Synchronized Many-sided Rowhammer Attacks From JavaScript.\n \n \n \n \n\n\n \n de Ridder, F.; Frigo, P.; Vannacci, E.; Bos, H.; Giuffrida, C.; and Razavi, K.\n\n\n \n\n\n\n In USENIX Security, August 2021. \n Pwnie Award Nomination for Most Under-Hyped Research, Best Faculty of Science Master Thesis Award\n\n\n\n
\n\n\n\n \n \n \"SMASH:Paper\n  \n \n \n \"SMASH:Web\n  \n \n \n \"SMASH:Code\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 798 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{de_ridder_smash_2021,\n\ttitle = {{SMASH}: {Synchronized} {Many}-sided {Rowhammer} {Attacks} {From} {JavaScript}},\n\turl = {Paper=https://download.vusec.net/papers/smash_sec21.pdf Web=https://www.vusec.net/projects/smash Code=https://github.com/vusec/smash},\n\tbooktitle = {{USENIX} {Security}},\n\tauthor = {de Ridder, Finn and Frigo, Pietro and Vannacci, Emanuele and Bos, Herbert and Giuffrida, Cristiano and Razavi, Kaveh},\n\tmonth = aug,\n\tyear = {2021},\n\tnote = {Pwnie Award Nomination for Most Under-Hyped Research, Best Faculty of Science Master Thesis Award},\n\tkeywords = {class\\_rowhammer, proj\\_offcore, proj\\_panta, proj\\_react, proj\\_unicore, type\\_award, type\\_conf, type\\_csec, type\\_mscthesis, type\\_paper, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n FIRestarter: Practical Software Crash Recovery with Targeted Library-level Fault Injection.\n \n \n \n \n\n\n \n Bhat, K.; van der Kouwe, E.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In DSN, June 2021. \n \n\n\n\n
\n\n\n\n \n \n \"FIRestarter:Paper\n  \n \n \n \"FIRestarter:Code\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 50 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{bhat_firestarter_2021,\n\ttitle = {{FIRestarter}: {Practical} {Software} {Crash} {Recovery} with {Targeted} {Library}-level {Fault} {Injection}},\n\turl = {Paper=https://download.vusec.net/papers/firestarter_dsn21.pdf Code=https://github.com/vusec/firestarter},\n\tbooktitle = {{DSN}},\n\tauthor = {Bhat, Koustubha and van der Kouwe, Erik and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = jun,\n\tyear = {2021},\n\tkeywords = {class\\_reliability, proj\\_binrec, proj\\_panta, proj\\_react, proj\\_tropics, proj\\_unicore, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n CrossTalk: Speculative Data Leaks Across Cores Are Real.\n \n \n \n \n\n\n \n Ragab, H.; Milburn, A.; Razavi, K.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In S&P, May 2021. \n Intel Bounty Reward\n\n\n\n
\n\n\n\n \n \n \"CrossTalk:Paper\n  \n \n \n \"CrossTalk:Web\n  \n \n \n \"CrossTalk:Code\n  \n \n \n \"CrossTalk:Press\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 541 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{ragab_crosstalk_2021,\n\ttitle = {{CrossTalk}: {Speculative} {Data} {Leaks} {Across} {Cores} {Are} {Real}},\n\turl = {Paper=https://download.vusec.net/papers/crosstalk_sp21.pdf Web=https://www.vusec.net/projects/crosstalk Code=https://github.com/vusec/ridl Press=https://bit.ly/3frdRuV},\n\tbooktitle = {S\\&{P}},\n\tauthor = {Ragab, Hany and Milburn, Alyssa and Razavi, Kaveh and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = may,\n\tyear = {2021},\n\tnote = {Intel Bounty Reward},\n\tkeywords = {class\\_sidechannels, proj\\_binrec, proj\\_offcore, proj\\_panta, proj\\_panta\\_list, proj\\_react, proj\\_unicore, type\\_award, type\\_bounty, type\\_conf, type\\_cve\\_assigned, type\\_paper, type\\_press, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n PIBE: Practical Kernel Control-flow Hardening with Profile-guided Indirect Branch Elimination.\n \n \n \n \n\n\n \n Duta, V.; Giuffrida, C.; Bos, H.; and van der Kouwe, E.\n\n\n \n\n\n\n In ASPLOS, April 2021. \n \n\n\n\n
\n\n\n\n \n \n \"PIBE:Paper\n  \n \n \n \"PIBE:Code\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 11 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n Artifact Evaluation Badges:\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{duta_pibe_2021,\n\ttitle = {{PIBE}: {Practical} {Kernel} {Control}-flow {Hardening} with {Profile}-guided {Indirect} {Branch} {Elimination}},\n\turl = {Paper=https://download.vusec.net/papers/pibe_asplos21.pdf Code=https://github.com/vusec/pibe},\n\tbooktitle = {{ASPLOS}},\n\tauthor = {Duta, Victor and Giuffrida, Cristiano and Bos, Herbert and van der Kouwe, Erik},\n\tmonth = apr,\n\tyear = {2021},\n\tkeywords = {artifacts:available, artifacts:functional, artifacts:reproduced, class\\_sanitizer, proj\\_binrec, proj\\_offcore, proj\\_panta, proj\\_react, proj\\_tropics, proj\\_unicore, type\\_ae, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n CollabFuzz: A Framework for Collaborative Fuzzing.\n \n \n \n \n\n\n \n Österlund, S.; Geretto, E.; Jemmett, A.; Güler, E.; Görz, P.; Holz, T.; Giuffrida, C.; and Bos, H.\n\n\n \n\n\n\n In EuroSec, April 2021. \n \n\n\n\n
\n\n\n\n \n \n \"CollabFuzz:Paper\n  \n \n \n \"CollabFuzz:Code\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 444 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{osterlund_collabfuzz_2021,\n\ttitle = {{CollabFuzz}: {A} {Framework} for {Collaborative} {Fuzzing}},\n\turl = {Paper=https://download.vusec.net/papers/collabfuzz_eurosec21.pdf Code=https://github.com/vusec/collabfuzz},\n\tbooktitle = {{EuroSec}},\n\tauthor = {Österlund, Sebastian and Geretto, Elia and Jemmett, Andrea and Güler, Emre and Görz, Philipp and Holz, Thorsten and Giuffrida, Cristiano and Bos, Herbert},\n\tmonth = apr,\n\tyear = {2021},\n\tkeywords = {class\\_testing, proj\\_react, proj\\_securecode, type\\_csec, type\\_paper, type\\_workshop},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n Who's Debugging the Debuggers? Exposing Debug Information Bugs in Optimized Binaries.\n \n \n \n \n\n\n \n Di Luna, G. A.; Italiano, D.; Massarelli, L.; Österlund, S.; Giuffrida, C.; and Querzoni, L.\n\n\n \n\n\n\n In ASPLOS, April 2021. \n Distinguished Paper Award\n\n\n\n
\n\n\n\n \n \n \"Who'sPaper\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 111 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n Artifact Evaluation Badges:\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{di_luna_whos_2021,\n\ttitle = {Who's {Debugging} the {Debuggers}? {Exposing} {Debug} {Information} {Bugs} in {Optimized} {Binaries}},\n\turl = {https://download.vusec.net/papers/debug2_asplos21.pdf},\n\tbooktitle = {{ASPLOS}},\n\tauthor = {Di Luna, Giuseppe Antonio and Italiano, Davide and Massarelli, Luca and Österlund, Sebastian and Giuffrida, Cristiano and Querzoni, Leonardo},\n\tmonth = apr,\n\tyear = {2021},\n\tnote = {Distinguished Paper Award},\n\tkeywords = {artifacts:functional, artifacts:reproduced, class\\_testing, proj\\_react, proj\\_securecode, type\\_ae, type\\_award, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n\n\n\n
\n
\n\n
\n
\n  \n 2020\n \n \n (9)\n \n \n
\n
\n \n \n
\n \n\n \n \n \n \n \n \n Cupid: Automatic Fuzzer Selection for Collaborative Fuzzing.\n \n \n \n \n\n\n \n Güler, E.; Görz, P.; Geretto, E.; Jemmett, A.; Österlund, S.; Bos, H.; Giuffrida, C.; and Holz, T.\n\n\n \n\n\n\n In ACSAC, December 2020. \n \n\n\n\n
\n\n\n\n \n \n \"Cupid:Paper\n  \n \n \n \"Cupid:Code\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 69 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n Artifact Evaluation Badges:\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{guler_cupid_2020,\n\ttitle = {Cupid: {Automatic} {Fuzzer} {Selection} for {Collaborative} {Fuzzing}},\n\turl = {Paper=https://download.vusec.net/papers/cupid_acsac20.pdf Code=https://github.com/RUB-SysSec/cupid},\n\tbooktitle = {{ACSAC}},\n\tauthor = {Güler, Emre and Görz, Philipp and Geretto, Elia and Jemmett, Andrea and Österlund, Sebastian and Bos, Herbert and Giuffrida, Cristiano and Holz, Thorsten},\n\tmonth = dec,\n\tyear = {2020},\n\tkeywords = {artifacts:reusable, class\\_testing, proj\\_react, type\\_ae, type\\_conf, type\\_csec, type\\_paper, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n Speculative Probing: Hacking Blind in the Spectre Era.\n \n \n \n \n\n\n \n Goktas, E.; Razavi, K.; Portokalidis, G.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In CCS, November 2020. \n Pwnie Award for Most Innovative Research\n\n\n\n
\n\n\n\n \n \n \"SpeculativePaper\n  \n \n \n \"SpeculativeWeb\n  \n \n \n \"SpeculativeCode\n  \n \n \n \"SpeculativePress\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 680 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{goktas_speculative_2020,\n\ttitle = {Speculative {Probing}: {Hacking} {Blind} in the {Spectre} {Era}},\n\turl = {Paper=https://download.vusec.net/papers/blindside_ccs20.pdf Web=https://www.vusec.net/projects/blindside Code=https://github.com/vusec/blindside Press=https://bit.ly/3c4MkhU},\n\tbooktitle = {{CCS}},\n\tauthor = {Goktas, Enes and Razavi, Kaveh and Portokalidis, Georgios and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = nov,\n\tyear = {2020},\n\tnote = {Pwnie Award for Most Innovative Research},\n\tkeywords = {class\\_sidechannels, proj\\_offcore, proj\\_panta, proj\\_panta\\_list, proj\\_react, proj\\_unicore, type\\_award, type\\_conf, type\\_csec, type\\_paper, type\\_press, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n TagBleed: Breaking KASLR on the Isolated Kernel Address Space Using Tagged TLBs.\n \n \n \n \n\n\n \n Koschel, J.; Giuffrida, C.; Bos, H.; and Razavi, K.\n\n\n \n\n\n\n In EuroS&P, September 2020. \n \n\n\n\n
\n\n\n\n \n \n \"TagBleed:Paper\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 39 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{koschel_tagbleed_2020,\n\ttitle = {{TagBleed}: {Breaking} {KASLR} on the {Isolated} {Kernel} {Address} {Space} {Using} {Tagged} {TLBs}},\n\turl = {https://download.vusec.net/papers/tagbleed_eurosp20.pdf},\n\tbooktitle = {{EuroS}\\&{P}},\n\tauthor = {Koschel, Jakob and Giuffrida, Cristiano and Bos, Herbert and Razavi, Kaveh},\n\tmonth = sep,\n\tyear = {2020},\n\tkeywords = {class\\_sidechannels, proj\\_offcore, proj\\_panta, proj\\_react, proj\\_unicore, type\\_conf, type\\_paper, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n ParmeSan: Sanitizer-guided Greybox Fuzzing.\n \n \n \n \n\n\n \n Österlund, S.; Razavi, K.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In USENIX Security, August 2020. \n \n\n\n\n
\n\n\n\n \n \n \"ParmeSan:Paper\n  \n \n \n \"ParmeSan:Code\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 78 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{osterlund_parmesan_2020,\n\ttitle = {{ParmeSan}: {Sanitizer}-guided {Greybox} {Fuzzing}},\n\turl = {Paper=https://download.vusec.net/papers/parmesan_sec20.pdf Code=https://github.com/vusec/parmesan},\n\tbooktitle = {{USENIX} {Security}},\n\tauthor = {Österlund, Sebastian and Razavi, Kaveh and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = aug,\n\tyear = {2020},\n\tkeywords = {class\\_testing, proj\\_binrec, proj\\_panta, proj\\_react, proj\\_securecode, proj\\_vici, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n NetCAT: Practical Cache Attacks from the Network.\n \n \n \n \n\n\n \n Kurth, M.; Gras, B.; Andriesse, D.; Giuffrida, C.; Bos, H.; and Razavi, K.\n\n\n \n\n\n\n In S&P, May 2020. \n Intel Bounty Reward, Pwnie Award Nomination for Most Innovative Research\n\n\n\n
\n\n\n\n \n \n \"NetCAT:Paper\n  \n \n \n \"NetCAT:Slides\n  \n \n \n \"NetCAT:Web\n  \n \n \n \"NetCAT:Press\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 368 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{kurth_netcat_2020,\n\ttitle = {{NetCAT}: {Practical} {Cache} {Attacks} from the {Network}},\n\turl = {Paper=https://download.vusec.net/papers/netcat_sp20.pdf Slides=https://download.vusec.net/slides/netcat_sp20.pdf Web=https://www.vusec.net/projects/netcat Press=https://bit.ly/2LULskB},\n\tbooktitle = {S\\&{P}},\n\tauthor = {Kurth, Michael and Gras, Ben and Andriesse, Dennis and Giuffrida, Cristiano and Bos, Herbert and Razavi, Kaveh},\n\tmonth = may,\n\tyear = {2020},\n\tnote = {Intel Bounty Reward, Pwnie Award Nomination for Most Innovative Research},\n\tkeywords = {class\\_sidechannels, proj\\_offcore, proj\\_panta, proj\\_react, proj\\_unicore, proj\\_vici, type\\_award, type\\_bounty, type\\_conf, type\\_csec, type\\_cve\\_assigned, type\\_mscthesis, type\\_paper, type\\_press, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n TRRespass: Exploiting the Many Sides of Target Row Refresh.\n \n \n \n \n\n\n \n Frigo, P.; Vannacci, E.; Hassan, H.; van der Veen, V.; Mutlu, O.; Giuffrida, C.; Bos, H.; and Razavi, K.\n\n\n \n\n\n\n In S&P, May 2020. \n Best Paper Award, Pwnie Award for Most Innovative Research, IEEE Micro Top Picks Honorable Mention, DCSR Paper Award\n\n\n\n
\n\n\n\n \n \n \"TRRespass:Paper\n  \n \n \n \"TRRespass:Slides\n  \n \n \n \"TRRespass:Web\n  \n \n \n \"TRRespass:Code\n  \n \n \n \"TRRespass:Press\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 858 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{frigo_trrespass_2020,\n\ttitle = {{TRRespass}: {Exploiting} the {Many} {Sides} of {Target} {Row} {Refresh}},\n\turl = {Paper=https://download.vusec.net/papers/trrespass_sp20.pdf Slides=https://download.vusec.net/slides/trrespass_sp20.pdf Web=https://www.vusec.net/projects/trrespass Code=https://github.com/vusec/trrespass Press=https://bit.ly/2UXWKJ4},\n\tbooktitle = {S\\&{P}},\n\tauthor = {Frigo, Pietro and Vannacci, Emanuele and Hassan, Hasan and van der Veen, Victor and Mutlu, Onur and Giuffrida, Cristiano and Bos, Herbert and Razavi, Kaveh},\n\tmonth = may,\n\tyear = {2020},\n\tnote = {Best Paper Award, Pwnie Award for Most Innovative Research, IEEE Micro Top Picks Honorable Mention, DCSR Paper Award},\n\tkeywords = {class\\_rowhammer, proj\\_offcore, proj\\_panta, proj\\_react, proj\\_unicore, proj\\_vici, type\\_award, type\\_conf, type\\_cve\\_assigned, type\\_paper, type\\_press, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n Benchmarking Flaws Undermine Security Research.\n \n \n \n \n\n\n \n Van Der Kouwe, E.; Heiser, G.; Andriesse, D.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n IEEE S&P Magazine, 18(3): 48–57. May 2020.\n \n\n\n\n
\n\n\n\n \n \n \"BenchmarkingPaper\n  \n \n \n \"BenchmarkingWeb\n  \n \n \n \"BenchmarkingPress\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 12 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@article{van_der_kouwe_benchmarking_2020,\n\ttitle = {Benchmarking {Flaws} {Undermine} {Security} {Research}},\n\tvolume = {18},\n\turl = {Paper=https://download.vusec.net/papers/benchmarking_sp20.pdf Web=https://www.vusec.net/projects/benchmarking-crimes Press=https://bit.ly/3knxXIk},\n\tnumber = {3},\n\tjournal = {IEEE S\\&P Magazine},\n\tauthor = {Van Der Kouwe, Erik and Heiser, Gernot and Andriesse, Dennis and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = may,\n\tyear = {2020},\n\tkeywords = {class\\_sanitizer, class\\_sok, proj\\_binrec, proj\\_panta, proj\\_react, proj\\_securecode, proj\\_unicore, proj\\_vici, type\\_csec, type\\_mag, type\\_paper},\n\tpages = {48--57},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n BinRec: Dynamic Binary Lifting and Recompilation.\n \n \n \n \n\n\n \n Altinay, A.; Nash, J.; Kroes, T.; Rajasekaran, P.; Zhou, D.; Dabrowski, A.; Gens, D.; Na, Y.; Volckaert, S.; Giuffrida, C.; Bos, H.; and Franz, M.\n\n\n \n\n\n\n In EuroSys, April 2020. \n \n\n\n\n
\n\n\n\n \n \n \"BinRec:Paper\n  \n \n \n \"BinRec:Code\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 88 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{altinay_binrec_2020,\n\ttitle = {{BinRec}: {Dynamic} {Binary} {Lifting} and {Recompilation}},\n\turl = {Paper=https://download.vusec.net/papers/binrec_eurosys20.pdf Code=https://github.com/securesystemslab/BinRec},\n\tbooktitle = {{EuroSys}},\n\tauthor = {Altinay, Anil and Nash, Joseph and Kroes, Taddeus and Rajasekaran, Prabhu and Zhou, Dixin and Dabrowski, Adrian and Gens, David and Na, Yeoul and Volckaert, Stijn and Giuffrida, Cristiano and Bos, Herbert and Franz, Michael},\n\tmonth = apr,\n\tyear = {2020},\n\tkeywords = {class\\_binary, proj\\_binrec, proj\\_vici, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n ABSynthe: Automatic Blackbox Side-channel Synthesis on Commodity Microarchitectures.\n \n \n \n \n\n\n \n Gras, B.; Giuffrida, C.; Kurth, M.; Bos, H.; and Razavi, K.\n\n\n \n\n\n\n In NDSS, February 2020. \n \n\n\n\n
\n\n\n\n \n \n \"ABSynthe:Paper\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 65 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{gras_absynthe_2020,\n\ttitle = {{ABSynthe}: {Automatic} {Blackbox} {Side}-channel {Synthesis} on {Commodity} {Microarchitectures}},\n\turl = {https://download.vusec.net/papers/absynthe_ndss20.pdf},\n\tbooktitle = {{NDSS}},\n\tauthor = {Gras, Ben and Giuffrida, Cristiano and Kurth, Michael and Bos, Herbert and Razavi, Kaveh},\n\tmonth = feb,\n\tyear = {2020},\n\tkeywords = {class\\_sidechannels, proj\\_offcore, proj\\_panta, proj\\_react, proj\\_unicore, proj\\_vici, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n\n\n\n
\n
\n\n
\n
\n  \n 2019\n \n \n (8)\n \n \n
\n
\n \n \n
\n \n\n \n \n \n \n \n \n VPS: Excavating High-Level C++ Constructs from Low-Level Binaries to Protect Dynamic Dispatching.\n \n \n \n \n\n\n \n Pawlowski, A.; van der Veen, V.; Andriesse, D.; van der Kouwe, E.; Holz, T.; Giuffrida, C.; and Bos, H.\n\n\n \n\n\n\n In ACSAC, December 2019. \n \n\n\n\n
\n\n\n\n \n \n \"VPS:Paper\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 10 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{pawlowski_vps_2019,\n\ttitle = {{VPS}: {Excavating} {High}-{Level} {C}++ {Constructs} from {Low}-{Level} {Binaries} to {Protect} {Dynamic} {Dispatching}},\n\turl = {https://download.vusec.net/papers/vps_acsac19.pdf},\n\tbooktitle = {{ACSAC}},\n\tauthor = {Pawlowski, Andre and van der Veen, Victor and Andriesse, Dennis and van der Kouwe, Erik and Holz, Thorsten and Giuffrida, Cristiano and Bos, Herbert},\n\tmonth = dec,\n\tyear = {2019},\n\tkeywords = {class\\_armor, proj\\_binrec, proj\\_react, proj\\_unicore, type\\_conf, type\\_csec, type\\_paper, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n Terminal Brain Damage: Exposing the Graceless Degradation in Deep Neural Networks Under Hardware Fault Attacks.\n \n \n \n \n\n\n \n Hong, S.; Frigo, P.; Kaya, Y.; Giuffrida, C.; and Dumitras, T.\n\n\n \n\n\n\n In USENIX Security, August 2019. \n \n\n\n\n
\n\n\n\n \n \n \"TerminalPaper\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 14 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{hong_terminal_2019,\n\ttitle = {Terminal {Brain} {Damage}: {Exposing} the {Graceless} {Degradation} in {Deep} {Neural} {Networks} {Under} {Hardware} {Fault} {Attacks}},\n\turl = {https://download.vusec.net/papers/deephammer_sec19.pdf},\n\tbooktitle = {{USENIX} {Security}},\n\tauthor = {Hong, Sanghyun and Frigo, Pietro and Kaya, Yigitcan and Giuffrida, Cristiano and Dumitras, Tudor},\n\tmonth = aug,\n\tyear = {2019},\n\tkeywords = {class\\_rowhammer, proj\\_panta, proj\\_panta\\_list, proj\\_react, proj\\_unicore, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n SoK: Benchmarking Flaws in Systems Security.\n \n \n \n \n\n\n \n van der Kouwe, E.; Heiser, G.; Andriesse, D.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In EuroS&P, June 2019. \n \n\n\n\n
\n\n\n\n \n \n \"SoK:Paper\n  \n \n \n \"SoK:Slides\n  \n \n \n \"SoK:Web\n  \n \n \n \"SoK:Press\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 148 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{van_der_kouwe_sok_2019,\n\ttitle = {{SoK}: {Benchmarking} {Flaws} in {Systems} {Security}},\n\turl = {Paper=https://download.vusec.net/papers/benchmarking-crimes_eurosp19.pdf  Slides=https://www.vusec.net/wp-content/uploads/2019/06/Benchmarking-Flaws-in-Systems-Security-EuroSP2019.pdf Web=https://www.vusec.net/projects/benchmarking-crimes Press=https://bit.ly/3knxXIk},\n\tbooktitle = {{EuroS}\\&{P}},\n\tauthor = {van der Kouwe, Erik and Heiser, Gernot and Andriesse, Dennis and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = jun,\n\tyear = {2019},\n\tkeywords = {class\\_sanitizer, class\\_sok, proj\\_binrec, proj\\_panta, proj\\_react, proj\\_securecode, proj\\_unicore, proj\\_vici, type\\_conf, type\\_csec, type\\_paper, type\\_press, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n Exploiting Correcting Codes: On the Effectiveness of ECC Memory Against Rowhammer Attacks.\n \n \n \n \n\n\n \n Cojocar, L.; Razavi, K.; Giuffrida, C.; and Bos, H.\n\n\n \n\n\n\n In S&P, May 2019. \n Best Practical Paper Award, Pwnie Award Nomination for Most Innovative Research\n\n\n\n
\n\n\n\n \n \n \"ExploitingPaper\n  \n \n \n \"ExploitingSlides\n  \n \n \n \"ExploitingWeb\n  \n \n \n \"ExploitingPress\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 363 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{cojocar_exploiting_2019,\n\ttitle = {Exploiting {Correcting} {Codes}: {On} the {Effectiveness} of {ECC} {Memory} {Against} {Rowhammer} {Attacks}},\n\turl = {Paper=https://download.vusec.net/papers/eccploit_sp19.pdf Slides=https://www.ieee-security.org/TC/SP2019/SP19-Slides-pdfs/Lucian_Cojocar_Exploiting_Correcting_Codes_slides-ecc-new.pdf Web=https://www.vusec.net/projects/eccploit Press=https://bit.ly/2UcucNv},\n\tbooktitle = {S\\&{P}},\n\tauthor = {Cojocar, Lucian and Razavi, Kaveh and Giuffrida, Cristiano and Bos, Herbert},\n\tmonth = may,\n\tyear = {2019},\n\tnote = {Best Practical Paper Award, Pwnie Award Nomination for Most Innovative Research},\n\tkeywords = {class\\_rowhammer, proj\\_panta, proj\\_react, proj\\_unicore, proj\\_vici, type\\_award, type\\_conf, type\\_csec, type\\_cve\\_assigned, type\\_paper, type\\_press, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n RIDL: Rogue In-flight Data Load.\n \n \n \n \n\n\n \n van Schaik, S.; Milburn, A.; Österlund, S.; Frigo, P.; Maisuradze, G.; Razavi, K.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In S&P, May 2019. \n Intel Bounty Reward (Highest To Date), Pwnie Award Nomination for Most Innovative Research, CSAW Best Paper Award Runner-up, DCSR Paper Award\n\n\n\n
\n\n\n\n \n \n \"RIDL:Paper\n  \n \n \n \"RIDL:Slides\n  \n \n \n \"RIDL:Web\n  \n \n \n \"RIDL:Code\n  \n \n \n \"RIDL:Press\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 108 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{van_schaik_ridl_2019,\n\ttitle = {{RIDL}: {Rogue} {In}-flight {Data} {Load}},\n\turl = {Paper=https://mdsattacks.com/files/ridl.pdf Slides=https://mdsattacks.com/slides/slides.html Web=https://mdsattacks.com Code=https://github.com/vusec/ridl Press=http://mdsattacks.com},\n\tbooktitle = {S\\&{P}},\n\tauthor = {van Schaik, Stephan and Milburn, Alyssa and Österlund, Sebastian and Frigo, Pietro and Maisuradze, Giorgi and Razavi, Kaveh and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = may,\n\tyear = {2019},\n\tnote = {Intel Bounty Reward (Highest To Date), Pwnie Award Nomination for Most Innovative Research, CSAW Best Paper Award Runner-up, DCSR Paper Award},\n\tkeywords = {class\\_sidechannels, proj\\_offcore, proj\\_panta, proj\\_panta\\_list, proj\\_react, proj\\_unicore, proj\\_vici, type\\_award, type\\_bounty, type\\_conf, type\\_cve\\_assigned, type\\_paper, type\\_press, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n ProbeGuard: Mitigating Probing Attacks Through Reactive Program Transformations.\n \n \n \n \n\n\n \n Bhat, K.; van der Kouwe, E.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In ASPLOS, April 2019. \n \n\n\n\n
\n\n\n\n \n \n \"ProbeGuard:Paper\n  \n \n \n \"ProbeGuard:Web\n  \n \n \n \"ProbeGuard:Code\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 31 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{bhat_probeguard_2019,\n\ttitle = {{ProbeGuard}: {Mitigating} {Probing} {Attacks} {Through} {Reactive} {Program} {Transformations}},\n\turl = {Paper=https://download.vusec.net/papers/probeguard_asplos19.pdf Web=https://www.vusec.net/projects/nowhere-to-hide Code=https://github.com/vusec/probeguard},\n\tbooktitle = {{ASPLOS}},\n\tauthor = {Bhat, Koustubha and van der Kouwe, Erik and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = apr,\n\tyear = {2019},\n\tkeywords = {class\\_ih, proj\\_binrec, proj\\_panta, proj\\_panta\\_list, proj\\_react, proj\\_securecode, proj\\_vici, type\\_conf, type\\_csec, type\\_paper, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n kMVX: Detecting Kernel Information Leaks with Multi-variant Execution.\n \n \n \n \n\n\n \n Österlund, S.; Koning, K.; Olivier, P.; Barbalace, A.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In ASPLOS, April 2019. \n \n\n\n\n
\n\n\n\n \n \n \"kMVX:Paper\n  \n \n \n \"kMVX:Web\n  \n \n \n \"kMVX:Code\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 68 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{osterlund_kmvx_2019,\n\ttitle = {{kMVX}: {Detecting} {Kernel} {Information} {Leaks} with {Multi}-variant {Execution}},\n\turl = {Paper=https://download.vusec.net/papers/kmvx_asplos19.pdf Web=https://www.vusec.net/projects/kmvx Code=https://github.com/vusec/kmvx},\n\tbooktitle = {{ASPLOS}},\n\tauthor = {Österlund, Sebastian and Koning, Koen and Olivier, Pierre and Barbalace, Antonio and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = apr,\n\tyear = {2019},\n\tkeywords = {class\\_armor, proj\\_panta, proj\\_react, proj\\_securecode, proj\\_unicore, proj\\_vici, type\\_conf, type\\_mscthesis, type\\_paper, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n Are All Citations Worth the Same? Valuing Citations by the Value of the Citing Items.\n \n \n \n \n\n\n \n Giuffrida, C.; Abramo, G.; and D'Angelo, C. A.\n\n\n \n\n\n\n JOI. January 2019.\n \n\n\n\n
\n\n\n\n \n \n \"ArePaper\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 4 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@article{giuffrida_are_2019,\n\ttitle = {Are {All} {Citations} {Worth} the {Same}? {Valuing} {Citations} by the {Value} of the {Citing} {Items}},\n\turl = {https://www.cs.vu.nl/~giuffrida/papers/citing-cited_joi19.pdf},\n\tjournal = {JOI},\n\tauthor = {Giuffrida, Cristiano and Abramo, Giovanni and D'Angelo, Ciriaco Andrea},\n\tmonth = jan,\n\tyear = {2019},\n\tkeywords = {authors, disambiguation, heuristics, proper names, scholars, type\\_journal, type\\_paper},\n}\n\n
\n
\n\n\n\n
\n\n\n\n\n\n
\n
\n\n
\n
\n  \n 2018\n \n \n (14)\n \n \n
\n
\n \n \n
\n \n\n \n \n \n \n \n \n Type-After-Type: Practical and Complete Type-Safe Memory Reuse.\n \n \n \n \n\n\n \n van der Kouwe, E.; Kroes, T.; Ouwehand, C.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In ACSAC, December 2018. \n \n\n\n\n
\n\n\n\n \n \n \"Type-After-Type:Paper\n  \n \n \n \"Type-After-Type:Code\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 22 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{van_der_kouwe_type-after-type_2018,\n\ttitle = {Type-{After}-{Type}: {Practical} and {Complete} {Type}-{Safe} {Memory} {Reuse}},\n\turl = {Paper=https://download.vusec.net/papers/tat_acsac18.pdf Code=https://github.com/vusec/type-after-type},\n\tbooktitle = {{ACSAC}},\n\tauthor = {van der Kouwe, Erik and Kroes, Taddeus and Ouwehand, Chris and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = dec,\n\tyear = {2018},\n\tkeywords = {class\\_sanitizer, proj\\_binrec, proj\\_panta, proj\\_panta\\_list, proj\\_react, proj\\_securecode, proj\\_vici, type\\_conf, type\\_paper, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n TIFF: Using Input Type Inference To Improve Fuzzing.\n \n \n \n \n\n\n \n Jain, V.; Rawat, S.; Giuffrida, C.; and Bos, H.\n\n\n \n\n\n\n In ACSAC, December 2018. \n \n\n\n\n
\n\n\n\n \n \n \"TIFF:Paper\n  \n \n \n \"TIFF:Code\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 9 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{jain_tiff_2018,\n\ttitle = {{TIFF}: {Using} {Input} {Type} {Inference} {To} {Improve} {Fuzzing}},\n\turl = {Paper=https://download.vusec.net/papers/tiff_acsac18.pdf Code=https://github.com/vusec/tiff},\n\tbooktitle = {{ACSAC}},\n\tauthor = {Jain, Vivek and Rawat, Sanjay and Giuffrida, Cristiano and Bos, Herbert},\n\tmonth = dec,\n\tyear = {2018},\n\tkeywords = {class\\_testing, proj\\_panta, proj\\_react, proj\\_vici, type\\_conf, type\\_paper, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n On the Effectiveness of Code Normalization for Function Identification.\n \n \n \n \n\n\n \n Oikonomopoulos, A.; Vermeulen, R.; Giuffrida, C.; and Bos, H.\n\n\n \n\n\n\n In PRDC, December 2018. \n \n\n\n\n
\n\n\n\n \n \n \"OnPaper\n  \n \n \n \"OnCode\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 10 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{oikonomopoulos_effectiveness_2018,\n\ttitle = {On the {Effectiveness} of {Code} {Normalization} for {Function} {Identification}},\n\turl = {Paper=https://download.vusec.net/papers/kamino_prdc18.pdf Code=https://github.com/vusec/kamino},\n\tbooktitle = {{PRDC}},\n\tauthor = {Oikonomopoulos, Angelos and Vermeulen, Remco and Giuffrida, Cristiano and Bos, Herbert},\n\tmonth = dec,\n\tyear = {2018},\n\tkeywords = {class\\_binary, proj\\_binrec, proj\\_parallax, proj\\_vici, type\\_conf, type\\_paper},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n ZebRAM: Comprehensive and Compatible Software Protection Against Rowhammer Attacks.\n \n \n \n \n\n\n \n Konoth, R. K.; Oliverio, M.; Tatar, A.; Andriesse, D.; Bos, H.; Giuffrida, C.; and Razavi, K.\n\n\n \n\n\n\n In OSDI, October 2018. \n \n\n\n\n
\n\n\n\n \n \n \"ZebRAM:Paper\n  \n \n \n \"ZebRAM:Code\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 40 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{konoth_zebram_2018,\n\ttitle = {{ZebRAM}: {Comprehensive} and {Compatible} {Software} {Protection} {Against} {Rowhammer} {Attacks}},\n\turl = {Paper=https://download.vusec.net/papers/zebram_osdi18.pdf Code=https://github.com/vusec/zebram},\n\tbooktitle = {{OSDI}},\n\tauthor = {Konoth, Radhesh Krishnan and Oliverio, Marco and Tatar, Andrei and Andriesse, Dennis and Bos, Herbert and Giuffrida, Cristiano and Razavi, Kaveh},\n\tmonth = oct,\n\tyear = {2018},\n\tkeywords = {class\\_rowhammer, proj\\_parallax, proj\\_protasis, proj\\_react, proj\\_unicore, proj\\_vici, type\\_conf, type\\_csec, type\\_paper, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n BinRec: Attack Surface Reduction Through Dynamic Binary Recovery.\n \n \n \n \n\n\n \n Kroes, T.; Altinay, A.; Nash, J.; Na, Y.; Volckaert, S.; Bos, H.; Franz, M.; and Giuffrida, C.\n\n\n \n\n\n\n In FEAST, October 2018. \n \n\n\n\n
\n\n\n\n \n \n \"BinRec:Paper\n  \n \n \n \"BinRec:Slides\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 10 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{kroes_binrec_2018,\n\ttitle = {{BinRec}: {Attack} {Surface} {Reduction} {Through} {Dynamic} {Binary} {Recovery}},\n\turl = {Paper=https://download.vusec.net/papers/binrec-feast18.pdf Slides=https://download.vusec.net/slides/binrec-feast18.pdf},\n\tbooktitle = {{FEAST}},\n\tauthor = {Kroes, Taddeus and Altinay, Anil and Nash, Joseph and Na, Yeoul and Volckaert, Stijn and Bos, Herbert and Franz, Michael and Giuffrida, Cristiano},\n\tmonth = oct,\n\tyear = {2018},\n\tkeywords = {class\\_binary, proj\\_binrec, proj\\_vici, type\\_paper, type\\_workshop},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n Defeating Software Mitigations against Rowhammer: A Surgical Precision Hammer.\n \n \n \n \n\n\n \n Tatar, A.; Giuffrida, C.; Bos, H.; and Razavi, K.\n\n\n \n\n\n\n In RAID, September 2018. \n Best Paper Award\n\n\n\n
\n\n\n\n \n \n \"DefeatingPaper\n  \n \n \n \"DefeatingCode\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 39 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{tatar_defeating_2018,\n\ttitle = {Defeating {Software} {Mitigations} against {Rowhammer}: {A} {Surgical} {Precision} {Hammer}},\n\turl = {Paper=https://download.vusec.net/papers/hammertime_raid18.pdf Code=https://github.com/vusec/hammertime},\n\tbooktitle = {{RAID}},\n\tauthor = {Tatar, Andrei and Giuffrida, Cristiano and Bos, Herbert and Razavi, Kaveh},\n\tmonth = sep,\n\tyear = {2018},\n\tnote = {Best Paper Award},\n\tkeywords = {class\\_rowhammer, proj\\_parallax, proj\\_react, proj\\_unicore, proj\\_vici, type\\_award, type\\_conf, type\\_mscthesis, type\\_paper, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n Malicious Management Unit: Why Stopping Cache Attacks in Software is Harder Than You Think.\n \n \n \n \n\n\n \n van Schaik, S.; Giuffrida, C.; Bos, H.; and Razavi, K.\n\n\n \n\n\n\n In USENIX Security, August 2018. \n \n\n\n\n
\n\n\n\n \n \n \"MaliciousPaper\n  \n \n \n \"MaliciousWeb\n  \n \n \n \"MaliciousCode\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 92 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{van_schaik_malicious_2018,\n\ttitle = {Malicious {Management} {Unit}: {Why} {Stopping} {Cache} {Attacks} in {Software} is {Harder} {Than} {You} {Think}},\n\turl = {Paper=https://download.vusec.net/papers/xlate_sec18.pdf Web=https://www.vusec.net/projects/xlate Code=https://github.com/vusec/xlate},\n\tbooktitle = {{USENIX} {Security}},\n\tauthor = {van Schaik, Stephan and Giuffrida, Cristiano and Bos, Herbert and Razavi, Kaveh},\n\tmonth = aug,\n\tyear = {2018},\n\tkeywords = {class\\_sidechannels, proj\\_parallax, proj\\_react, proj\\_vici, type\\_conf, type\\_mscthesis, type\\_paper, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n TLBleed: When Protecting Your CPU Caches is not Enough.\n \n \n \n \n\n\n \n Gras, B.; Razavi, K.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In Black Hat USA, August 2018. \n \n\n\n\n
\n\n\n\n \n \n \"TLBleed:Slides\n  \n \n \n \"TLBleed:Web\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 134 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{gras_tlbleed_2018,\n\ttitle = {{TLBleed}: {When} {Protecting} {Your} {CPU} {Caches} is not {Enough}},\n\turl = {Slides=https://i.blackhat.com/us-18/Thu-August-9/us-18-Gras-TLBleed-When-Protecting-Your-CPU-Caches-is-Not-Enough.pdf Web=https://vusec.net/projects/tlbleed},\n\tbooktitle = {Black {Hat} {USA}},\n\tauthor = {Gras, Ben and Razavi, Kaveh and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = aug,\n\tyear = {2018},\n\tkeywords = {class\\_sidechannels, proj\\_react, type\\_conf, type\\_paper},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n Translation Leak-aside Buffer: Defeating Cache Side-channel Protections with TLB Attacks.\n \n \n \n \n\n\n \n Gras, B.; Razavi, K.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In USENIX Security, August 2018. \n Pwnie Award Nomination for Most Innovative Research\n\n\n\n
\n\n\n\n \n \n \"TranslationPaper\n  \n \n \n \"TranslationSlides\n  \n \n \n \"TranslationWeb\n  \n \n \n \"TranslationCode\n  \n \n \n \"TranslationPress\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 463 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{gras_translation_2018,\n\ttitle = {Translation {Leak}-aside {Buffer}: {Defeating} {Cache} {Side}-channel {Protections} with {TLB} {Attacks}},\n\turl = {Paper=https://download.vusec.net/papers/tlbleed_sec18.pdf Slides=https://www.usenix.org/sites/default/files/conference/protected-files/security18_slides_gras.pdf Web=https://www.vusec.net/projects/tlbleed Code=https://github.com/vusec/tlbkit Press=https://goo.gl/eepq1y},\n\tbooktitle = {{USENIX} {Security}},\n\tauthor = {Gras, Ben and Razavi, Kaveh and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = aug,\n\tyear = {2018},\n\tnote = {Pwnie Award Nomination for Most Innovative Research},\n\tkeywords = {class\\_sidechannels, proj\\_parallax, proj\\_react, proj\\_vici, type\\_award, type\\_conf, type\\_paper, type\\_press, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n Throwhammer: Rowhammer Attacks over the Network and Defenses.\n \n \n \n \n\n\n \n Tatar, A.; Konoth, R. K.; Athanasopoulos, E.; Giuffrida, C.; Bos, H.; and Razavi, K.\n\n\n \n\n\n\n In USENIX ATC, July 2018. \n Pwnie Award Nomination for Most Innovative Research\n\n\n\n
\n\n\n\n \n \n \"Throwhammer:Paper\n  \n \n \n \"Throwhammer:Web\n  \n \n \n \"Throwhammer:Code\n  \n \n \n \"Throwhammer:Press\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 295 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{tatar_throwhammer_2018,\n\ttitle = {Throwhammer: {Rowhammer} {Attacks} over the {Network} and {Defenses}},\n\turl = {Paper=https://download.vusec.net/papers/throwhammer_atc18.pdf Web=https://www.vusec.net/projects/throwhammer Code=https://github.com/vusec/alis Press=https://goo.gl/GrZ87e},\n\tbooktitle = {{USENIX} {ATC}},\n\tauthor = {Tatar, Andrei and Konoth, Radhesh Krishnan and Athanasopoulos, Elias and Giuffrida, Cristiano and Bos, Herbert and Razavi, Kaveh},\n\tmonth = jul,\n\tyear = {2018},\n\tnote = {Pwnie Award Nomination for Most Innovative Research},\n\tkeywords = {class\\_rowhammer, proj\\_parallax, proj\\_vici, type\\_award, type\\_conf, type\\_csec, type\\_paper, type\\_press, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n Grand Pwning Unit: Accelerating Microarchitectural Attacks with the GPU.\n \n \n \n \n\n\n \n Frigo, P.; Giuffrida, C.; Bos, H.; and Razavi, K.\n\n\n \n\n\n\n In S&P, May 2018. \n Pwnie Award Nomination for Most Innovative Research\n\n\n\n
\n\n\n\n \n \n \"GrandPaper\n  \n \n \n \"GrandWeb\n  \n \n \n \"GrandPress\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 145 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{frigo_grand_2018,\n\ttitle = {Grand {Pwning} {Unit}: {Accelerating} {Microarchitectural} {Attacks} with the {GPU}},\n\turl = {Paper=https://download.vusec.net/papers/glitch_sp18.pdf Web=https://www.vusec.net/projects/glitch Press=https://goo.gl/SkD9er},\n\tbooktitle = {S\\&{P}},\n\tauthor = {Frigo, Pietro and Giuffrida, Cristiano and Bos, Herbert and Razavi, Kaveh},\n\tmonth = may,\n\tyear = {2018},\n\tnote = {Pwnie Award Nomination for Most Innovative Research},\n\tkeywords = {class\\_rowhammer, class\\_sidechannels, proj\\_sharcs, proj\\_vici, type\\_award, type\\_conf, type\\_cve\\_assigned, type\\_mscthesis, type\\_paper, type\\_press, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n Position-independent Code Reuse: On the Effectiveness of ASLR in the Absence of Information Disclosure.\n \n \n \n \n\n\n \n Göktaş, E.; Kollenda, B.; Koppe, P.; Bosman, E.; Portokalidis, G.; Holz, T.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In EuroS&P, April 2018. \n \n\n\n\n
\n\n\n\n \n \n \"Position-independentPaper\n  \n \n \n \"Position-independentWeb\n  \n \n \n \"Position-independentCode\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 67 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{goktas_position-independent_2018,\n\ttitle = {Position-independent {Code} {Reuse}: {On} the {Effectiveness} of {ASLR} in the {Absence} of {Information} {Disclosure}},\n\turl = {Paper=https://download.vusec.net/papers/pirop_eurosp18.pdf Web=https://www.vusec.net/projects/pirop Code=https://github.com/vusec/pirop},\n\tbooktitle = {{EuroS}\\&{P}},\n\tauthor = {Göktaş, Enes and Kollenda, Benjamin and Koppe, Philipp and Bosman, Erik and Portokalidis, Georgios and Holz, Thorsten and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = apr,\n\tyear = {2018},\n\tkeywords = {class\\_rand, proj\\_binrec, proj\\_panta, proj\\_protasis, proj\\_vici, type\\_conf, type\\_csec, type\\_paper, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n Towards Automated Vulnerability Scanning of Network Servers.\n \n \n \n \n\n\n \n Schagen, N.; Koen, K.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In EuroSec, April 2018. \n \n\n\n\n
\n\n\n\n \n \n \"TowardsPaper\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 13 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{schagen_towards_2018,\n\ttitle = {Towards {Automated} {Vulnerability} {Scanning} of {Network} {Servers}},\n\turl = {https://download.vusec.net/papers/scanning_eurosec18.pdf},\n\tbooktitle = {{EuroSec}},\n\tauthor = {Schagen, Nathan and Koen, Koening and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = apr,\n\tyear = {2018},\n\tkeywords = {class\\_network, proj\\_panta, proj\\_vici, type\\_csec, type\\_mscthesis, type\\_paper, type\\_workshop},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n Delta Pointers: Buffer Overflow Checks Without the Checks.\n \n \n \n \n\n\n \n Kroes, T.; Koning, K.; van der Kouwe, E.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In EuroSys, April 2018. \n \n\n\n\n
\n\n\n\n \n \n \"DeltaPaper\n  \n \n \n \"DeltaSlides\n  \n \n \n \"DeltaCode\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 53 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{kroes_delta_2018,\n\ttitle = {Delta {Pointers}: {Buffer} {Overflow} {Checks} {Without} the {Checks}},\n\turl = {Paper=https://download.vusec.net/papers/delta-pointers_eurosys18.pdf Slides=https://download.vusec.net/slides/delta-pointers-eurosys18.pdf Code=https://github.com/vusec/deltapointers},\n\tbooktitle = {{EuroSys}},\n\tauthor = {Kroes, Taddeus and Koning, Koen and van der Kouwe, Erik and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = apr,\n\tyear = {2018},\n\tkeywords = {class\\_sanitizer, proj\\_binrec, proj\\_panta, proj\\_panta\\_list, proj\\_securecode, proj\\_vici, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n\n\n\n
\n
\n\n
\n
\n  \n 2017\n \n \n (13)\n \n \n
\n
\n \n \n
\n \n\n \n \n \n \n \n \n The Dynamics of Innocent Flesh on the Bone: Code Reuse Ten Years Later.\n \n \n \n \n\n\n \n van der Veen, V.; Andriesse, D.; Stamatogiannakis, M.; Chen, X.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In CCS, October 2017. \n \n\n\n\n
\n\n\n\n \n \n \"ThePaper\n  \n \n \n \"TheWeb\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 67 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{van_der_veen_dynamics_2017,\n\ttitle = {The {Dynamics} of {Innocent} {Flesh} on the {Bone}: {Code} {Reuse} {Ten} {Years} {Later}},\n\turl = {Paper=http://vvdveen.com/publications/newton.pdf Web=https://www.vusec.net/projects/newton},\n\tbooktitle = {{CCS}},\n\tauthor = {van der Veen, Victor and Andriesse, Dennis and Stamatogiannakis, Manolis and Chen, Xi and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = oct,\n\tyear = {2017},\n\tkeywords = {class\\_binary, proj\\_sharcs, proj\\_vici, type\\_conf, type\\_csec, type\\_paper, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n Secure Page Fusion with VUsion.\n \n \n \n \n\n\n \n Oliverio, M.; Razavi, K.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In SOSP, October 2017. \n \n\n\n\n
\n\n\n\n \n \n \"SecurePaper\n  \n \n \n \"SecureSlides\n  \n \n \n \"SecurePoster\n  \n \n \n \"SecureWeb\n  \n \n \n \"SecureCode\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 67 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{oliverio_secure_2017,\n\ttitle = {Secure {Page} {Fusion} with {VUsion}},\n\turl = {Paper=https://download.vusec.net/papers/vusion_sosp17.pdf Slides=https://docs.google.com/presentation/d/1Erf1r9gCtkj-JuCBT7BW93W7YjGiplkO8GHAAT56W9s/edit#slide=id.p3 Poster=https://vusec.net/wp-content/uploads/2017/10/poster.pdf Web=https://www.vusec.net/projects/vusion Code=https://github.com/vusec/vusion},\n\tbooktitle = {{SOSP}},\n\tauthor = {Oliverio, Marco and Razavi, Kaveh and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = oct,\n\tyear = {2017},\n\tkeywords = {class\\_rowhammer, class\\_sidechannels, proj\\_sharcs, proj\\_vici, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n Towards Automated Discovery of Crash-Resistant Primitives in Binaries.\n \n \n \n \n\n\n \n Kollenda, B.; Goktas, E.; Blazytko, T.; Koppe, P.; Gawlik, R.; Konoth, R. K.; Giuffrida, C.; Bos, H.; and Holz, T.\n\n\n \n\n\n\n In DSN, June 2017. \n \n\n\n\n
\n\n\n\n \n \n \"TowardsPaper\n  \n \n \n \"TowardsWeb\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 7 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{kollenda_towards_2017,\n\ttitle = {Towards {Automated} {Discovery} of {Crash}-{Resistant} {Primitives} in {Binaries}},\n\turl = {Paper=https://download.vusec.net/papers/autocrop_dsn17.pdf Web=https://www.vusec.net/projects/nowhere-to-hide},\n\tbooktitle = {{DSN}},\n\tauthor = {Kollenda, Benjamin and Goktas, Enes and Blazytko, Tim and Koppe, Philipp and Gawlik, Robert and Konoth, Radhesh Krishnan and Giuffrida, Cristiano and Bos, Herbert and Holz, Thorsten},\n\tmonth = jun,\n\tyear = {2017},\n\tkeywords = {class\\_ih, class\\_rand, class\\_sidechannels, proj\\_protasis, proj\\_sharcs, proj\\_vici, type\\_conf, type\\_csec, type\\_paper, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n Fast and Generic Metadata Management with Mid-Fat Pointers.\n \n \n \n \n\n\n \n Kroes, T.; Koning, K.; Giuffrida, C.; Bos, H.; and van der Kouwe, E.\n\n\n \n\n\n\n In EuroSec, April 2017. \n \n\n\n\n
\n\n\n\n \n \n \"FastPaper\n  \n \n \n \"FastCode\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 10 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{kroes_fast_2017,\n\ttitle = {Fast and {Generic} {Metadata} {Management} with {Mid}-{Fat} {Pointers}},\n\turl = {Paper=https://download.vusec.net/papers/midfat_eurosec17.pdf Code=https://github.com/vusec/midfat},\n\tbooktitle = {{EuroSec}},\n\tauthor = {Kroes, Taddeus and Koning, Koen and Giuffrida, Cristiano and Bos, Herbert and van der Kouwe, Erik},\n\tmonth = apr,\n\tyear = {2017},\n\tkeywords = {class\\_sanitizer, class\\_testing, proj\\_sharcs, proj\\_vici, type\\_paper, type\\_workshop},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n RevAnC: A Framework for Reverse Engineering Hardware Page Table Caches.\n \n \n \n \n\n\n \n van Schaik, S.; Razavi, K.; Gras, B.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In EuroSec, April 2017. \n \n\n\n\n
\n\n\n\n \n \n \"RevAnC:Paper\n  \n \n \n \"RevAnC:Code\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 139 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{van_schaik_revanc_2017,\n\ttitle = {{RevAnC}: {A} {Framework} for {Reverse} {Engineering} {Hardware} {Page} {Table} {Caches}},\n\turl = {Paper=https://download.vusec.net/papers/revanc_eurosec17.pdf Code=https://github.com/vusec/revanc},\n\tbooktitle = {{EuroSec}},\n\tauthor = {van Schaik, Stephan and Razavi, Kaveh and Gras, Ben and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = apr,\n\tyear = {2017},\n\tkeywords = {class\\_reveng, class\\_sidechannels, proj\\_sharcs, proj\\_vici, type\\_mscthesis, type\\_paper, type\\_workshop},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n CodeArmor: Virtualizing the Code Space to Counter Disclosure Attacks.\n \n \n \n \n\n\n \n Chen, X.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In EuroS&P, April 2017. \n \n\n\n\n
\n\n\n\n \n \n \"CodeArmor:Paper\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 5 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{chen_codearmor_2017,\n\ttitle = {{CodeArmor}: {Virtualizing} the {Code} {Space} to {Counter} {Disclosure} {Attacks}},\n\turl = {http://www.cs.vu.nl/~giuffrida/papers/codearmor-eurosp-2017.pdf},\n\tbooktitle = {{EuroS}\\&{P}},\n\tauthor = {Chen, Xi and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = apr,\n\tyear = {2017},\n\tkeywords = {class\\_armor, class\\_rand, proj\\_sharcs, type\\_conf, type\\_paper, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n DangSan: Scalable Use-after-free Detection.\n \n \n \n \n\n\n \n van der Kouwe, E.; Nigade, V.; and Giuffrida, C.\n\n\n \n\n\n\n In EuroSys, April 2017. \n \n\n\n\n
\n\n\n\n \n \n \"DangSan:Paper\n  \n \n \n \"DangSan:Code\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 10 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{van_der_kouwe_dangsan_2017,\n\ttitle = {{DangSan}: {Scalable} {Use}-after-free {Detection}},\n\turl = {Paper=https://download.vusec.net/papers/dangsan_eurosys17.pdf Code=https://github.com/vusec/dangsan},\n\tbooktitle = {{EuroSys}},\n\tauthor = {van der Kouwe, Erik and Nigade, Vinod and Giuffrida, Cristiano},\n\tmonth = apr,\n\tyear = {2017},\n\tkeywords = {class\\_sanitizer, class\\_testing, proj\\_sharcs, proj\\_vici, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n No Need to Hide: Protecting Safe Regions on Commodity Hardware.\n \n \n \n \n\n\n \n Koning, K.; Chen, X.; Bos, H.; Giuffrida, C.; and Athanasopoulos, E.\n\n\n \n\n\n\n In EuroSys, April 2017. \n \n\n\n\n
\n\n\n\n \n \n \"NoPaper\n  \n \n \n \"NoWeb\n  \n \n \n \"NoCode\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 15 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{koning_no_2017,\n\ttitle = {No {Need} to {Hide}: {Protecting} {Safe} {Regions} on {Commodity} {Hardware}},\n\turl = {Paper=https://download.vusec.net/papers/memsentry_eurosys17.pdf Web=https://www.vusec.net/projects/nowhere-to-hide Code=https://github.com/vusec/memsentry},\n\tbooktitle = {{EuroSys}},\n\tauthor = {Koning, Koen and Chen, Xi and Bos, Herbert and Giuffrida, Cristiano and Athanasopoulos, Elias},\n\tmonth = apr,\n\tyear = {2017},\n\tkeywords = {class\\_ih, proj\\_sharcs, proj\\_vici, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n Automating Live Update for Generic Server Programs.\n \n \n \n \n\n\n \n Giuffrida, C.; Iorgulescu, C.; Tamburrelli, G.; and Tanenbaum, A. S.\n\n\n \n\n\n\n TSE, 43(1). March 2017.\n \n\n\n\n
\n\n\n\n \n \n \"AutomatingPaper\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 3 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@article{giuffrida_automating_2017,\n\ttitle = {Automating {Live} {Update} for {Generic} {Server} {Programs}},\n\tvolume = {43},\n\turl = {http://www.cs.vu.nl/~giuffrida/papers/tse-2016.pdf},\n\tnumber = {1},\n\tjournal = {TSE},\n\tauthor = {Giuffrida, Cristiano and Iorgulescu, Calin and Tamburrelli, Giordano and Tanenbaum, Andrew S.},\n\tmonth = mar,\n\tyear = {2017},\n\tkeywords = {class\\_updating, state\\_diffing, type\\_csec, type\\_journal, type\\_paper, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n ASLR on the Line: Practical Cache Attacks on the MMU.\n \n \n \n \n\n\n \n Gras, B.; Razavi, K.; Bosman, E.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In NDSS, February 2017. \n Pwnie Award for Most Innovative Research, DCSR Paper Award\n\n\n\n
\n\n\n\n \n \n \"ASLRPaper\n  \n \n \n \"ASLRSlides\n  \n \n \n \"ASLRWeb\n  \n \n \n \"ASLRCode\n  \n \n \n \"ASLRPress\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 261 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{gras_aslr_2017,\n\ttitle = {{ASLR} on the {Line}: {Practical} {Cache} {Attacks} on the {MMU}},\n\turl = {Paper=https://download.vusec.net/papers/anc_ndss17.pdf Slides=https://vusec.net/wp-content/uploads/2016/11/TalkGras.pdf Web=https://www.vusec.net/projects/anc Code=https://github.com/vusec/revanc Press=https://goo.gl/KL4Bta},\n\tbooktitle = {{NDSS}},\n\tauthor = {Gras, Ben and Razavi, Kaveh and Bosman, Erik and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = feb,\n\tyear = {2017},\n\tnote = {Pwnie Award for Most Innovative Research, DCSR Paper Award},\n\tkeywords = {class\\_sidechannels, proj\\_sharcs, proj\\_vici, type\\_award, type\\_conf, type\\_csec, type\\_cve\\_assigned, type\\_paper, type\\_press, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n VUzzer: Application-aware Evolutionary Fuzzing.\n \n \n \n \n\n\n \n Rawat, S.; Jain, V.; Kumar, A.; Cojocar, L.; Giuffrida, C.; and Bos, H.\n\n\n \n\n\n\n In NDSS, February 2017. \n \n\n\n\n
\n\n\n\n \n \n \"VUzzer:Paper\n  \n \n \n \"VUzzer:Code\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 12 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{rawat_vuzzer_2017,\n\ttitle = {{VUzzer}: {Application}-aware {Evolutionary} {Fuzzing}},\n\turl = {Paper=https://download.vusec.net/papers/vuzzer_ndss17.pdf Code=https://github.com/vusec/vuzzer64},\n\tbooktitle = {{NDSS}},\n\tauthor = {Rawat, Sanjay and Jain, Vivek and Kumar, Ashish and Cojocar, Lucian and Giuffrida, Cristiano and Bos, Herbert},\n\tmonth = feb,\n\tyear = {2017},\n\tkeywords = {class\\_testing, proj\\_sharcs, proj\\_vici, type\\_conf, type\\_csec, type\\_paper, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n SafeInit: Comprehensive and Practical Mitigation of Uninitialized Read Vulnerabilities.\n \n \n \n \n\n\n \n Milburn, A.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In NDSS, February 2017. \n \n\n\n\n
\n\n\n\n \n \n \"SafeInit:Paper\n  \n \n \n \"SafeInit:Code\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 6 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{milburn_safeinit_2017,\n\ttitle = {{SafeInit}: {Comprehensive} and {Practical} {Mitigation} of {Uninitialized} {Read} {Vulnerabilities}},\n\turl = {Paper=https://download.vusec.net/papers/safeinit_ndss17.pdf Code=https://github.com/vusec/safeinit},\n\tbooktitle = {{NDSS}},\n\tauthor = {Milburn, Alyssa and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = feb,\n\tyear = {2017},\n\tkeywords = {class\\_sanitizer, proj\\_sharcs, proj\\_vici, type\\_conf, type\\_mscthesis, type\\_paper, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n MARX: Uncovering Class Hierarchies in C++ Programs.\n \n \n \n \n\n\n \n Pawlowski, A.; Contag, M.; van der Veen, V.; Ouwehand, C.; Holz, T.; Bos, H.; Athanasopoulos, E.; and Giuffrida, C.\n\n\n \n\n\n\n In NDSS, February 2017. \n \n\n\n\n
\n\n\n\n \n \n \"MARX:Paper\n  \n \n \n \"MARX:Code\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 3 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{pawlowski_marx_2017,\n\ttitle = {{MARX}: {Uncovering} {Class} {Hierarchies} in {C}++ {Programs}},\n\turl = {Paper=https://download.vusec.net/papers/marx_ndss17.pdf Code=https://github.com/RUB-SysSec/Marx},\n\tbooktitle = {{NDSS}},\n\tauthor = {Pawlowski, Andre and Contag, Moritz and van der Veen, Victor and Ouwehand, Chris and Holz, Thorsten and Bos, Herbert and Athanasopoulos, Elias and Giuffrida, Cristiano},\n\tmonth = feb,\n\tyear = {2017},\n\tkeywords = {class\\_armor, proj\\_sharcs, proj\\_vici, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n\n\n\n
\n
\n\n
\n
\n  \n 2016\n \n \n (20)\n \n \n
\n
\n \n \n
\n \n\n \n \n \n \n \n \n A NEaT Design for Reliable and Scalable Network Stacks.\n \n \n \n \n\n\n \n Hruby, T.; Giuffrida, C.; Sambuc, L.; Bos, H.; and Tanenbaum, A. S.\n\n\n \n\n\n\n In CoNext, December 2016. \n \n\n\n\n
\n\n\n\n \n \n \"APaper\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 6 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{hruby_neat_2016,\n\ttitle = {A {NEaT} {Design} for {Reliable} and {Scalable} {Network} {Stacks}},\n\turl = {https://download.vusec.net/papers/neat_conext16.pdf},\n\tbooktitle = {{CoNext}},\n\tauthor = {Hruby, Tomas and Giuffrida, Cristiano and Sambuc, Lionel and Bos, Herbert and Tanenbaum, Andrew S.},\n\tmonth = dec,\n\tyear = {2016},\n\tkeywords = {class\\_network, class\\_reliability, proj\\_sharcs, proj\\_vici, type\\_conf, type\\_paper, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n VTPin: Practical VTable Hijacking Protection for Binaries.\n \n \n \n \n\n\n \n Sarbinowski, P.; Kemerlis, V. P.; Giuffrida, C.; and Athanasopoulos, E.\n\n\n \n\n\n\n In ACSAC, December 2016. \n \n\n\n\n
\n\n\n\n \n \n \"VTPin:Paper\n  \n \n \n \"VTPin:Code\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 3 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{sarbinowski_vtpin_2016,\n\ttitle = {{VTPin}: {Practical} {VTable} {Hijacking} {Protection} for {Binaries}},\n\turl = {Paper=https://download.vusec.net/papers/vtpin_acsac16.pdf Code=https://github.com/uberspot/VTPin},\n\tbooktitle = {{ACSAC}},\n\tauthor = {Sarbinowski, Pawel and Kemerlis, Vasileios P. and Giuffrida, Cristiano and Athanasopoulos, Elias},\n\tmonth = dec,\n\tyear = {2016},\n\tkeywords = {class\\_armor, proj\\_sharcs, type\\_conf, type\\_paper, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n Bypassing Clang's SafeStack for Fun and Profit.\n \n \n \n \n\n\n \n Goktas, E.; Oikonomopoulos, A.; Gawlik, R.; Kollenda, B.; Athanasopoulos, E.; Portokalidis, G.; Giuffrida, C.; and Bos, H.\n\n\n \n\n\n\n In Black Hat Europe, November 2016. \n \n\n\n\n
\n\n\n\n \n \n \"BypassingSlides\n  \n \n \n \"BypassingWeb\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 6 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{goktas_bypassing_2016,\n\ttitle = {Bypassing {Clang}'s {SafeStack} for {Fun} and {Profit}},\n\turl = {Slides=https://download.vusec.net/papers/safestack-bypass_bheu16.pdf Web=https://www.vusec.net/projects/nowhere-to-hide},\n\tbooktitle = {Black {Hat} {Europe}},\n\tauthor = {Goktas, Enes and Oikonomopoulos, Angelos and Gawlik, Robert and Kollenda, Benjamin and Athanasopoulos, Elias and Portokalidis, Georgios and Giuffrida, Cristiano and Bos, Herbert},\n\tmonth = nov,\n\tyear = {2016},\n\tkeywords = {class\\_ih, class\\_rand, class\\_sidechannels, proj\\_sharcs, type\\_conf, type\\_csec, type\\_paper},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n Flip Feng Shui: Rowhammering the VM's Isolation.\n \n \n \n \n\n\n \n Razavi, K.; Gras, B.; Bosman, E.; Preneel, B.; Giuffrida, C.; and Bos, H.\n\n\n \n\n\n\n In Black Hat Europe, November 2016. \n \n\n\n\n
\n\n\n\n \n \n \"FlipSlides\n  \n \n \n \"FlipWeb\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 65 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{razavi_flip_2016,\n\ttitle = {Flip {Feng} {Shui}: {Rowhammering} the {VM}'s {Isolation}},\n\turl = {Slides=https://download.vusec.net/papers/flip-feng-shui_bheu16.pdf Web=https://www.vusec.net/projects/flip-feng-shui},\n\tbooktitle = {Black {Hat} {Europe}},\n\tauthor = {Razavi, Kaveh and Gras, Ben and Bosman, Erik and Preneel, Bart and Giuffrida, Cristiano and Bos, Herbert},\n\tmonth = nov,\n\tyear = {2016},\n\tkeywords = {class\\_rowhammer, proj\\_sharcs, proj\\_vici, type\\_conf, type\\_csec, type\\_paper},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n Drammer: Deterministic Rowhammer Attacks on Mobile Platforms.\n \n \n \n \n\n\n \n van der Veen, V.; Fratantonio, Y.; Lindorfer, M.; Gruss, D.; Maurice, C.; Vigna, G.; Bos, H.; Razavi, K.; and Giuffrida, C.\n\n\n \n\n\n\n In CCS, October 2016. \n Pwnie Award for Best Privilege Escalation Bug, Android Security Reward, CSAW Best Paper Award, DCSR Paper Award\n\n\n\n
\n\n\n\n \n \n \"Drammer:Paper\n  \n \n \n \"Drammer:Web\n  \n \n \n \"Drammer:Code\n  \n \n \n \"Drammer:Press\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 222 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{van_der_veen_drammer_2016,\n\ttitle = {Drammer: {Deterministic} {Rowhammer} {Attacks} on {Mobile} {Platforms}},\n\turl = {Paper=https://vvdveen.com/publications/drammer.pdf Web=https://www.vusec.net/projects/drammer Code=https://github.com/vusec/drammer Press=https://goo.gl/y0lZ3l},\n\tbooktitle = {{CCS}},\n\tauthor = {van der Veen, Victor and Fratantonio, Yanick and Lindorfer, Martina and Gruss, Daniel and Maurice, Clementine and Vigna, Giovanni and Bos, Herbert and Razavi, Kaveh and Giuffrida, Cristiano},\n\tmonth = oct,\n\tyear = {2016},\n\tnote = {Pwnie Award for Best Privilege Escalation Bug, Android Security Reward, CSAW Best Paper Award, DCSR Paper Award},\n\tkeywords = {class\\_mobile, class\\_rowhammer, proj\\_sharcs, type\\_award, type\\_bounty, type\\_conf, type\\_cve\\_assigned, type\\_paper, type\\_press, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n TypeSan: Practical Type Confusion Detection.\n \n \n \n \n\n\n \n Haller, I.; Yuseok, J.; Peng, H.; Payer, M.; Giuffrida, C.; Bos, H.; and van der Kouwe, E.\n\n\n \n\n\n\n In CCS, October 2016. \n \n\n\n\n
\n\n\n\n \n \n \"TypeSan:Paper\n  \n \n \n \"TypeSan:Code\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 14 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{haller_typesan_2016,\n\ttitle = {{TypeSan}: {Practical} {Type} {Confusion} {Detection}},\n\turl = {Paper=https://download.vusec.net/papers/typesan_ccs16.pdf Code=https://github.com/vusec/typesan},\n\tbooktitle = {{CCS}},\n\tauthor = {Haller, Istvan and Yuseok, Jeon and Peng, Hui and Payer, Mathias and Giuffrida, Cristiano and Bos, Herbert and van der Kouwe, Erik},\n\tmonth = oct,\n\tyear = {2016},\n\tkeywords = {class\\_sanitizer, class\\_testing, proj\\_sharcs, proj\\_vici, type\\_conf, type\\_csec, type\\_paper, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n Peeking into the Past: Efficient Checkpoint-assisted Time-traveling Debugging.\n \n \n \n \n\n\n \n Miraglia, A.; Vogt, D.; Bos, H.; Tanenbaum, A. S.; and Giuffrida, C.\n\n\n \n\n\n\n In ISSRE, October 2016. \n \n\n\n\n
\n\n\n\n \n \n \"PeekingPaper\n  \n \n \n \"PeekingCode\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 7 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{miraglia_peeking_2016,\n\ttitle = {Peeking into the {Past}: {Efficient} {Checkpoint}-assisted {Time}-traveling {Debugging}},\n\turl = {Paper=https://download.vusec.net/papers/delorean_issre16.pdf Code=https://github.com/vusec/delorean},\n\tbooktitle = {{ISSRE}},\n\tauthor = {Miraglia, Armando and Vogt, Dirk and Bos, Herbert and Tanenbaum, Andrew S. and Giuffrida, Cristiano},\n\tmonth = oct,\n\tyear = {2016},\n\tkeywords = {class\\_reliability, proj\\_sharcs, proj\\_vici, type\\_conf, type\\_csec, type\\_mscthesis, type\\_paper},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n Undermining Information Hiding (And What to do About it).\n \n \n \n \n\n\n \n Goktas, E.; Gawlik, R.; Kollenda, B.; Athanasopoulos, E.; Portokalidis, G.; Giuffrida, C.; and Bos, H.\n\n\n \n\n\n\n In USENIX Security, August 2016. \n \n\n\n\n
\n\n\n\n \n \n \"UnderminingPaper\n  \n \n \n \"UnderminingWeb\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 9 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{goktas_undermining_2016,\n\ttitle = {Undermining {Information} {Hiding} ({And} {What} to do {About} it)},\n\turl = {Paper=https://download.vusec.net/papers/thread-spraying_sec16.pdf Web=https://www.vusec.net/projects/nowhere-to-hide},\n\tbooktitle = {{USENIX} {Security}},\n\tauthor = {Goktas, Enes and Gawlik, Robert and Kollenda, Benjamin and Athanasopoulos, Elias and Portokalidis, Georgios and Giuffrida, Cristiano and Bos, Herbert},\n\tmonth = aug,\n\tyear = {2016},\n\tkeywords = {class\\_ih, class\\_rand, class\\_sidechannels, proj\\_sharcs, proj\\_vici, type\\_conf, type\\_csec, type\\_paper, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n Flip Feng Shui: Hammering a Needle in the Software Stack.\n \n \n \n \n\n\n \n Razavi, K.; Gras, B.; Bosman, E.; Preneel, B.; Giuffrida, C.; and Bos, H.\n\n\n \n\n\n\n In USENIX Security, August 2016. \n Pwnie Award Nomination for Best Cryptographic Attack\n\n\n\n
\n\n\n\n \n \n \"FlipPaper\n  \n \n \n \"FlipSlides\n  \n \n \n \"FlipWeb\n  \n \n \n \"FlipPress\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 121 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{razavi_flip_2016-1,\n\ttitle = {Flip {Feng} {Shui}: {Hammering} a {Needle} in the {Software} {Stack}},\n\turl = {Paper=https://download.vusec.net/papers/flip-feng-shui_sec16.pdf Slides=https://vusec.net/wp-content/uploads/2016/06/presentation.pdf Web=https://www.vusec.net/projects/flip-feng-shui Press=https://goo.gl/owOb2m},\n\tbooktitle = {{USENIX} {Security}},\n\tauthor = {Razavi, Kaveh and Gras, Ben and Bosman, Erik and Preneel, Bart and Giuffrida, Cristiano and Bos, Herbert},\n\tmonth = aug,\n\tyear = {2016},\n\tnote = {Pwnie Award Nomination for Best Cryptographic Attack},\n\tkeywords = {class\\_rowhammer, proj\\_sharcs, type\\_award, type\\_conf, type\\_csec, type\\_paper, type\\_press, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n Poking Holes in Information Hiding.\n \n \n \n \n\n\n \n Oikonomopoulos, A.; Athanasopoulos, E.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In USENIX Security, August 2016. \n \n\n\n\n
\n\n\n\n \n \n \"PokingPaper\n  \n \n \n \"PokingSlides\n  \n \n \n \"PokingWeb\n  \n \n \n \"PokingCode\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 9 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{oikonomopoulos_poking_2016,\n\ttitle = {Poking {Holes} in {Information} {Hiding}},\n\turl = {Paper=https://download.vusec.net/papers/allocation-oracles_sec16.pdf Slides=https://www.usenix.org/sites/default/files/conference/protected-files/security16_slides_oikonomopoulos.pdf Web=https://www.vusec.net/projects/nowhere-to-hide Code=https://github.com/vusec/poking-holes},\n\tbooktitle = {{USENIX} {Security}},\n\tauthor = {Oikonomopoulos, Angelos and Athanasopoulos, Elias and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = aug,\n\tyear = {2016},\n\tkeywords = {class\\_ih, class\\_rand, class\\_sidechannels, proj\\_sharcs, proj\\_vici, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n Over the Edge: Silently Owning Windows 10's Secure Browser.\n \n \n \n \n\n\n \n Bosman, E.; Razavi, K.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In Black Hat USA, July 2016. \n \n\n\n\n
\n\n\n\n \n \n \"OverSlides\n  \n \n \n \"OverWeb\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 42 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{bosman_over_2016,\n\ttitle = {Over the {Edge}: {Silently} {Owning} {Windows} 10's {Secure} {Browser}},\n\turl = {Slides=https://download.vusec.net/papers/over-the-edge_bhusa16.pdf Web=https://vusec.net/projects/dedup-est-machina},\n\tbooktitle = {Black {Hat} {USA}},\n\tauthor = {Bosman, Erik and Razavi, Kaveh and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = jul,\n\tyear = {2016},\n\tkeywords = {class\\_rowhammer, class\\_sidechannels, proj\\_sharcs, type\\_conf, type\\_csec, type\\_paper},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n OSIRIS: Efficient and Consistent Recovery of Compartmentalized Operating Systems.\n \n \n \n \n\n\n \n Bhat, K.; Vogt, D.; van der Kouwe, E.; Gras, B.; Sambuc, L.; Tanenbaum, A. S.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In DSN, June 2016. \n Best Paper Session\n\n\n\n
\n\n\n\n \n \n \"OSIRIS:Paper\n  \n \n \n \"OSIRIS:Code\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 10 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{bhat_osiris_2016,\n\ttitle = {{OSIRIS}: {Efficient} and {Consistent} {Recovery} of {Compartmentalized} {Operating} {Systems}},\n\turl = {Paper=http://www.cs.vu.nl/~giuffrida/papers/dsn-2016-2.pdf Code=https://github.com/vusec/osiris},\n\tbooktitle = {{DSN}},\n\tauthor = {Bhat, Koustubha and Vogt, Dirk and van der Kouwe, Erik and Gras, Ben and Sambuc, Lionel and Tanenbaum, Andrew S. and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = jun,\n\tyear = {2016},\n\tnote = {Best Paper Session},\n\tkeywords = {class\\_reliability, proj\\_sharcs, type\\_award, type\\_conf, type\\_csec, type\\_paper, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n Secure and Efficient Multi-variant Execution Using Hardware-assisted Process Virtualization.\n \n \n \n \n\n\n \n Koning, K.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In DSN, June 2016. \n \n\n\n\n
\n\n\n\n \n \n \"SecurePaper\n  \n \n \n \"SecureCode\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 15 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{koning_secure_2016,\n\ttitle = {Secure and {Efficient} {Multi}-variant {Execution} {Using} {Hardware}-assisted {Process} {Virtualization}},\n\turl = {Paper=http://www.cs.vu.nl/~giuffrida/papers/dsn-2016.pdf Code=https://github.com/vusec/mvarmor},\n\tbooktitle = {{DSN}},\n\tauthor = {Koning, Koen and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = jun,\n\tyear = {2016},\n\tkeywords = {class\\_armor, proj\\_sharcs, type\\_conf, type\\_mscthesis, type\\_paper, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n Dedup Est Machina: Memory Deduplication as an Advanced Exploitation Vector.\n \n \n \n \n\n\n \n Bosman, E.; Razavi, K.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In S&P, May 2016. \n Pwnie Award for Most Innovative Research\n\n\n\n
\n\n\n\n \n \n \"DedupPaper\n  \n \n \n \"DedupWeb\n  \n \n \n \"DedupPress\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 94 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{bosman_dedup_2016,\n\ttitle = {Dedup {Est} {Machina}: {Memory} {Deduplication} as an {Advanced} {Exploitation} {Vector}},\n\turl = {Paper=https://download.vusec.net/papers/dedup-est-machina_sp16.pdf Web=https://www.vusec.net/projects/dedup-est-machina Press=https://goo.gl/ogBXTm},\n\tbooktitle = {S\\&{P}},\n\tauthor = {Bosman, Erik and Razavi, Kaveh and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = may,\n\tyear = {2016},\n\tnote = {Pwnie Award for Most Innovative Research},\n\tkeywords = {class\\_rowhammer, class\\_sidechannels, proj\\_sharcs, proj\\_vici, type\\_award, type\\_conf, type\\_csec, type\\_cve\\_assigned, type\\_paper, type\\_press, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n A Tough Call: Mitigating Advanced Code-Reuse Attacks at the Binary Level.\n \n \n \n \n\n\n \n van der Veen, V.; Goktas, E.; Contag, M.; Pawlowski, A.; Chen, X.; Rawat, S.; Bos, H.; Holz, T.; Athanasopoulos, E.; and Giuffrida, C.\n\n\n \n\n\n\n In S&P, May 2016. \n \n\n\n\n
\n\n\n\n \n \n \"APaper\n  \n \n \n \"ACode\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 8 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{van_der_veen_tough_2016,\n\ttitle = {A {Tough} {Call}: {Mitigating} {Advanced} {Code}-{Reuse} {Attacks} at the {Binary} {Level}},\n\turl = {Paper=https://download.vusec.net/papers/typearmor_sp16.pdf Code=https://github.com/vusec/typearmor},\n\tbooktitle = {S\\&{P}},\n\tauthor = {van der Veen, Victor and Goktas, Enes and Contag, Moritz and Pawlowski, Andre and Chen, Xi and Rawat, Sanjay and Bos, Herbert and Holz, Thorsten and Athanasopoulos, Elias and Giuffrida, Cristiano},\n\tmonth = may,\n\tyear = {2016},\n\tkeywords = {class\\_armor, proj\\_sharcs, proj\\_vici, type\\_conf, type\\_csec, type\\_paper, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n METAlloc: Efficient and Comprehensive Metadata Management for Software Security Hardening.\n \n \n \n \n\n\n \n Haller, I.; van der Kouwe, E.; Giuffrida, C.; and Bos, H.\n\n\n \n\n\n\n In EuroSec, April 2016. \n \n\n\n\n
\n\n\n\n \n \n \"METAlloc:Paper\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 4 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{haller_metalloc_2016,\n\ttitle = {{METAlloc}: {Efficient} and {Comprehensive} {Metadata} {Management} for {Software} {Security} {Hardening}},\n\tshorttitle = {{METAlloc}},\n\turl = {http://www.cs.vu.nl/~giuffrida/papers/eurosec-2016.pdf},\n\tbooktitle = {{EuroSec}},\n\tauthor = {Haller, Istvan and van der Kouwe, Erik and Giuffrida, Cristiano and Bos, Herbert},\n\tmonth = apr,\n\tyear = {2016},\n\tkeywords = {class\\_sanitizer, class\\_testing, proj\\_sharcs, type\\_csec, type\\_paper, type\\_workshop},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n Slick: An Intrusion Detection System for Virtualized Storage Devices.\n \n \n \n \n\n\n \n Bacs, A.; Giuffrida, C.; Grill, B.; and Bos, H.\n\n\n \n\n\n\n In SAC, April 2016. \n \n\n\n\n
\n\n\n\n \n \n \"Slick:Paper\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 4 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{bacs_slick_2016,\n\ttitle = {Slick: {An} {Intrusion} {Detection} {System} for {Virtualized} {Storage} {Devices}},\n\turl = {http://www.cs.vu.nl/~giuffrida/papers/sac-2016.pdf},\n\tbooktitle = {{SAC}},\n\tauthor = {Bacs, Andrei and Giuffrida, Cristiano and Grill, Bernhard and Bos, Herbert},\n\tmonth = apr,\n\tyear = {2016},\n\tkeywords = {class\\_malware, type\\_conf, type\\_csec, type\\_paper},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n On the Effectiveness of Sensor-enhanced Keystroke Dynamics Against Statistical Attacks.\n \n \n \n \n\n\n \n Stanciu, V.; Spolaor, R.; Conti, M.; and Giuffrida, C.\n\n\n \n\n\n\n In CODASPY, March 2016. \n \n\n\n\n
\n\n\n\n \n \n \"OnPaper\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{stanciu_effectiveness_2016,\n\ttitle = {On the {Effectiveness} of {Sensor}-enhanced {Keystroke} {Dynamics} {Against} {Statistical} {Attacks}},\n\turl = {http://www.cs.vu.nl/~giuffrida/papers/codaspy-2016.pdf},\n\tbooktitle = {{CODASPY}},\n\tauthor = {Stanciu, Valeriu-Daniel and Spolaor, Riccardo and Conti, Mauro and Giuffrida, Cristiano},\n\tmonth = mar,\n\tyear = {2016},\n\tkeywords = {biometric authentication, class\\_mobile, class\\_sidechannels, keystroke dynamics, mobile security, sensor dynamics, statistical attacks, type\\_conf, type\\_csec, type\\_mscthesis, type\\_paper},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n Finding Fault with Fault Injection: An Empirical Exploration of Distortion in Fault Injection Experiments.\n \n \n \n \n\n\n \n van der Kouwe, E.; Giuffrida, C.; and Tanenbaum, A. S.\n\n\n \n\n\n\n SQL, 24(1). March 2016.\n \n\n\n\n
\n\n\n\n \n \n \"FindingPaper\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@article{van_der_kouwe_finding_2016,\n\ttitle = {Finding {Fault} with {Fault} {Injection}: {An} {Empirical} {Exploration} of {Distortion} in {Fault} {Injection} {Experiments}},\n\tvolume = {24},\n\turl = {http://link.springer.com/article/10.1007/s11219-014-9261-3},\n\tnumber = {1},\n\tjournal = {SQL},\n\tauthor = {van der Kouwe, Erik and Giuffrida, Cristiano and Tanenbaum, Andrew S.},\n\tmonth = mar,\n\tyear = {2016},\n\tkeywords = {Correlation, Keyboards, Monitoring, PCC, black-box, class\\_fi, class\\_testing, invasive software, kernel, keylogger, robustness, security, type\\_journal, type\\_paper},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n Binary Rejuvenation: Applications and Challenges.\n \n \n \n \n\n\n \n Oikonomopoulos, A.; Giuffrida, C.; Rawat, S.; and Bos, H.\n\n\n \n\n\n\n IEEE S&P Magazine, 14(1). January 2016.\n \n\n\n\n
\n\n\n\n \n \n \"BinaryPaper\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 1 download\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@article{oikonomopoulos_binary_2016,\n\ttitle = {Binary {Rejuvenation}: {Applications} and {Challenges}},\n\tvolume = {14},\n\turl = {http://www.cs.vu.nl/~giuffrida/papers/spmag-2016.pdf},\n\tnumber = {1},\n\tjournal = {IEEE S\\&P Magazine},\n\tauthor = {Oikonomopoulos, Angelos and Giuffrida, Cristiano and Rawat, Sanjay and Bos, Herbert},\n\tmonth = jan,\n\tyear = {2016},\n\tkeywords = {class\\_reveng, proj\\_sharcs, type\\_mag, type\\_paper},\n}\n\n
\n
\n\n\n\n
\n\n\n\n\n\n
\n
\n\n
\n
\n  \n 2015\n \n \n (5)\n \n \n
\n
\n \n \n
\n \n\n \n \n \n \n \n \n Practical Context-Sensitive CFI.\n \n \n \n \n\n\n \n van der Veen, V.; Andriesse, D.; Göktas, E.; Gras, B.; Sambuc, L.; Slowinska, A.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In CCS, November 2015. \n \n\n\n\n
\n\n\n\n \n \n \"PracticalPaper\n  \n \n \n \"PracticalWeb\n  \n \n \n \"PracticalCode\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 101 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{van_der_veen_practical_2015,\n\ttitle = {Practical {Context}-{Sensitive} {CFI}},\n\turl = {Paper=http://www.cs.vu.nl/~giuffrida/papers/ccs-2015.pdf Web=https://www.vusec.net/projects/patharmor Code=https://github.com/vusec/patharmor},\n\tbooktitle = {{CCS}},\n\tauthor = {van der Veen, Victor and Andriesse, Dennis and Göktas, Enes and Gras, Ben and Sambuc, Lionel and Slowinska, Asia and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = nov,\n\tyear = {2015},\n\tkeywords = {class\\_armor, proj\\_sharcs, proj\\_vici, type\\_conf, type\\_csec, type\\_paper, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n StackArmor: Comprehensive Protection from Stack-based Memory Error Vulnerabilities for Binaries.\n \n \n \n \n\n\n \n Chen, X.; Slowinska, A.; Andriesse, D.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In NDSS, November 2015. \n \n\n\n\n
\n\n\n\n \n \n \"StackArmor:Paper\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 7 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{chen_stackarmor_2015,\n\ttitle = {{StackArmor}: {Comprehensive} {Protection} from {Stack}-based {Memory} {Error} {Vulnerabilities} for {Binaries}},\n\turl = {http://www.cs.vu.nl/~giuffrida/papers/ndss-2015.pdf},\n\tbooktitle = {{NDSS}},\n\tauthor = {Chen, Xi and Slowinska, Asia and Andriesse, Dennis and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = nov,\n\tyear = {2015},\n\tkeywords = {class\\_armor, class\\_rand, type\\_conf, type\\_csec, type\\_paper, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n Speculative Memory Checkpointing.\n \n \n \n \n\n\n \n Vogt, D.; Miraglia, A.; Portokalidis, G.; Tanenbaum, A. S.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In Middleware, October 2015. \n \n\n\n\n
\n\n\n\n \n \n \"SpeculativePaper\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 2 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{vogt_speculative_2015,\n\ttitle = {Speculative {Memory} {Checkpointing}},\n\turl = {http://www.cs.vu.nl/~giuffrida/papers/middleware-2015.pdf},\n\tbooktitle = {Middleware},\n\tauthor = {Vogt, Dirk and Miraglia, Armando and Portokalidis, Georgios and Tanenbaum, Andrew S. and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = oct,\n\tyear = {2015},\n\tkeywords = {class\\_reliability, proj\\_sharcs, type\\_conf, type\\_csec, type\\_paper, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n Lightweight Memory Checkpointing.\n \n \n \n \n\n\n \n Vogt, D.; Giuffrida, C.; Bos, H.; and Tanenbaum, A. S.\n\n\n \n\n\n\n In DSN, October 2015. \n \n\n\n\n
\n\n\n\n \n \n \"LightweightPaper\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 5 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{vogt_lightweight_2015,\n\ttitle = {Lightweight {Memory} {Checkpointing}},\n\turl = {http://www.cs.vu.nl/~giuffrida/papers/dsn-2015.pdf},\n\tbooktitle = {{DSN}},\n\tauthor = {Vogt, Dirk and Giuffrida, Cristiano and Bos, Herbert and Tanenbaum, Andrew S.},\n\tmonth = oct,\n\tyear = {2015},\n\tkeywords = {class\\_reliability, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n A Methodology to Efficiently Compare Operating System Stability.\n \n \n \n \n\n\n \n van der Kouwe, E.; Giuffrida, C.; Ghituletez, R.; and Tanenbaum, A. S.\n\n\n \n\n\n\n In HASE, September 2015. \n \n\n\n\n
\n\n\n\n \n \n \"APaper\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 2 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{van_der_kouwe_methodology_2015,\n\ttitle = {A {Methodology} to {Efficiently} {Compare} {Operating} {System} {Stability}},\n\turl = {http://www.cs.vu.nl/~giuffrida/papers/hase-2015.pdf},\n\tbooktitle = {{HASE}},\n\tauthor = {van der Kouwe, Erik and Giuffrida, Cristiano and Ghituletez, Razvan and Tanenbaum, Andrew S.},\n\tmonth = sep,\n\tyear = {2015},\n\tkeywords = {Computer crashes, MINIX 3, OS crash, OS stability improvement, Operating systems, Scalability, Stability, class\\_fi, class\\_testing, code base, efficient operating system stability comparison, fault impact, fault injection, fault injection strategy, linux, program diagnostics, reliability, robustness, run-time instrumentation, software engineering, software fault tolerance, software faults, static instrumentation, system recovery, testing, type\\_conf, type\\_csec, type\\_paper},\n}\n\n
\n
\n\n\n\n
\n\n\n\n\n\n
\n
\n\n
\n
\n  \n 2014\n \n \n (4)\n \n \n
\n
\n \n \n
\n \n\n \n \n \n \n \n \n Mutable Checkpoint-Restart: Automating Live Update for Generic Server Programs.\n \n \n \n \n\n\n \n Giuffrida, C.; Iorgulescu, C.; and Tanenbaum, A. S.\n\n\n \n\n\n\n In Middleware, October 2014. \n \n\n\n\n
\n\n\n\n \n \n \"MutablePaper\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{giuffrida_mutable_2014,\n\ttitle = {Mutable {Checkpoint}-{Restart}: {Automating} {Live} {Update} for {Generic} {Server} {Programs}},\n\turl = {http://www.cs.vu.nl/~giuffrida/papers/middleware-2014.pdf},\n\tbooktitle = {Middleware},\n\tauthor = {Giuffrida, Cristiano and Iorgulescu, Calin and Tanenbaum, Andrew S.},\n\tmonth = oct,\n\tyear = {2014},\n\tkeywords = {class\\_updating, type\\_conf, type\\_csec, type\\_mscthesis, type\\_paper, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n On the Soundness of Silence: Investigating Silent Failures Using Fault Injection Experiments.\n \n \n \n \n\n\n \n van der Kouwe, E.; Giuffrida, C.; and Tanenbaum, A. S.\n\n\n \n\n\n\n In EDCC, September 2014. \n \n\n\n\n
\n\n\n\n \n \n \"OnPaper\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{van_der_kouwe_soundness_2014,\n\ttitle = {On the {Soundness} of {Silence}: {Investigating} {Silent} {Failures} {Using} {Fault} {Injection} {Experiments}},\n\turl = {http://www.cs.vu.nl/~giuffrida/papers/edcc-2014.pdf},\n\tbooktitle = {{EDCC}},\n\tauthor = {van der Kouwe, Erik and Giuffrida, Cristiano and Tanenbaum, Andrew S.},\n\tmonth = sep,\n\tyear = {2014},\n\tkeywords = {Computer bugs, Computers, Instruction sets, LLVM, Servers, class\\_fi, class\\_testing, fail-stop, fail-stop behavior analysis, fault diagnosis, fault injection, fault injection experiments, fault injection-induced silent failures, fault-free execution, field data, linux, security of data, silent failure, software reliability, system call tracing, system call-based anomaly detection, type\\_conf, type\\_paper, user-to detect silent failures},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n Evaluating Distortion in Fault Injection Experiments.\n \n \n \n \n\n\n \n van der Kouwe, E.; Giuffrida, C.; and Tanenbaum, A. S.\n\n\n \n\n\n\n In HASE, September 2014. \n Best Paper Award\n\n\n\n
\n\n\n\n \n \n \"EvaluatingPaper\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 15 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{van_der_kouwe_evaluating_2014,\n\ttitle = {Evaluating {Distortion} in {Fault} {Injection} {Experiments}},\n\turl = {http://www.cs.vu.nl/~giuffrida/papers/hase-2014.pdf},\n\tbooktitle = {{HASE}},\n\tauthor = {van der Kouwe, Erik and Giuffrida, Cristiano and Tanenbaum, Andrew S.},\n\tmonth = sep,\n\tyear = {2014},\n\tnote = {Best Paper Award},\n\tkeywords = {class\\_fi, class\\_testing, type\\_award, type\\_conf, type\\_paper},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n I Sensed It Was You: Authenticating Mobile Users with Sensor-Enhanced Keystroke Dynamics.\n \n \n \n \n\n\n \n Giuffrida, C.; Majdanik, K.; Conti, M.; and Bos, H.\n\n\n \n\n\n\n In DIMVA, September 2014. \n \n\n\n\n
\n\n\n\n \n \n \"IPaper\n  \n \n \n \"ICode\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 3 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{giuffrida_i_2014,\n\ttitle = {I {Sensed} {It} {Was} {You}: {Authenticating} {Mobile} {Users} with {Sensor}-{Enhanced} {Keystroke} {Dynamics}},\n\turl = {Paper=http://www.cs.vu.nl/~giuffrida/papers/dimva-2014.pdf Code=https://github.com/vusec/unagi},\n\tbooktitle = {{DIMVA}},\n\tauthor = {Giuffrida, Cristiano and Majdanik, Kamil and Conti, Mauro and Bos, Herbert},\n\tmonth = sep,\n\tyear = {2014},\n\tkeywords = {Management of Computing and Information Systems, Systems and Data Security, class\\_mobile, class\\_sidechannels, e-Commerce/e-business, type\\_conf, type\\_mscthesis, type\\_paper},\n}\n\n
\n
\n\n\n\n
\n\n\n\n\n\n
\n
\n\n
\n
\n  \n 2013\n \n \n (6)\n \n \n
\n
\n \n \n
\n \n\n \n \n \n \n \n \n Safe and Automatic Live Update for Operating Systems.\n \n \n \n \n\n\n \n Giuffrida, C.; Kuijsten, A.; and Tanenbaum, A. S.\n\n\n \n\n\n\n In ASPLOS, December 2013. \n \n\n\n\n
\n\n\n\n \n \n \"SafePaper\n  \n \n \n \"SafeCode\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 4 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{giuffrida_safe_2013,\n\ttitle = {Safe and {Automatic} {Live} {Update} for {Operating} {Systems}},\n\turl = {Paper=http://www.cs.vu.nl/~giuffrida/papers/asplos-2013.pdf Code=Code=https://github.com/Stichting-MINIX-Research-Foundation},\n\tbooktitle = {{ASPLOS}},\n\tauthor = {Giuffrida, Cristiano and Kuijsten, Anton and Tanenbaum, Andrew S.},\n\tmonth = dec,\n\tyear = {2013},\n\tkeywords = {Operating systems, automatic updates, class\\_updating, live update, state checking, state transfer, type\\_conf, type\\_paper, type\\_tier1, type\\_top, update safety},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n Back to the Future: Fault-tolerant Live Update with Time-traveling State Transfer.\n \n \n \n \n\n\n \n Giuffrida, C.; Iorgulescu, C.; Kuijsten, A.; and Tanenbaum, A. S.\n\n\n \n\n\n\n In LISA, October 2013. \n Best Student Paper Award\n\n\n\n
\n\n\n\n \n \n \"BackPaper\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 6 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{giuffrida_back_2013,\n\ttitle = {Back to the {Future}: {Fault}-tolerant {Live} {Update} with {Time}-traveling {State} {Transfer}},\n\turl = {http://www.cs.vu.nl/~giuffrida/papers/lisa-2013.pdf},\n\tbooktitle = {{LISA}},\n\tauthor = {Giuffrida, Cristiano and Iorgulescu, Calin and Kuijsten, Anton and Tanenbaum, Andrew S.},\n\tmonth = oct,\n\tyear = {2013},\n\tnote = {Best Student Paper Award},\n\tkeywords = {class\\_updating, state\\_diffing, type\\_award, type\\_conf, type\\_csec, type\\_mscthesis, type\\_paper, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n Practical Automated Vulnerability Monitoring Using Program State Invariants.\n \n \n \n \n\n\n \n Giuffrida, C.; Cavallaro, L.; and Tanenbaum, A. S.\n\n\n \n\n\n\n In DSN, October 2013. \n \n\n\n\n
\n\n\n\n \n \n \"PracticalPaper\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{giuffrida_practical_2013,\n\ttitle = {Practical {Automated} {Vulnerability} {Monitoring} {Using} {Program} {State} {Invariants}},\n\turl = {http://www.cs.vu.nl/~giuffrida/papers/dsn-2013.pdf},\n\tbooktitle = {{DSN}},\n\tauthor = {Giuffrida, Cristiano and Cavallaro, Lorenzo and Tanenbaum, Andrew S.},\n\tmonth = oct,\n\tyear = {2013},\n\tkeywords = {Instruments, Libraries, Monitoring, Production, Program State Invariants, Runtime, Systems Security, Vulnerability Analysis, class\\_invariants, class\\_testing, memory errors, memory management, security, type\\_conf, type\\_paper, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n Unprivileged Black-Box Detection of User-Space Keyloggers.\n \n \n \n \n\n\n \n Ortolani, S.; Giuffrida, C.; and Crispo, B.\n\n\n \n\n\n\n TDSC, 10(1). September 2013.\n \n\n\n\n
\n\n\n\n \n \n \"UnprivilegedPaper\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@article{ortolani_unprivileged_2013,\n\ttitle = {Unprivileged {Black}-{Box} {Detection} of {User}-{Space} {Keyloggers}},\n\tvolume = {10},\n\turl = {http://www.cs.vu.nl/~giuffrida/papers/tdsc-2013.pdf},\n\tnumber = {1},\n\tjournal = {TDSC},\n\tauthor = {Ortolani, Stefano and Giuffrida, Cristiano and Crispo, Bruno},\n\tmonth = sep,\n\tyear = {2013},\n\tkeywords = {Correlation, Keyboards, Monitoring, PCC, black-box, class\\_malware, invasive software, kernel, keylogger, robustness, security, type\\_journal, type\\_paper},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n Techniques for Efficient In-Memory Checkpointing.\n \n \n \n \n\n\n \n Vogt, D.; Giuffrida, C.; Bos, H.; and Tanenbaum, A. S.\n\n\n \n\n\n\n In HotDep, September 2013. \n \n\n\n\n
\n\n\n\n \n \n \"TechniquesPaper\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 1 download\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{vogt_techniques_2013,\n\ttitle = {Techniques for {Efficient} {In}-{Memory} {Checkpointing}},\n\turl = {http://www.cs.vu.nl/~giuffrida/papers/hotdep-2013.pdf},\n\tbooktitle = {{HotDep}},\n\tauthor = {Vogt, Dirk and Giuffrida, Cristiano and Bos, Herbert and Tanenbaum, Andrew S.},\n\tmonth = sep,\n\tyear = {2013},\n\tkeywords = {class\\_reliability, type\\_paper, type\\_workshop},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n EDFI: A Dependable Fault Injection Tool for Dependability Benchmarking Experiments.\n \n \n \n \n\n\n \n Giuffrida, C.; Kuijsten, A.; and Tanenbaum, A. S.\n\n\n \n\n\n\n In PRDC, September 2013. \n \n\n\n\n
\n\n\n\n \n \n \"EDFI:Paper\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{giuffrida_edfi_2013,\n\ttitle = {{EDFI}: {A} {Dependable} {Fault} {Injection} {Tool} for {Dependability} {Benchmarking} {Experiments}},\n\turl = {http://www.cs.vu.nl/~giuffrida/papers/prdc-2013.pdf},\n\tbooktitle = {{PRDC}},\n\tauthor = {Giuffrida, Cristiano and Kuijsten, Anton and Tanenbaum, Andrew S.},\n\tmonth = sep,\n\tyear = {2013},\n\tkeywords = {Operating systems, automatic updates, class\\_fi, class\\_testing, live update, llvm, state checking, state transfer, type\\_conf, type\\_paper, update safety},\n}\n\n
\n
\n\n\n\n
\n\n\n\n\n\n
\n
\n\n
\n
\n  \n 2012\n \n \n (3)\n \n \n
\n
\n \n \n
\n \n\n \n \n \n \n \n \n Enhanced Operating System Security Through Efficient and Fine-grained Address Space Randomization.\n \n \n \n \n\n\n \n Giuffrida, C.; Kuijsten, A.; and Tanenbaum, A. S.\n\n\n \n\n\n\n In USENIX Security, December 2012. \n \n\n\n\n
\n\n\n\n \n \n \"EnhancedPaper\n  \n \n \n \"EnhancedCode\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 4 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{giuffrida_enhanced_2012,\n\ttitle = {Enhanced {Operating} {System} {Security} {Through} {Efficient} and {Fine}-grained {Address} {Space} {Randomization}},\n\turl = {Paper=http://www.cs.vu.nl/~giuffrida/papers/usenixsec-2012.pdf Code=https://github.com/Stichting-MINIX-Research-Foundation},\n\tbooktitle = {{USENIX} {Security}},\n\tauthor = {Giuffrida, Cristiano and Kuijsten, Anton and Tanenbaum, Andrew S.},\n\tmonth = dec,\n\tyear = {2012},\n\tkeywords = {class\\_rand, class\\_updating, type\\_conf, type\\_mscthesis, type\\_paper, type\\_tier1, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n Safe and Automated State Transfer for Secure and Reliable Live Update.\n \n \n \n \n\n\n \n Giuffrida, C.; and Tanenbaum, A. S.\n\n\n \n\n\n\n In HotSwUp, September 2012. \n \n\n\n\n
\n\n\n\n \n \n \"SafePaper\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 2 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{giuffrida_safe_2012,\n\ttitle = {Safe and {Automated} {State} {Transfer} for {Secure} and {Reliable} {Live} {Update}},\n\turl = {http://www.cs.vu.nl/~giuffrida/papers/hotswup-2012.pdf},\n\tbooktitle = {{HotSwUp}},\n\tauthor = {Giuffrida, Cristiano and Tanenbaum, Andrew S.},\n\tmonth = sep,\n\tyear = {2012},\n\tkeywords = {C language, C program, Instruments, Libraries, Resource management, Runtime, automated state transfer, class\\_updating, complex state change, complex state transformation, configuration management, live update reliability, live update security, live update system, program state annotation, program version, programming effort, reliability, safe state transfer, security, security of data, software, software reliability, standard C idiom, structural state change, type\\_paper, type\\_workshop},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n Memoirs of a Browser: A Cross-browser Detection Model for Privacy-breaching Extensions.\n \n \n \n \n\n\n \n Giuffrida, C.; Ortolani, S.; and Crispo, B.\n\n\n \n\n\n\n In ASIACCS, September 2012. \n \n\n\n\n
\n\n\n\n \n \n \"MemoirsPaper\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 2 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{giuffrida_memoirs_2012,\n\ttitle = {Memoirs of a {Browser}: {A} {Cross}-browser {Detection} {Model} for {Privacy}-breaching {Extensions}},\n\tshorttitle = {Memoirs of a browser},\n\turl = {http://www.cs.vu.nl/~giuffrida/papers/asiaccs-2012.pdf},\n\tbooktitle = {{ASIACCS}},\n\tauthor = {Giuffrida, Cristiano and Ortolani, Stefano and Crispo, Bruno},\n\tmonth = sep,\n\tyear = {2012},\n\tkeywords = {class\\_malware, type\\_conf, type\\_paper},\n}\n\n
\n
\n\n\n\n
\n\n\n\n\n\n
\n
\n\n
\n
\n  \n 2011\n \n \n (2)\n \n \n
\n
\n \n \n
\n \n\n \n \n \n \n \n \n KLIMAX: Profiling Memory Write Patterns to Detect Keystroke-harvesting Malware.\n \n \n \n \n\n\n \n Ortolani, S.; Giuffrida, C.; and Crispo, B.\n\n\n \n\n\n\n In RAID, October 2011. \n \n\n\n\n
\n\n\n\n \n \n \"KLIMAX:Paper\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{ortolani_klimax_2011,\n\ttitle = {{KLIMAX}: {Profiling} {Memory} {Write} {Patterns} to {Detect} {Keystroke}-harvesting {Malware}},\n\tshorttitle = {{KLIMAX}},\n\turl = {http://www.cs.vu.nl/~giuffrida/papers/raid-2011.pdf},\n\tbooktitle = {{RAID}},\n\tauthor = {Ortolani, Stefano and Giuffrida, Cristiano and Crispo, Bruno},\n\tmonth = oct,\n\tyear = {2011},\n\tkeywords = {behavior, class\\_malware, detection, keylogging, malware, memory, type\\_conf, type\\_paper, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n A Heuristic Approach to Author Name Disambiguation in Bibliometrics Databases for Large-scale Research Assessments.\n \n \n \n \n\n\n \n D'Angelo, C. A.; Giuffrida, C.; and Abramo, G.\n\n\n \n\n\n\n JASIST, 62(2). September 2011.\n \n\n\n\n
\n\n\n\n \n \n \"APaper\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@article{dangelo_heuristic_2011,\n\ttitle = {A {Heuristic} {Approach} to {Author} {Name} {Disambiguation} in {Bibliometrics} {Databases} for {Large}-scale {Research} {Assessments}},\n\tvolume = {62},\n\turl = {https://arxiv.org/ftp/arxiv/papers/1812/1812.08538.pdf},\n\tnumber = {2},\n\tjournal = {JASIST},\n\tauthor = {D'Angelo, Ciriaco Andrea and Giuffrida, Cristiano and Abramo, Giovanni},\n\tmonth = sep,\n\tyear = {2011},\n\tkeywords = {authors, disambiguation, heuristics, proper names, scholars, type\\_journal, type\\_paper},\n}\n\n
\n
\n\n\n\n
\n\n\n\n\n\n
\n
\n\n
\n
\n  \n 2010\n \n \n (5)\n \n \n
\n
\n \n \n
\n \n\n \n \n \n \n \n \n Bait Your Hook: A Novel Detection Technique for Keyloggers.\n \n \n \n \n\n\n \n Ortolani, S.; Giuffrida, C.; and Crispo, B.\n\n\n \n\n\n\n In RAID, October 2010. \n \n\n\n\n
\n\n\n\n \n \n \"BaitPaper\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 1 download\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{ortolani_bait_2010,\n\ttitle = {Bait {Your} {Hook}: {A} {Novel} {Detection} {Technique} for {Keyloggers}},\n\tshorttitle = {Bait your hook},\n\turl = {http://www.cs.vu.nl/~giuffrida/papers/raid-2010.pdf},\n\tbooktitle = {{RAID}},\n\tauthor = {Ortolani, Stefano and Giuffrida, Cristiano and Crispo, Bruno},\n\tmonth = oct,\n\tyear = {2010},\n\tkeywords = {black-box, class\\_malware, detection, keylogger, malware, type\\_conf, type\\_paper, type\\_top},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n We Crashed, Now What?.\n \n \n \n \n\n\n \n Giuffrida, C.; Cavallaro, L.; and Tanenbaum, A. S\n\n\n \n\n\n\n In HotDep, September 2010. \n \n\n\n\n
\n\n\n\n \n \n \"WePaper\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{giuffrida_we_2010,\n\ttitle = {We {Crashed}, {Now} {What}?},\n\turl = {http://www.cs.vu.nl/~giuffrida/papers/hotdep-2010.pdf},\n\tbooktitle = {{HotDep}},\n\tauthor = {Giuffrida, Cristiano and Cavallaro, Lorenzo and Tanenbaum, Andrew S},\n\tmonth = sep,\n\tyear = {2010},\n\tkeywords = {class\\_reliability, crash recovery, type\\_paper, type\\_workshop},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n A Gossip-based Churn Estimator for Large Dynamic Networks.\n \n \n \n \n\n\n \n Giuffrida, C.; and Ortolani, S.\n\n\n \n\n\n\n In ASCI, August 2010. \n \n\n\n\n
\n\n\n\n \n \n \"APaper\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{giuffrida_gossip-based_2010,\n\ttitle = {A {Gossip}-based {Churn} {Estimator} for {Large} {Dynamic} {Networks}},\n\turl = {http://www.cs.vu.nl/~giuffrida/papers/asci-2010-2.pdf},\n\tbooktitle = {{ASCI}},\n\tauthor = {Giuffrida, Cristiano and Ortolani, Stefano},\n\tmonth = aug,\n\tyear = {2010},\n\tkeywords = {type\\_conf, type\\_paper},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n A Taxonomy of Live Updates.\n \n \n \n \n\n\n \n Giuffrida, C.; and Tanenbaum, A. S.\n\n\n \n\n\n\n In ASCI, August 2010. \n \n\n\n\n
\n\n\n\n \n \n \"APaper\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 3 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{giuffrida_taxonomy_2010,\n\ttitle = {A {Taxonomy} of {Live} {Updates}},\n\turl = {http://www.cs.vu.nl/~giuffrida/papers/asci-2010.pdf},\n\tbooktitle = {{ASCI}},\n\tauthor = {Giuffrida, Cristiano and Tanenbaum, Andrew S.},\n\tmonth = aug,\n\tyear = {2010},\n\tkeywords = {class\\_updating, type\\_conf, type\\_paper},\n}\n\n
\n
\n\n\n\n
\n\n\n
\n \n\n \n \n \n \n \n \n MINIX 3: Status Report and Current Research.\n \n \n \n \n\n\n \n Tanenbaum, A. S.; Appuswamy, R.; Bos, H.; Cavallaro, L.; Giuffrida, C.; Hrubỳ, T.; Herder, J.; and van der Kouwe, E.\n\n\n \n\n\n\n ;login, 35(3). June 2010.\n \n\n\n\n
\n\n\n\n \n \n \"MINIXPaper\n  \n \n \n \"MINIXWeb\n  \n \n \n \"MINIXCode\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n  \n \n 2 downloads\n \n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@article{tanenbaum_minix_2010,\n\ttitle = {{MINIX} 3: {Status} {Report} and {Current} {Research}},\n\tvolume = {35},\n\turl = {Paper=http://www.cs.vu.nl/~giuffrida/papers/login-2010.pdf Web=http://www.minix3.org Code=https://github.com/Stichting-MINIX-Research-Foundation},\n\tnumber = {3},\n\tjournal = {;login},\n\tauthor = {Tanenbaum, Andrew S. and Appuswamy, Raja and Bos, Herbert and Cavallaro, Lorenzo and Giuffrida, Cristiano and Hrubỳ, Tomáš and Herder, Jorrit and van der Kouwe, Erik},\n\tmonth = jun,\n\tyear = {2010},\n\tkeywords = {class\\_reliability, type\\_mag, type\\_paper},\n}\n\n
\n
\n\n\n\n
\n\n\n\n\n\n
\n
\n\n
\n
\n  \n 2009\n \n \n (1)\n \n \n
\n
\n \n \n
\n \n\n \n \n \n \n \n \n Cooperative Update: A New Model for Dependable Live Update.\n \n \n \n \n\n\n \n Giuffrida, C.; and Tanenbaum, A. S.\n\n\n \n\n\n\n In HotSwUp, September 2009. \n \n\n\n\n
\n\n\n\n \n \n \"CooperativePaper\n  \n \n\n \n\n \n link\n  \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n  \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n
\n 
@inproceedings{giuffrida_cooperative_2009,\n\ttitle = {Cooperative {Update}: {A} {New} {Model} for {Dependable} {Live} {Update}},\n\turl = {http://www.cs.vu.nl/~giuffrida/papers/hotswup-2009.pdf},\n\tbooktitle = {{HotSwUp}},\n\tauthor = {Giuffrida, Cristiano and Tanenbaum, Andrew S.},\n\tmonth = sep,\n\tyear = {2009},\n\tkeywords = {class\\_updating, dependability, dsu, live update, maintenance, type\\_paper, type\\_workshop, update validity},\n}\n\n
\n
\n\n\n\n
\n\n\n\n\n\n
\n
\n\n\n\n\n
\n\n\n \n\n \n \n \n \n\n
\n"}; document.write(bibbase_data.data);