\n\n \n\n \n\n \n \n\n \n\n \n \n\n \n\n \n

\n generated by\n \n $\"bibbase.org\"\n$ \n \n

\n \n\n

\n\n

\n \n Group by\n \n \n
- \n Year\n
- \n Author\n
- \n Type\n
- \n Keyword\n
- \n Downloads\n
\n
\n \n \n \n \n
- \n \n Expand/Collapse All\n \n
- \n \n Download BibTeX\n \n
- \n \n RSS Feed\n \n
\n

\n\n\n

\n\n Excellent! Next you can\n create a new website with this list, or\n embed it in an existing web page by copying & pasting\n any of the following snippets.\n\n

\n JavaScript\n (easiest)\n

\n            <script src=\"https://bibbase.org/show?bib=https%3A%2F%2Fdownload.vusec.net%2Fpapers%2Fzotero.php%3Ftag%3D%26full%3D1%26format%3Dbibtex%26sort%3Ddate&theme=default&jsonp=1&showSearch=1&owner=none&filter=keywords:type_paper,&jsonp=1\"></script>\n

\n\n PHP\n

\n            <?php\n            $contents = file_get_contents(\"https://bibbase.org/show?bib=https%3A%2F%2Fdownload.vusec.net%2Fpapers%2Fzotero.php%3Ftag%3D%26full%3D1%26format%3Dbibtex%26sort%3Ddate&theme=default&jsonp=1&showSearch=1&owner=none&filter=keywords:type_paper,\");\n            print_r($contents);\n            ?>\n

\n\n iFrame\n (not recommended)\n

\n            <iframe src=\"https://bibbase.org/show?bib=https%3A%2F%2Fdownload.vusec.net%2Fpapers%2Fzotero.php%3Ftag%3D%26full%3D1%26format%3Dbibtex%26sort%3Ddate&theme=default&jsonp=1&showSearch=1&owner=none&filter=keywords:type_paper,\"></iframe>\n

\n\n

\n For more details see the documention.\n

\n\n

\n\n This is a preview! To use this list on your own web site\n or create a new web site from it,\n create a free account. The file will be added\n and you will be able to edit it in the File Manager.\n We will show you instructions once you've created your account.\n

\n\n

To the site owner:

\n\n

Action required! Mendeley is changing its\n API. In order to keep using Mendeley with BibBase past April\n 14th, you need to:\n

renew the authorization for BibBase on Mendeley, and
update the BibBase URL\n in your page the same way you did when you initially set up\n this page.\n

\n\n

\n \n \n Fix it now\n

\n\n

\n\n\n

\n \n \n

\n \n 2024\n \n \n (7)\n \n \n

\n \n \n

\n \n\n \n \n \n \n \n \n InSpectre Gadget: Inspecting the Residual Attack Surface of Cross-privilege Spectre v2.\n \n \n \n \n\n\n \n Wiebing, S.; de Faveri Tron, A.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In USENIX Security, August 2024. \n \n\n\n\n
\n\n\n\n \n \n $\"InSpectre$ Paper\n \n \n \n $\"InSpectre$ Web\n \n \n \n $\"InSpectre$ Code\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 118 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{wiebing_inspectre_2024,\n\ttitle = {{InSpectre} {Gadget}: {Inspecting} the {Residual} {Attack} {Surface} of {Cross}-privilege {Spectre} v2},\n\turl = {Paper=https://download.vusec.net/papers/inspectre_sec24.pdf Web=https://vusec.net/projects/native-bhi Code=https://github.com/vusec/inspectre-gadget},\n\tbooktitle = {{USENIX} {Security}},\n\tauthor = {Wiebing, Sander and de Faveri Tron, Alvise and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = aug,\n\tyear = {2024},\n\tkeywords = {class\\_sidechannels, proj\\_allocamelus, proj\\_intersect, proj\\_rescale, type\\_ae, type\\_conf, type\\_cve\\_assigned, type\\_paper, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Practical Data-Only Attack Generation.\n \n \n \n \n\n\n \n Johannesmeyer, B.; Slowinska, A.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In USENIX Security, August 2024. \n \n\n\n\n
\n\n\n\n \n \n $\"Practical$ Paper\n \n \n \n $\"Practical$ Code\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 52 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{johannesmeyer_practical_2024,\n\ttitle = {Practical {Data}-{Only} {Attack} {Generation}},\n\turl = {Paper=https://download.vusec.net/papers/einstein_sec24.pdf Code=https://github.com/vusec/einstein},\n\tbooktitle = {{USENIX} {Security}},\n\tauthor = {Johannesmeyer, Brian and Slowinska, Asia and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = aug,\n\tyear = {2024},\n\tkeywords = {class\\_binary, proj\\_intersect, proj\\_theseus, type\\_ae, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n GhostRace: Exploiting and Mitigating Speculative Race Conditions.\n \n \n \n \n\n\n \n Ragab, H.; Mambretti, A.; Kurmus, A.; and Giuffrida, C.\n\n\n \n\n\n\n In USENIX Security, August 2024. \n \n\n\n\n
\n\n\n\n \n \n $\"GhostRace:$ Paper\n \n \n \n $\"GhostRace:$ Web\n \n \n \n $\"GhostRace:$ Code\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 356 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{ragab_ghostrace_2024,\n\ttitle = {{GhostRace}: {Exploiting} and {Mitigating} {Speculative} {Race} {Conditions}},\n\turl = {Paper=https://download.vusec.net/papers/ghostrace_sec24.pdf Web=https://www.vusec.net/projects/ghostrace Code=https://github.com/vusec/ghostrace},\n\tbooktitle = {{USENIX} {Security}},\n\tauthor = {Ragab, Hany and Mambretti, Andrea and Kurmus, Anil and Giuffrida, Cristiano},\n\tmonth = aug,\n\tyear = {2024},\n\tkeywords = {class\\_sidechannels, proj\\_allocamelus, proj\\_intersect, proj\\_rescale, type\\_conf, type\\_cve\\_assigned, type\\_paper, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n SafeFetch: Practical Double-Fetch Protection with Kernel-Fetch Caching.\n \n \n \n\n\n \n Duta, V.; Aloserij, M.; and Giuffrida, C.\n\n\n \n\n\n\n In USENIX Security, August 2024. \n \n\n\n\n
\n\n\n\n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{duta_safefetch_2024,\n\ttitle = {{SafeFetch}: {Practical} {Double}-{Fetch} {Protection} with {Kernel}-{Fetch} {Caching}},\n\tbooktitle = {{USENIX} {Security}},\n\tauthor = {Duta, Victor and Aloserij, Mitchel and Giuffrida, Cristiano},\n\tmonth = aug,\n\tyear = {2024},\n\tkeywords = {class\\_sanitizer, proj\\_allocamelus, proj\\_intersect, proj\\_rescale, proj\\_theseus, type\\_ae, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n Sticky Tags: Efficient and Deterministic Spatial Memory Error Mitigation using Persistent Memory Tags.\n \n \n \n\n\n \n Gorter, F.; Kroes, T.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In S&P, May 2024. \n \n\n\n\n
\n\n\n\n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{gorter_sticky_2024,\n\ttitle = {Sticky {Tags}: {Efficient} and {Deterministic} {Spatial} {Memory} {Error} {Mitigation} using {Persistent} {Memory} {Tags}},\n\tbooktitle = {S\\&{P}},\n\tauthor = {Gorter, Floris and Kroes, Taddeus and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = may,\n\tyear = {2024},\n\tkeywords = {class\\_sanitizer, proj\\_allocamelus, proj\\_intersect, proj\\_rescale, proj\\_theseus, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Leaky Address Masking: Exploiting Unmasked Spectre Gadgets with Noncanonical Address Translation.\n \n \n \n \n\n\n \n Hertogh, M.; Wiebing, S.; and Giuffrida, C.\n\n\n \n\n\n\n In S&P, May 2024. \n \n\n\n\n
\n\n\n\n \n \n $\"Leaky$ Paper\n \n \n \n $\"Leaky$ Web\n \n \n \n $\"Leaky$ Code\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 372 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{hertogh_leaky_2024,\n\ttitle = {Leaky {Address} {Masking}: {Exploiting} {Unmasked} {Spectre} {Gadgets} with {Noncanonical} {Address} {Translation}},\n\turl = {Paper=https://download.vusec.net/papers/slam_sp24.pdf Web=https://www.vusec.net/projects/slam Code=https://github.com/vusec/slam},\n\tbooktitle = {S\\&{P}},\n\tauthor = {Hertogh, Mathé and Wiebing, Sander and Giuffrida, Cristiano},\n\tmonth = may,\n\tyear = {2024},\n\tkeywords = {class\\_sidechannels, proj\\_allocamelus, proj\\_intersect, proj\\_rescale, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Predictive Context-sensitive Fuzzing.\n \n \n \n \n\n\n \n Borrello, P.; Fioraldi, A.; D'Elia, D. C.; Balzarotti, D.; Querzoni, L.; and Giuffrida, C.\n\n\n \n\n\n\n In NDSS, February 2024. \n \n\n\n\n
\n\n\n\n \n \n $\"Predictive$ Paper\n \n \n \n $\"Predictive$ Code\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 43 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{borrello_predictive_2024,\n\ttitle = {Predictive {Context}-sensitive {Fuzzing}},\n\turl = {Paper=https://download.vusec.net/papers/pcsfuzzing_ndss24.pdf Code=https://github.com/eurecom-s3/predictive-cs-fuzzing},\n\tbooktitle = {{NDSS}},\n\tauthor = {Borrello, Pietro and Fioraldi, Andrea and D'Elia, Daniele Cono and Balzarotti, Davide and Querzoni, Leonardo and Giuffrida, Cristiano},\n\tmonth = feb,\n\tyear = {2024},\n\tkeywords = {class\\_testing, proj\\_intersect, proj\\_memo, proj\\_rescale, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n\n\n\n

\n\n

\n \n 2023\n \n \n (12)\n \n \n

\n \n \n

\n \n\n \n \n \n \n \n \n Triereme: Speeding up Hybrid Fuzzing through Efficient Query Scheduling.\n \n \n \n \n\n\n \n Geretto, E.; Hohnerlein, J.; Giuffrida, C.; Bos, H.; Van Der Kouwe, E.; and von Gleissenthall, K.\n\n\n \n\n\n\n In ACSAC, December 2023. \n \n\n\n\n
\n\n\n\n \n \n $\"Triereme:$ Paper\n \n \n \n $\"Triereme:$ Code\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 21 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n Artifact Evaluation Badges:\n \n $\"Results$ \n \n $\"Artifacts$ \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{geretto_triereme_2023,\n\ttitle = {Triereme: {Speeding} up {Hybrid} {Fuzzing} through {Efficient} {Query} {Scheduling}},\n\turl = {Paper=https://download.vusec.net/papers/triereme_acsac23.pdf Code=https://github.com/vusec/triereme},\n\tbooktitle = {{ACSAC}},\n\tauthor = {Geretto, Elia and Hohnerlein, Julius and Giuffrida, Cristiano and Bos, Herbert and Van Der Kouwe, Erik and von Gleissenthall, Klaus},\n\tmonth = dec,\n\tyear = {2023},\n\tkeywords = {artifacts:reproduced, artifacts:reusable, class\\_testing, proj\\_intersect, proj\\_memo, type\\_ae, type\\_conf, type\\_paper, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n FloatZone: How Floating Point Additions can Detect Memory Errors.\n \n \n \n \n\n\n \n Gorter, F.; Barberis, E.; Isemann, R.; van der Kouwe, E.; Giuffrida, C.; and Bos, H.\n\n\n \n\n\n\n ;login:. November 2023.\n \n\n\n\n
\n\n\n\n \n \n $\"FloatZone:$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 20 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@article{gorter_floatzone_2023,\n\ttitle = {{FloatZone}: {How} {Floating} {Point} {Additions} can {Detect} {Memory} {Errors}},\n\turl = {https://www.usenix.org/publications/loginonline/floatzone-how-floating-point-additions-can-detect-memory-errors},\n\tjournal = {;login:},\n\tauthor = {Gorter, Floris and Barberis, Enrico and Isemann, Raphael and van der Kouwe, Erik and Giuffrida, Cristiano and Bos, Herbert},\n\tmonth = nov,\n\tyear = {2023},\n\tkeywords = {class\\_sanitizer, proj\\_allocamelus, proj\\_intersect, proj\\_memo, proj\\_theseus, proj\\_tropics, type\\_mag, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Quarantine: Mitigating Transient Execution Attacks with Physical Domain Isolation.\n \n \n \n \n\n\n \n Hertogh, M.; Wiesinger, M.; Österlund, S.; Muench, M.; Amit, N.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In RAID, October 2023. \n \n\n\n\n
\n\n\n\n \n \n $\"Quarantine:$ Paper\n \n \n \n $\"Quarantine:$ Code\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 53 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{hertogh_quarantine_2023,\n\ttitle = {Quarantine: {Mitigating} {Transient} {Execution} {Attacks} with {Physical} {Domain} {Isolation}},\n\turl = {Paper=https://download.vusec.net/papers/quarantine_raid23.pdf Code=https://github.com/vusec/quarantine},\n\tbooktitle = {{RAID}},\n\tauthor = {Hertogh, Mathé and Wiesinger, Manuel and Österlund, Sebastian and Muench, Marius and Amit, Nadav and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = oct,\n\tyear = {2023},\n\tkeywords = {class\\_sidechannels, proj\\_allocamelus, proj\\_intersect, proj\\_vmware, type\\_conf, type\\_paper, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Speculation at Fault: Modeling and Testing Microarchitectural Leakage of CPU Exceptions.\n \n \n \n \n\n\n \n Hofmann, J.; Vannacci, E.; Fournet, C.; Köpf, B.; and Oleksenko, O.\n\n\n \n\n\n\n In USENIX Security, August 2023. \n \n\n\n\n
\n\n\n\n \n \n $\"Speculation$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 23 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n Artifact Evaluation Badges:\n \n $\"Artifacts$ \n \n $\"Artifacts$ \n \n $\"Results$ \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{hofmann_speculation_2023,\n\ttitle = {Speculation at {Fault}: {Modeling} and {Testing} {Microarchitectural} {Leakage} of {CPU} {Exceptions}},\n\turl = {Paper=https://www.usenix.org/system/files/usenixsecurity23-hofmann.pdf},\n\tbooktitle = {{USENIX} {Security}},\n\tauthor = {Hofmann, Jana and Vannacci, Emanuele and Fournet, Cedric and Köpf, Boris and Oleksenko, Oleksii},\n\tmonth = aug,\n\tyear = {2023},\n\tkeywords = {artifacts:available, artifacts:functional, artifacts:reproduced, class\\_sidechannels, proj\\_intersect, type\\_ae, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n FloatZone: Accelerating Memory Error Detection using the Floating Point Unit.\n \n \n \n \n\n\n \n Gorter, F.; Barberis, E.; Isemann, R.; van der Kouwe, E.; Giuffrida, C.; and Bos, H.\n\n\n \n\n\n\n In USENIX Security, August 2023. \n \n\n\n\n
\n\n\n\n \n \n $\"FloatZone:$ Paper\n \n \n \n $\"FloatZone:$ Code\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 340 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n Artifact Evaluation Badges:\n \n $\"Artifacts$ \n \n $\"Artifacts$ \n \n $\"Results$ \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{gorter_floatzone_2023-1,\n\ttitle = {{FloatZone}: {Accelerating} {Memory} {Error} {Detection} using the {Floating} {Point} {Unit}},\n\turl = {Paper=https://download.vusec.net/papers/floatzone_sec23.pdf Code=https://github.com/vusec/floatzone},\n\tbooktitle = {{USENIX} {Security}},\n\tauthor = {Gorter, Floris and Barberis, Enrico and Isemann, Raphael and van der Kouwe, Erik and Giuffrida, Cristiano and Bos, Herbert},\n\tmonth = aug,\n\tyear = {2023},\n\tkeywords = {artifacts:available, artifacts:functional, artifacts:reproduced, class\\_sanitizer, proj\\_allocamelus, proj\\_intersect, proj\\_memo, proj\\_theseus, proj\\_tropics, type\\_ae, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Uncontained: Uncovering Container Confusion in the Linux Kernel.\n \n \n \n \n\n\n \n Koschel, J.; Borrello, P.; D'Elia, D. C.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In USENIX Security, August 2023. \n Distinguished Artifact Award, Pwnie Award Nomination for Best Privilege Escalation\n\n\n\n
\n\n\n\n \n \n $\"Uncontained:$ Paper\n \n \n \n $\"Uncontained:$ Web\n \n \n \n $\"Uncontained:$ Code\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 207 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n Artifact Evaluation Badges:\n \n $\"Artifacts$ \n \n $\"Artifacts$ \n \n $\"Results$ \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{koschel_uncontained_2023,\n\ttitle = {Uncontained: {Uncovering} {Container} {Confusion} in the {Linux} {Kernel}},\n\turl = {Paper=https://download.vusec.net/papers/uncontained_sec23.pdf Web=https://vusec.net/projects/uncontained Code=https://github.com/vusec/uncontained},\n\tbooktitle = {{USENIX} {Security}},\n\tauthor = {Koschel, Jakob and Borrello, Pietro and D'Elia, Daniele Cono and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = aug,\n\tyear = {2023},\n\tnote = {Distinguished Artifact Award, Pwnie Award Nomination for Best Privilege Escalation},\n\tkeywords = {artifacts:available, artifacts:functional, artifacts:reproduced, class\\_sanitizer, proj\\_allocamelus, proj\\_intersect, proj\\_memo, proj\\_theseus, proj\\_tropics, research\\_uncontained, type\\_ae, type\\_award, type\\_conf, type\\_paper, type\\_tier1, type\\_top, type\\_uncontained},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Don't Look UB: Exposing Sanitizer-Eliding Compiler Optimizations.\n \n \n \n \n\n\n \n Isemann, R.; Giuffrida, C.; Bos, H.; Van Der Kouwe, E.; and von Gleissenthall, K.\n\n\n \n\n\n\n In PLDI, June 2023. \n \n\n\n\n
\n\n\n\n \n \n $\"Don't$ Paper\n \n \n \n $\"Don't$ Code\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 74 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n Artifact Evaluation Badges:\n \n $\"Artifacts$ \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{isemann_dont_2023,\n\ttitle = {Don't {Look} {UB}: {Exposing} {Sanitizer}-{Eliding} {Compiler} {Optimizations}},\n\turl = {Paper=https://download.vusec.net/papers/dontlookub_pldi23.pdf Code=https://github.com/vusec/LookUB},\n\tbooktitle = {{PLDI}},\n\tauthor = {Isemann, Raphael and Giuffrida, Cristiano and Bos, Herbert and Van Der Kouwe, Erik and von Gleissenthall, Klaus},\n\tmonth = jun,\n\tyear = {2023},\n\tkeywords = {artifacts:reusable, class\\_sanitizer, proj\\_allocamelus, proj\\_intersect, proj\\_memo, proj\\_theseus, type\\_ae, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Enviral: Fuzzing the Environment for Evasive Malware Analysis.\n \n \n \n \n\n\n \n Gorter, F.; Giuffrida, C.; and van der Kouwe, E.\n\n\n \n\n\n\n In EuroSec, April 2023. \n \n\n\n\n
\n\n\n\n \n \n $\"Enviral:$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 55 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{gorter_enviral_2023,\n\ttitle = {Enviral: {Fuzzing} the {Environment} for {Evasive} {Malware} {Analysis}},\n\turl = {Paper=https://download.vusec.net/papers/enviral_eurosec23.pdf},\n\tbooktitle = {{EuroSec}},\n\tauthor = {Gorter, Floris and Giuffrida, Cristiano and van der Kouwe, Erik},\n\tmonth = apr,\n\tyear = {2023},\n\tkeywords = {class\\_malware, proj\\_intersect, proj\\_memo, proj\\_theseus, proj\\_tropics, type\\_mscthesis, type\\_paper, type\\_workshop},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Copy-on-Flip: Hardening ECC Memory Against Rowhammer Attacks.\n \n \n \n \n\n\n \n Di Dio, A.; Koning, K.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In NDSS, February 2023. \n \n\n\n\n
\n\n\n\n \n \n $\"Copy-on-Flip:$ Paper\n \n \n \n $\"Copy-on-Flip:$ Code\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 88 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{di_dio_copy--flip_2023,\n\ttitle = {Copy-on-{Flip}: {Hardening} {ECC} {Memory} {Against} {Rowhammer} {Attacks}},\n\turl = {Paper=https://download.vusec.net/papers/cof_ndss23.pdf Code=https://github.com/vusec/Copy-on-Flip},\n\tbooktitle = {{NDSS}},\n\tauthor = {Di Dio, Andrea and Koning, Koen and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = feb,\n\tyear = {2023},\n\tkeywords = {class\\_rowhammer, proj\\_intersect, proj\\_offcore, proj\\_theseus, type\\_conf, type\\_mscthesis, type\\_paper, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Let Me Unwind That For You: Exceptions to Backward-Edge Protection.\n \n \n \n \n\n\n \n Duta, V.; Freyer, F.; Pagani, F.; Muench, M.; and Giuffrida, C.\n\n\n \n\n\n\n In NDSS, February 2023. \n Intel Bounty Reward\n\n\n\n
\n\n\n\n \n \n $\"Let$ Paper\n \n \n \n $\"Let$ Code\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 100 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{duta_let_2023,\n\ttitle = {Let {Me} {Unwind} {That} {For} {You}: {Exceptions} to {Backward}-{Edge} {Protection}},\n\turl = {Paper=https://download.vusec.net/papers/chop_ndss23.pdf Code=https://github.com/chop-project/chop},\n\tbooktitle = {{NDSS}},\n\tauthor = {Duta, Victor and Freyer, Fabian and Pagani, Fabio and Muench, Marius and Giuffrida, Cristiano},\n\tmonth = feb,\n\tyear = {2023},\n\tnote = {Intel Bounty Reward},\n\tkeywords = {class\\_binary, proj\\_intersect, proj\\_memo, proj\\_offcore, proj\\_theseus, proj\\_tropics, type\\_award, type\\_bounty, type\\_conf, type\\_cve\\_assigned, type\\_paper, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Specification and Verification of Side-channel Security for Open-source Processors via Leakage Contracts.\n \n \n \n \n\n\n \n Wang, Z.; Mohr, G.; von Gleissenthall, K.; Reineke, J.; and Guarnieri, M.\n\n\n \n\n\n\n In CCS, 2023. \n Distinguished Paper Award\n\n\n\n
\n\n\n\n \n \n $\"Specification$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n \n \n abstract \n \n\n \n \n \n 8 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{wang_specification_2023,\n\ttitle = {Specification and {Verification} of {Side}-channel {Security} for {Open}-source {Processors} via {Leakage} {Contracts}},\n\turl = {https://gleissen.github.io/papers/ccs2023.pdf},\n\tabstract = {Leakage contracts have recently been proposed as a new security abstraction at the Instruction Set Architecture (ISA) level. Such contracts aim to faithfully capture the information processors may leak through side effects of their microarchitectural implementations. However, so far, we lack a verification methodology to check that a processor actually satisfies a given leakage contract. In this paper, we address this problem by developing LeaVe, the first tool for verifying register-transfer-level (RTL) processor designs against ISA-level leakage contracts. To this end, we introduce a decoupling theorem that separates security and functional correctness concerns when verifying contract satisfaction. LeaVe leverages this decoupling to make verification of contract satisfaction practical. To scale to realistic processor designs LeaVe further employs inductive reasoning on relational abstractions. Using LeaVe, we precisely characterize the side-channel security guarantees provided by three open-source RISC-V processors, thereby obtaining the first contract satisfaction proofs for RTL processor designs.},\n\turldate = {2023-07-27},\n\tbooktitle = {{CCS}},\n\tauthor = {Wang, Zilong and Mohr, Gideon and von Gleissenthall, Klaus and Reineke, Jan and Guarnieri, Marco},\n\tyear = {2023},\n\tnote = {Distinguished Paper Award},\n\tkeywords = {Computer Science - Cryptography and Security, type\\_award, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Randomized Testing of Byzantine Fault Tolerant Algorithms.\n \n \n \n \n\n\n \n Winter, L.; Buse, F.; De Graaf, D.; v. Gleissenthall, K.; and Ozkan, B. K.\n\n\n \n\n\n\n In OOPSLA, 2023. \n Distinguished Paper Award\n\n\n\n
\n\n\n\n \n \n $\"Randomized$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 4 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n\n\n\n

@inproceedings{winter_randomized_2023,\n\ttitle = {Randomized {Testing} of {Byzantine} {Fault} {Tolerant} {Algorithms}},\n\turl = {https://gleissen.github.io/papers/byzzfuzz.pdf},\n\tbooktitle = {{OOPSLA}},\n\tauthor = {Winter, Levin and Buse, Florena and De Graaf, Daan and v. Gleissenthall, Klaus and Ozkan, Burcu Kulahcioglu},\n\tyear = {2023},\n\tnote = {Distinguished Paper Award},\n\tkeywords = {type\\_award, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n\n\n\n

\n\n

\n \n 2022\n \n \n (16)\n \n \n

\n \n \n

\n \n\n \n \n \n \n \n Unwinding the Stack for Fun and Profit.\n \n \n \n\n\n \n Duta, V.; Freyer, F.; Pagani, F.; Muench, M.; and Giuffrida, C.\n\n\n \n\n\n\n In Black Hat Europe, December 2022. \n \n\n\n\n
\n\n\n\n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{duta_unwinding_2022,\n\ttitle = {Unwinding the {Stack} for {Fun} and {Profit}},\n\tbooktitle = {Black {Hat} {Europe}},\n\tauthor = {Duta, Victor and Freyer, Fabian and Pagani, Fabio and Muench, Marius and Giuffrida, Cristiano},\n\tmonth = dec,\n\tyear = {2022},\n\tkeywords = {class\\_binary, proj\\_intersect, proj\\_memo, proj\\_theseus, proj\\_tropics, type\\_conf, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Snappy: Efficient Fuzzing with Adaptive and Mutable Snapshots.\n \n \n \n \n\n\n \n Geretto, E.; Giuffrida, C.; Bos, H.; and van der Kouwe, E.\n\n\n \n\n\n\n In ACSAC, December 2022. \n \n\n\n\n
\n\n\n\n \n \n $\"Snappy:$ Paper\n \n \n \n $\"Snappy:$ Code\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 87 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n Artifact Evaluation Badges:\n \n $\"Artifacts$ \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{geretto_snappy_2022,\n\ttitle = {Snappy: {Efficient} {Fuzzing} with {Adaptive} and {Mutable} {Snapshots}},\n\turl = {Paper=https://download.vusec.net/papers/snappy_acsac22.pdf Code=https://github.com/vusec/snappy},\n\tbooktitle = {{ACSAC}},\n\tauthor = {Geretto, Elia and Giuffrida, Cristiano and Bos, Herbert and van der Kouwe, Erik},\n\tmonth = dec,\n\tyear = {2022},\n\tkeywords = {artifacts:functional, class\\_testing, proj\\_intersect, proj\\_memo, proj\\_theseus, proj\\_tropics, type\\_ae, type\\_conf, type\\_paper, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n CANflict: Exploiting Peripheral Conflicts for Data-Link Layer Attacks on Automotive Networks.\n \n \n \n \n\n\n \n de Faveri Tron, A.; Longari, S.; Carminati, M.; Polino, M.; and Zanero, S.\n\n\n \n\n\n\n In CCS, November 2022. \n \n\n\n\n
\n\n\n\n \n \n $\"CANflict:$ Paper\n \n \n \n $\"CANflict:$ Code\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 47 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{de_faveri_tron_canflict_2022,\n\ttitle = {{CANflict}: {Exploiting} {Peripheral} {Conflicts} for {Data}-{Link} {Layer} {Attacks} on {Automotive} {Networks}},\n\turl = {Paper=https://arxiv.org/pdf/2209.09557.pdf code=https://github.com/necst/CANflict},\n\tbooktitle = {{CCS}},\n\tauthor = {de Faveri Tron, Alvise and Longari, Stefano and Carminati, Michele and Polino, Mario and Zanero, Stefano},\n\tmonth = nov,\n\tyear = {2022},\n\tkeywords = {class\\_embedded, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n DangZero: Efficient Use-After-Free Detection via Direct Page Table Access.\n \n \n \n \n\n\n \n Gorter, F.; Koning, K.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In CCS, November 2022. \n \n\n\n\n
\n\n\n\n \n \n $\"DangZero:$ Paper\n \n \n \n $\"DangZero:$ Code\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 153 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{gorter_dangzero_2022,\n\ttitle = {{DangZero}: {Efficient} {Use}-{After}-{Free} {Detection} via {Direct} {Page} {Table} {Access}},\n\turl = {Paper=https://download.vusec.net/papers/dangzero_ccs22.pdf Code=https://github.com/vusec/dangzero},\n\tbooktitle = {{CCS}},\n\tauthor = {Gorter, Floris and Koning, Koen and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = nov,\n\tyear = {2022},\n\tkeywords = {class\\_sanitizer, proj\\_intersect, proj\\_memo, proj\\_theseus, proj\\_tropics, proj\\_unicore, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Branch History Injection: On the Effectiveness of Hardware Mitigations Against Cross-Privilege Spectre-v2 Attacks.\n \n \n \n \n\n\n \n Barberis, E.; Frigo, P.; Muench, M.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In USENIX Security, August 2022. \n Pwnie Award Nomination for Epic Achievement, Intel Bounty Reward\n\n\n\n
\n\n\n\n \n \n $\"Branch$ Paper\n \n \n \n $\"Branch$ Web\n \n \n \n $\"Branch$ Code\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 572 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n Artifact Evaluation Badges:\n \n $\"Artifacts$ \n \n $\"Artifacts$ \n \n $\"Results$ \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{barberis_branch_2022,\n\ttitle = {Branch {History} {Injection}: {On} the {Effectiveness} of {Hardware} {Mitigations} {Against} {Cross}-{Privilege} {Spectre}-v2 {Attacks}},\n\turl = {Paper=http://download.vusec.net/papers/bhi-spectre-bhb_sec22.pdf Web=https://www.vusec.net/projects/bhi-spectre-bhb Code=https://github.com/vusec/bhi-spectre-bhb},\n\tbooktitle = {{USENIX} {Security}},\n\tauthor = {Barberis, Enrico and Frigo, Pietro and Muench, Marius and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = aug,\n\tyear = {2022},\n\tnote = {Pwnie Award Nomination for Epic Achievement, Intel Bounty Reward},\n\tkeywords = {artifacts:available, artifacts:functional, artifacts:reproduced, class\\_sidechannels, proj\\_intersect, proj\\_offcore, proj\\_theseus, proj\\_tropics, proj\\_unicore, type\\_ae, type\\_award, type\\_bounty, type\\_conf, type\\_cve\\_assigned, type\\_paper, type\\_press, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Fuzzware: Using Precise MMIO Modeling for Effective Firmware Fuzzing.\n \n \n \n \n\n\n \n Tobias Scharnowski; Nils Bars; Moritz Schloegel; Eric Gustafson; Marius Muench; Giovanni Vigna; Christopher Kruegel; Thorsten Holz; and Ali Abbasi\n\n\n \n\n\n\n In USENIX Security, August 2022. \n \n\n\n\n
\n\n\n\n \n \n $\"Fuzzware:$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n \n \n abstract \n \n\n \n \n \n 67 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n Artifact Evaluation Badges:\n \n $\"Artifacts$ \n \n $\"Artifacts$ \n \n $\"Results$ \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{tobias_scharnowski_fuzzware_2022,\n\ttitle = {Fuzzware: {Using} {Precise} {MMIO} {Modeling} for {Effective} {Firmware} {Fuzzing}},\n\turl = {https://www.usenix.org/system/files/sec22summer_scharnowski.pdf},\n\tabstract = {As embedded devices are becoming more pervasive in our everyday lives, they turn into an attractive target for adversaries. Despite their high value and large attack surface, applying automated testing techniques such as fuzzing is not straightforward for such devices. As fuzz testing firmware on constrained embedded devices is inefficient, state-of-the-art approaches instead opt to run the firmware in an emulator (through a process called re-hosting). However, existing approaches either use coarse-grained static models of hardware behavior or require manual effort to re-host the firmware.\n\nWe propose a novel combination of lightweight program analysis, re-hosting, and fuzz testing to tackle these challenges. We present the design and implementation of Fuzzware, a software-only system to fuzz test unmodified monolithic firmware in a scalable way. By determining how hardware-generated values are actually used by the firmware logic, Fuzzware can automatically generate models that help focusing the fuzzing process on mutating the inputs that matter, which drastically improves its effectiveness.\n\nWe evaluate our approach on synthetic and real-world targets comprising a total of 19 hardware platforms and 77 firmware images. Compared to state-of-the-art work, Fuzzware achieves up to 3.25 times the code coverage and our modeling approach reduces the size of the input space by up to 95.5\\%. The synthetic samples contain 66 unit tests for various hardware interactions, and we find that our approach is the first generic re-hosting solution to automatically pass all of them. Fuzzware discovered 15 completely new bugs including bugs in targets which were previously analyzed by other works; a total of 12 CVEs were assigned.},\n\tbooktitle = {{USENIX} {Security}},\n\tauthor = {{Tobias Scharnowski} and {Nils Bars} and {Moritz Schloegel} and {Eric Gustafson} and {Marius Muench} and {Giovanni Vigna} and {Christopher Kruegel} and {Thorsten Holz} and {Ali Abbasi}},\n\tmonth = aug,\n\tyear = {2022},\n\tkeywords = {artifacts:available, artifacts:functional, artifacts:reproduced, class\\_binary, proj\\_intersect, proj\\_tropics, type\\_ae, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n TLB;DR: Enhancing TLB-based Attacks with TLB Desynchronized Reverse Engineering.\n \n \n \n \n\n\n \n Tatar, A.; Trujillo, D.; Giuffrida, C.; and Bos, H.\n\n\n \n\n\n\n In USENIX Security, August 2022. \n \n\n\n\n
\n\n\n\n \n \n $\"TLB;DR:$ Paper\n \n \n \n $\"TLB;DR:$ Code\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 108 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n Artifact Evaluation Badges:\n \n $\"Artifacts$ \n \n $\"Artifacts$ \n \n $\"Results$ \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{tatar_tlbdr_2022,\n\ttitle = {{TLB};{DR}: {Enhancing} {TLB}-based {Attacks} with {TLB} {Desynchronized} {Reverse} {Engineering}},\n\turl = {Paper=https://download.vusec.net/papers/tlbdr_sec22.pdf Code=https://github.com/vusec/tlbdr},\n\tbooktitle = {{USENIX} {Security}},\n\tauthor = {Tatar, Andrei and Trujillo, Daniël and Giuffrida, Cristiano and Bos, Herbert},\n\tmonth = aug,\n\tyear = {2022},\n\tkeywords = {artifacts:available, artifacts:functional, artifacts:reproduced, class\\_sidechannels, proj\\_intersect, proj\\_offcore, proj\\_theseus, proj\\_tropics, proj\\_unicore, type\\_ae, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n BugsBunny: Hopping to RTL Targets with a Directed Hardware-Design Fuzzer.\n \n \n \n \n\n\n \n Ragab, H.; Koning, K.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In SILM, June 2022. \n \n\n\n\n
\n\n\n\n \n \n $\"BugsBunny:$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 59 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{ragab_bugsbunny_2022,\n\ttitle = {{BugsBunny}: {Hopping} to {RTL} {Targets} with a {Directed} {Hardware}-{Design} {Fuzzer}},\n\turl = {https://download.vusec.net/papers/bugsbunny_silm22.pdf},\n\tbooktitle = {{SILM}},\n\tauthor = {Ragab, Hany and Koning, Koen and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = jun,\n\tyear = {2022},\n\tkeywords = {class\\_testing, proj\\_intersect, proj\\_offcore, proj\\_tropics, type\\_paper, type\\_workshop},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Spring: Spectre Returning in the Browser with Speculative Load Queuing and Deep Stacks.\n \n \n \n \n\n\n \n Wikner, J.; Giuffrida, C.; Bos, H.; and Razavi, K.\n\n\n \n\n\n\n In WOOT, May 2022. \n Mozilla Bounty Reward\n\n\n\n
\n\n\n\n \n \n $\"Spring:$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 131 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{wikner_spring_2022,\n\ttitle = {Spring: {Spectre} {Returning} in the {Browser} with {Speculative} {Load} {Queuing} and {Deep} {Stacks}},\n\turl = {Paper=http://download.vusec.net/papers/spring_woot22.pdf},\n\tbooktitle = {{WOOT}},\n\tauthor = {Wikner, Johannes and Giuffrida, Cristiano and Bos, Herbert and Razavi, Kaveh},\n\tmonth = may,\n\tyear = {2022},\n\tnote = {Mozilla Bounty Reward},\n\tkeywords = {class\\_sidechannels, proj\\_intersect, proj\\_offcore, proj\\_tropics, type\\_award, type\\_bounty, type\\_mscthesis, type\\_paper, type\\_top, type\\_workshop},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n BLACKSMITH: Scalable Rowhammering in the Frequency Domain.\n \n \n \n \n\n\n \n Jattke, P.; van der Veen, V.; Frigo, P.; Gunter, S.; and Razavi, K.\n\n\n \n\n\n\n In S&P, May 2022. \n \n\n\n\n
\n\n\n\n \n \n $\"BLACKSMITH:$ Paper\n \n \n \n $\"BLACKSMITH:$ Press\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 290 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{jattke_blacksmith_2022,\n\ttitle = {{BLACKSMITH}: {Scalable} {Rowhammering} in the {Frequency} {Domain}},\n\turl = {Paper=https://comsec.ethz.ch/wp-content/files/blacksmith_sp22.pdf Press=https://bit.ly/3H395l5},\n\tbooktitle = {S\\&{P}},\n\tauthor = {Jattke, Patrick and van der Veen, Victor and Frigo, Pietro and Gunter, Stijn and Razavi, Kaveh},\n\tmonth = may,\n\tyear = {2022},\n\tkeywords = {class\\_rowhammer, type\\_conf, type\\_paper, type\\_press, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Mitigating Information Leakage Vulnerabilities with Type-based Data Isolation.\n \n \n \n \n\n\n \n Milburn, A.; van der Kouwe, E.; and Giuffrida, C.\n\n\n \n\n\n\n In S&P, May 2022. \n \n\n\n\n
\n\n\n\n \n \n $\"Mitigating$ Paper\n \n \n \n $\"Mitigating$ Code\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 196 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{milburn_mitigating_2022,\n\ttitle = {Mitigating {Information} {Leakage} {Vulnerabilities} with {Type}-based {Data} {Isolation}},\n\turl = {Paper=https://download.vusec.net/papers/tdi_sp22.pdf Code=https://github.com/vusec/typeisolation},\n\tbooktitle = {S\\&{P}},\n\tauthor = {Milburn, Alyssa and van der Kouwe, Erik and Giuffrida, Cristiano},\n\tmonth = may,\n\tyear = {2022},\n\tkeywords = {class\\_sanitizer, proj\\_binrec, proj\\_offcore, proj\\_securecode, proj\\_theseus, proj\\_tropics, proj\\_veripatch, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n On the Effectiveness of Same-Domain Memory Deduplication.\n \n \n \n \n\n\n \n Costi, A.; Johannesmeyer, B.; Bosman, E.; Giuffrida, C.; and Bos, H.\n\n\n \n\n\n\n In EuroSec, April 2022. \n \n\n\n\n
\n\n\n\n \n \n $\"On$ Paper\n \n \n \n $\"On$ Slides\n \n \n \n $\"On$ Web\n \n \n \n $\"On$ Code\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 57 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{costi_effectiveness_2022,\n\ttitle = {On the {Effectiveness} of {Same}-{Domain} {Memory} {Deduplication}},\n\turl = {Paper=https://download.vusec.net/papers/dedupestreturns_eurosec22.pdf Slides=https://download.vusec.net/slides/dedup_eurosec22.pdf Web=https://www.vusec.net/projects/dedup-est-machina-returns/ Code=https://github.com/vusec/dedup-est-returns},\n\tbooktitle = {{EuroSec}},\n\tauthor = {Costi, Andreas and Johannesmeyer, Brian and Bosman, Erik and Giuffrida, Cristiano and Bos, Herbert},\n\tmonth = apr,\n\tyear = {2022},\n\tkeywords = {class\\_sidechannels, proj\\_intersect, proj\\_unicore, type\\_mscthesis, type\\_paper, type\\_workshop},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Kasper: Scanning for Generalized Transient Execution Gadgets in the Linux Kernel.\n \n \n \n \n\n\n \n Johannesmeyer, B.; Koschel, J.; Razavi, K.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In NDSS, April 2022. \n \n\n\n\n
\n\n\n\n \n \n $\"Kasper:$ Paper\n \n \n \n $\"Kasper:$ Slides\n \n \n \n $\"Kasper:$ Web\n \n \n \n $\"Kasper:$ Code\n \n \n \n $\"Kasper:$ Video\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 518 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{johannesmeyer_kasper_2022,\n\ttitle = {Kasper: {Scanning} for {Generalized} {Transient} {Execution} {Gadgets} in the {Linux} {Kernel}},\n\turl = {Paper=https://download.vusec.net/papers/kasper_ndss22.pdf Slides=https://download.vusec.net/slides/kasper_ndss22.pdf Web=https://www.vusec.net/projects/kasper Code=https://github.com/vusec/kasper Video=https://www.youtube.com/watch?v=v89Zt3vxrww},\n\tbooktitle = {{NDSS}},\n\tauthor = {Johannesmeyer, Brian and Koschel, Jakob and Razavi, Kaveh and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = apr,\n\tyear = {2022},\n\tkeywords = {class\\_sidechannels, proj\\_intersect, proj\\_offcore, proj\\_theseus, proj\\_tropics, proj\\_unicore, proj\\_veripatch, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n cISP: A Speed-of-Light Internet Service Provider.\n \n \n \n\n\n \n Bhattacherjee, D.; Aqeel, W.; Jyothi, S. A.; Bozkurt, I. N.; Sentosa, W.; Tirmazi, M.; Aguirre, A.; Chandrasekaran, B.; Godfrey, B.; Laughlin, G.; Maggs, B. M.; and Singla, A.\n\n\n \n\n\n\n In NSDI, April 2022. \n \n\n\n\n
\n\n\n\n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{bhattacherjee_cisp_2022,\n\ttitle = {{cISP}: {A} {Speed}-of-{Light} {Internet} {Service} {Provider}},\n\tbooktitle = {{NSDI}},\n\tauthor = {Bhattacherjee, Debopam and Aqeel, Waqar and Jyothi, Sangeetha A. and Bozkurt, Ilker N. and Sentosa, William and Tirmazi, Muhammad and Aguirre, Anthony and Chandrasekaran, Balakrishnan and Godfrey, Brighten and Laughlin, Gregory and Maggs, Bruce M. and Singla, Ankit},\n\tmonth = apr,\n\tyear = {2022},\n\tkeywords = {class\\_network, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n DupeFS: Leaking Data Over the Network With Filesystem Deduplication Side Channels.\n \n \n \n \n\n\n \n Bacs, A.; Musaev, S.; Razavi, K.; Giuffrida, C.; and Bos, H.\n\n\n \n\n\n\n In FAST, February 2022. \n \n\n\n\n
\n\n\n\n \n \n $\"DupeFS:$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 127 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{bacs_dupefs_2022,\n\ttitle = {{DupeFS}: {Leaking} {Data} {Over} the {Network} {With} {Filesystem} {Deduplication} {Side} {Channels}},\n\turl = {Paper=https://download.vusec.net/papers/dupefs_fast22.pdf},\n\tbooktitle = {{FAST}},\n\tauthor = {Bacs, Andrei and Musaev, Saidgani and Razavi, Kaveh and Giuffrida, Cristiano and Bos, Herbert},\n\tmonth = feb,\n\tyear = {2022},\n\tkeywords = {class\\_sidechannels, proj\\_intersect, proj\\_offcore, proj\\_unicore, type\\_conf, type\\_mscthesis, type\\_paper, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n FirmWire: Transparent Dynamic Analysis for Cellular Baseband Firmware.\n \n \n \n \n\n\n \n Grant Hernandez; Marius Muench; Dominik Maier; Alyssa Milburn; Shinjo Park; Tobias Scharnowski; Tyler Tucker; Patrick Traynor; and Kevin R. B. Butler\n\n\n \n\n\n\n In NDSS, February 2022. \n \n\n\n\n
\n\n\n\n \n \n $\"FirmWire:$ Paper\n \n \n \n $\"FirmWire:$ Code\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 31 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{grant_hernandez_firmwire_2022,\n\ttitle = {{FirmWire}: {Transparent} {Dynamic} {Analysis} for {Cellular} {Baseband} {Firmware}},\n\turl = {Paper=https://hernan.de/research/papers/firmwire-ndss22-hernandez.pdf Code=https://github.com/FirmWire/FirmWire},\n\tbooktitle = {{NDSS}},\n\tauthor = {{Grant Hernandez} and {Marius Muench} and {Dominik Maier} and {Alyssa Milburn} and {Shinjo Park} and {Tobias Scharnowski} and {Tyler Tucker} and {Patrick Traynor} and {Kevin R. B. Butler}},\n\tmonth = feb,\n\tyear = {2022},\n\tkeywords = {class\\_binary, proj\\_intersect, proj\\_tropics, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n\n\n\n

\n\n

\n \n 2021\n \n \n (21)\n \n \n

\n \n \n

\n \n\n \n \n \n \n \n Tardis: A fault-tolerant design for network control planes.\n \n \n \n\n\n \n Zhou, Z.; Benson, T. A.; Canini, M.; and Chandrasekaran, B.\n\n\n \n\n\n\n In SOSR, December 2021. \n \n\n\n\n
\n\n\n\n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{zhou_tardis_2021,\n\ttitle = {Tardis: {A} fault-tolerant design for network control planes},\n\tbooktitle = {{SOSR}},\n\tauthor = {Zhou, Zhenyu and Benson, Theophilus A. and Canini, Marco and Chandrasekaran, Balakrishnan},\n\tmonth = dec,\n\tyear = {2021},\n\tkeywords = {class\\_network, type\\_conf, type\\_paper, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n Selfish & Opaque Transaction Ordering in the Bitcoin Blockchain: The Case for Chain Neutrality.\n \n \n \n\n\n \n Messias, J.; Alzayat, M.; Chandrasekaran, B.; Gummadi, K. P.; Loiseau, P.; and Mislove, A.\n\n\n \n\n\n\n In IMC, November 2021. \n \n\n\n\n
\n\n\n\n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{messias_selfish_2021,\n\ttitle = {Selfish \\& {Opaque} {Transaction} {Ordering} in the {Bitcoin} {Blockchain}: {The} {Case} for {Chain} {Neutrality}},\n\tbooktitle = {{IMC}},\n\tauthor = {Messias, Johnnatan and Alzayat, Mohamed and Chandrasekaran, Balakrishnan and Gummadi, Krishna P. and Loiseau, Patrick and Mislove, Alan},\n\tmonth = nov,\n\tyear = {2021},\n\tkeywords = {class\\_network, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Constantine: Automatic Side-Channel Resistance Using Efficient Control and Data Flow Linearization.\n \n \n \n \n\n\n \n Borrello, P.; D'Elia, D. C.; Querzoni, L.; and Giuffrida, C.\n\n\n \n\n\n\n In CCS, November 2021. \n \n\n\n\n
\n\n\n\n \n \n $\"Constantine:$ Paper\n \n \n \n $\"Constantine:$ Code\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 92 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{borrello_constantine_2021,\n\ttitle = {Constantine: {Automatic} {Side}-{Channel} {Resistance} {Using} {Efficient} {Control} and {Data} {Flow} {Linearization}},\n\turl = {Paper=https://download.vusec.net/papers/constantine_ccs21.pdf Code=https://github.com/pietroborrello/constantine},\n\tbooktitle = {{CCS}},\n\tauthor = {Borrello, Pietro and D'Elia, Daniele Cono and Querzoni, Leonardo and Giuffrida, Cristiano},\n\tmonth = nov,\n\tyear = {2021},\n\tkeywords = {class\\_sidechannels, proj\\_offcore, proj\\_react, proj\\_unicore, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n LeanSym: Efficient Hybrid Fuzzing Through Conservative Constraint Debloating.\n \n \n \n \n\n\n \n Mi, X.; Rawat, S.; Giuffrida, C.; and Bos, H.\n\n\n \n\n\n\n In RAID, October 2021. \n \n\n\n\n
\n\n\n\n \n \n $\"LeanSym:$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 41 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{mi_leansym_2021,\n\ttitle = {{LeanSym}: {Efficient} {Hybrid} {Fuzzing} {Through} {Conservative} {Constraint} {Debloating}},\n\turl = {https://download.vusec.net/papers/leansym_raid21.pdf},\n\tbooktitle = {{RAID}},\n\tauthor = {Mi, Xianya and Rawat, Sanjay and Giuffrida, Cristiano and Bos, Herbert},\n\tmonth = oct,\n\tyear = {2021},\n\tkeywords = {class\\_testing, proj\\_intersect, proj\\_memo, proj\\_theseus, proj\\_tropics, type\\_conf, type\\_paper, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Fault Injection as an Oscilloscope: Fault Correlation Analysis.\n \n \n \n \n\n\n \n Spruyt, A.; Milburn, A.; and Chmielewski, L.\n\n\n \n\n\n\n In CHES, September 2021. \n \n\n\n\n
\n\n\n\n \n \n $\"Fault$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{spruyt_fault_2021,\n\ttitle = {Fault {Injection} as an {Oscilloscope}: {Fault} {Correlation} {Analysis}},\n\turl = {https://repository.ubn.ru.nl/bitstream/handle/2066/230663/230663.pdf},\n\tbooktitle = {{CHES}},\n\tauthor = {Spruyt, Albert and Milburn, Alyssa and Chmielewski, Lukasz},\n\tmonth = sep,\n\tyear = {2021},\n\tkeywords = {class\\_sidechannels, type\\_conf, type\\_paper, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n Understanding the Security Implications of Kubernetes Networking.\n \n \n \n\n\n \n Minna, F.; Blaise, A.; Rebecchi, F.; Chandrasekaran, B.; and Massacci, F.\n\n\n \n\n\n\n . September 2021.\n \n\n\n\n
\n\n\n\n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n\n\n\n

@article{minna_understanding_2021,\n\ttitle = {Understanding the {Security} {Implications} of {Kubernetes} {Networking}},\n\tauthor = {Minna, Francesco and Blaise, Agathe and Rebecchi, Filippo and Chandrasekaran, Balakrishnan and Massacci, Fabio},\n\tmonth = sep,\n\tyear = {2021},\n\tkeywords = {class\\_network, type\\_journal, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Rage Against the Machine Clear: A Systematic Analysis of Machine Clears and Their Implications for Transient Execution Attacks.\n \n \n \n \n\n\n \n Ragab, H.; Barberis, E.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In USENIX Security, August 2021. \n Distinguished Paper Award, Intel Bounty Reward, Mozilla Bounty Reward, Pwnie Award Nomination for Most Innovative Research, Pwnie Award Nomination for Best Privilege Escalation Bug, Pwnie Award Nomination for Best Client-Side Bug, Pwnie Award Nomination for Epic Achievement, DCSR Paper Award, CSAW Best Paper Award Runner-up\n\n\n\n
\n\n\n\n \n \n $\"Rage$ Paper\n \n \n \n $\"Rage$ Web\n \n \n \n $\"Rage$ Code\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 296 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{ragab_rage_2021,\n\ttitle = {Rage {Against} the {Machine} {Clear}: {A} {Systematic} {Analysis} of {Machine} {Clears} and {Their} {Implications} for {Transient} {Execution} {Attacks}},\n\turl = {Paper=https://download.vusec.net/papers/fpvi-scsb_sec21.pdf Web=https://www.vusec.net/projects/fpvi-scsb Code=https://github.com/vusec/fpvi-scsb},\n\tbooktitle = {{USENIX} {Security}},\n\tauthor = {Ragab, Hany and Barberis, Enrico and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = aug,\n\tyear = {2021},\n\tnote = {Distinguished Paper Award, Intel Bounty Reward, Mozilla Bounty Reward, Pwnie Award Nomination for Most Innovative Research, Pwnie Award Nomination for Best Privilege Escalation Bug, Pwnie Award Nomination for Best Client-Side Bug, Pwnie Award Nomination for Epic Achievement, DCSR Paper Award, CSAW Best Paper Award Runner-up},\n\tkeywords = {class\\_sidechannels, proj\\_intersect, proj\\_offcore, proj\\_react, proj\\_unicore, type\\_award, type\\_bounty, type\\_conf, type\\_cve\\_assigned, type\\_paper, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Fine Grained Dataflow Tracking with Proximal Gradients.\n \n \n \n \n\n\n \n Ryan, G.; Shah, A.; She, D.; Bhat, K.; and Jana, S.\n\n\n \n\n\n\n In USENIX Security, August 2021. \n \n\n\n\n
\n\n\n\n \n \n $\"Fine$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 34 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{ryan_fine_2021,\n\ttitle = {Fine {Grained} {Dataflow} {Tracking} with {Proximal} {Gradients}},\n\turl = {http://arxiv.org/abs/1909.03461},\n\tbooktitle = {{USENIX} {Security}},\n\tauthor = {Ryan, Gabriel and Shah, Abhishek and She, Dongdong and Bhat, Koustubha and Jana, Suman},\n\tmonth = aug,\n\tyear = {2021},\n\tkeywords = {class\\_testing, proj\\_react, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n SMASH: Synchronized Many-sided Rowhammer Attacks From JavaScript.\n \n \n \n \n\n\n \n de Ridder, F.; Frigo, P.; Vannacci, E.; Bos, H.; Giuffrida, C.; and Razavi, K.\n\n\n \n\n\n\n In USENIX Security, August 2021. \n Pwnie Award Nomination for Most Under-Hyped Research, Best Faculty of Science Master Thesis Award\n\n\n\n
\n\n\n\n \n \n $\"SMASH:$ Paper\n \n \n \n $\"SMASH:$ Web\n \n \n \n $\"SMASH:$ Code\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 797 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{de_ridder_smash_2021,\n\ttitle = {{SMASH}: {Synchronized} {Many}-sided {Rowhammer} {Attacks} {From} {JavaScript}},\n\turl = {Paper=https://download.vusec.net/papers/smash_sec21.pdf Web=https://www.vusec.net/projects/smash Code=https://github.com/vusec/smash},\n\tbooktitle = {{USENIX} {Security}},\n\tauthor = {de Ridder, Finn and Frigo, Pietro and Vannacci, Emanuele and Bos, Herbert and Giuffrida, Cristiano and Razavi, Kaveh},\n\tmonth = aug,\n\tyear = {2021},\n\tnote = {Pwnie Award Nomination for Most Under-Hyped Research, Best Faculty of Science Master Thesis Award},\n\tkeywords = {class\\_rowhammer, proj\\_offcore, proj\\_panta, proj\\_react, proj\\_unicore, type\\_award, type\\_conf, type\\_csec, type\\_mscthesis, type\\_paper, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Puncturable Pseudorandom Sets and Private Information Retrieval with Near-Optimal Online Bandwidth and Time.\n \n \n \n \n\n\n \n Shi, E.; Aqeel, W.; Chandrasekaran, B.; and Maggs, B. M.\n\n\n \n\n\n\n In CRYPTO, August 2021. \n \n\n\n\n
\n\n\n\n \n \n $\"Puncturable$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 3 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{shi_puncturable_2021,\n\ttitle = {Puncturable {Pseudorandom} {Sets} and {Private} {Information} {Retrieval} with {Near}-{Optimal} {Online} {Bandwidth} and {Time}},\n\turl = {Paper=https://balakrishnanc.github.io/papers/shi-crypto2021.pdf},\n\tbooktitle = {{CRYPTO}},\n\tauthor = {Shi, Elaine and Aqeel, Waqar and Chandrasekaran, Balakrishnan and Maggs, Bruce M.},\n\tmonth = aug,\n\tyear = {2021},\n\tkeywords = {class\\_network, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n AnyOpt: Predicting and Optimizing IP Anycast Performance.\n \n \n \n \n\n\n \n Zhang, X.; Sen, T.; Zhang, Z.; April, T.; Chandrasekaran, B.; Choffnes, D.; Maggs, B. M.; Shen, H.; Sitaraman, R. K.; and Yang, X.\n\n\n \n\n\n\n In SIGCOMM, August 2021. \n \n\n\n\n
\n\n\n\n \n \n $\"AnyOpt:$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 4 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{zhang_anyopt_2021,\n\ttitle = {{AnyOpt}: {Predicting} and {Optimizing} {IP} {Anycast} {Performance}},\n\turl = {Paper=https://balakrishnanc.github.io/papers/zhang-sigcomm2021.pdf},\n\tbooktitle = {{SIGCOMM}},\n\tauthor = {Zhang, Xiao and Sen, Tanmoy and Zhang, Zheyuan and April, Tim and Chandrasekaran, Balakrishnan and Choffnes, David and Maggs, Bruce M. and Shen, Haiying and Sitaraman, Ramesh K. and Yang, Xiaowei},\n\tmonth = aug,\n\tyear = {2021},\n\tkeywords = {class\\_network, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n MAD: Memory Allocation meets Software Diversity.\n \n \n \n \n\n\n \n Wiesinger, M.; Daniel, D.; and Stefan, B.\n\n\n \n\n\n\n In June 2021. \n \n\n\n\n
\n\n\n\n \n \n $\"MAD:$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 10 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{wiesinger_mad_2021,\n\ttitle = {{MAD}: {Memory} {Allocation} meets {Software} {Diversity}},\n\turl = {https://dramsec.ethz.ch/papers/mad.pdf},\n\tauthor = {Wiesinger, Manuel and Daniel, Dorfmeister and Stefan, Brunthaler},\n\tmonth = jun,\n\tyear = {2021},\n\tkeywords = {class\\_rowhammer, type\\_paper, type\\_workshop},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n FIRestarter: Practical Software Crash Recovery with Targeted Library-level Fault Injection.\n \n \n \n \n\n\n \n Bhat, K.; van der Kouwe, E.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In DSN, June 2021. \n \n\n\n\n
\n\n\n\n \n \n $\"FIRestarter:$ Paper\n \n \n \n $\"FIRestarter:$ Code\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 50 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{bhat_firestarter_2021,\n\ttitle = {{FIRestarter}: {Practical} {Software} {Crash} {Recovery} with {Targeted} {Library}-level {Fault} {Injection}},\n\turl = {Paper=https://download.vusec.net/papers/firestarter_dsn21.pdf Code=https://github.com/vusec/firestarter},\n\tbooktitle = {{DSN}},\n\tauthor = {Bhat, Koustubha and van der Kouwe, Erik and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = jun,\n\tyear = {2021},\n\tkeywords = {class\\_reliability, proj\\_binrec, proj\\_panta, proj\\_react, proj\\_tropics, proj\\_unicore, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n CrossTalk: Speculative Data Leaks Across Cores Are Real.\n \n \n \n \n\n\n \n Ragab, H.; Milburn, A.; Razavi, K.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In S&P, May 2021. \n Intel Bounty Reward\n\n\n\n
\n\n\n\n \n \n $\"CrossTalk:$ Paper\n \n \n \n $\"CrossTalk:$ Web\n \n \n \n $\"CrossTalk:$ Code\n \n \n \n $\"CrossTalk:$ Press\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 541 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{ragab_crosstalk_2021,\n\ttitle = {{CrossTalk}: {Speculative} {Data} {Leaks} {Across} {Cores} {Are} {Real}},\n\turl = {Paper=https://download.vusec.net/papers/crosstalk_sp21.pdf Web=https://www.vusec.net/projects/crosstalk Code=https://github.com/vusec/ridl Press=https://bit.ly/3frdRuV},\n\tbooktitle = {S\\&{P}},\n\tauthor = {Ragab, Hany and Milburn, Alyssa and Razavi, Kaveh and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = may,\n\tyear = {2021},\n\tnote = {Intel Bounty Reward},\n\tkeywords = {class\\_sidechannels, proj\\_binrec, proj\\_offcore, proj\\_panta, proj\\_panta\\_list, proj\\_react, proj\\_unicore, type\\_award, type\\_bounty, type\\_conf, type\\_cve\\_assigned, type\\_paper, type\\_press, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n SoK: Enabling Security Analyses of Embedded Systems via Rehosting.\n \n \n \n \n\n\n \n Fasano, A.; Ballo, T.; Muench, M.; Leek, T.; Bulekov, A.; Dolan-Gavitt, B.; Egele, M.; Francillon, A.; Lu, L.; Gregory, N.; Balzarotti, D.; and Robertson, W.\n\n\n \n\n\n\n In ASIACCS, May 2021. \n \n\n\n\n
\n\n\n\n \n \n $\"SoK:$ Paper\n \n \n\n \n \n doi\n \n \n\n \n link\n \n \n\n bibtex\n \n\n \n \n \n abstract \n \n\n \n \n \n 21 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{fasano_sok_2021,\n\ttitle = {{SoK}: {Enabling} {Security} {Analyses} of {Embedded} {Systems} via {Rehosting}},\n\turl = {https://dl.acm.org/doi/pdf/10.1145/3433210.3453093},\n\tdoi = {10.1145/3433210.3453093},\n\tabstract = {Closely monitoring the behavior of a software system during its execution enables developers and analysts to observe, and ultimately understand, how it works. This kind of dynamic analysis can be instrumental to reverse engineering, vulnerability discovery, exploit development, and debugging. While these analyses are typically well-supported for homogeneous desktop platforms (e.g., x86 desktop PCs), they can rarely be applied in the heterogeneous world of embedded systems. One approach to enable dynamic analyses of embedded systems is to move software stacks from physical systems into virtual environments that sufficiently model hardware behavior. This process which we call "rehosting" poses a significant research challenge with major implications for security analyses. Although rehosting has traditionally been an unscientific and ad-hoc endeavor undertaken by domain experts with varying time and resources at their disposal, researchers are beginning to address rehosting challenges systematically and in earnest. In this paper, we establish that emulation is insufficient to conduct large-scale dynamic analysis of real-world hardware systems and present rehosting as a firmware-centric alternative. Furthermore, we taxonomize preliminary rehosting efforts, identify the fundamental components of the rehosting process, and propose directions for future research.},\n\tbooktitle = {{ASIACCS}},\n\tauthor = {Fasano, Andrew and Ballo, Tiemoko and Muench, Marius and Leek, Tim and Bulekov, Alexander and Dolan-Gavitt, Brendan and Egele, Manuel and Francillon, Aurélien and Lu, Long and Gregory, Nick and Balzarotti, Davide and Robertson, William},\n\tmonth = may,\n\tyear = {2021},\n\tkeywords = {class\\_binary, dynamic program analysis, embedded systems, emulation, firmware security, internet of things, proj\\_intersect, proj\\_tropics, rehosting, type\\_conf, type\\_paper, type\\_top, virtualization},\n}\n\n

\n\n\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n PIBE: Practical Kernel Control-flow Hardening with Profile-guided Indirect Branch Elimination.\n \n \n \n \n\n\n \n Duta, V.; Giuffrida, C.; Bos, H.; and van der Kouwe, E.\n\n\n \n\n\n\n In ASPLOS, April 2021. \n \n\n\n\n
\n\n\n\n \n \n $\"PIBE:$ Paper\n \n \n \n $\"PIBE:$ Code\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 11 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n Artifact Evaluation Badges:\n \n $\"Artifacts$ \n \n $\"Artifacts$ \n \n $\"Results$ \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{duta_pibe_2021,\n\ttitle = {{PIBE}: {Practical} {Kernel} {Control}-flow {Hardening} with {Profile}-guided {Indirect} {Branch} {Elimination}},\n\turl = {Paper=https://download.vusec.net/papers/pibe_asplos21.pdf Code=https://github.com/vusec/pibe},\n\tbooktitle = {{ASPLOS}},\n\tauthor = {Duta, Victor and Giuffrida, Cristiano and Bos, Herbert and van der Kouwe, Erik},\n\tmonth = apr,\n\tyear = {2021},\n\tkeywords = {artifacts:available, artifacts:functional, artifacts:reproduced, class\\_sanitizer, proj\\_binrec, proj\\_offcore, proj\\_panta, proj\\_react, proj\\_tropics, proj\\_unicore, type\\_ae, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n CollabFuzz: A Framework for Collaborative Fuzzing.\n \n \n \n \n\n\n \n Österlund, S.; Geretto, E.; Jemmett, A.; Güler, E.; Görz, P.; Holz, T.; Giuffrida, C.; and Bos, H.\n\n\n \n\n\n\n In EuroSec, April 2021. \n \n\n\n\n
\n\n\n\n \n \n $\"CollabFuzz:$ Paper\n \n \n \n $\"CollabFuzz:$ Code\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 444 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{osterlund_collabfuzz_2021,\n\ttitle = {{CollabFuzz}: {A} {Framework} for {Collaborative} {Fuzzing}},\n\turl = {Paper=https://download.vusec.net/papers/collabfuzz_eurosec21.pdf Code=https://github.com/vusec/collabfuzz},\n\tbooktitle = {{EuroSec}},\n\tauthor = {Österlund, Sebastian and Geretto, Elia and Jemmett, Andrea and Güler, Emre and Görz, Philipp and Holz, Thorsten and Giuffrida, Cristiano and Bos, Herbert},\n\tmonth = apr,\n\tyear = {2021},\n\tkeywords = {class\\_testing, proj\\_react, proj\\_securecode, type\\_csec, type\\_paper, type\\_workshop},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Who's Debugging the Debuggers? Exposing Debug Information Bugs in Optimized Binaries.\n \n \n \n \n\n\n \n Di Luna, G. A.; Italiano, D.; Massarelli, L.; Österlund, S.; Giuffrida, C.; and Querzoni, L.\n\n\n \n\n\n\n In ASPLOS, April 2021. \n Distinguished Paper Award\n\n\n\n
\n\n\n\n \n \n $\"Who's$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 111 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n Artifact Evaluation Badges:\n \n $\"Artifacts$ \n \n $\"Results$ \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{di_luna_whos_2021,\n\ttitle = {Who's {Debugging} the {Debuggers}? {Exposing} {Debug} {Information} {Bugs} in {Optimized} {Binaries}},\n\turl = {https://download.vusec.net/papers/debug2_asplos21.pdf},\n\tbooktitle = {{ASPLOS}},\n\tauthor = {Di Luna, Giuseppe Antonio and Italiano, Davide and Massarelli, Luca and Österlund, Sebastian and Giuffrida, Cristiano and Querzoni, Leonardo},\n\tmonth = apr,\n\tyear = {2021},\n\tnote = {Distinguished Paper Award},\n\tkeywords = {artifacts:functional, artifacts:reproduced, class\\_testing, proj\\_react, proj\\_securecode, type\\_ae, type\\_award, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n SoC Security Evaluation: Reflections on Methodology and Tooling.\n \n \n \n \n\n\n \n Corteggiani, N.; Camurati, G.; Muench, M.; Poeplau, S.; and Francillon, A.\n\n\n \n\n\n\n IEEE Design & Test, 38(1): 7–13. February 2021.\n \n\n\n\n
\n\n\n\n \n \n $\"SoC$ Paper\n \n \n\n \n \n doi\n \n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 14 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n\n\n\n

@article{corteggiani_soc_2021,\n\ttitle = {{SoC} {Security} {Evaluation}: {Reflections} on {Methodology} and {Tooling}},\n\tvolume = {38},\n\tissn = {2168-2356, 2168-2364},\n\tshorttitle = {{SoC} {Security} {Evaluation}},\n\turl = {https://www.eurecom.fr/publication/6307/download/sec-publi-6307.pdf},\n\tdoi = {10.1109/MDAT.2020.3013827},\n\tnumber = {1},\n\turldate = {2021-08-19},\n\tjournal = {IEEE Design \\& Test},\n\tauthor = {Corteggiani, Nassim and Camurati, Giovanni and Muench, Marius and Poeplau, Sebastian and Francillon, Aurelien},\n\tmonth = feb,\n\tyear = {2021},\n\tkeywords = {class\\_binary, type\\_journal, type\\_paper},\n\tpages = {7--13},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Automatically Eliminating Speculative Leaks from Cryptographic Code with Blade.\n \n \n \n \n\n\n \n Vassena, M.; Disselkoen, C.; von Gleissenthall, K.; Cauligi, S.; Ghokan Kici, R.; Jhala, R.; Tullsen, D.; and Stefan, D.\n\n\n \n\n\n\n In POPL, January 2021. \n Distinguished Paper Award\n\n\n\n
\n\n\n\n \n \n $\"Automatically$ Paper\n \n \n \n $\"Automatically$ Code\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 20 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{vassena_automatically_2021,\n\ttitle = {Automatically {Eliminating} {Speculative} {Leaks} from {Cryptographic} {Code} with {Blade}},\n\turl = {Paper=http://goto.ucsd.edu/~gleissen/papers/blade.pdf Code=https://github.com/plsyssec/lucet-blade},\n\tbooktitle = {{POPL}},\n\tauthor = {Vassena, Marco and Disselkoen, Craig and von Gleissenthall, Klaus and Cauligi, Sunjay and Ghokan Kici, Rami and Jhala, Ranjit and Tullsen, Dean and Stefan, Deian},\n\tmonth = jan,\n\tyear = {2021},\n\tnote = {Distinguished Paper Award},\n\tkeywords = {class\\_sidechannels, type\\_award, type\\_conf, type\\_paper, type\\_tier1, type\\_top, verification},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Solver-Aided Constant-Time Hardware Verification.\n \n \n \n \n\n\n \n von Gleissenthall, K.; Gökhan Kici, R.; Stefan, D.; and Jhala, R.\n\n\n \n\n\n\n In CCS, November 2021. \n \n\n\n\n
\n\n\n\n \n \n $\"Solver-Aided$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 4 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{von_gleissenthall_solver-aided_2021,\n\ttitle = {Solver-{Aided} {Constant}-{Time} {Hardware} {Verification}},\n\turl = {Paper=http://goto.ucsd.edu/~gleissen/papers/xenon.pdf},\n\tbooktitle = {{CCS}},\n\tauthor = {von Gleissenthall, Klaus and Gökhan Kici, Rami and Stefan, Deian and Jhala, Ranjit},\n\tmonth = nov,\n\tyear = {2021},\n\tkeywords = {type\\_conf, type\\_paper, type\\_tier1, type\\_top, verification},\n}\n\n

\n\n\n\n

\n\n\n\n\n\n

\n\n

\n \n 2020\n \n \n (12)\n \n \n

\n \n \n

\n \n\n \n \n \n \n \n \n Cupid: Automatic Fuzzer Selection for Collaborative Fuzzing.\n \n \n \n \n\n\n \n Güler, E.; Görz, P.; Geretto, E.; Jemmett, A.; Österlund, S.; Bos, H.; Giuffrida, C.; and Holz, T.\n\n\n \n\n\n\n In ACSAC, December 2020. \n \n\n\n\n
\n\n\n\n \n \n $\"Cupid:$ Paper\n \n \n \n $\"Cupid:$ Code\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 69 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n Artifact Evaluation Badges:\n \n $\"Artifacts$ \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{guler_cupid_2020,\n\ttitle = {Cupid: {Automatic} {Fuzzer} {Selection} for {Collaborative} {Fuzzing}},\n\turl = {Paper=https://download.vusec.net/papers/cupid_acsac20.pdf Code=https://github.com/RUB-SysSec/cupid},\n\tbooktitle = {{ACSAC}},\n\tauthor = {Güler, Emre and Görz, Philipp and Geretto, Elia and Jemmett, Andrea and Österlund, Sebastian and Bos, Herbert and Giuffrida, Cristiano and Holz, Thorsten},\n\tmonth = dec,\n\tyear = {2020},\n\tkeywords = {artifacts:reusable, class\\_testing, proj\\_react, type\\_ae, type\\_conf, type\\_csec, type\\_paper, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Speculative Probing: Hacking Blind in the Spectre Era.\n \n \n \n \n\n\n \n Goktas, E.; Razavi, K.; Portokalidis, G.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In CCS, November 2020. \n Pwnie Award for Most Innovative Research\n\n\n\n
\n\n\n\n \n \n $\"Speculative$ Paper\n \n \n \n $\"Speculative$ Web\n \n \n \n $\"Speculative$ Code\n \n \n \n $\"Speculative$ Press\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 677 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{goktas_speculative_2020,\n\ttitle = {Speculative {Probing}: {Hacking} {Blind} in the {Spectre} {Era}},\n\turl = {Paper=https://download.vusec.net/papers/blindside_ccs20.pdf Web=https://www.vusec.net/projects/blindside Code=https://github.com/vusec/blindside Press=https://bit.ly/3c4MkhU},\n\tbooktitle = {{CCS}},\n\tauthor = {Goktas, Enes and Razavi, Kaveh and Portokalidis, Georgios and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = nov,\n\tyear = {2020},\n\tnote = {Pwnie Award for Most Innovative Research},\n\tkeywords = {class\\_sidechannels, proj\\_offcore, proj\\_panta, proj\\_panta\\_list, proj\\_react, proj\\_unicore, type\\_award, type\\_conf, type\\_csec, type\\_paper, type\\_press, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n SecurePay: Strengthening Two-Factor Authentication for Arbitrary Transactions.\n \n \n \n \n\n\n \n Konoth, R. K.; Fischer, B.; Fokkink, W.; Athanasopoulos, E.; Razavi, K.; and Bos, H.\n\n\n \n\n\n\n In EuroS&P, September 2020. \n Best Paper Award\n\n\n\n
\n\n\n\n \n \n $\"SecurePay:$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 92 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{konoth_securepay_2020,\n\ttitle = {{SecurePay}: {Strengthening} {Two}-{Factor} {Authentication} for {Arbitrary} {Transactions}},\n\turl = {https://download.vusec.net/papers/securepay_eurosp20.pdf},\n\tbooktitle = {{EuroS}\\&{P}},\n\tauthor = {Konoth, Radhesh Krishnan and Fischer, Bjorn and Fokkink, Wan and Athanasopoulos, Elias and Razavi, Kaveh and Bos, Herbert},\n\tmonth = sep,\n\tyear = {2020},\n\tnote = {Best Paper Award},\n\tkeywords = {class\\_mobile, type\\_conf, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n TagBleed: Breaking KASLR on the Isolated Kernel Address Space Using Tagged TLBs.\n \n \n \n \n\n\n \n Koschel, J.; Giuffrida, C.; Bos, H.; and Razavi, K.\n\n\n \n\n\n\n In EuroS&P, September 2020. \n \n\n\n\n
\n\n\n\n \n \n $\"TagBleed:$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 39 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{koschel_tagbleed_2020,\n\ttitle = {{TagBleed}: {Breaking} {KASLR} on the {Isolated} {Kernel} {Address} {Space} {Using} {Tagged} {TLBs}},\n\turl = {https://download.vusec.net/papers/tagbleed_eurosp20.pdf},\n\tbooktitle = {{EuroS}\\&{P}},\n\tauthor = {Koschel, Jakob and Giuffrida, Cristiano and Bos, Herbert and Razavi, Kaveh},\n\tmonth = sep,\n\tyear = {2020},\n\tkeywords = {class\\_sidechannels, proj\\_offcore, proj\\_panta, proj\\_react, proj\\_unicore, type\\_conf, type\\_paper, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n ParmeSan: Sanitizer-guided Greybox Fuzzing.\n \n \n \n \n\n\n \n Österlund, S.; Razavi, K.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In USENIX Security, August 2020. \n \n\n\n\n
\n\n\n\n \n \n $\"ParmeSan:$ Paper\n \n \n \n $\"ParmeSan:$ Code\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 78 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{osterlund_parmesan_2020,\n\ttitle = {{ParmeSan}: {Sanitizer}-guided {Greybox} {Fuzzing}},\n\turl = {Paper=https://download.vusec.net/papers/parmesan_sec20.pdf Code=https://github.com/vusec/parmesan},\n\tbooktitle = {{USENIX} {Security}},\n\tauthor = {Österlund, Sebastian and Razavi, Kaveh and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = aug,\n\tyear = {2020},\n\tkeywords = {class\\_testing, proj\\_binrec, proj\\_panta, proj\\_react, proj\\_securecode, proj\\_vici, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Towards Constant-Time Foundations for the New Spectre Era.\n \n \n \n \n\n\n \n Cauligi, S.; Disselkoen, C.; von Gleissenthall, K.; Tullsen, D.; Stefan, D.; Rezk, T.; and Barthe, G.\n\n\n \n\n\n\n In PLDI, June 2020. \n \n\n\n\n
\n\n\n\n \n \n $\"Towards$ Paper\n \n \n \n $\"Towards$ Code\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 4 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{cauligi_towards_2020,\n\ttitle = {Towards {Constant}-{Time} {Foundations} for the {New} {Spectre} {Era}},\n\turl = {Paper=http://goto.ucsd.edu/~gleissen/papers/spectre-semantics.pdf Code=https://pitchfork.programming.systems/},\n\tbooktitle = {{PLDI}},\n\tauthor = {Cauligi, Sunjay and Disselkoen, Craig and von Gleissenthall, Klaus and Tullsen, Dean and Stefan, Deian and Rezk, Tamara and Barthe, Gilles},\n\tmonth = jun,\n\tyear = {2020},\n\tkeywords = {class\\_sidechannels, type\\_conf, type\\_paper, type\\_tier1, type\\_top, verification},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n NetCAT: Practical Cache Attacks from the Network.\n \n \n \n \n\n\n \n Kurth, M.; Gras, B.; Andriesse, D.; Giuffrida, C.; Bos, H.; and Razavi, K.\n\n\n \n\n\n\n In S&P, May 2020. \n Intel Bounty Reward, Pwnie Award Nomination for Most Innovative Research\n\n\n\n
\n\n\n\n \n \n $\"NetCAT:$ Paper\n \n \n \n $\"NetCAT:$ Slides\n \n \n \n $\"NetCAT:$ Web\n \n \n \n $\"NetCAT:$ Press\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 367 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{kurth_netcat_2020,\n\ttitle = {{NetCAT}: {Practical} {Cache} {Attacks} from the {Network}},\n\turl = {Paper=https://download.vusec.net/papers/netcat_sp20.pdf Slides=https://download.vusec.net/slides/netcat_sp20.pdf Web=https://www.vusec.net/projects/netcat Press=https://bit.ly/2LULskB},\n\tbooktitle = {S\\&{P}},\n\tauthor = {Kurth, Michael and Gras, Ben and Andriesse, Dennis and Giuffrida, Cristiano and Bos, Herbert and Razavi, Kaveh},\n\tmonth = may,\n\tyear = {2020},\n\tnote = {Intel Bounty Reward, Pwnie Award Nomination for Most Innovative Research},\n\tkeywords = {class\\_sidechannels, proj\\_offcore, proj\\_panta, proj\\_react, proj\\_unicore, proj\\_vici, type\\_award, type\\_bounty, type\\_conf, type\\_csec, type\\_cve\\_assigned, type\\_mscthesis, type\\_paper, type\\_press, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n TRRespass: Exploiting the Many Sides of Target Row Refresh.\n \n \n \n \n\n\n \n Frigo, P.; Vannacci, E.; Hassan, H.; van der Veen, V.; Mutlu, O.; Giuffrida, C.; Bos, H.; and Razavi, K.\n\n\n \n\n\n\n In S&P, May 2020. \n Best Paper Award, Pwnie Award for Most Innovative Research, IEEE Micro Top Picks Honorable Mention, DCSR Paper Award\n\n\n\n
\n\n\n\n \n \n $\"TRRespass:$ Paper\n \n \n \n $\"TRRespass:$ Slides\n \n \n \n $\"TRRespass:$ Web\n \n \n \n $\"TRRespass:$ Code\n \n \n \n $\"TRRespass:$ Press\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 858 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{frigo_trrespass_2020,\n\ttitle = {{TRRespass}: {Exploiting} the {Many} {Sides} of {Target} {Row} {Refresh}},\n\turl = {Paper=https://download.vusec.net/papers/trrespass_sp20.pdf Slides=https://download.vusec.net/slides/trrespass_sp20.pdf Web=https://www.vusec.net/projects/trrespass Code=https://github.com/vusec/trrespass Press=https://bit.ly/2UXWKJ4},\n\tbooktitle = {S\\&{P}},\n\tauthor = {Frigo, Pietro and Vannacci, Emanuele and Hassan, Hasan and van der Veen, Victor and Mutlu, Onur and Giuffrida, Cristiano and Bos, Herbert and Razavi, Kaveh},\n\tmonth = may,\n\tyear = {2020},\n\tnote = {Best Paper Award, Pwnie Award for Most Innovative Research, IEEE Micro Top Picks Honorable Mention, DCSR Paper Award},\n\tkeywords = {class\\_rowhammer, proj\\_offcore, proj\\_panta, proj\\_react, proj\\_unicore, proj\\_vici, type\\_award, type\\_conf, type\\_cve\\_assigned, type\\_paper, type\\_press, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Benchmarking Flaws Undermine Security Research.\n \n \n \n \n\n\n \n Van Der Kouwe, E.; Heiser, G.; Andriesse, D.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n IEEE S&P Magazine, 18(3): 48–57. May 2020.\n \n\n\n\n
\n\n\n\n \n \n $\"Benchmarking$ Paper\n \n \n \n $\"Benchmarking$ Web\n \n \n \n $\"Benchmarking$ Press\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 12 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@article{van_der_kouwe_benchmarking_2020,\n\ttitle = {Benchmarking {Flaws} {Undermine} {Security} {Research}},\n\tvolume = {18},\n\turl = {Paper=https://download.vusec.net/papers/benchmarking_sp20.pdf Web=https://www.vusec.net/projects/benchmarking-crimes Press=https://bit.ly/3knxXIk},\n\tnumber = {3},\n\tjournal = {IEEE S\\&P Magazine},\n\tauthor = {Van Der Kouwe, Erik and Heiser, Gernot and Andriesse, Dennis and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = may,\n\tyear = {2020},\n\tkeywords = {class\\_sanitizer, class\\_sok, proj\\_binrec, proj\\_panta, proj\\_react, proj\\_securecode, proj\\_unicore, proj\\_vici, type\\_csec, type\\_mag, type\\_paper},\n\tpages = {48--57},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n PANDAcap: A Framework for Streamlining Collection of Full-System Traces.\n \n \n \n \n\n\n \n Stamatogiannakis, M.; Bos, H.; and Groth, P.\n\n\n \n\n\n\n In EuroSec, April 2020. \n \n\n\n\n
\n\n\n\n \n \n $\"PANDAcap:$ Paper\n \n \n \n $\"PANDAcap:$ Slides\n \n \n \n $\"PANDAcap:$ Code\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 41 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{stamatogiannakis_pandacap_2020,\n\ttitle = {{PANDAcap}: {A} {Framework} for {Streamlining} {Collection} of {Full}-{System} {Traces}},\n\turl = {Paper=https://download.vusec.net/papers/pandacap-eurosec20.pdf Slides=https://download.vusec.net/slides/pandacap-eurosec20.pdf Code=https://github.com/vusec/pandacap},\n\tbooktitle = {{EuroSec}},\n\tauthor = {Stamatogiannakis, Manolis and Bos, Herbert and Groth, Paul},\n\tmonth = apr,\n\tyear = {2020},\n\tkeywords = {PANDA, class\\_provenance, dataset, docker, framework, honeypot, record and replay, type\\_paper, type\\_workshop},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n BinRec: Dynamic Binary Lifting and Recompilation.\n \n \n \n \n\n\n \n Altinay, A.; Nash, J.; Kroes, T.; Rajasekaran, P.; Zhou, D.; Dabrowski, A.; Gens, D.; Na, Y.; Volckaert, S.; Giuffrida, C.; Bos, H.; and Franz, M.\n\n\n \n\n\n\n In EuroSys, April 2020. \n \n\n\n\n
\n\n\n\n \n \n $\"BinRec:$ Paper\n \n \n \n $\"BinRec:$ Code\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 88 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{altinay_binrec_2020,\n\ttitle = {{BinRec}: {Dynamic} {Binary} {Lifting} and {Recompilation}},\n\turl = {Paper=https://download.vusec.net/papers/binrec_eurosys20.pdf Code=https://github.com/securesystemslab/BinRec},\n\tbooktitle = {{EuroSys}},\n\tauthor = {Altinay, Anil and Nash, Joseph and Kroes, Taddeus and Rajasekaran, Prabhu and Zhou, Dixin and Dabrowski, Adrian and Gens, David and Na, Yeoul and Volckaert, Stijn and Giuffrida, Cristiano and Bos, Herbert and Franz, Michael},\n\tmonth = apr,\n\tyear = {2020},\n\tkeywords = {class\\_binary, proj\\_binrec, proj\\_vici, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n ABSynthe: Automatic Blackbox Side-channel Synthesis on Commodity Microarchitectures.\n \n \n \n \n\n\n \n Gras, B.; Giuffrida, C.; Kurth, M.; Bos, H.; and Razavi, K.\n\n\n \n\n\n\n In NDSS, February 2020. \n \n\n\n\n
\n\n\n\n \n \n $\"ABSynthe:$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 65 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{gras_absynthe_2020,\n\ttitle = {{ABSynthe}: {Automatic} {Blackbox} {Side}-channel {Synthesis} on {Commodity} {Microarchitectures}},\n\turl = {https://download.vusec.net/papers/absynthe_ndss20.pdf},\n\tbooktitle = {{NDSS}},\n\tauthor = {Gras, Ben and Giuffrida, Cristiano and Kurth, Michael and Bos, Herbert and Razavi, Kaveh},\n\tmonth = feb,\n\tyear = {2020},\n\tkeywords = {class\\_sidechannels, proj\\_offcore, proj\\_panta, proj\\_react, proj\\_unicore, proj\\_vici, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n\n\n\n

\n\n

\n \n 2019\n \n \n (9)\n \n \n

\n \n \n

\n \n\n \n \n \n \n \n \n VPS: Excavating High-Level C++ Constructs from Low-Level Binaries to Protect Dynamic Dispatching.\n \n \n \n \n\n\n \n Pawlowski, A.; van der Veen, V.; Andriesse, D.; van der Kouwe, E.; Holz, T.; Giuffrida, C.; and Bos, H.\n\n\n \n\n\n\n In ACSAC, December 2019. \n \n\n\n\n
\n\n\n\n \n \n $\"VPS:$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 10 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{pawlowski_vps_2019,\n\ttitle = {{VPS}: {Excavating} {High}-{Level} {C}++ {Constructs} from {Low}-{Level} {Binaries} to {Protect} {Dynamic} {Dispatching}},\n\turl = {https://download.vusec.net/papers/vps_acsac19.pdf},\n\tbooktitle = {{ACSAC}},\n\tauthor = {Pawlowski, Andre and van der Veen, Victor and Andriesse, Dennis and van der Kouwe, Erik and Holz, Thorsten and Giuffrida, Cristiano and Bos, Herbert},\n\tmonth = dec,\n\tyear = {2019},\n\tkeywords = {class\\_armor, proj\\_binrec, proj\\_react, proj\\_unicore, type\\_conf, type\\_csec, type\\_paper, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n IODINE: Verifying Constant-Time Execution of Hardware.\n \n \n \n \n\n\n \n von Gleissenthall, K.; Gokhan Kici, R.; Stefan, D.; and Jhala, R.\n\n\n \n\n\n\n In USENIX Security, August 2019. \n \n\n\n\n
\n\n\n\n \n \n $\"IODINE:$ Paper\n \n \n \n $\"IODINE:$ Code\n \n \n \n $\"IODINE:$ Slides\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 5 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{von_gleissenthall_iodine_2019,\n\ttitle = {{IODINE}: {Verifying} {Constant}-{Time} {Execution} of {Hardware}},\n\turl = {Paper=http://goto.ucsd.edu/~gleissen/papers/iodine.pdf Code=https://github.com/gokhankici/iodine Slides=http://goto.ucsd.edu/~gleissen/papers/iodine-slides.pdf},\n\tbooktitle = {{USENIX} {Security}},\n\tauthor = {von Gleissenthall, Klaus and Gokhan Kici, Rami and Stefan, Deian and Jhala, Ranjit},\n\tmonth = aug,\n\tyear = {2019},\n\tkeywords = {type\\_conf, type\\_paper, type\\_tier1, type\\_top, verification},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Terminal Brain Damage: Exposing the Graceless Degradation in Deep Neural Networks Under Hardware Fault Attacks.\n \n \n \n \n\n\n \n Hong, S.; Frigo, P.; Kaya, Y.; Giuffrida, C.; and Dumitras, T.\n\n\n \n\n\n\n In USENIX Security, August 2019. \n \n\n\n\n
\n\n\n\n \n \n $\"Terminal$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 14 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{hong_terminal_2019,\n\ttitle = {Terminal {Brain} {Damage}: {Exposing} the {Graceless} {Degradation} in {Deep} {Neural} {Networks} {Under} {Hardware} {Fault} {Attacks}},\n\turl = {https://download.vusec.net/papers/deephammer_sec19.pdf},\n\tbooktitle = {{USENIX} {Security}},\n\tauthor = {Hong, Sanghyun and Frigo, Pietro and Kaya, Yigitcan and Giuffrida, Cristiano and Dumitras, Tudor},\n\tmonth = aug,\n\tyear = {2019},\n\tkeywords = {class\\_rowhammer, proj\\_panta, proj\\_panta\\_list, proj\\_react, proj\\_unicore, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n SoK: Benchmarking Flaws in Systems Security.\n \n \n \n \n\n\n \n van der Kouwe, E.; Heiser, G.; Andriesse, D.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In EuroS&P, June 2019. \n \n\n\n\n
\n\n\n\n \n \n $\"SoK:$ Paper\n \n \n \n $\"SoK:$ Slides\n \n \n \n $\"SoK:$ Web\n \n \n \n $\"SoK:$ Press\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 148 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{van_der_kouwe_sok_2019,\n\ttitle = {{SoK}: {Benchmarking} {Flaws} in {Systems} {Security}},\n\turl = {Paper=https://download.vusec.net/papers/benchmarking-crimes_eurosp19.pdf  Slides=https://www.vusec.net/wp-content/uploads/2019/06/Benchmarking-Flaws-in-Systems-Security-EuroSP2019.pdf Web=https://www.vusec.net/projects/benchmarking-crimes Press=https://bit.ly/3knxXIk},\n\tbooktitle = {{EuroS}\\&{P}},\n\tauthor = {van der Kouwe, Erik and Heiser, Gernot and Andriesse, Dennis and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = jun,\n\tyear = {2019},\n\tkeywords = {class\\_sanitizer, class\\_sok, proj\\_binrec, proj\\_panta, proj\\_react, proj\\_securecode, proj\\_unicore, proj\\_vici, type\\_conf, type\\_csec, type\\_paper, type\\_press, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Exploiting Correcting Codes: On the Effectiveness of ECC Memory Against Rowhammer Attacks.\n \n \n \n \n\n\n \n Cojocar, L.; Razavi, K.; Giuffrida, C.; and Bos, H.\n\n\n \n\n\n\n In S&P, May 2019. \n Best Practical Paper Award, Pwnie Award Nomination for Most Innovative Research\n\n\n\n
\n\n\n\n \n \n $\"Exploiting$ Paper\n \n \n \n $\"Exploiting$ Slides\n \n \n \n $\"Exploiting$ Web\n \n \n \n $\"Exploiting$ Press\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 362 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{cojocar_exploiting_2019,\n\ttitle = {Exploiting {Correcting} {Codes}: {On} the {Effectiveness} of {ECC} {Memory} {Against} {Rowhammer} {Attacks}},\n\turl = {Paper=https://download.vusec.net/papers/eccploit_sp19.pdf Slides=https://www.ieee-security.org/TC/SP2019/SP19-Slides-pdfs/Lucian_Cojocar_Exploiting_Correcting_Codes_slides-ecc-new.pdf Web=https://www.vusec.net/projects/eccploit Press=https://bit.ly/2UcucNv},\n\tbooktitle = {S\\&{P}},\n\tauthor = {Cojocar, Lucian and Razavi, Kaveh and Giuffrida, Cristiano and Bos, Herbert},\n\tmonth = may,\n\tyear = {2019},\n\tnote = {Best Practical Paper Award, Pwnie Award Nomination for Most Innovative Research},\n\tkeywords = {class\\_rowhammer, proj\\_panta, proj\\_react, proj\\_unicore, proj\\_vici, type\\_award, type\\_conf, type\\_csec, type\\_cve\\_assigned, type\\_paper, type\\_press, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n RIDL: Rogue In-flight Data Load.\n \n \n \n \n\n\n \n van Schaik, S.; Milburn, A.; Österlund, S.; Frigo, P.; Maisuradze, G.; Razavi, K.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In S&P, May 2019. \n Intel Bounty Reward (Highest To Date), Pwnie Award Nomination for Most Innovative Research, CSAW Best Paper Award Runner-up, DCSR Paper Award\n\n\n\n
\n\n\n\n \n \n $\"RIDL:$ Paper\n \n \n \n $\"RIDL:$ Slides\n \n \n \n $\"RIDL:$ Web\n \n \n \n $\"RIDL:$ Code\n \n \n \n $\"RIDL:$ Press\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 108 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{van_schaik_ridl_2019,\n\ttitle = {{RIDL}: {Rogue} {In}-flight {Data} {Load}},\n\turl = {Paper=https://mdsattacks.com/files/ridl.pdf Slides=https://mdsattacks.com/slides/slides.html Web=https://mdsattacks.com Code=https://github.com/vusec/ridl Press=http://mdsattacks.com},\n\tbooktitle = {S\\&{P}},\n\tauthor = {van Schaik, Stephan and Milburn, Alyssa and Österlund, Sebastian and Frigo, Pietro and Maisuradze, Giorgi and Razavi, Kaveh and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = may,\n\tyear = {2019},\n\tnote = {Intel Bounty Reward (Highest To Date), Pwnie Award Nomination for Most Innovative Research, CSAW Best Paper Award Runner-up, DCSR Paper Award},\n\tkeywords = {class\\_sidechannels, proj\\_offcore, proj\\_panta, proj\\_panta\\_list, proj\\_react, proj\\_unicore, proj\\_vici, type\\_award, type\\_bounty, type\\_conf, type\\_cve\\_assigned, type\\_paper, type\\_press, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n ProbeGuard: Mitigating Probing Attacks Through Reactive Program Transformations.\n \n \n \n \n\n\n \n Bhat, K.; van der Kouwe, E.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In ASPLOS, April 2019. \n \n\n\n\n
\n\n\n\n \n \n $\"ProbeGuard:$ Paper\n \n \n \n $\"ProbeGuard:$ Web\n \n \n \n $\"ProbeGuard:$ Code\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 31 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{bhat_probeguard_2019,\n\ttitle = {{ProbeGuard}: {Mitigating} {Probing} {Attacks} {Through} {Reactive} {Program} {Transformations}},\n\turl = {Paper=https://download.vusec.net/papers/probeguard_asplos19.pdf Web=https://www.vusec.net/projects/nowhere-to-hide Code=https://github.com/vusec/probeguard},\n\tbooktitle = {{ASPLOS}},\n\tauthor = {Bhat, Koustubha and van der Kouwe, Erik and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = apr,\n\tyear = {2019},\n\tkeywords = {class\\_ih, proj\\_binrec, proj\\_panta, proj\\_panta\\_list, proj\\_react, proj\\_securecode, proj\\_vici, type\\_conf, type\\_csec, type\\_paper, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n kMVX: Detecting Kernel Information Leaks with Multi-variant Execution.\n \n \n \n \n\n\n \n Österlund, S.; Koning, K.; Olivier, P.; Barbalace, A.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In ASPLOS, April 2019. \n \n\n\n\n
\n\n\n\n \n \n $\"kMVX:$ Paper\n \n \n \n $\"kMVX:$ Web\n \n \n \n $\"kMVX:$ Code\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 68 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{osterlund_kmvx_2019,\n\ttitle = {{kMVX}: {Detecting} {Kernel} {Information} {Leaks} with {Multi}-variant {Execution}},\n\turl = {Paper=https://download.vusec.net/papers/kmvx_asplos19.pdf Web=https://www.vusec.net/projects/kmvx Code=https://github.com/vusec/kmvx},\n\tbooktitle = {{ASPLOS}},\n\tauthor = {Österlund, Sebastian and Koning, Koen and Olivier, Pierre and Barbalace, Antonio and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = apr,\n\tyear = {2019},\n\tkeywords = {class\\_armor, proj\\_panta, proj\\_react, proj\\_securecode, proj\\_unicore, proj\\_vici, type\\_conf, type\\_mscthesis, type\\_paper, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Are All Citations Worth the Same? Valuing Citations by the Value of the Citing Items.\n \n \n \n \n\n\n \n Giuffrida, C.; Abramo, G.; and D'Angelo, C. A.\n\n\n \n\n\n\n JOI. January 2019.\n \n\n\n\n
\n\n\n\n \n \n $\"Are$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 4 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@article{giuffrida_are_2019,\n\ttitle = {Are {All} {Citations} {Worth} the {Same}? {Valuing} {Citations} by the {Value} of the {Citing} {Items}},\n\turl = {https://www.cs.vu.nl/~giuffrida/papers/citing-cited_joi19.pdf},\n\tjournal = {JOI},\n\tauthor = {Giuffrida, Cristiano and Abramo, Giovanni and D'Angelo, Ciriaco Andrea},\n\tmonth = jan,\n\tyear = {2019},\n\tkeywords = {authors, disambiguation, heuristics, proper names, scholars, type\\_journal, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n\n\n\n

\n\n

\n \n 2018\n \n \n (18)\n \n \n

\n \n \n

\n \n\n \n \n \n \n \n \n Now You See Me: Real-time Dynamic Function Call Detection.\n \n \n \n \n\n\n \n de Goër, F.; Rawat, S.; Andriesse, D.; Bos, H.; and Groz, R.\n\n\n \n\n\n\n In ACSAC, December 2018. \n \n\n\n\n
\n\n\n\n \n \n $\"Now$ Paper\n \n \n \n $\"Now$ Code\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 5 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{de_goer_now_2018,\n\ttitle = {Now {You} {See} {Me}: {Real}-time {Dynamic} {Function} {Call} {Detection}},\n\turl = {Paper=https://syssec.mistakenot.net/papers/acsac18.pdf Code=https://github.com/Frky/iCi},\n\tbooktitle = {{ACSAC}},\n\tauthor = {de Goër, Franck and Rawat, Sanjay and Andriesse, Dennis and Bos, Herbert and Groz, Roland},\n\tmonth = dec,\n\tyear = {2018},\n\tkeywords = {Reverse-engineering, binary analysis, class\\_binary, dynamic instrumentation, type\\_conf, type\\_csec, type\\_paper, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Type-After-Type: Practical and Complete Type-Safe Memory Reuse.\n \n \n \n \n\n\n \n van der Kouwe, E.; Kroes, T.; Ouwehand, C.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In ACSAC, December 2018. \n \n\n\n\n
\n\n\n\n \n \n $\"Type-After-Type:$ Paper\n \n \n \n $\"Type-After-Type:$ Code\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 22 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{van_der_kouwe_type-after-type_2018,\n\ttitle = {Type-{After}-{Type}: {Practical} and {Complete} {Type}-{Safe} {Memory} {Reuse}},\n\turl = {Paper=https://download.vusec.net/papers/tat_acsac18.pdf Code=https://github.com/vusec/type-after-type},\n\tbooktitle = {{ACSAC}},\n\tauthor = {van der Kouwe, Erik and Kroes, Taddeus and Ouwehand, Chris and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = dec,\n\tyear = {2018},\n\tkeywords = {class\\_sanitizer, proj\\_binrec, proj\\_panta, proj\\_panta\\_list, proj\\_react, proj\\_securecode, proj\\_vici, type\\_conf, type\\_paper, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n TIFF: Using Input Type Inference To Improve Fuzzing.\n \n \n \n \n\n\n \n Jain, V.; Rawat, S.; Giuffrida, C.; and Bos, H.\n\n\n \n\n\n\n In ACSAC, December 2018. \n \n\n\n\n
\n\n\n\n \n \n $\"TIFF:$ Paper\n \n \n \n $\"TIFF:$ Code\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 9 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{jain_tiff_2018,\n\ttitle = {{TIFF}: {Using} {Input} {Type} {Inference} {To} {Improve} {Fuzzing}},\n\turl = {Paper=https://download.vusec.net/papers/tiff_acsac18.pdf Code=https://github.com/vusec/tiff},\n\tbooktitle = {{ACSAC}},\n\tauthor = {Jain, Vivek and Rawat, Sanjay and Giuffrida, Cristiano and Bos, Herbert},\n\tmonth = dec,\n\tyear = {2018},\n\tkeywords = {class\\_testing, proj\\_panta, proj\\_react, proj\\_vici, type\\_conf, type\\_paper, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n On the Effectiveness of Code Normalization for Function Identification.\n \n \n \n \n\n\n \n Oikonomopoulos, A.; Vermeulen, R.; Giuffrida, C.; and Bos, H.\n\n\n \n\n\n\n In PRDC, December 2018. \n \n\n\n\n
\n\n\n\n \n \n $\"On$ Paper\n \n \n \n $\"On$ Code\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 10 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{oikonomopoulos_effectiveness_2018,\n\ttitle = {On the {Effectiveness} of {Code} {Normalization} for {Function} {Identification}},\n\turl = {Paper=https://download.vusec.net/papers/kamino_prdc18.pdf Code=https://github.com/vusec/kamino},\n\tbooktitle = {{PRDC}},\n\tauthor = {Oikonomopoulos, Angelos and Vermeulen, Remco and Giuffrida, Cristiano and Bos, Herbert},\n\tmonth = dec,\n\tyear = {2018},\n\tkeywords = {class\\_binary, proj\\_binrec, proj\\_parallax, proj\\_vici, type\\_conf, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Instruction Duplication: Leaky and Not Too Fault-Tolerant!.\n \n \n \n \n\n\n \n Cojocar, L.; Papagiannopoulos, K.; and Timmers, N.\n\n\n \n\n\n\n In Eisenbarth, T.; and Teglia, Y., editor(s), Smart Card Research and Advanced Applications, November 2018. \n \n\n\n\n
\n\n\n\n \n \n $\"Instruction$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 1 download\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{cojocar_instruction_2018,\n\ttitle = {Instruction {Duplication}: {Leaky} and {Not} {Too} {Fault}-{Tolerant}!},\n\turl = {https://eprint.iacr.org/2017/1082.pdf},\n\tbooktitle = {Smart {Card} {Research} and {Advanced} {Applications}},\n\tauthor = {Cojocar, Lucian and Papagiannopoulos, Kostas and Timmers, Niek},\n\teditor = {Eisenbarth, Thomas and Teglia, Yannick},\n\tmonth = nov,\n\tyear = {2018},\n\tkeywords = {class\\_binary, type\\_conf, type\\_csec, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n ZebRAM: Comprehensive and Compatible Software Protection Against Rowhammer Attacks.\n \n \n \n \n\n\n \n Konoth, R. K.; Oliverio, M.; Tatar, A.; Andriesse, D.; Bos, H.; Giuffrida, C.; and Razavi, K.\n\n\n \n\n\n\n In OSDI, October 2018. \n \n\n\n\n
\n\n\n\n \n \n $\"ZebRAM:$ Paper\n \n \n \n $\"ZebRAM:$ Code\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 40 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{konoth_zebram_2018,\n\ttitle = {{ZebRAM}: {Comprehensive} and {Compatible} {Software} {Protection} {Against} {Rowhammer} {Attacks}},\n\turl = {Paper=https://download.vusec.net/papers/zebram_osdi18.pdf Code=https://github.com/vusec/zebram},\n\tbooktitle = {{OSDI}},\n\tauthor = {Konoth, Radhesh Krishnan and Oliverio, Marco and Tatar, Andrei and Andriesse, Dennis and Bos, Herbert and Giuffrida, Cristiano and Razavi, Kaveh},\n\tmonth = oct,\n\tyear = {2018},\n\tkeywords = {class\\_rowhammer, proj\\_parallax, proj\\_protasis, proj\\_react, proj\\_unicore, proj\\_vici, type\\_conf, type\\_csec, type\\_paper, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n MineSweeper: An In-depth Look into Drive-by Cryptocurrency Mining and Its Defense.\n \n \n \n \n\n\n \n Konoth, R. K.; Vineti, E.; Moonsamy, V.; Lindorfer, M.; Kruegel, C.; Bos, H.; and Vigna, G.\n\n\n \n\n\n\n In CCS, October 2018. \n \n\n\n\n
\n\n\n\n \n \n $\"MineSweeper:$ Paper\n \n \n \n $\"MineSweeper:$ Code\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 11 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{konoth_minesweeper_2018,\n\ttitle = {{MineSweeper}: {An} {In}-depth {Look} into {Drive}-by {Cryptocurrency} {Mining} and {Its} {Defense}},\n\turl = {Paper=https://download.vusec.net/papers/minesweeper_ccs18.pdf Code=https://github.com/vusec/minesweeper},\n\tbooktitle = {{CCS}},\n\tauthor = {Konoth, Radhesh Krishnan and Vineti, Emanuele and Moonsamy, Veelasha and Lindorfer, Martina and Kruegel, Christopher and Bos, Herbert and Vigna, Giovanni},\n\tmonth = oct,\n\tyear = {2018},\n\tkeywords = {class\\_malware, proj\\_protasis, type\\_conf, type\\_csec, type\\_paper, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n BinRec: Attack Surface Reduction Through Dynamic Binary Recovery.\n \n \n \n \n\n\n \n Kroes, T.; Altinay, A.; Nash, J.; Na, Y.; Volckaert, S.; Bos, H.; Franz, M.; and Giuffrida, C.\n\n\n \n\n\n\n In FEAST, October 2018. \n \n\n\n\n
\n\n\n\n \n \n $\"BinRec:$ Paper\n \n \n \n $\"BinRec:$ Slides\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 10 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{kroes_binrec_2018,\n\ttitle = {{BinRec}: {Attack} {Surface} {Reduction} {Through} {Dynamic} {Binary} {Recovery}},\n\turl = {Paper=https://download.vusec.net/papers/binrec-feast18.pdf Slides=https://download.vusec.net/slides/binrec-feast18.pdf},\n\tbooktitle = {{FEAST}},\n\tauthor = {Kroes, Taddeus and Altinay, Anil and Nash, Joseph and Na, Yeoul and Volckaert, Stijn and Bos, Herbert and Franz, Michael and Giuffrida, Cristiano},\n\tmonth = oct,\n\tyear = {2018},\n\tkeywords = {class\\_binary, proj\\_binrec, proj\\_vici, type\\_paper, type\\_workshop},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Defeating Software Mitigations against Rowhammer: A Surgical Precision Hammer.\n \n \n \n \n\n\n \n Tatar, A.; Giuffrida, C.; Bos, H.; and Razavi, K.\n\n\n \n\n\n\n In RAID, September 2018. \n Best Paper Award\n\n\n\n
\n\n\n\n \n \n $\"Defeating$ Paper\n \n \n \n $\"Defeating$ Code\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 38 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{tatar_defeating_2018,\n\ttitle = {Defeating {Software} {Mitigations} against {Rowhammer}: {A} {Surgical} {Precision} {Hammer}},\n\turl = {Paper=https://download.vusec.net/papers/hammertime_raid18.pdf Code=https://github.com/vusec/hammertime},\n\tbooktitle = {{RAID}},\n\tauthor = {Tatar, Andrei and Giuffrida, Cristiano and Bos, Herbert and Razavi, Kaveh},\n\tmonth = sep,\n\tyear = {2018},\n\tnote = {Best Paper Award},\n\tkeywords = {class\\_rowhammer, proj\\_parallax, proj\\_react, proj\\_unicore, proj\\_vici, type\\_award, type\\_conf, type\\_mscthesis, type\\_paper, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Malicious Management Unit: Why Stopping Cache Attacks in Software is Harder Than You Think.\n \n \n \n \n\n\n \n van Schaik, S.; Giuffrida, C.; Bos, H.; and Razavi, K.\n\n\n \n\n\n\n In USENIX Security, August 2018. \n \n\n\n\n
\n\n\n\n \n \n $\"Malicious$ Paper\n \n \n \n $\"Malicious$ Web\n \n \n \n $\"Malicious$ Code\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 91 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{van_schaik_malicious_2018,\n\ttitle = {Malicious {Management} {Unit}: {Why} {Stopping} {Cache} {Attacks} in {Software} is {Harder} {Than} {You} {Think}},\n\turl = {Paper=https://download.vusec.net/papers/xlate_sec18.pdf Web=https://www.vusec.net/projects/xlate Code=https://github.com/vusec/xlate},\n\tbooktitle = {{USENIX} {Security}},\n\tauthor = {van Schaik, Stephan and Giuffrida, Cristiano and Bos, Herbert and Razavi, Kaveh},\n\tmonth = aug,\n\tyear = {2018},\n\tkeywords = {class\\_sidechannels, proj\\_parallax, proj\\_react, proj\\_vici, type\\_conf, type\\_mscthesis, type\\_paper, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n TLBleed: When Protecting Your CPU Caches is not Enough.\n \n \n \n \n\n\n \n Gras, B.; Razavi, K.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In Black Hat USA, August 2018. \n \n\n\n\n
\n\n\n\n \n \n $\"TLBleed:$ Slides\n \n \n \n $\"TLBleed:$ Web\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 134 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{gras_tlbleed_2018,\n\ttitle = {{TLBleed}: {When} {Protecting} {Your} {CPU} {Caches} is not {Enough}},\n\turl = {Slides=https://i.blackhat.com/us-18/Thu-August-9/us-18-Gras-TLBleed-When-Protecting-Your-CPU-Caches-is-Not-Enough.pdf Web=https://vusec.net/projects/tlbleed},\n\tbooktitle = {Black {Hat} {USA}},\n\tauthor = {Gras, Ben and Razavi, Kaveh and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = aug,\n\tyear = {2018},\n\tkeywords = {class\\_sidechannels, proj\\_react, type\\_conf, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Translation Leak-aside Buffer: Defeating Cache Side-channel Protections with TLB Attacks.\n \n \n \n \n\n\n \n Gras, B.; Razavi, K.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In USENIX Security, August 2018. \n Pwnie Award Nomination for Most Innovative Research\n\n\n\n
\n\n\n\n \n \n $\"Translation$ Paper\n \n \n \n $\"Translation$ Slides\n \n \n \n $\"Translation$ Web\n \n \n \n $\"Translation$ Code\n \n \n \n $\"Translation$ Press\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 461 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{gras_translation_2018,\n\ttitle = {Translation {Leak}-aside {Buffer}: {Defeating} {Cache} {Side}-channel {Protections} with {TLB} {Attacks}},\n\turl = {Paper=https://download.vusec.net/papers/tlbleed_sec18.pdf Slides=https://www.usenix.org/sites/default/files/conference/protected-files/security18_slides_gras.pdf Web=https://www.vusec.net/projects/tlbleed Code=https://github.com/vusec/tlbkit Press=https://goo.gl/eepq1y},\n\tbooktitle = {{USENIX} {Security}},\n\tauthor = {Gras, Ben and Razavi, Kaveh and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = aug,\n\tyear = {2018},\n\tnote = {Pwnie Award Nomination for Most Innovative Research},\n\tkeywords = {class\\_sidechannels, proj\\_parallax, proj\\_react, proj\\_vici, type\\_award, type\\_conf, type\\_paper, type\\_press, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Throwhammer: Rowhammer Attacks over the Network and Defenses.\n \n \n \n \n\n\n \n Tatar, A.; Konoth, R. K.; Athanasopoulos, E.; Giuffrida, C.; Bos, H.; and Razavi, K.\n\n\n \n\n\n\n In USENIX ATC, July 2018. \n Pwnie Award Nomination for Most Innovative Research\n\n\n\n
\n\n\n\n \n \n $\"Throwhammer:$ Paper\n \n \n \n $\"Throwhammer:$ Web\n \n \n \n $\"Throwhammer:$ Code\n \n \n \n $\"Throwhammer:$ Press\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 295 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{tatar_throwhammer_2018,\n\ttitle = {Throwhammer: {Rowhammer} {Attacks} over the {Network} and {Defenses}},\n\turl = {Paper=https://download.vusec.net/papers/throwhammer_atc18.pdf Web=https://www.vusec.net/projects/throwhammer Code=https://github.com/vusec/alis Press=https://goo.gl/GrZ87e},\n\tbooktitle = {{USENIX} {ATC}},\n\tauthor = {Tatar, Andrei and Konoth, Radhesh Krishnan and Athanasopoulos, Elias and Giuffrida, Cristiano and Bos, Herbert and Razavi, Kaveh},\n\tmonth = jul,\n\tyear = {2018},\n\tnote = {Pwnie Award Nomination for Most Innovative Research},\n\tkeywords = {class\\_rowhammer, proj\\_parallax, proj\\_vici, type\\_award, type\\_conf, type\\_csec, type\\_paper, type\\_press, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n GuardION: Practical Mitigation of DMA-based Rowhammer Attacks on ARM.\n \n \n \n \n\n\n \n van der Veen, V.; Lindorfer, M.; Fratantonio, Y.; Padmanabha Pillai, H.; Vigna, G.; Kruegel, C.; Bos, H.; and Razavi, K.\n\n\n \n\n\n\n In DIMVA, June 2018. \n Pwnie Award Nomination for Best Privilege Escalation Bug\n\n\n\n
\n\n\n\n \n \n $\"GuardION:$ Paper\n \n \n \n $\"GuardION:$ Web\n \n \n \n $\"GuardION:$ Code\n \n \n \n $\"GuardION:$ Press\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 82 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{van_der_veen_guardion_2018,\n\ttitle = {{GuardION}: {Practical} {Mitigation} of {DMA}-based {Rowhammer} {Attacks} on {ARM}},\n\turl = {Paper=https://vvdveen.com/publications/dimva2018.pdf Web=https://rampageattack.com Code=https://github.com/vusec/guardion Press=https://bit.ly/2H6QhqX},\n\tbooktitle = {{DIMVA}},\n\tauthor = {van der Veen, Victor and Lindorfer, Martina and Fratantonio, Yanick and Padmanabha Pillai, Harikrishnan and Vigna, Giovanni and Kruegel, Christopher and Bos, Herbert and Razavi, Kaveh},\n\tmonth = jun,\n\tyear = {2018},\n\tnote = {Pwnie Award Nomination for Best Privilege Escalation Bug},\n\tkeywords = {class\\_mobile, class\\_rowhammer, type\\_award, type\\_conf, type\\_paper, type\\_press},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Grand Pwning Unit: Accelerating Microarchitectural Attacks with the GPU.\n \n \n \n \n\n\n \n Frigo, P.; Giuffrida, C.; Bos, H.; and Razavi, K.\n\n\n \n\n\n\n In S&P, May 2018. \n Pwnie Award Nomination for Most Innovative Research\n\n\n\n
\n\n\n\n \n \n $\"Grand$ Paper\n \n \n \n $\"Grand$ Web\n \n \n \n $\"Grand$ Press\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 145 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{frigo_grand_2018,\n\ttitle = {Grand {Pwning} {Unit}: {Accelerating} {Microarchitectural} {Attacks} with the {GPU}},\n\turl = {Paper=https://download.vusec.net/papers/glitch_sp18.pdf Web=https://www.vusec.net/projects/glitch Press=https://goo.gl/SkD9er},\n\tbooktitle = {S\\&{P}},\n\tauthor = {Frigo, Pietro and Giuffrida, Cristiano and Bos, Herbert and Razavi, Kaveh},\n\tmonth = may,\n\tyear = {2018},\n\tnote = {Pwnie Award Nomination for Most Innovative Research},\n\tkeywords = {class\\_rowhammer, class\\_sidechannels, proj\\_sharcs, proj\\_vici, type\\_award, type\\_conf, type\\_cve\\_assigned, type\\_mscthesis, type\\_paper, type\\_press, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Position-independent Code Reuse: On the Effectiveness of ASLR in the Absence of Information Disclosure.\n \n \n \n \n\n\n \n Göktaş, E.; Kollenda, B.; Koppe, P.; Bosman, E.; Portokalidis, G.; Holz, T.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In EuroS&P, April 2018. \n \n\n\n\n
\n\n\n\n \n \n $\"Position-independent$ Paper\n \n \n \n $\"Position-independent$ Web\n \n \n \n $\"Position-independent$ Code\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 67 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{goktas_position-independent_2018,\n\ttitle = {Position-independent {Code} {Reuse}: {On} the {Effectiveness} of {ASLR} in the {Absence} of {Information} {Disclosure}},\n\turl = {Paper=https://download.vusec.net/papers/pirop_eurosp18.pdf Web=https://www.vusec.net/projects/pirop Code=https://github.com/vusec/pirop},\n\tbooktitle = {{EuroS}\\&{P}},\n\tauthor = {Göktaş, Enes and Kollenda, Benjamin and Koppe, Philipp and Bosman, Erik and Portokalidis, Georgios and Holz, Thorsten and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = apr,\n\tyear = {2018},\n\tkeywords = {class\\_rand, proj\\_binrec, proj\\_panta, proj\\_protasis, proj\\_vici, type\\_conf, type\\_csec, type\\_paper, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Towards Automated Vulnerability Scanning of Network Servers.\n \n \n \n \n\n\n \n Schagen, N.; Koen, K.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In EuroSec, April 2018. \n \n\n\n\n
\n\n\n\n \n \n $\"Towards$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 13 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{schagen_towards_2018,\n\ttitle = {Towards {Automated} {Vulnerability} {Scanning} of {Network} {Servers}},\n\turl = {https://download.vusec.net/papers/scanning_eurosec18.pdf},\n\tbooktitle = {{EuroSec}},\n\tauthor = {Schagen, Nathan and Koen, Koening and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = apr,\n\tyear = {2018},\n\tkeywords = {class\\_network, proj\\_panta, proj\\_vici, type\\_csec, type\\_mscthesis, type\\_paper, type\\_workshop},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Delta Pointers: Buffer Overflow Checks Without the Checks.\n \n \n \n \n\n\n \n Kroes, T.; Koning, K.; van der Kouwe, E.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In EuroSys, April 2018. \n \n\n\n\n
\n\n\n\n \n \n $\"Delta$ Paper\n \n \n \n $\"Delta$ Slides\n \n \n \n $\"Delta$ Code\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 53 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{kroes_delta_2018,\n\ttitle = {Delta {Pointers}: {Buffer} {Overflow} {Checks} {Without} the {Checks}},\n\turl = {Paper=https://download.vusec.net/papers/delta-pointers_eurosys18.pdf Slides=https://download.vusec.net/slides/delta-pointers-eurosys18.pdf Code=https://github.com/vusec/deltapointers},\n\tbooktitle = {{EuroSys}},\n\tauthor = {Kroes, Taddeus and Koning, Koen and van der Kouwe, Erik and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = apr,\n\tyear = {2018},\n\tkeywords = {class\\_sanitizer, proj\\_binrec, proj\\_panta, proj\\_panta\\_list, proj\\_securecode, proj\\_vici, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n\n\n\n

\n\n

\n \n 2017\n \n \n (18)\n \n \n

\n \n \n

\n \n\n \n \n \n \n \n \n The Dynamics of Innocent Flesh on the Bone: Code Reuse Ten Years Later.\n \n \n \n \n\n\n \n van der Veen, V.; Andriesse, D.; Stamatogiannakis, M.; Chen, X.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In CCS, October 2017. \n \n\n\n\n
\n\n\n\n \n \n $\"The$ Paper\n \n \n \n $\"The$ Web\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 67 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{van_der_veen_dynamics_2017,\n\ttitle = {The {Dynamics} of {Innocent} {Flesh} on the {Bone}: {Code} {Reuse} {Ten} {Years} {Later}},\n\turl = {Paper=http://vvdveen.com/publications/newton.pdf Web=https://www.vusec.net/projects/newton},\n\tbooktitle = {{CCS}},\n\tauthor = {van der Veen, Victor and Andriesse, Dennis and Stamatogiannakis, Manolis and Chen, Xi and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = oct,\n\tyear = {2017},\n\tkeywords = {class\\_binary, proj\\_sharcs, proj\\_vici, type\\_conf, type\\_csec, type\\_paper, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n DSIbin: Identifying Dynamic Data Structures in C/C++ Binaries.\n \n \n \n \n\n\n \n Ruprecht, T.; Chen, X.; White, D.; Bockmann, J.; Luettgen, G.; and Bos, H.\n\n\n \n\n\n\n In ASE, October 2017. \n \n\n\n\n
\n\n\n\n \n \n $\"DSIbin:$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 5 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{ruprecht_dsibin_2017,\n\ttitle = {{DSIbin}: {Identifying} {Dynamic} {Data} {Structures} in {C}/{C}++ {Binaries}},\n\turl = {https://www.swt-bamberg.de/luettgen/publications/pdf/ASE2017.pdf},\n\tbooktitle = {{ASE}},\n\tauthor = {Ruprecht, Thomas and Chen, Xi and White, David and Bockmann, Jan and Luettgen, Gerald and Bos, Herbert},\n\tmonth = oct,\n\tyear = {2017},\n\tkeywords = {binary analysis, black-box, class\\_binary, malware, type\\_conf, type\\_paper, type\\_reveng},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Secure Page Fusion with VUsion.\n \n \n \n \n\n\n \n Oliverio, M.; Razavi, K.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In SOSP, October 2017. \n \n\n\n\n
\n\n\n\n \n \n $\"Secure$ Paper\n \n \n \n $\"Secure$ Slides\n \n \n \n $\"Secure$ Poster\n \n \n \n $\"Secure$ Web\n \n \n \n $\"Secure$ Code\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 67 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{oliverio_secure_2017,\n\ttitle = {Secure {Page} {Fusion} with {VUsion}},\n\turl = {Paper=https://download.vusec.net/papers/vusion_sosp17.pdf Slides=https://docs.google.com/presentation/d/1Erf1r9gCtkj-JuCBT7BW93W7YjGiplkO8GHAAT56W9s/edit#slide=id.p3 Poster=https://vusec.net/wp-content/uploads/2017/10/poster.pdf Web=https://www.vusec.net/projects/vusion Code=https://github.com/vusec/vusion},\n\tbooktitle = {{SOSP}},\n\tauthor = {Oliverio, Marco and Razavi, Kaveh and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = oct,\n\tyear = {2017},\n\tkeywords = {class\\_rowhammer, class\\_sidechannels, proj\\_sharcs, proj\\_vici, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n PROV2R: Practical Provenance Analysis of Unstructured Processes.\n \n \n \n \n\n\n \n Stamatogiannakis, M.; Athanasopoulos, E.; Bos, H.; and Groth, P.\n\n\n \n\n\n\n ACM Trans. Internet Technol., 17(4). August 2017.\n \n\n\n\n
\n\n\n\n \n \n $\"PROV2R:$ Paper\n \n \n \n $\"PROV2R:$ Code\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 2 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@article{stamatogiannakis_prov2r_2017,\n\ttitle = {{PROV2R}: {Practical} {Provenance} {Analysis} of {Unstructured} {Processes}},\n\tvolume = {17},\n\turl = {Paper=https://dx.doi.org/10.1145/3062176 Code=https://github.com/m000/panda/tree/prov2r},\n\tnumber = {4},\n\tjournal = {ACM Trans. Internet Technol.},\n\tauthor = {Stamatogiannakis, Manolis and Athanasopoulos, Elias and Bos, Herbert and Groth, Paul},\n\tmonth = aug,\n\tyear = {2017},\n\tkeywords = {PANDA, W3C PROV, class\\_provenance, introspection, taint analysis, type\\_journal, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n JTR: A Binary Solution for Switch-Case Recovery.\n \n \n \n \n\n\n \n Cojocar, L.; Kroes, T.; and Bos, H.\n\n\n \n\n\n\n In ESSoS, July 2017. \n \n\n\n\n
\n\n\n\n \n \n $\"JTR:$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 7 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{cojocar_jtr_2017,\n\ttitle = {{JTR}: {A} {Binary} {Solution} for {Switch}-{Case} {Recovery}},\n\turl = {https://link.springer.com/chapter/10.1007/978-3-319-62105-0_12},\n\tbooktitle = {{ESSoS}},\n\tauthor = {Cojocar, Lucian and Kroes, Taddeus and Bos, Herbert},\n\tmonth = jul,\n\tyear = {2017},\n\tkeywords = {class\\_binary, proj\\_vici, type\\_conf, type\\_csec, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Towards Automated Discovery of Crash-Resistant Primitives in Binaries.\n \n \n \n \n\n\n \n Kollenda, B.; Goktas, E.; Blazytko, T.; Koppe, P.; Gawlik, R.; Konoth, R. K.; Giuffrida, C.; Bos, H.; and Holz, T.\n\n\n \n\n\n\n In DSN, June 2017. \n \n\n\n\n
\n\n\n\n \n \n $\"Towards$ Paper\n \n \n \n $\"Towards$ Web\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 7 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{kollenda_towards_2017,\n\ttitle = {Towards {Automated} {Discovery} of {Crash}-{Resistant} {Primitives} in {Binaries}},\n\turl = {Paper=https://download.vusec.net/papers/autocrop_dsn17.pdf Web=https://www.vusec.net/projects/nowhere-to-hide},\n\tbooktitle = {{DSN}},\n\tauthor = {Kollenda, Benjamin and Goktas, Enes and Blazytko, Tim and Koppe, Philipp and Gawlik, Robert and Konoth, Radhesh Krishnan and Giuffrida, Cristiano and Bos, Herbert and Holz, Thorsten},\n\tmonth = jun,\n\tyear = {2017},\n\tkeywords = {class\\_ih, class\\_rand, class\\_sidechannels, proj\\_protasis, proj\\_sharcs, proj\\_vici, type\\_conf, type\\_csec, type\\_paper, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Off-the-shelf Embedded Devices As Platforms for Security Research.\n \n \n \n \n\n\n \n Cojocar, L.; Razavi, K.; and Bos, H.\n\n\n \n\n\n\n In EuroSec, April 2017. \n \n\n\n\n
\n\n\n\n \n \n $\"Off-the-shelf$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 19 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{cojocar_off--shelf_2017,\n\ttitle = {Off-the-shelf {Embedded} {Devices} {As} {Platforms} for {Security} {Research}},\n\turl = {Paper=http://www.sharcs-project.eu/m/documents/papers/a01-cojocar.pdf Code=s: https://github.com/cojocar/embedded-reveng-research},\n\tbooktitle = {{EuroSec}},\n\tauthor = {Cojocar, Lucian and Razavi, Kaveh and Bos, Herbert},\n\tmonth = apr,\n\tyear = {2017},\n\tkeywords = {class\\_binary, type\\_csec, type\\_paper, type\\_workshop},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Compiler-Agnostic Function Detection in Binaries.\n \n \n \n \n\n\n \n Andriesse, D.; Slowinska, A.; and Bos, H.\n\n\n \n\n\n\n In EuroS&P, April 2017. \n Best Paper Award\n\n\n\n
\n\n\n\n \n \n $\"Compiler-Agnostic$ Paper\n \n \n \n $\"Compiler-Agnostic$ Code\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 22 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{andriesse_compiler-agnostic_2017,\n\ttitle = {Compiler-{Agnostic} {Function} {Detection} in {Binaries}},\n\turl = {Paper=https://mistakenot.net/papers/eurosp-2017.pdf Code=https://github.com/vusec/nucleus},\n\tbooktitle = {{EuroS}\\&{P}},\n\tauthor = {Andriesse, Dennis and Slowinska, Asia and Bos, Herbert},\n\tmonth = apr,\n\tyear = {2017},\n\tnote = {Best Paper Award},\n\tkeywords = {class\\_binary, class\\_reveng, disassembly, type\\_award, type\\_conf, type\\_csec, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Fast and Generic Metadata Management with Mid-Fat Pointers.\n \n \n \n \n\n\n \n Kroes, T.; Koning, K.; Giuffrida, C.; Bos, H.; and van der Kouwe, E.\n\n\n \n\n\n\n In EuroSec, April 2017. \n \n\n\n\n
\n\n\n\n \n \n $\"Fast$ Paper\n \n \n \n $\"Fast$ Code\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 10 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{kroes_fast_2017,\n\ttitle = {Fast and {Generic} {Metadata} {Management} with {Mid}-{Fat} {Pointers}},\n\turl = {Paper=https://download.vusec.net/papers/midfat_eurosec17.pdf Code=https://github.com/vusec/midfat},\n\tbooktitle = {{EuroSec}},\n\tauthor = {Kroes, Taddeus and Koning, Koen and Giuffrida, Cristiano and Bos, Herbert and van der Kouwe, Erik},\n\tmonth = apr,\n\tyear = {2017},\n\tkeywords = {class\\_sanitizer, class\\_testing, proj\\_sharcs, proj\\_vici, type\\_paper, type\\_workshop},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n RevAnC: A Framework for Reverse Engineering Hardware Page Table Caches.\n \n \n \n \n\n\n \n van Schaik, S.; Razavi, K.; Gras, B.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In EuroSec, April 2017. \n \n\n\n\n
\n\n\n\n \n \n $\"RevAnC:$ Paper\n \n \n \n $\"RevAnC:$ Code\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 139 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{van_schaik_revanc_2017,\n\ttitle = {{RevAnC}: {A} {Framework} for {Reverse} {Engineering} {Hardware} {Page} {Table} {Caches}},\n\turl = {Paper=https://download.vusec.net/papers/revanc_eurosec17.pdf Code=https://github.com/vusec/revanc},\n\tbooktitle = {{EuroSec}},\n\tauthor = {van Schaik, Stephan and Razavi, Kaveh and Gras, Ben and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = apr,\n\tyear = {2017},\n\tkeywords = {class\\_reveng, class\\_sidechannels, proj\\_sharcs, proj\\_vici, type\\_mscthesis, type\\_paper, type\\_workshop},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n CodeArmor: Virtualizing the Code Space to Counter Disclosure Attacks.\n \n \n \n \n\n\n \n Chen, X.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In EuroS&P, April 2017. \n \n\n\n\n
\n\n\n\n \n \n $\"CodeArmor:$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 5 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{chen_codearmor_2017,\n\ttitle = {{CodeArmor}: {Virtualizing} the {Code} {Space} to {Counter} {Disclosure} {Attacks}},\n\turl = {http://www.cs.vu.nl/~giuffrida/papers/codearmor-eurosp-2017.pdf},\n\tbooktitle = {{EuroS}\\&{P}},\n\tauthor = {Chen, Xi and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = apr,\n\tyear = {2017},\n\tkeywords = {class\\_armor, class\\_rand, proj\\_sharcs, type\\_conf, type\\_paper, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n DangSan: Scalable Use-after-free Detection.\n \n \n \n \n\n\n \n van der Kouwe, E.; Nigade, V.; and Giuffrida, C.\n\n\n \n\n\n\n In EuroSys, April 2017. \n \n\n\n\n
\n\n\n\n \n \n $\"DangSan:$ Paper\n \n \n \n $\"DangSan:$ Code\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 10 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{van_der_kouwe_dangsan_2017,\n\ttitle = {{DangSan}: {Scalable} {Use}-after-free {Detection}},\n\turl = {Paper=https://download.vusec.net/papers/dangsan_eurosys17.pdf Code=https://github.com/vusec/dangsan},\n\tbooktitle = {{EuroSys}},\n\tauthor = {van der Kouwe, Erik and Nigade, Vinod and Giuffrida, Cristiano},\n\tmonth = apr,\n\tyear = {2017},\n\tkeywords = {class\\_sanitizer, class\\_testing, proj\\_sharcs, proj\\_vici, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n No Need to Hide: Protecting Safe Regions on Commodity Hardware.\n \n \n \n \n\n\n \n Koning, K.; Chen, X.; Bos, H.; Giuffrida, C.; and Athanasopoulos, E.\n\n\n \n\n\n\n In EuroSys, April 2017. \n \n\n\n\n
\n\n\n\n \n \n $\"No$ Paper\n \n \n \n $\"No$ Web\n \n \n \n $\"No$ Code\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 15 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{koning_no_2017,\n\ttitle = {No {Need} to {Hide}: {Protecting} {Safe} {Regions} on {Commodity} {Hardware}},\n\turl = {Paper=https://download.vusec.net/papers/memsentry_eurosys17.pdf Web=https://www.vusec.net/projects/nowhere-to-hide Code=https://github.com/vusec/memsentry},\n\tbooktitle = {{EuroSys}},\n\tauthor = {Koning, Koen and Chen, Xi and Bos, Herbert and Giuffrida, Cristiano and Athanasopoulos, Elias},\n\tmonth = apr,\n\tyear = {2017},\n\tkeywords = {class\\_ih, proj\\_sharcs, proj\\_vici, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Automating Live Update for Generic Server Programs.\n \n \n \n \n\n\n \n Giuffrida, C.; Iorgulescu, C.; Tamburrelli, G.; and Tanenbaum, A. S.\n\n\n \n\n\n\n TSE, 43(1). March 2017.\n \n\n\n\n
\n\n\n\n \n \n $\"Automating$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 3 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@article{giuffrida_automating_2017,\n\ttitle = {Automating {Live} {Update} for {Generic} {Server} {Programs}},\n\tvolume = {43},\n\turl = {http://www.cs.vu.nl/~giuffrida/papers/tse-2016.pdf},\n\tnumber = {1},\n\tjournal = {TSE},\n\tauthor = {Giuffrida, Cristiano and Iorgulescu, Calin and Tamburrelli, Giordano and Tanenbaum, Andrew S.},\n\tmonth = mar,\n\tyear = {2017},\n\tkeywords = {class\\_updating, state\\_diffing, type\\_csec, type\\_journal, type\\_paper, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n ASLR on the Line: Practical Cache Attacks on the MMU.\n \n \n \n \n\n\n \n Gras, B.; Razavi, K.; Bosman, E.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In NDSS, February 2017. \n Pwnie Award for Most Innovative Research, DCSR Paper Award\n\n\n\n
\n\n\n\n \n \n $\"ASLR$ Paper\n \n \n \n $\"ASLR$ Slides\n \n \n \n $\"ASLR$ Web\n \n \n \n $\"ASLR$ Code\n \n \n \n $\"ASLR$ Press\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 260 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{gras_aslr_2017,\n\ttitle = {{ASLR} on the {Line}: {Practical} {Cache} {Attacks} on the {MMU}},\n\turl = {Paper=https://download.vusec.net/papers/anc_ndss17.pdf Slides=https://vusec.net/wp-content/uploads/2016/11/TalkGras.pdf Web=https://www.vusec.net/projects/anc Code=https://github.com/vusec/revanc Press=https://goo.gl/KL4Bta},\n\tbooktitle = {{NDSS}},\n\tauthor = {Gras, Ben and Razavi, Kaveh and Bosman, Erik and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = feb,\n\tyear = {2017},\n\tnote = {Pwnie Award for Most Innovative Research, DCSR Paper Award},\n\tkeywords = {class\\_sidechannels, proj\\_sharcs, proj\\_vici, type\\_award, type\\_conf, type\\_csec, type\\_cve\\_assigned, type\\_paper, type\\_press, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n VUzzer: Application-aware Evolutionary Fuzzing.\n \n \n \n \n\n\n \n Rawat, S.; Jain, V.; Kumar, A.; Cojocar, L.; Giuffrida, C.; and Bos, H.\n\n\n \n\n\n\n In NDSS, February 2017. \n \n\n\n\n
\n\n\n\n \n \n $\"VUzzer:$ Paper\n \n \n \n $\"VUzzer:$ Code\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 12 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{rawat_vuzzer_2017,\n\ttitle = {{VUzzer}: {Application}-aware {Evolutionary} {Fuzzing}},\n\turl = {Paper=https://download.vusec.net/papers/vuzzer_ndss17.pdf Code=https://github.com/vusec/vuzzer64},\n\tbooktitle = {{NDSS}},\n\tauthor = {Rawat, Sanjay and Jain, Vivek and Kumar, Ashish and Cojocar, Lucian and Giuffrida, Cristiano and Bos, Herbert},\n\tmonth = feb,\n\tyear = {2017},\n\tkeywords = {class\\_testing, proj\\_sharcs, proj\\_vici, type\\_conf, type\\_csec, type\\_paper, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n SafeInit: Comprehensive and Practical Mitigation of Uninitialized Read Vulnerabilities.\n \n \n \n \n\n\n \n Milburn, A.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In NDSS, February 2017. \n \n\n\n\n
\n\n\n\n \n \n $\"SafeInit:$ Paper\n \n \n \n $\"SafeInit:$ Code\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 6 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{milburn_safeinit_2017,\n\ttitle = {{SafeInit}: {Comprehensive} and {Practical} {Mitigation} of {Uninitialized} {Read} {Vulnerabilities}},\n\turl = {Paper=https://download.vusec.net/papers/safeinit_ndss17.pdf Code=https://github.com/vusec/safeinit},\n\tbooktitle = {{NDSS}},\n\tauthor = {Milburn, Alyssa and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = feb,\n\tyear = {2017},\n\tkeywords = {class\\_sanitizer, proj\\_sharcs, proj\\_vici, type\\_conf, type\\_mscthesis, type\\_paper, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n MARX: Uncovering Class Hierarchies in C++ Programs.\n \n \n \n \n\n\n \n Pawlowski, A.; Contag, M.; van der Veen, V.; Ouwehand, C.; Holz, T.; Bos, H.; Athanasopoulos, E.; and Giuffrida, C.\n\n\n \n\n\n\n In NDSS, February 2017. \n \n\n\n\n
\n\n\n\n \n \n $\"MARX:$ Paper\n \n \n \n $\"MARX:$ Code\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 3 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{pawlowski_marx_2017,\n\ttitle = {{MARX}: {Uncovering} {Class} {Hierarchies} in {C}++ {Programs}},\n\turl = {Paper=https://download.vusec.net/papers/marx_ndss17.pdf Code=https://github.com/RUB-SysSec/Marx},\n\tbooktitle = {{NDSS}},\n\tauthor = {Pawlowski, Andre and Contag, Moritz and van der Veen, Victor and Ouwehand, Chris and Holz, Thorsten and Bos, Herbert and Athanasopoulos, Elias and Giuffrida, Cristiano},\n\tmonth = feb,\n\tyear = {2017},\n\tkeywords = {class\\_armor, proj\\_sharcs, proj\\_vici, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n\n\n\n

\n\n

\n \n 2016\n \n \n (26)\n \n \n

\n \n \n

\n \n\n \n \n \n \n \n \n A NEaT Design for Reliable and Scalable Network Stacks.\n \n \n \n \n\n\n \n Hruby, T.; Giuffrida, C.; Sambuc, L.; Bos, H.; and Tanenbaum, A. S.\n\n\n \n\n\n\n In CoNext, December 2016. \n \n\n\n\n
\n\n\n\n \n \n $\"A$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 5 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{hruby_neat_2016,\n\ttitle = {A {NEaT} {Design} for {Reliable} and {Scalable} {Network} {Stacks}},\n\turl = {https://download.vusec.net/papers/neat_conext16.pdf},\n\tbooktitle = {{CoNext}},\n\tauthor = {Hruby, Tomas and Giuffrida, Cristiano and Sambuc, Lionel and Bos, Herbert and Tanenbaum, Andrew S.},\n\tmonth = dec,\n\tyear = {2016},\n\tkeywords = {class\\_network, class\\_reliability, proj\\_sharcs, proj\\_vici, type\\_conf, type\\_paper, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n VTPin: Practical VTable Hijacking Protection for Binaries.\n \n \n \n \n\n\n \n Sarbinowski, P.; Kemerlis, V. P.; Giuffrida, C.; and Athanasopoulos, E.\n\n\n \n\n\n\n In ACSAC, December 2016. \n \n\n\n\n
\n\n\n\n \n \n $\"VTPin:$ Paper\n \n \n \n $\"VTPin:$ Code\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 3 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{sarbinowski_vtpin_2016,\n\ttitle = {{VTPin}: {Practical} {VTable} {Hijacking} {Protection} for {Binaries}},\n\turl = {Paper=https://download.vusec.net/papers/vtpin_acsac16.pdf Code=https://github.com/uberspot/VTPin},\n\tbooktitle = {{ACSAC}},\n\tauthor = {Sarbinowski, Pawel and Kemerlis, Vasileios P. and Giuffrida, Cristiano and Athanasopoulos, Elias},\n\tmonth = dec,\n\tyear = {2016},\n\tkeywords = {class\\_armor, proj\\_sharcs, type\\_conf, type\\_paper, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Bypassing Clang's SafeStack for Fun and Profit.\n \n \n \n \n\n\n \n Goktas, E.; Oikonomopoulos, A.; Gawlik, R.; Kollenda, B.; Athanasopoulos, E.; Portokalidis, G.; Giuffrida, C.; and Bos, H.\n\n\n \n\n\n\n In Black Hat Europe, November 2016. \n \n\n\n\n
\n\n\n\n \n \n $\"Bypassing$ Slides\n \n \n \n $\"Bypassing$ Web\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 6 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{goktas_bypassing_2016,\n\ttitle = {Bypassing {Clang}'s {SafeStack} for {Fun} and {Profit}},\n\turl = {Slides=https://download.vusec.net/papers/safestack-bypass_bheu16.pdf Web=https://www.vusec.net/projects/nowhere-to-hide},\n\tbooktitle = {Black {Hat} {Europe}},\n\tauthor = {Goktas, Enes and Oikonomopoulos, Angelos and Gawlik, Robert and Kollenda, Benjamin and Athanasopoulos, Elias and Portokalidis, Georgios and Giuffrida, Cristiano and Bos, Herbert},\n\tmonth = nov,\n\tyear = {2016},\n\tkeywords = {class\\_ih, class\\_rand, class\\_sidechannels, proj\\_sharcs, type\\_conf, type\\_csec, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Flip Feng Shui: Rowhammering the VM's Isolation.\n \n \n \n \n\n\n \n Razavi, K.; Gras, B.; Bosman, E.; Preneel, B.; Giuffrida, C.; and Bos, H.\n\n\n \n\n\n\n In Black Hat Europe, November 2016. \n \n\n\n\n
\n\n\n\n \n \n $\"Flip$ Slides\n \n \n \n $\"Flip$ Web\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 65 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{razavi_flip_2016,\n\ttitle = {Flip {Feng} {Shui}: {Rowhammering} the {VM}'s {Isolation}},\n\turl = {Slides=https://download.vusec.net/papers/flip-feng-shui_bheu16.pdf Web=https://www.vusec.net/projects/flip-feng-shui},\n\tbooktitle = {Black {Hat} {Europe}},\n\tauthor = {Razavi, Kaveh and Gras, Ben and Bosman, Erik and Preneel, Bart and Giuffrida, Cristiano and Bos, Herbert},\n\tmonth = nov,\n\tyear = {2016},\n\tkeywords = {class\\_rowhammer, proj\\_sharcs, proj\\_vici, type\\_conf, type\\_csec, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Drammer: Deterministic Rowhammer Attacks on Mobile Platforms.\n \n \n \n \n\n\n \n van der Veen, V.; Fratantonio, Y.; Lindorfer, M.; Gruss, D.; Maurice, C.; Vigna, G.; Bos, H.; Razavi, K.; and Giuffrida, C.\n\n\n \n\n\n\n In CCS, October 2016. \n Pwnie Award for Best Privilege Escalation Bug, Android Security Reward, CSAW Best Paper Award, DCSR Paper Award\n\n\n\n
\n\n\n\n \n \n $\"Drammer:$ Paper\n \n \n \n $\"Drammer:$ Web\n \n \n \n $\"Drammer:$ Code\n \n \n \n $\"Drammer:$ Press\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 222 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{van_der_veen_drammer_2016,\n\ttitle = {Drammer: {Deterministic} {Rowhammer} {Attacks} on {Mobile} {Platforms}},\n\turl = {Paper=https://vvdveen.com/publications/drammer.pdf Web=https://www.vusec.net/projects/drammer Code=https://github.com/vusec/drammer Press=https://goo.gl/y0lZ3l},\n\tbooktitle = {{CCS}},\n\tauthor = {van der Veen, Victor and Fratantonio, Yanick and Lindorfer, Martina and Gruss, Daniel and Maurice, Clementine and Vigna, Giovanni and Bos, Herbert and Razavi, Kaveh and Giuffrida, Cristiano},\n\tmonth = oct,\n\tyear = {2016},\n\tnote = {Pwnie Award for Best Privilege Escalation Bug, Android Security Reward, CSAW Best Paper Award, DCSR Paper Award},\n\tkeywords = {class\\_mobile, class\\_rowhammer, proj\\_sharcs, type\\_award, type\\_bounty, type\\_conf, type\\_cve\\_assigned, type\\_paper, type\\_press, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n TypeSan: Practical Type Confusion Detection.\n \n \n \n \n\n\n \n Haller, I.; Yuseok, J.; Peng, H.; Payer, M.; Giuffrida, C.; Bos, H.; and van der Kouwe, E.\n\n\n \n\n\n\n In CCS, October 2016. \n \n\n\n\n
\n\n\n\n \n \n $\"TypeSan:$ Paper\n \n \n \n $\"TypeSan:$ Code\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 14 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{haller_typesan_2016,\n\ttitle = {{TypeSan}: {Practical} {Type} {Confusion} {Detection}},\n\turl = {Paper=https://download.vusec.net/papers/typesan_ccs16.pdf Code=https://github.com/vusec/typesan},\n\tbooktitle = {{CCS}},\n\tauthor = {Haller, Istvan and Yuseok, Jeon and Peng, Hui and Payer, Mathias and Giuffrida, Cristiano and Bos, Herbert and van der Kouwe, Erik},\n\tmonth = oct,\n\tyear = {2016},\n\tkeywords = {class\\_sanitizer, class\\_testing, proj\\_sharcs, proj\\_vici, type\\_conf, type\\_csec, type\\_paper, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Peeking into the Past: Efficient Checkpoint-assisted Time-traveling Debugging.\n \n \n \n \n\n\n \n Miraglia, A.; Vogt, D.; Bos, H.; Tanenbaum, A. S.; and Giuffrida, C.\n\n\n \n\n\n\n In ISSRE, October 2016. \n \n\n\n\n
\n\n\n\n \n \n $\"Peeking$ Paper\n \n \n \n $\"Peeking$ Code\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 7 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{miraglia_peeking_2016,\n\ttitle = {Peeking into the {Past}: {Efficient} {Checkpoint}-assisted {Time}-traveling {Debugging}},\n\turl = {Paper=https://download.vusec.net/papers/delorean_issre16.pdf Code=https://github.com/vusec/delorean},\n\tbooktitle = {{ISSRE}},\n\tauthor = {Miraglia, Armando and Vogt, Dirk and Bos, Herbert and Tanenbaum, Andrew S. and Giuffrida, Cristiano},\n\tmonth = oct,\n\tyear = {2016},\n\tkeywords = {class\\_reliability, proj\\_sharcs, proj\\_vici, type\\_conf, type\\_csec, type\\_mscthesis, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n IFuzzer: An Evolutionary Interpreter Fuzzer using Genetic Programming.\n \n \n \n \n\n\n \n Veggalam, S.; Rawat, S.; Haller, I.; and Bos, H.\n\n\n \n\n\n\n In ESORICS, September 2016. \n \n\n\n\n
\n\n\n\n \n \n $\"IFuzzer:$ Paper\n \n \n \n $\"IFuzzer:$ Code\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 5 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{veggalam_ifuzzer_2016,\n\ttitle = {{IFuzzer}: {An} {Evolutionary} {Interpreter} {Fuzzer} using {Genetic} {Programming}},\n\turl = {Paper=https://download.vusec.net/papers/ifuzzer-esorics16.pdf Code=https://github.com/vspandan/IFuzzer},\n\tbooktitle = {{ESORICS}},\n\tauthor = {Veggalam, Spandan and Rawat, Sanjay and Haller, Istvan and Bos, Herbert},\n\tmonth = sep,\n\tyear = {2016},\n\tkeywords = {class\\_testing, evolutionary algorithm, fuzzing, memory errors, proj\\_vici, type, type\\_conf, type\\_csec, type\\_paper, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Undermining Information Hiding (And What to do About it).\n \n \n \n \n\n\n \n Goktas, E.; Gawlik, R.; Kollenda, B.; Athanasopoulos, E.; Portokalidis, G.; Giuffrida, C.; and Bos, H.\n\n\n \n\n\n\n In USENIX Security, August 2016. \n \n\n\n\n
\n\n\n\n \n \n $\"Undermining$ Paper\n \n \n \n $\"Undermining$ Web\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 9 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{goktas_undermining_2016,\n\ttitle = {Undermining {Information} {Hiding} ({And} {What} to do {About} it)},\n\turl = {Paper=https://download.vusec.net/papers/thread-spraying_sec16.pdf Web=https://www.vusec.net/projects/nowhere-to-hide},\n\tbooktitle = {{USENIX} {Security}},\n\tauthor = {Goktas, Enes and Gawlik, Robert and Kollenda, Benjamin and Athanasopoulos, Elias and Portokalidis, Georgios and Giuffrida, Cristiano and Bos, Herbert},\n\tmonth = aug,\n\tyear = {2016},\n\tkeywords = {class\\_ih, class\\_rand, class\\_sidechannels, proj\\_sharcs, proj\\_vici, type\\_conf, type\\_csec, type\\_paper, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n An In-Depth Analysis of Disassembly on Full-Scale x86/x64 Binaries.\n \n \n \n \n\n\n \n Andriesse, D.; Chen, X.; van der Veen, V.; Slowinska, A.; and Bos, H.\n\n\n \n\n\n\n In USENIX Security, August 2016. \n \n\n\n\n
\n\n\n\n \n \n $\"An$ Paper\n \n \n \n $\"An$ Web\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 6 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{andriesse_-depth_2016,\n\ttitle = {An {In}-{Depth} {Analysis} of {Disassembly} on {Full}-{Scale} x86/x64 {Binaries}},\n\turl = {Paper=https://syssec.mistakenot.net/papers/sec-2016.pdf Web=https://www.vusec.net/projects/disassembly},\n\tbooktitle = {{USENIX} {Security}},\n\tauthor = {Andriesse, Dennis and Chen, Xi and van der Veen, Victor and Slowinska, Asia and Bos, Herbert},\n\tmonth = aug,\n\tyear = {2016},\n\tkeywords = {class\\_binary, disassembly, proj\\_sharcs, proj\\_vici, type\\_conf, type\\_csec, type\\_paper, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Flip Feng Shui: Hammering a Needle in the Software Stack.\n \n \n \n \n\n\n \n Razavi, K.; Gras, B.; Bosman, E.; Preneel, B.; Giuffrida, C.; and Bos, H.\n\n\n \n\n\n\n In USENIX Security, August 2016. \n Pwnie Award Nomination for Best Cryptographic Attack\n\n\n\n
\n\n\n\n \n \n $\"Flip$ Paper\n \n \n \n $\"Flip$ Slides\n \n \n \n $\"Flip$ Web\n \n \n \n $\"Flip$ Press\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 120 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{razavi_flip_2016-1,\n\ttitle = {Flip {Feng} {Shui}: {Hammering} a {Needle} in the {Software} {Stack}},\n\turl = {Paper=https://download.vusec.net/papers/flip-feng-shui_sec16.pdf Slides=https://vusec.net/wp-content/uploads/2016/06/presentation.pdf Web=https://www.vusec.net/projects/flip-feng-shui Press=https://goo.gl/owOb2m},\n\tbooktitle = {{USENIX} {Security}},\n\tauthor = {Razavi, Kaveh and Gras, Ben and Bosman, Erik and Preneel, Bart and Giuffrida, Cristiano and Bos, Herbert},\n\tmonth = aug,\n\tyear = {2016},\n\tnote = {Pwnie Award Nomination for Best Cryptographic Attack},\n\tkeywords = {class\\_rowhammer, proj\\_sharcs, type\\_award, type\\_conf, type\\_csec, type\\_paper, type\\_press, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Poking Holes in Information Hiding.\n \n \n \n \n\n\n \n Oikonomopoulos, A.; Athanasopoulos, E.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In USENIX Security, August 2016. \n \n\n\n\n
\n\n\n\n \n \n $\"Poking$ Paper\n \n \n \n $\"Poking$ Slides\n \n \n \n $\"Poking$ Web\n \n \n \n $\"Poking$ Code\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 9 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{oikonomopoulos_poking_2016,\n\ttitle = {Poking {Holes} in {Information} {Hiding}},\n\turl = {Paper=https://download.vusec.net/papers/allocation-oracles_sec16.pdf Slides=https://www.usenix.org/sites/default/files/conference/protected-files/security16_slides_oikonomopoulos.pdf Web=https://www.vusec.net/projects/nowhere-to-hide Code=https://github.com/vusec/poking-holes},\n\tbooktitle = {{USENIX} {Security}},\n\tauthor = {Oikonomopoulos, Angelos and Athanasopoulos, Elias and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = aug,\n\tyear = {2016},\n\tkeywords = {class\\_ih, class\\_rand, class\\_sidechannels, proj\\_sharcs, proj\\_vici, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Over the Edge: Silently Owning Windows 10's Secure Browser.\n \n \n \n \n\n\n \n Bosman, E.; Razavi, K.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In Black Hat USA, July 2016. \n \n\n\n\n
\n\n\n\n \n \n $\"Over$ Slides\n \n \n \n $\"Over$ Web\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 42 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{bosman_over_2016,\n\ttitle = {Over the {Edge}: {Silently} {Owning} {Windows} 10's {Secure} {Browser}},\n\turl = {Slides=https://download.vusec.net/papers/over-the-edge_bhusa16.pdf Web=https://vusec.net/projects/dedup-est-machina},\n\tbooktitle = {Black {Hat} {USA}},\n\tauthor = {Bosman, Erik and Razavi, Kaveh and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = jul,\n\tyear = {2016},\n\tkeywords = {class\\_rowhammer, class\\_sidechannels, proj\\_sharcs, type\\_conf, type\\_csec, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n OSIRIS: Efficient and Consistent Recovery of Compartmentalized Operating Systems.\n \n \n \n \n\n\n \n Bhat, K.; Vogt, D.; van der Kouwe, E.; Gras, B.; Sambuc, L.; Tanenbaum, A. S.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In DSN, June 2016. \n Best Paper Session\n\n\n\n
\n\n\n\n \n \n $\"OSIRIS:$ Paper\n \n \n \n $\"OSIRIS:$ Code\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 8 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{bhat_osiris_2016,\n\ttitle = {{OSIRIS}: {Efficient} and {Consistent} {Recovery} of {Compartmentalized} {Operating} {Systems}},\n\turl = {Paper=http://www.cs.vu.nl/~giuffrida/papers/dsn-2016-2.pdf Code=https://github.com/vusec/osiris},\n\tbooktitle = {{DSN}},\n\tauthor = {Bhat, Koustubha and Vogt, Dirk and van der Kouwe, Erik and Gras, Ben and Sambuc, Lionel and Tanenbaum, Andrew S. and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = jun,\n\tyear = {2016},\n\tnote = {Best Paper Session},\n\tkeywords = {class\\_reliability, proj\\_sharcs, type\\_award, type\\_conf, type\\_csec, type\\_paper, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n HSFI: Representative Fault Injection Scalable to Large Code Bases.\n \n \n \n \n\n\n \n Kouwe, E. v. d.; and Tanenbaum, A. S.\n\n\n \n\n\n\n In DSN, June 2016. \n \n\n\n\n
\n\n\n\n \n \n $\"HSFI:$ Paper\n \n \n \n $\"HSFI:$ Code\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 2 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{kouwe_hsfi_2016,\n\ttitle = {{HSFI}: {Representative} {Fault} {Injection} {Scalable} to {Large} {Code} {Bases}},\n\turl = {Paper=https://www.researchgate.net/profile/Erik_Kouwe/publication/303814734_HSFI_accurate_fault_injection_scalable_to_large_code_bases_Regular_paper/links/575561f108ae0405a57518ba.pdf Code=https://github.com/vusec/dsn-2016-hsfi},\n\tbooktitle = {{DSN}},\n\tauthor = {Kouwe, Erik van der and Tanenbaum, Andrew S.},\n\tmonth = jun,\n\tyear = {2016},\n\tkeywords = {class\\_fi, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Trade-offs in Automatic Provenance Capture.\n \n \n \n \n\n\n \n Stamatogiannakis, M.; Kazmi, H.; Sharif, H.; Vermeulen, R.; Gehani, A.; Bos, H.; and Groth, P.\n\n\n \n\n\n\n In IPAW, June 2016. \n \n\n\n\n
\n\n\n\n \n \n $\"Trade-offs$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{stamatogiannakis_trade-offs_2016,\n\ttitle = {Trade-offs in {Automatic} {Provenance} {Capture}},\n\turl = {http://dare.ubvu.vu.nl/handle/1871/54358},\n\tbooktitle = {{IPAW}},\n\tauthor = {Stamatogiannakis, Manolis and Kazmi, Hasanat and Sharif, Hashim and Vermeulen, Remco and Gehani, Ashish and Bos, Herbert and Groth, Paul},\n\tmonth = jun,\n\tyear = {2016},\n\tkeywords = {class\\_provenance, type\\_conf, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Secure and Efficient Multi-variant Execution Using Hardware-assisted Process Virtualization.\n \n \n \n \n\n\n \n Koning, K.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In DSN, June 2016. \n \n\n\n\n
\n\n\n\n \n \n $\"Secure$ Paper\n \n \n \n $\"Secure$ Code\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 15 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{koning_secure_2016,\n\ttitle = {Secure and {Efficient} {Multi}-variant {Execution} {Using} {Hardware}-assisted {Process} {Virtualization}},\n\turl = {Paper=http://www.cs.vu.nl/~giuffrida/papers/dsn-2016.pdf Code=https://github.com/vusec/mvarmor},\n\tbooktitle = {{DSN}},\n\tauthor = {Koning, Koen and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = jun,\n\tyear = {2016},\n\tkeywords = {class\\_armor, proj\\_sharcs, type\\_conf, type\\_mscthesis, type\\_paper, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Dedup Est Machina: Memory Deduplication as an Advanced Exploitation Vector.\n \n \n \n \n\n\n \n Bosman, E.; Razavi, K.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In S&P, May 2016. \n Pwnie Award for Most Innovative Research\n\n\n\n
\n\n\n\n \n \n $\"Dedup$ Paper\n \n \n \n $\"Dedup$ Web\n \n \n \n $\"Dedup$ Press\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 94 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{bosman_dedup_2016,\n\ttitle = {Dedup {Est} {Machina}: {Memory} {Deduplication} as an {Advanced} {Exploitation} {Vector}},\n\turl = {Paper=https://download.vusec.net/papers/dedup-est-machina_sp16.pdf Web=https://www.vusec.net/projects/dedup-est-machina Press=https://goo.gl/ogBXTm},\n\tbooktitle = {S\\&{P}},\n\tauthor = {Bosman, Erik and Razavi, Kaveh and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = may,\n\tyear = {2016},\n\tnote = {Pwnie Award for Most Innovative Research},\n\tkeywords = {class\\_rowhammer, class\\_sidechannels, proj\\_sharcs, proj\\_vici, type\\_award, type\\_conf, type\\_csec, type\\_cve\\_assigned, type\\_paper, type\\_press, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n A Tough Call: Mitigating Advanced Code-Reuse Attacks at the Binary Level.\n \n \n \n \n\n\n \n van der Veen, V.; Goktas, E.; Contag, M.; Pawlowski, A.; Chen, X.; Rawat, S.; Bos, H.; Holz, T.; Athanasopoulos, E.; and Giuffrida, C.\n\n\n \n\n\n\n In S&P, May 2016. \n \n\n\n\n
\n\n\n\n \n \n $\"A$ Paper\n \n \n \n $\"A$ Code\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 8 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{van_der_veen_tough_2016,\n\ttitle = {A {Tough} {Call}: {Mitigating} {Advanced} {Code}-{Reuse} {Attacks} at the {Binary} {Level}},\n\turl = {Paper=https://download.vusec.net/papers/typearmor_sp16.pdf Code=https://github.com/vusec/typearmor},\n\tbooktitle = {S\\&{P}},\n\tauthor = {van der Veen, Victor and Goktas, Enes and Contag, Moritz and Pawlowski, Andre and Chen, Xi and Rawat, Sanjay and Bos, Herbert and Holz, Thorsten and Athanasopoulos, Elias and Giuffrida, Cristiano},\n\tmonth = may,\n\tyear = {2016},\n\tkeywords = {class\\_armor, proj\\_sharcs, proj\\_vici, type\\_conf, type\\_csec, type\\_paper, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n METAlloc: Efficient and Comprehensive Metadata Management for Software Security Hardening.\n \n \n \n \n\n\n \n Haller, I.; van der Kouwe, E.; Giuffrida, C.; and Bos, H.\n\n\n \n\n\n\n In EuroSec, April 2016. \n \n\n\n\n
\n\n\n\n \n \n $\"METAlloc:$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 4 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{haller_metalloc_2016,\n\ttitle = {{METAlloc}: {Efficient} and {Comprehensive} {Metadata} {Management} for {Software} {Security} {Hardening}},\n\tshorttitle = {{METAlloc}},\n\turl = {http://www.cs.vu.nl/~giuffrida/papers/eurosec-2016.pdf},\n\tbooktitle = {{EuroSec}},\n\tauthor = {Haller, Istvan and van der Kouwe, Erik and Giuffrida, Cristiano and Bos, Herbert},\n\tmonth = apr,\n\tyear = {2016},\n\tkeywords = {class\\_sanitizer, class\\_testing, proj\\_sharcs, type\\_csec, type\\_paper, type\\_workshop},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Slick: An Intrusion Detection System for Virtualized Storage Devices.\n \n \n \n \n\n\n \n Bacs, A.; Giuffrida, C.; Grill, B.; and Bos, H.\n\n\n \n\n\n\n In SAC, April 2016. \n \n\n\n\n
\n\n\n\n \n \n $\"Slick:$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 3 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{bacs_slick_2016,\n\ttitle = {Slick: {An} {Intrusion} {Detection} {System} for {Virtualized} {Storage} {Devices}},\n\turl = {http://www.cs.vu.nl/~giuffrida/papers/sac-2016.pdf},\n\tbooktitle = {{SAC}},\n\tauthor = {Bacs, Andrei and Giuffrida, Cristiano and Grill, Bernhard and Bos, Herbert},\n\tmonth = apr,\n\tyear = {2016},\n\tkeywords = {class\\_malware, type\\_conf, type\\_csec, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n On the Effectiveness of Sensor-enhanced Keystroke Dynamics Against Statistical Attacks.\n \n \n \n \n\n\n \n Stanciu, V.; Spolaor, R.; Conti, M.; and Giuffrida, C.\n\n\n \n\n\n\n In CODASPY, March 2016. \n \n\n\n\n
\n\n\n\n \n \n $\"On$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{stanciu_effectiveness_2016,\n\ttitle = {On the {Effectiveness} of {Sensor}-enhanced {Keystroke} {Dynamics} {Against} {Statistical} {Attacks}},\n\turl = {http://www.cs.vu.nl/~giuffrida/papers/codaspy-2016.pdf},\n\tbooktitle = {{CODASPY}},\n\tauthor = {Stanciu, Valeriu-Daniel and Spolaor, Riccardo and Conti, Mauro and Giuffrida, Cristiano},\n\tmonth = mar,\n\tyear = {2016},\n\tkeywords = {biometric authentication, class\\_mobile, class\\_sidechannels, keystroke dynamics, mobile security, sensor dynamics, statistical attacks, type\\_conf, type\\_csec, type\\_mscthesis, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Finding Fault with Fault Injection: An Empirical Exploration of Distortion in Fault Injection Experiments.\n \n \n \n \n\n\n \n van der Kouwe, E.; Giuffrida, C.; and Tanenbaum, A. S.\n\n\n \n\n\n\n SQL, 24(1). March 2016.\n \n\n\n\n
\n\n\n\n \n \n $\"Finding$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@article{van_der_kouwe_finding_2016,\n\ttitle = {Finding {Fault} with {Fault} {Injection}: {An} {Empirical} {Exploration} of {Distortion} in {Fault} {Injection} {Experiments}},\n\tvolume = {24},\n\turl = {http://link.springer.com/article/10.1007/s11219-014-9261-3},\n\tnumber = {1},\n\tjournal = {SQL},\n\tauthor = {van der Kouwe, Erik and Giuffrida, Cristiano and Tanenbaum, Andrew S.},\n\tmonth = mar,\n\tyear = {2016},\n\tkeywords = {Correlation, Keyboards, Monitoring, PCC, black-box, class\\_fi, class\\_testing, invasive software, kernel, keylogger, robustness, security, type\\_journal, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n How Anywhere Computing Just Killed Your Phone-Based Two-Factor Authentication.\n \n \n \n \n\n\n \n Konoth, R. K.; van der Veen, V.; and Bos, H.\n\n\n \n\n\n\n In FC, February 2016. \n \n\n\n\n
\n\n\n\n \n \n $\"How$ Paper\n \n \n \n $\"How$ Web\n \n \n \n $\"How$ Press\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 31 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{konoth_how_2016,\n\ttitle = {How {Anywhere} {Computing} {Just} {Killed} {Your} {Phone}-{Based} {Two}-{Factor} {Authentication}},\n\turl = {Paper=http://fc16.ifca.ai/preproceedings/24_Konoth.pdf Web=https://www.vusec.net/projects/bandroid Press=https://www.vusec.net/projects/bandroid},\n\tbooktitle = {{FC}},\n\tauthor = {Konoth, Radhesh Krishnan and van der Veen, Victor and Bos, Herbert},\n\tmonth = feb,\n\tyear = {2016},\n\tkeywords = {class\\_mobile, type\\_conf, type\\_csec, type\\_mscthesis, type\\_paper, type\\_press},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n DroydSeuss: A Mobile Banking Trojan Tracker.\n \n \n \n \n\n\n \n Coletta, A.; van der Veen, V.; and Maggi, F.\n\n\n \n\n\n\n In FC, February 2016. \n \n\n\n\n
\n\n\n\n \n \n $\"DroydSeuss:$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{coletta_droydseuss_2016,\n\ttitle = {{DroydSeuss}: {A} {Mobile} {Banking} {Trojan} {Tracker}},\n\turl = {https://www.ifca.ai/fc16/preproceedings/14_Coletta.pdf},\n\tbooktitle = {{FC}},\n\tauthor = {Coletta, Alberto and van der Veen, Victor and Maggi, Federico},\n\tmonth = feb,\n\tyear = {2016},\n\tkeywords = {class\\_malware, class\\_reveng, type\\_conf, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Binary Rejuvenation: Applications and Challenges.\n \n \n \n \n\n\n \n Oikonomopoulos, A.; Giuffrida, C.; Rawat, S.; and Bos, H.\n\n\n \n\n\n\n IEEE S&P Magazine, 14(1). January 2016.\n \n\n\n\n
\n\n\n\n \n \n $\"Binary$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 1 download\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@article{oikonomopoulos_binary_2016,\n\ttitle = {Binary {Rejuvenation}: {Applications} and {Challenges}},\n\tvolume = {14},\n\turl = {http://www.cs.vu.nl/~giuffrida/papers/spmag-2016.pdf},\n\tnumber = {1},\n\tjournal = {IEEE S\\&P Magazine},\n\tauthor = {Oikonomopoulos, Angelos and Giuffrida, Cristiano and Rawat, Sanjay and Bos, Herbert},\n\tmonth = jan,\n\tyear = {2016},\n\tkeywords = {class\\_reveng, proj\\_sharcs, type\\_mag, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n\n\n\n

\n\n

\n \n 2015\n \n \n (12)\n \n \n

\n \n \n

\n \n\n \n \n \n \n \n \n Practical Context-Sensitive CFI.\n \n \n \n \n\n\n \n van der Veen, V.; Andriesse, D.; Göktas, E.; Gras, B.; Sambuc, L.; Slowinska, A.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In CCS, November 2015. \n \n\n\n\n
\n\n\n\n \n \n $\"Practical$ Paper\n \n \n \n $\"Practical$ Web\n \n \n \n $\"Practical$ Code\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 101 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{van_der_veen_practical_2015,\n\ttitle = {Practical {Context}-{Sensitive} {CFI}},\n\turl = {Paper=http://www.cs.vu.nl/~giuffrida/papers/ccs-2015.pdf Web=https://www.vusec.net/projects/patharmor Code=https://github.com/vusec/patharmor},\n\tbooktitle = {{CCS}},\n\tauthor = {van der Veen, Victor and Andriesse, Dennis and Göktas, Enes and Gras, Ben and Sambuc, Lionel and Slowinska, Asia and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = nov,\n\tyear = {2015},\n\tkeywords = {class\\_armor, proj\\_sharcs, proj\\_vici, type\\_conf, type\\_csec, type\\_paper, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n StackArmor: Comprehensive Protection from Stack-based Memory Error Vulnerabilities for Binaries.\n \n \n \n \n\n\n \n Chen, X.; Slowinska, A.; Andriesse, D.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In NDSS, November 2015. \n \n\n\n\n
\n\n\n\n \n \n $\"StackArmor:$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 7 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{chen_stackarmor_2015,\n\ttitle = {{StackArmor}: {Comprehensive} {Protection} from {Stack}-based {Memory} {Error} {Vulnerabilities} for {Binaries}},\n\turl = {http://www.cs.vu.nl/~giuffrida/papers/ndss-2015.pdf},\n\tbooktitle = {{NDSS}},\n\tauthor = {Chen, Xi and Slowinska, Asia and Andriesse, Dennis and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = nov,\n\tyear = {2015},\n\tkeywords = {class\\_armor, class\\_rand, type\\_conf, type\\_csec, type\\_paper, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Parallax: Implicit Code Integrity Verification Using Return-Oriented Programming.\n \n \n \n \n\n\n \n Andriesse, D.; Bos, H.; and Slowinska, A.\n\n\n \n\n\n\n In DSN, October 2015. \n \n\n\n\n
\n\n\n\n \n \n $\"Parallax:$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 2 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{andriesse_parallax_2015,\n\ttitle = {Parallax: {Implicit} {Code} {Integrity} {Verification} {Using} {Return}-{Oriented} {Programming}},\n\turl = {http://www.cs.vu.nl/%7Eherbertb/papers/parallax_dsn2015.pdf},\n\tbooktitle = {{DSN}},\n\tauthor = {Andriesse, Dennis and Bos, Herbert and Slowinska, Asia},\n\tmonth = oct,\n\tyear = {2015},\n\tkeywords = {class\\_binary, obfuscation, parallax, tamperproofing, type\\_conf, type\\_csec, type\\_paper, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n ShrinkWrap: VTable Protection Without Loose Ends.\n \n \n \n \n\n\n \n Haller, I.; Goktas, E.; Athanasopoulos, E.; Portokalidis, G.; and Bos, H.\n\n\n \n\n\n\n In ACSAC, October 2015. \n Outstanding Student Paper Award\n\n\n\n
\n\n\n\n \n \n $\"ShrinkWrap:$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 4 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{haller_shrinkwrap_2015,\n\ttitle = {{ShrinkWrap}: {VTable} {Protection} {Without} {Loose} {Ends}},\n\turl = {http://www.cs.vu.nl/%7Eherbertb/papers/shrinkwrap_acsac15.pdf},\n\tbooktitle = {{ACSAC}},\n\tauthor = {Haller, Istvan and Goktas, Enes and Athanasopoulos, Elias and Portokalidis, Georgios and Bos, Herbert},\n\tmonth = oct,\n\tyear = {2015},\n\tnote = {Outstanding Student Paper Award},\n\tkeywords = {class\\_armor, proj\\_sharcs, proj\\_vici, type\\_award, type\\_conf, type\\_csec, type\\_paper, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Speculative Memory Checkpointing.\n \n \n \n \n\n\n \n Vogt, D.; Miraglia, A.; Portokalidis, G.; Tanenbaum, A. S.; Bos, H.; and Giuffrida, C.\n\n\n \n\n\n\n In Middleware, October 2015. \n \n\n\n\n
\n\n\n\n \n \n $\"Speculative$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 2 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{vogt_speculative_2015,\n\ttitle = {Speculative {Memory} {Checkpointing}},\n\turl = {http://www.cs.vu.nl/~giuffrida/papers/middleware-2015.pdf},\n\tbooktitle = {Middleware},\n\tauthor = {Vogt, Dirk and Miraglia, Armando and Portokalidis, Georgios and Tanenbaum, Andrew S. and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = oct,\n\tyear = {2015},\n\tkeywords = {class\\_reliability, proj\\_sharcs, type\\_conf, type\\_csec, type\\_paper, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Reliable Recon in Adversarial Peer-to-Peer Botnets.\n \n \n \n \n\n\n \n Andriesse, D.; Rossow, C.; and Bos, H.\n\n\n \n\n\n\n In IMC, October 2015. \n \n\n\n\n
\n\n\n\n \n \n $\"Reliable$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{andriesse_reliable_2015,\n\ttitle = {Reliable {Recon} in {Adversarial} {Peer}-to-{Peer} {Botnets}},\n\turl = {http://www.cs.vu.nl/%7Eherbertb/papers/recon_imc15.pdf},\n\tbooktitle = {{IMC}},\n\tauthor = {Andriesse, Dennis and Rossow, Christian and Bos, Herbert},\n\tmonth = oct,\n\tyear = {2015},\n\tkeywords = {botnets, class\\_malware, type\\_conf, type\\_csec, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n PIE: Parser Identification in Embedded Systems.\n \n \n \n \n\n\n \n Cojocar, L.; Zaddach, J.; Verdult, R.; Bos, H.; Balzarotti, D.; and Francillon, A.\n\n\n \n\n\n\n In ACSAC, October 2015. \n \n\n\n\n
\n\n\n\n \n \n $\"PIE:$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 3 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{cojocar_pie_2015,\n\ttitle = {{PIE}: {Parser} {Identification} in {Embedded} {Systems}},\n\turl = {http://www.cs.vu.nl/%7Eherbertb/papers/pie_acsac15.pdf},\n\tbooktitle = {{ACSAC}},\n\tauthor = {Cojocar, Lucian and Zaddach, Jonas and Verdult, Roel and Bos, Herbert and Balzarotti, Davide and Francillon, Aurélien},\n\tmonth = oct,\n\tyear = {2015},\n\tkeywords = {class\\_binary, type\\_conf, type\\_csec, type\\_paper, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Lightweight Memory Checkpointing.\n \n \n \n \n\n\n \n Vogt, D.; Giuffrida, C.; Bos, H.; and Tanenbaum, A. S.\n\n\n \n\n\n\n In DSN, October 2015. \n \n\n\n\n
\n\n\n\n \n \n $\"Lightweight$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 5 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{vogt_lightweight_2015,\n\ttitle = {Lightweight {Memory} {Checkpointing}},\n\turl = {http://www.cs.vu.nl/~giuffrida/papers/dsn-2015.pdf},\n\tbooktitle = {{DSN}},\n\tauthor = {Vogt, Dirk and Giuffrida, Cristiano and Bos, Herbert and Tanenbaum, Andrew S.},\n\tmonth = oct,\n\tyear = {2015},\n\tkeywords = {class\\_reliability, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Decoupling Provenance Capture and Analysis from Execution.\n \n \n \n \n\n\n \n Stamatogiannakis, M.; Groth, P.; and Bos, H.\n\n\n \n\n\n\n In TaPP, October 2015. \n \n\n\n\n
\n\n\n\n \n \n $\"Decoupling$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 1 download\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{stamatogiannakis_decoupling_2015,\n\ttitle = {Decoupling {Provenance} {Capture} and {Analysis} from {Execution}},\n\turl = {http://dare.ubvu.vu.nl/handle/1871/53077},\n\tbooktitle = {{TaPP}},\n\tauthor = {Stamatogiannakis, Manolis and Groth, Paul and Bos, Herbert},\n\tmonth = oct,\n\tyear = {2015},\n\tkeywords = {class\\_provenance, type\\_conf, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n A Methodology to Efficiently Compare Operating System Stability.\n \n \n \n \n\n\n \n van der Kouwe, E.; Giuffrida, C.; Ghituletez, R.; and Tanenbaum, A. S.\n\n\n \n\n\n\n In HASE, September 2015. \n \n\n\n\n
\n\n\n\n \n \n $\"A$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 1 download\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{van_der_kouwe_methodology_2015,\n\ttitle = {A {Methodology} to {Efficiently} {Compare} {Operating} {System} {Stability}},\n\turl = {http://www.cs.vu.nl/~giuffrida/papers/hase-2015.pdf},\n\tbooktitle = {{HASE}},\n\tauthor = {van der Kouwe, Erik and Giuffrida, Cristiano and Ghituletez, Razvan and Tanenbaum, Andrew S.},\n\tmonth = sep,\n\tyear = {2015},\n\tkeywords = {Computer crashes, MINIX 3, OS crash, OS stability improvement, Operating systems, Scalability, Stability, class\\_fi, class\\_testing, code base, efficient operating system stability comparison, fault impact, fault injection, fault injection strategy, linux, program diagnostics, reliability, robustness, run-time instrumentation, software engineering, software fault tolerance, software faults, static instrumentation, system recovery, testing, type\\_conf, type\\_csec, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n The BORG: Nanoprobing Binaries for Buffer Overreads.\n \n \n \n \n\n\n \n Neugschwandtner, M.; Milani Comparetti, P.; Haller, I.; and Bos, H.\n\n\n \n\n\n\n In CODASPY, September 2015. \n \n\n\n\n
\n\n\n\n \n \n $\"The$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{neugschwandtner_borg_2015,\n\ttitle = {The {BORG}: {Nanoprobing} {Binaries} for {Buffer} {Overreads}},\n\turl = {http://www.cs.vu.nl/%7Eherbertb/papers/borg_codaspy15.pdf},\n\tbooktitle = {{CODASPY}},\n\tauthor = {Neugschwandtner, Matthias and Milani Comparetti, Paolo and Haller, Istvan and Bos, Herbert},\n\tmonth = sep,\n\tyear = {2015},\n\tkeywords = {class\\_testing, type\\_conf, type\\_csec, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Nice Boots - A Large-Scale Analysis of Bootkits and New Ways to Stop Them.\n \n \n \n \n\n\n \n Grill, B.; Bacs, A.; Platzer, C.; and Bos, H.\n\n\n \n\n\n\n In DIMVA, September 2015. \n \n\n\n\n
\n\n\n\n \n \n $\"Nice$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 12 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{grill_nice_2015,\n\ttitle = {Nice {Boots} - {A} {Large}-{Scale} {Analysis} of {Bootkits} and {New} {Ways} to {Stop} {Them}},\n\turl = {http://www.cs.vu.nl/%7Eherbertb/papers/bootkits_dimva2015.pdf},\n\tbooktitle = {{DIMVA}},\n\tauthor = {Grill, Bernhard and Bacs, Andrei and Platzer, Christian and Bos, Herbert},\n\tmonth = sep,\n\tyear = {2015},\n\tkeywords = {class\\_malware, proj\\_vici, type\\_conf, type\\_csec, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n\n\n\n

\n\n

\n \n 2014\n \n \n (15)\n \n \n

\n \n \n

\n \n\n \n \n \n \n \n \n Framing signals - Return to portable exploits.\n \n \n \n \n\n\n \n Bosman, E.; and Bos, H.\n\n\n \n\n\n\n In S&P, December 2014. \n Best Student Paper Award\n\n\n\n
\n\n\n\n \n \n $\"Framing$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 12 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{bosman_framing_2014,\n\ttitle = {Framing signals - {Return} to portable exploits},\n\turl = {http://www.cs.vu.nl/%7Eherbertb/papers/srop_sp14.pdf},\n\tbooktitle = {S\\&{P}},\n\tauthor = {Bosman, Erik and Bos, Herbert},\n\tmonth = dec,\n\tyear = {2014},\n\tnote = {Best Student Paper Award},\n\tkeywords = {class\\_binary, type\\_award, type\\_conf, type\\_csec, type\\_paper, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Size Does Matter: Why Using Gadget-Chain Length to Prevent Code-Reuse Attacks is Hard.\n \n \n \n \n\n\n \n Goktas, E.; Athanasopoulos, E.; Polychronakis, M.; Bos, H.; and Portokalidis, G.\n\n\n \n\n\n\n In USENIX Security, December 2014. \n \n\n\n\n
\n\n\n\n \n \n $\"Size$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 7 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{goktas_size_2014,\n\ttitle = {Size {Does} {Matter}: {Why} {Using} {Gadget}-{Chain} {Length} to {Prevent} {Code}-{Reuse} {Attacks} is {Hard}},\n\turl = {http://www.cs.vu.nl/~herbertb/papers/sec14-paper-goktas.pdf},\n\tbooktitle = {{USENIX} {Security}},\n\tauthor = {Goktas, Enes and Athanasopoulos, Elias and Polychronakis, Michalis and Bos, Herbert and Portokalidis, Georgios},\n\tmonth = dec,\n\tyear = {2014},\n\tkeywords = {class\\_binary, type\\_conf, type\\_csec, type\\_mscthesis, type\\_paper, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Out Of Control: Overcoming Control-Flow Integrity.\n \n \n \n \n\n\n \n Goktas, E.; Athanasopoulos, E.; Bos, H.; and Portokalidis, G.\n\n\n \n\n\n\n In S&P, December 2014. \n DCSR Paper Award\n\n\n\n
\n\n\n\n \n \n $\"Out$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 3 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{goktas_out_2014,\n\ttitle = {Out {Of} {Control}: {Overcoming} {Control}-{Flow} {Integrity}},\n\turl = {http://www.cs.vu.nl/%7Eherbertb/papers/outofcontrol_sp14.pdf},\n\tbooktitle = {S\\&{P}},\n\tauthor = {Goktas, Enes and Athanasopoulos, Elias and Bos, Herbert and Portokalidis, Gerogios},\n\tmonth = dec,\n\tyear = {2014},\n\tnote = {DCSR Paper Award},\n\tkeywords = {class\\_binary, type\\_award, type\\_conf, type\\_csec, type\\_mscthesis, type\\_paper, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Mutable Checkpoint-Restart: Automating Live Update for Generic Server Programs.\n \n \n \n \n\n\n \n Giuffrida, C.; Iorgulescu, C.; and Tanenbaum, A. S.\n\n\n \n\n\n\n In Middleware, October 2014. \n \n\n\n\n
\n\n\n\n \n \n $\"Mutable$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{giuffrida_mutable_2014,\n\ttitle = {Mutable {Checkpoint}-{Restart}: {Automating} {Live} {Update} for {Generic} {Server} {Programs}},\n\turl = {http://www.cs.vu.nl/~giuffrida/papers/middleware-2014.pdf},\n\tbooktitle = {Middleware},\n\tauthor = {Giuffrida, Cristiano and Iorgulescu, Calin and Tanenbaum, Andrew S.},\n\tmonth = oct,\n\tyear = {2014},\n\tkeywords = {class\\_updating, type\\_conf, type\\_csec, type\\_mscthesis, type\\_paper, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n On Sockets and System Calls: Minimizing Context Switches for the Socket API.\n \n \n \n \n\n\n \n Hruby, T.; Crivat, T.; Bos, H.; and Tanenbaum, A. S.\n\n\n \n\n\n\n In TRIOS, October 2014. \n \n\n\n\n
\n\n\n\n \n \n $\"On$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 3 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{hruby_sockets_2014,\n\ttitle = {On {Sockets} and {System} {Calls}: {Minimizing} {Context} {Switches} for the {Socket} {API}},\n\turl = {https://www.usenix.org/system/files/conference/trios14/trios14-paper-hruby.pdf},\n\tbooktitle = {{TRIOS}},\n\tauthor = {Hruby, Tomas and Crivat, Teodor and Bos, Herbert and Tanenbaum, Andrew S.},\n\tmonth = oct,\n\tyear = {2014},\n\tkeywords = {class\\_network, type\\_conf, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n On the Soundness of Silence: Investigating Silent Failures Using Fault Injection Experiments.\n \n \n \n \n\n\n \n van der Kouwe, E.; Giuffrida, C.; and Tanenbaum, A. S.\n\n\n \n\n\n\n In EDCC, September 2014. \n \n\n\n\n
\n\n\n\n \n \n $\"On$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{van_der_kouwe_soundness_2014,\n\ttitle = {On the {Soundness} of {Silence}: {Investigating} {Silent} {Failures} {Using} {Fault} {Injection} {Experiments}},\n\turl = {http://www.cs.vu.nl/~giuffrida/papers/edcc-2014.pdf},\n\tbooktitle = {{EDCC}},\n\tauthor = {van der Kouwe, Erik and Giuffrida, Cristiano and Tanenbaum, Andrew S.},\n\tmonth = sep,\n\tyear = {2014},\n\tkeywords = {Computer bugs, Computers, Instruction sets, LLVM, Servers, class\\_fi, class\\_testing, fail-stop, fail-stop behavior analysis, fault diagnosis, fault injection, fault injection experiments, fault injection-induced silent failures, fault-free execution, field data, linux, security of data, silent failure, software reliability, system call tracing, system call-based anomaly detection, type\\_conf, type\\_paper, user-to detect silent failures},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Instruction-Level Steganography for Covert Trigger-Based Malware.\n \n \n \n \n\n\n \n Andriesse, D.; and Bos, H.\n\n\n \n\n\n\n In DIMVA, September 2014. \n \n\n\n\n
\n\n\n\n \n \n $\"Instruction-Level$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{andriesse_instruction-level_2014,\n\ttitle = {Instruction-{Level} {Steganography} for {Covert} {Trigger}-{Based} {Malware}},\n\turl = {http://www.cs.vu.nl/%7Eherbertb/papers/stega_dimva14.pdf},\n\tbooktitle = {{DIMVA}},\n\tauthor = {Andriesse, Dennis and Bos, Herbert},\n\tmonth = sep,\n\tyear = {2014},\n\tkeywords = {class\\_binary, obfuscation, type\\_conf, type\\_csec, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Data Structure Archaeology: Scrape Away the Dirt and Glue Back the Pieces! (Or: Automated Techniques to Recover Split and Merged Variables).\n \n \n \n \n\n\n \n Slowinska, A.; Haller, I.; Bacs, A.; Baranga, S.; and Bos, H.\n\n\n \n\n\n\n In DIMVA, September 2014. \n \n\n\n\n
\n\n\n\n \n \n $\"Data$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{slowinska_data_2014,\n\ttitle = {Data {Structure} {Archaeology}: {Scrape} {Away} the {Dirt} and {Glue} {Back} the {Pieces}! ({Or}: {Automated} {Techniques} to {Recover} {Split} and {Merged} {Variables})},\n\turl = {http://www.cs.vu.nl/%7Eherbertb/papers/carter_dimva14.pdf},\n\tbooktitle = {{DIMVA}},\n\tauthor = {Slowinska, Asia and Haller, Istvan and Bacs, Andrei and Baranga, Silviu and Bos, Herbert},\n\tmonth = sep,\n\tyear = {2014},\n\tkeywords = {class\\_binary, class\\_reveng, type\\_conf, type\\_csec, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Enter Sandbox: Android Sandbox Comparison.\n \n \n \n \n\n\n \n Neuner, S.; van der Veen, V.; Lindorfer, M.; Huber, M.; Merzdovnik, G.; Mulazzani, M.; and Weippl, E.\n\n\n \n\n\n\n In MoST, September 2014. \n \n\n\n\n
\n\n\n\n \n \n $\"Enter$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{neuner_enter_2014,\n\ttitle = {Enter {Sandbox}: {Android} {Sandbox} {Comparison}},\n\turl = {http://arxiv.org/pdf/1410.7749.pdf},\n\tbooktitle = {{MoST}},\n\tauthor = {Neuner, Sebastian and van der Veen, Victor and Lindorfer, Martina and Huber, Markus and Merzdovnik, Georg and Mulazzani, Martin and Weippl, Edgar},\n\tmonth = sep,\n\tyear = {2014},\n\tkeywords = {class\\_mobile, type\\_paper, type\\_workshop},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Towards Optimal Scheduling of Multiserver System Components.\n \n \n \n \n\n\n \n Hruby, T.; Bos, H.; and Tanenbaum, A. S.\n\n\n \n\n\n\n In MOS, September 2014. \n \n\n\n\n
\n\n\n\n \n \n $\"Towards$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{hruby_towards_2014,\n\ttitle = {Towards {Optimal} {Scheduling} of {Multiserver} {System} {Components}},\n\turl = {http://cs.vu.nl/~ast/Publications/Papers/sfma-2014.pdf},\n\tbooktitle = {{MOS}},\n\tauthor = {Hruby, Tomas and Bos, Herbert and Tanenbaum, Andrew S.},\n\tmonth = sep,\n\tyear = {2014},\n\tkeywords = {class\\_reliability, type\\_paper, type\\_workshop},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n On measuring the impact of DDoS botnets.\n \n \n \n \n\n\n \n Welzel, A.; Rossow, C.; and Bos, H.\n\n\n \n\n\n\n In EuroSec, September 2014. \n \n\n\n\n
\n\n\n\n \n \n $\"On$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 1 download\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{welzel_measuring_2014,\n\ttitle = {On measuring the impact of {DDoS} botnets},\n\turl = {https://pdfs.semanticscholar.org/8055/6ab16deb6e5ac3c60426f38b27f6c65c0945.pdf},\n\tbooktitle = {{EuroSec}},\n\tauthor = {Welzel, Arne and Rossow, Christian and Bos, Herbert},\n\tmonth = sep,\n\tyear = {2014},\n\tkeywords = {class\\_malware, type\\_paper, type\\_workshop},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Evaluating Distortion in Fault Injection Experiments.\n \n \n \n \n\n\n \n van der Kouwe, E.; Giuffrida, C.; and Tanenbaum, A. S.\n\n\n \n\n\n\n In HASE, September 2014. \n Best Paper Award\n\n\n\n
\n\n\n\n \n \n $\"Evaluating$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 15 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{van_der_kouwe_evaluating_2014,\n\ttitle = {Evaluating {Distortion} in {Fault} {Injection} {Experiments}},\n\turl = {http://www.cs.vu.nl/~giuffrida/papers/hase-2014.pdf},\n\tbooktitle = {{HASE}},\n\tauthor = {van der Kouwe, Erik and Giuffrida, Cristiano and Tanenbaum, Andrew S.},\n\tmonth = sep,\n\tyear = {2014},\n\tnote = {Best Paper Award},\n\tkeywords = {class\\_fi, class\\_testing, type\\_award, type\\_conf, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n ANDRUBIS - 1,000,000 Apps Later: A View on Current Android Malware Behaviors.\n \n \n \n \n\n\n \n Lindorfer, M.; Neugschwandtner, M.; Weichselbaum, L.; Fratantonio, Y.; van der Veen, V.; and Platzer, C.\n\n\n \n\n\n\n In BADGERS, September 2014. \n \n\n\n\n
\n\n\n\n \n \n $\"ANDRUBIS$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{lindorfer_andrubis_2014,\n\ttitle = {{ANDRUBIS} - 1,000,000 {Apps} {Later}: {A} {View} on {Current} {Android} {Malware} {Behaviors}},\n\turl = {http://www.cs.ucsb.edu/~yanick/publications/2014_badgers_andrubis.pdf},\n\tbooktitle = {{BADGERS}},\n\tauthor = {Lindorfer, Martina and Neugschwandtner, Matthias and Weichselbaum, Lukas and Fratantonio, Yanick and van der Veen, Victor and Platzer, Christian},\n\tmonth = sep,\n\tyear = {2014},\n\tkeywords = {class\\_malware, type\\_conf, type\\_mscthesis, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n I Sensed It Was You: Authenticating Mobile Users with Sensor-Enhanced Keystroke Dynamics.\n \n \n \n \n\n\n \n Giuffrida, C.; Majdanik, K.; Conti, M.; and Bos, H.\n\n\n \n\n\n\n In DIMVA, September 2014. \n \n\n\n\n
\n\n\n\n \n \n $\"I$ Paper\n \n \n \n $\"I$ Code\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 3 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{giuffrida_i_2014,\n\ttitle = {I {Sensed} {It} {Was} {You}: {Authenticating} {Mobile} {Users} with {Sensor}-{Enhanced} {Keystroke} {Dynamics}},\n\turl = {Paper=http://www.cs.vu.nl/~giuffrida/papers/dimva-2014.pdf Code=https://github.com/vusec/unagi},\n\tbooktitle = {{DIMVA}},\n\tauthor = {Giuffrida, Cristiano and Majdanik, Kamil and Conti, Mauro and Bos, Herbert},\n\tmonth = sep,\n\tyear = {2014},\n\tkeywords = {Management of Computing and Information Systems, Systems and Data Security, class\\_mobile, class\\_sidechannels, e-Commerce/e-business, type\\_conf, type\\_mscthesis, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Looking Inside the Black-Box: Capturing Data Provenance using Dynamic Instrumentation.\n \n \n \n \n\n\n \n Stamatogiannakis, M.; Groth, P.; and Bos, H.\n\n\n \n\n\n\n In IPAW, September 2014. \n \n\n\n\n
\n\n\n\n \n \n $\"Looking$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 3 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{stamatogiannakis_looking_2014,\n\ttitle = {Looking {Inside} the {Black}-{Box}: {Capturing} {Data} {Provenance} using {Dynamic} {Instrumentation}},\n\turl = {https://pdfs.semanticscholar.org/48bb/5f38620529dbc0b4b34a25862ed68ff3ffc4.pdf},\n\tbooktitle = {{IPAW}},\n\tauthor = {Stamatogiannakis, Manolis and Groth, Paul and Bos, Herbert},\n\tmonth = sep,\n\tyear = {2014},\n\tkeywords = {class\\_provenance, type\\_conf, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n\n\n\n

\n\n

\n \n 2013\n \n \n (12)\n \n \n

\n \n \n

\n \n\n \n \n \n \n \n \n P2PWNED — Modeling and Evaluating the Resilience of Peer-to-Peer Botnets.\n \n \n \n \n\n\n \n Rossow, C.; Andriesse, D.; Werner, T.; Stone-Gross, B.; Dietrich, C. J.; and Bos, H.\n\n\n \n\n\n\n In S&P, December 2013. \n \n\n\n\n
\n\n\n\n \n \n $\"P2PWNED$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{rossow_p2pwned_2013,\n\ttitle = {{P2PWNED} — {Modeling} and {Evaluating} the {Resilience} of {Peer}-to-{Peer} {Botnets}},\n\turl = {http://www.few.vu.nl/~da.andriesse/papers/security-and-privacy-2013.pdf},\n\tbooktitle = {S\\&{P}},\n\tauthor = {Rossow, Christian and Andriesse, Dennis and Werner, Tillmann and Stone-Gross, Brett and Dietrich, Christian J. and Bos, Herbert},\n\tmonth = dec,\n\tyear = {2013},\n\tkeywords = {botnets, class\\_malware, type\\_conf, type\\_csec, type\\_mscthesis, type\\_paper, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Dowsing for Overflows: A Guided Fuzzer to Find Buffer Boundary Violations.\n \n \n \n \n\n\n \n Haller, I.; Slowinska, A.; Neugschwandtner, M.; and Bos, H.\n\n\n \n\n\n\n In USENIX Security, December 2013. \n \n\n\n\n
\n\n\n\n \n \n $\"Dowsing$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 3 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{haller_dowsing_2013,\n\ttitle = {Dowsing for {Overflows}: {A} {Guided} {Fuzzer} to {Find} {Buffer} {Boundary} {Violations}},\n\turl = {http://www.cs.vu.nl/%7Eherbertb/papers/dowser_usenixsec13.pdf},\n\tbooktitle = {{USENIX} {Security}},\n\tauthor = {Haller, Istvan and Slowinska, Asia and Neugschwandtner, Matthias and Bos, Herbert},\n\tmonth = dec,\n\tyear = {2013},\n\tkeywords = {class\\_testing, type\\_conf, type\\_csec, type\\_mscthesis, type\\_paper, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Safe and Automatic Live Update for Operating Systems.\n \n \n \n \n\n\n \n Giuffrida, C.; Kuijsten, A.; and Tanenbaum, A. S.\n\n\n \n\n\n\n In ASPLOS, December 2013. \n \n\n\n\n
\n\n\n\n \n \n $\"Safe$ Paper\n \n \n \n $\"Safe$ Code\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 4 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{giuffrida_safe_2013,\n\ttitle = {Safe and {Automatic} {Live} {Update} for {Operating} {Systems}},\n\turl = {Paper=http://www.cs.vu.nl/~giuffrida/papers/asplos-2013.pdf Code=Code=https://github.com/Stichting-MINIX-Research-Foundation},\n\tbooktitle = {{ASPLOS}},\n\tauthor = {Giuffrida, Cristiano and Kuijsten, Anton and Tanenbaum, Andrew S.},\n\tmonth = dec,\n\tyear = {2013},\n\tkeywords = {Operating systems, automatic updates, class\\_updating, live update, state checking, state transfer, type\\_conf, type\\_paper, type\\_tier1, type\\_top, update safety},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n When Slower is Faster: On Heterogeneous Multicores for Reliable Systems.\n \n \n \n \n\n\n \n Hruby, T.; Bos, H.; and Tanenbaum, A. S.\n\n\n \n\n\n\n In USENIX ATC, November 2013. \n \n\n\n\n
\n\n\n\n \n \n $\"When$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 1 download\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{hruby_when_2013,\n\ttitle = {When {Slower} is {Faster}: {On} {Heterogeneous} {Multicores} for {Reliable} {Systems}},\n\turl = {https://www.usenix.org/system/files/conference/atc13/atc13-hruby.pdf},\n\tbooktitle = {{USENIX} {ATC}},\n\tauthor = {Hruby, Tomas and Bos, Herbert and Tanenbaum, Andrew S.},\n\tmonth = nov,\n\tyear = {2013},\n\tkeywords = {class\\_network, class\\_os, type\\_conf, type\\_paper, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Back to the Future: Fault-tolerant Live Update with Time-traveling State Transfer.\n \n \n \n \n\n\n \n Giuffrida, C.; Iorgulescu, C.; Kuijsten, A.; and Tanenbaum, A. S.\n\n\n \n\n\n\n In LISA, October 2013. \n Best Student Paper Award\n\n\n\n
\n\n\n\n \n \n $\"Back$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 6 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{giuffrida_back_2013,\n\ttitle = {Back to the {Future}: {Fault}-tolerant {Live} {Update} with {Time}-traveling {State} {Transfer}},\n\turl = {http://www.cs.vu.nl/~giuffrida/papers/lisa-2013.pdf},\n\tbooktitle = {{LISA}},\n\tauthor = {Giuffrida, Cristiano and Iorgulescu, Calin and Kuijsten, Anton and Tanenbaum, Andrew S.},\n\tmonth = oct,\n\tyear = {2013},\n\tnote = {Best Student Paper Award},\n\tkeywords = {class\\_updating, state\\_diffing, type\\_award, type\\_conf, type\\_csec, type\\_mscthesis, type\\_paper, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Practical Automated Vulnerability Monitoring Using Program State Invariants.\n \n \n \n \n\n\n \n Giuffrida, C.; Cavallaro, L.; and Tanenbaum, A. S.\n\n\n \n\n\n\n In DSN, October 2013. \n \n\n\n\n
\n\n\n\n \n \n $\"Practical$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{giuffrida_practical_2013,\n\ttitle = {Practical {Automated} {Vulnerability} {Monitoring} {Using} {Program} {State} {Invariants}},\n\turl = {http://www.cs.vu.nl/~giuffrida/papers/dsn-2013.pdf},\n\tbooktitle = {{DSN}},\n\tauthor = {Giuffrida, Cristiano and Cavallaro, Lorenzo and Tanenbaum, Andrew S.},\n\tmonth = oct,\n\tyear = {2013},\n\tkeywords = {Instruments, Libraries, Monitoring, Production, Program State Invariants, Runtime, Systems Security, Vulnerability Analysis, class\\_invariants, class\\_testing, memory errors, memory management, security, type\\_conf, type\\_paper, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Highly Resilient Peer-to-Peer Botnets Are Here: An Analysis of Gameover Zeus.\n \n \n \n \n\n\n \n Andriesse, D.; Rossow, C.; Stone-Gross, B.; Plohmann, D.; and Bos, H.\n\n\n \n\n\n\n In MALWARE, September 2013. \n \n\n\n\n
\n\n\n\n \n \n $\"Highly$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 2 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{andriesse_highly_2013,\n\ttitle = {Highly {Resilient} {Peer}-to-{Peer} {Botnets} {Are} {Here}: {An} {Analysis} of {Gameover} {Zeus}},\n\turl = {http://www.cs.vu.nl/%7Eherbertb/papers/zeus_malware13.pdf},\n\tbooktitle = {{MALWARE}},\n\tauthor = {Andriesse, Dennis and Rossow, Christian and Stone-Gross, Brett and Plohmann, Daniel and Bos, Herbert},\n\tmonth = sep,\n\tyear = {2013},\n\tkeywords = {botnets, class\\_malware, type\\_conf, type\\_csec, type\\_mscthesis, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n MemPick: Data Structure Detection in C/C++ Binaries.\n \n \n \n \n\n\n \n Haller, I.; Slowinska, A.; and Bos, H.\n\n\n \n\n\n\n In WCRE, September 2013. \n \n\n\n\n
\n\n\n\n \n \n $\"MemPick:$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 1 download\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{haller_mempick_2013,\n\ttitle = {{MemPick}: {Data} {Structure} {Detection} in {C}/{C}++ {Binaries}},\n\turl = {http://www.cs.vu.nl/%7Eherbertb/papers/mempick_wcre13.pdf},\n\tbooktitle = {{WCRE}},\n\tauthor = {Haller, Istvan and Slowinska, Asia and Bos, Herbert},\n\tmonth = sep,\n\tyear = {2013},\n\tkeywords = {class\\_binary, type\\_conf, type\\_csec, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Unprivileged Black-Box Detection of User-Space Keyloggers.\n \n \n \n \n\n\n \n Ortolani, S.; Giuffrida, C.; and Crispo, B.\n\n\n \n\n\n\n TDSC, 10(1). September 2013.\n \n\n\n\n
\n\n\n\n \n \n $\"Unprivileged$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@article{ortolani_unprivileged_2013,\n\ttitle = {Unprivileged {Black}-{Box} {Detection} of {User}-{Space} {Keyloggers}},\n\tvolume = {10},\n\turl = {http://www.cs.vu.nl/~giuffrida/papers/tdsc-2013.pdf},\n\tnumber = {1},\n\tjournal = {TDSC},\n\tauthor = {Ortolani, Stefano and Giuffrida, Cristiano and Crispo, Bruno},\n\tmonth = sep,\n\tyear = {2013},\n\tkeywords = {Correlation, Keyboards, Monitoring, PCC, black-box, class\\_malware, invasive software, kernel, keylogger, robustness, security, type\\_journal, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Techniques for Efficient In-Memory Checkpointing.\n \n \n \n \n\n\n \n Vogt, D.; Giuffrida, C.; Bos, H.; and Tanenbaum, A. S.\n\n\n \n\n\n\n In HotDep, September 2013. \n \n\n\n\n
\n\n\n\n \n \n $\"Techniques$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 1 download\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{vogt_techniques_2013,\n\ttitle = {Techniques for {Efficient} {In}-{Memory} {Checkpointing}},\n\turl = {http://www.cs.vu.nl/~giuffrida/papers/hotdep-2013.pdf},\n\tbooktitle = {{HotDep}},\n\tauthor = {Vogt, Dirk and Giuffrida, Cristiano and Bos, Herbert and Tanenbaum, Andrew S.},\n\tmonth = sep,\n\tyear = {2013},\n\tkeywords = {class\\_reliability, type\\_paper, type\\_workshop},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n EDFI: A Dependable Fault Injection Tool for Dependability Benchmarking Experiments.\n \n \n \n \n\n\n \n Giuffrida, C.; Kuijsten, A.; and Tanenbaum, A. S.\n\n\n \n\n\n\n In PRDC, September 2013. \n \n\n\n\n
\n\n\n\n \n \n $\"EDFI:$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{giuffrida_edfi_2013,\n\ttitle = {{EDFI}: {A} {Dependable} {Fault} {Injection} {Tool} for {Dependability} {Benchmarking} {Experiments}},\n\turl = {http://www.cs.vu.nl/~giuffrida/papers/prdc-2013.pdf},\n\tbooktitle = {{PRDC}},\n\tauthor = {Giuffrida, Cristiano and Kuijsten, Anton and Tanenbaum, Andrew S.},\n\tmonth = sep,\n\tyear = {2013},\n\tkeywords = {Operating systems, automatic updates, class\\_fi, class\\_testing, live update, llvm, state checking, state transfer, type\\_conf, type\\_paper, update safety},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Who Allocated My Memory? Detecting Custom Memory Allocators in C Binaries.\n \n \n \n \n\n\n \n Chen, X.; Slowinska, A.; and Bos, H.\n\n\n \n\n\n\n In WCRE, September 2013. \n Best Paper Award\n\n\n\n
\n\n\n\n \n \n $\"Who$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{chen_who_2013,\n\ttitle = {Who {Allocated} {My} {Memory}? {Detecting} {Custom} {Memory} {Allocators} in {C} {Binaries}},\n\turl = {http://www.cs.vu.nl/~herbertb/papers/membrush_wcre13.pdf},\n\tbooktitle = {{WCRE}},\n\tauthor = {Chen, Xi and Slowinska, Asia and Bos, Herbert},\n\tmonth = sep,\n\tyear = {2013},\n\tnote = {Best Paper Award},\n\tkeywords = {class\\_reveng, type\\_award, type\\_conf, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n\n\n\n

\n\n

\n \n 2012\n \n \n (8)\n \n \n

\n \n \n

\n \n\n \n \n \n \n \n \n Prudent Practices for Designing Malware Experiments: Status Quo and Outlook.\n \n \n \n \n\n\n \n Rossow, C.; Dietrich, C. J.; Grier, C.; Kreibich†, C.; Paxson†, V.; Pohlmann, N.; Bos, H.; and Steen, M. v.\n\n\n \n\n\n\n In S&P, December 2012. \n \n\n\n\n
\n\n\n\n \n \n $\"Prudent$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 2 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{rossow_prudent_2012,\n\ttitle = {Prudent {Practices} for {Designing} {Malware} {Experiments}: {Status} {Quo} and {Outlook}},\n\turl = {http://www.icsi.berkeley.edu/pubs/networking/ICSI_prudentpracticesfor12.pdf},\n\tbooktitle = {S\\&{P}},\n\tauthor = {Rossow, Christian and Dietrich, Christian J. and Grier, Chris and Kreibich†, Christian and Paxson†, Vern and Pohlmann, Norbert and Bos, Herbert and Steen, Maarten van},\n\tmonth = dec,\n\tyear = {2012},\n\tkeywords = {class\\_malware, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Enhanced Operating System Security Through Efficient and Fine-grained Address Space Randomization.\n \n \n \n \n\n\n \n Giuffrida, C.; Kuijsten, A.; and Tanenbaum, A. S.\n\n\n \n\n\n\n In USENIX Security, December 2012. \n \n\n\n\n
\n\n\n\n \n \n $\"Enhanced$ Paper\n \n \n \n $\"Enhanced$ Code\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 4 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{giuffrida_enhanced_2012,\n\ttitle = {Enhanced {Operating} {System} {Security} {Through} {Efficient} and {Fine}-grained {Address} {Space} {Randomization}},\n\turl = {Paper=http://www.cs.vu.nl/~giuffrida/papers/usenixsec-2012.pdf Code=https://github.com/Stichting-MINIX-Research-Foundation},\n\tbooktitle = {{USENIX} {Security}},\n\tauthor = {Giuffrida, Cristiano and Kuijsten, Anton and Tanenbaum, Andrew S.},\n\tmonth = dec,\n\tyear = {2012},\n\tkeywords = {class\\_rand, class\\_updating, type\\_conf, type\\_mscthesis, type\\_paper, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Body Armor for Binaries: Preventing Buffer Overflows Without Recompilation.\n \n \n \n \n\n\n \n Slowinska, A.; Stancescu, T.; and Bos, H.\n\n\n \n\n\n\n In USENIX ATC, November 2012. \n \n\n\n\n
\n\n\n\n \n \n $\"Body$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 12 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{slowinska_body_2012,\n\ttitle = {Body {Armor} for {Binaries}: {Preventing} {Buffer} {Overflows} {Without} {Recompilation}},\n\turl = {https://www.usenix.org/system/files/conference/atc12/atc12-final44.pdf},\n\tbooktitle = {{USENIX} {ATC}},\n\tauthor = {Slowinska, Asia and Stancescu, Traian and Bos, Herbert},\n\tmonth = nov,\n\tyear = {2012},\n\tkeywords = {class\\_armor, type\\_conf, type\\_csec, type\\_mscthesis, type\\_paper, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Memory Errors: The Past, the Present, and the Future.\n \n \n \n \n\n\n \n van der Veen, V.; Dutt-Sharma, N.; Cavallaro, L.; and Bos, H.\n\n\n \n\n\n\n In RAID, October 2012. \n \n\n\n\n
\n\n\n\n \n \n $\"Memory$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 4 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{van_der_veen_memory_2012,\n\ttitle = {Memory {Errors}: {The} {Past}, the {Present}, and the {Future}},\n\turl = {http://www.few.vu.nl/~herbertb/papers/memerrors_raid12.pdf},\n\tbooktitle = {{RAID}},\n\tauthor = {van der Veen, Victor and Dutt-Sharma, Nitish and Cavallaro, Lorenzo and Bos, Herbert},\n\tmonth = oct,\n\tyear = {2012},\n\tkeywords = {class\\_binary, type\\_conf, type\\_paper, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Keep Net Working - On a Dependable and Fast Networking Stack.\n \n \n \n \n\n\n \n Hruby, T.; Vogt, D.; Bos, H.; and Tanenbaum, A. S.\n\n\n \n\n\n\n In DSN, October 2012. \n \n\n\n\n
\n\n\n\n \n \n $\"Keep$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 3 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{hruby_keep_2012,\n\ttitle = {Keep {Net} {Working} - {On} a {Dependable} and {Fast} {Networking} {Stack}},\n\turl = {http://www.few.vu.nl/~herbertb/papers/dsn2012.pdf},\n\tbooktitle = {{DSN}},\n\tauthor = {Hruby, Tomas and Vogt, Dirk and Bos, Herbert and Tanenbaum, Andrew S.},\n\tmonth = oct,\n\tyear = {2012},\n\tkeywords = {class\\_network, class\\_reliability, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Safe and Automated State Transfer for Secure and Reliable Live Update.\n \n \n \n \n\n\n \n Giuffrida, C.; and Tanenbaum, A. S.\n\n\n \n\n\n\n In HotSwUp, September 2012. \n \n\n\n\n
\n\n\n\n \n \n $\"Safe$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 1 download\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{giuffrida_safe_2012,\n\ttitle = {Safe and {Automated} {State} {Transfer} for {Secure} and {Reliable} {Live} {Update}},\n\turl = {http://www.cs.vu.nl/~giuffrida/papers/hotswup-2012.pdf},\n\tbooktitle = {{HotSwUp}},\n\tauthor = {Giuffrida, Cristiano and Tanenbaum, Andrew S.},\n\tmonth = sep,\n\tyear = {2012},\n\tkeywords = {C language, C program, Instruments, Libraries, Resource management, Runtime, automated state transfer, class\\_updating, complex state change, complex state transformation, configuration management, live update reliability, live update security, live update system, program state annotation, program version, programming effort, reliability, safe state transfer, security, security of data, software, software reliability, standard C idiom, structural state change, type\\_paper, type\\_workshop},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n System-level Support for Intrusion Recovery.\n \n \n \n \n\n\n \n Bacs, A.; Vermeulen, R.; Slowinska, A.; and Bos, H.\n\n\n \n\n\n\n In DIMVA, September 2012. \n \n\n\n\n
\n\n\n\n \n \n $\"System-level$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 5 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{bacs_system-level_2012,\n\ttitle = {System-level {Support} for {Intrusion} {Recovery}},\n\turl = {http://www.few.vu.nl/~herbertb/papers/diskduster_dimva12.pdf},\n\tbooktitle = {{DIMVA}},\n\tauthor = {Bacs, Andrei and Vermeulen, Remco and Slowinska, Asia and Bos, Herbert},\n\tmonth = sep,\n\tyear = {2012},\n\tkeywords = {class\\_malware, type\\_conf, type\\_csec, type\\_mscthesis, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Memoirs of a Browser: A Cross-browser Detection Model for Privacy-breaching Extensions.\n \n \n \n \n\n\n \n Giuffrida, C.; Ortolani, S.; and Crispo, B.\n\n\n \n\n\n\n In ASIACCS, September 2012. \n \n\n\n\n
\n\n\n\n \n \n $\"Memoirs$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 1 download\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{giuffrida_memoirs_2012,\n\ttitle = {Memoirs of a {Browser}: {A} {Cross}-browser {Detection} {Model} for {Privacy}-breaching {Extensions}},\n\tshorttitle = {Memoirs of a browser},\n\turl = {http://www.cs.vu.nl/~giuffrida/papers/asiaccs-2012.pdf},\n\tbooktitle = {{ASIACCS}},\n\tauthor = {Giuffrida, Cristiano and Ortolani, Stefano and Crispo, Bruno},\n\tmonth = sep,\n\tyear = {2012},\n\tkeywords = {class\\_malware, type\\_conf, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n\n\n\n

\n\n

\n \n 2011\n \n \n (6)\n \n \n

\n \n \n

\n \n\n \n \n \n \n \n \n Application-Tailored I/O with Streamline.\n \n \n \n \n\n\n \n de Bruijn, W.; Bos, H.; and Bal, H.\n\n\n \n\n\n\n TOCS, 29(2): 6:1–6:33. December 2011.\n \n\n\n\n
\n\n\n\n \n \n $\"Application-Tailored$ Paper\n \n \n \n $\"Application-Tailored$ Web\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 1 download\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@article{de_bruijn_application-tailored_2011,\n\ttitle = {Application-{Tailored} {I}/{O} with {Streamline}},\n\tvolume = {29},\n\turl = {Paper=http://www.cs.vu.nl/~herbertb/projects/streamline/papers/streamline-tocs-2011.pdf Web=https://www.cs.vu.nl/~herbertb/projects/streamline},\n\tnumber = {2},\n\tjournal = {TOCS},\n\tauthor = {de Bruijn, Willem and Bos, Herbert and Bal, Henri},\n\tmonth = dec,\n\tyear = {2011},\n\tkeywords = {I/O buffering, class\\_network, streams and filters, type\\_journal, type\\_paper, type\\_top, zero-copy},\n\tpages = {6:1--6:33},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Howard: A Dynamic Excavator for Reverse Engineering Data Structures.\n \n \n \n \n\n\n \n Slowinska, A.; Stancescu, T.; and Bos, H.\n\n\n \n\n\n\n In NDSS, November 2011. \n \n\n\n\n
\n\n\n\n \n \n $\"Howard:$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 12 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{slowinska_howard_2011,\n\ttitle = {Howard: {A} {Dynamic} {Excavator} for {Reverse} {Engineering} {Data} {Structures}},\n\turl = {http://www.cs.vu.nl/~herbertb/papers/dde_ndss11-preprint.pdf},\n\tbooktitle = {{NDSS}},\n\tauthor = {Slowinska, Asia and Stancescu, Traian and Bos, Herbert},\n\tmonth = nov,\n\tyear = {2011},\n\tkeywords = {class\\_reveng, type\\_conf, type\\_csec, type\\_paper, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Minemu: The World's Fastest Taint Tracker.\n \n \n \n \n\n\n \n Bosman, E.; Slowinska, A.; and Bos, H.\n\n\n \n\n\n\n In RAID, October 2011. \n \n\n\n\n
\n\n\n\n \n \n $\"Minemu:$ Paper\n \n \n \n $\"Minemu:$ Web\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 18 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{bosman_minemu_2011,\n\ttitle = {Minemu: {The} {World}'s {Fastest} {Taint} {Tracker}},\n\turl = {Paper=http://www.few.vu.nl/~herbertb/papers/minemu_raid11.pdf Web=https://minemu.org},\n\tbooktitle = {{RAID}},\n\tauthor = {Bosman, Erik and Slowinska, Asia and Bos, Herbert},\n\tmonth = oct,\n\tyear = {2011},\n\tkeywords = {class\\_binary, type\\_conf, type\\_csec, type\\_mscthesis, type\\_paper, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n KLIMAX: Profiling Memory Write Patterns to Detect Keystroke-harvesting Malware.\n \n \n \n \n\n\n \n Ortolani, S.; Giuffrida, C.; and Crispo, B.\n\n\n \n\n\n\n In RAID, October 2011. \n \n\n\n\n
\n\n\n\n \n \n $\"KLIMAX:$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{ortolani_klimax_2011,\n\ttitle = {{KLIMAX}: {Profiling} {Memory} {Write} {Patterns} to {Detect} {Keystroke}-harvesting {Malware}},\n\tshorttitle = {{KLIMAX}},\n\turl = {http://www.cs.vu.nl/~giuffrida/papers/raid-2011.pdf},\n\tbooktitle = {{RAID}},\n\tauthor = {Ortolani, Stefano and Giuffrida, Cristiano and Crispo, Bruno},\n\tmonth = oct,\n\tyear = {2011},\n\tkeywords = {behavior, class\\_malware, detection, keylogging, malware, memory, type\\_conf, type\\_paper, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n A Heuristic Approach to Author Name Disambiguation in Bibliometrics Databases for Large-scale Research Assessments.\n \n \n \n \n\n\n \n D'Angelo, C. A.; Giuffrida, C.; and Abramo, G.\n\n\n \n\n\n\n JASIST, 62(2). September 2011.\n \n\n\n\n
\n\n\n\n \n \n $\"A$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@article{dangelo_heuristic_2011,\n\ttitle = {A {Heuristic} {Approach} to {Author} {Name} {Disambiguation} in {Bibliometrics} {Databases} for {Large}-scale {Research} {Assessments}},\n\tvolume = {62},\n\turl = {https://arxiv.org/ftp/arxiv/papers/1812/1812.08538.pdf},\n\tnumber = {2},\n\tjournal = {JASIST},\n\tauthor = {D'Angelo, Ciriaco Andrea and Giuffrida, Cristiano and Abramo, Giovanni},\n\tmonth = sep,\n\tyear = {2011},\n\tkeywords = {authors, disambiguation, heuristics, proper names, scholars, type\\_journal, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n On Botnets that Use DNS for Command and Control.\n \n \n \n \n\n\n \n Dietrich, C. J.; Rossow, C.; Freiling, F. C.; Bos, H.; Steen, M. v.; and Pohlmann, N.\n\n\n \n\n\n\n In EC2ND, September 2011. \n \n\n\n\n
\n\n\n\n \n \n $\"On$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{dietrich_botnets_2011,\n\ttitle = {On {Botnets} that {Use} {DNS} for {Command} and {Control}},\n\turl = {http://norbert-pohlmann.com/app/uploads/2015/08/279-On-Botnets-that-use-DNS-for-Command-and-Control-Prof-Norbert-Pohlmann.pdf},\n\tbooktitle = {{EC2ND}},\n\tauthor = {Dietrich, Christian J. and Rossow, Christian and Freiling, Felix C. and Bos, Herbert and Steen, Maarten van and Pohlmann, Norbert},\n\tmonth = sep,\n\tyear = {2011},\n\tkeywords = {class\\_malware, type\\_conf, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n\n\n\n

\n\n

\n \n 2010\n \n \n (8)\n \n \n

\n \n \n

\n \n\n \n \n \n \n \n \n Paranoid Android: Versatile Protection For Smartphones.\n \n \n \n \n\n\n \n Portokalidis, G.; Homburg, P.; Anagnostakis, K.; and Bos, H.\n\n\n \n\n\n\n In ACSAC, October 2010. \n \n\n\n\n
\n\n\n\n \n \n $\"Paranoid$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 1 download\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{portokalidis_paranoid_2010,\n\ttitle = {Paranoid {Android}: {Versatile} {Protection} {For} {Smartphones}},\n\turl = {http://nsl.cs.columbia.edu/papers/2010/paranoidandroid.acsac10.pdf},\n\tbooktitle = {{ACSAC}},\n\tauthor = {Portokalidis, Georgios and Homburg, Philip and Anagnostakis, Kostas and Bos, Herbert},\n\tmonth = oct,\n\tyear = {2010},\n\tkeywords = {class\\_mobile, type\\_conf, type\\_paper, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Bait Your Hook: A Novel Detection Technique for Keyloggers.\n \n \n \n \n\n\n \n Ortolani, S.; Giuffrida, C.; and Crispo, B.\n\n\n \n\n\n\n In RAID, October 2010. \n \n\n\n\n
\n\n\n\n \n \n $\"Bait$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 1 download\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{ortolani_bait_2010,\n\ttitle = {Bait {Your} {Hook}: {A} {Novel} {Detection} {Technique} for {Keyloggers}},\n\tshorttitle = {Bait your hook},\n\turl = {http://www.cs.vu.nl/~giuffrida/papers/raid-2010.pdf},\n\tbooktitle = {{RAID}},\n\tauthor = {Ortolani, Stefano and Giuffrida, Cristiano and Crispo, Bruno},\n\tmonth = oct,\n\tyear = {2010},\n\tkeywords = {black-box, class\\_malware, detection, keylogger, malware, type\\_conf, type\\_paper, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n DDE: Dynamic Data Structure Excavation.\n \n \n \n \n\n\n \n Slowinska, A.; Stancescu, T.; and Bos, H.\n\n\n \n\n\n\n In APSYS, September 2010. \n \n\n\n\n
\n\n\n\n \n \n $\"DDE:$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{slowinska_dde_2010,\n\ttitle = {{DDE}: {Dynamic} {Data} {Structure} {Excavation}},\n\turl = {http://www.few.vu.nl/~asia/papers/dde_apsys10.pdf},\n\tbooktitle = {{APSYS}},\n\tauthor = {Slowinska, Asia and Stancescu, Traian and Bos, Herbert},\n\tmonth = sep,\n\tyear = {2010},\n\tkeywords = {class\\_binary, class\\_reveng, type\\_csec, type\\_paper, type\\_workshop},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Pointer Tainting Still Pointless: (But We All See the Point of Tainting).\n \n \n \n \n\n\n \n Slowinska, A.; and Bos, H.\n\n\n \n\n\n\n OSR, 44(3): 88–92. September 2010.\n \n\n\n\n
\n\n\n\n \n \n $\"Pointer$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 1 download\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n\n\n\n

@article{slowinska_pointer_2010,\n\ttitle = {Pointer {Tainting} {Still} {Pointless}: ({But} {We} {All} {See} the {Point} of {Tainting})},\n\tvolume = {44},\n\turl = {http://slowinska.asia/papers/ptaint_osr10.pdf},\n\tnumber = {3},\n\tjournal = {OSR},\n\tauthor = {Slowinska, Asia and Bos, Herbert},\n\tmonth = sep,\n\tyear = {2010},\n\tkeywords = {class\\_binary, type\\_journal, type\\_paper},\n\tpages = {88--92},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n We Crashed, Now What?.\n \n \n \n \n\n\n \n Giuffrida, C.; Cavallaro, L.; and Tanenbaum, A. S\n\n\n \n\n\n\n In HotDep, September 2010. \n \n\n\n\n
\n\n\n\n \n \n $\"We$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{giuffrida_we_2010,\n\ttitle = {We {Crashed}, {Now} {What}?},\n\turl = {http://www.cs.vu.nl/~giuffrida/papers/hotdep-2010.pdf},\n\tbooktitle = {{HotDep}},\n\tauthor = {Giuffrida, Cristiano and Cavallaro, Lorenzo and Tanenbaum, Andrew S},\n\tmonth = sep,\n\tyear = {2010},\n\tkeywords = {class\\_reliability, crash recovery, type\\_paper, type\\_workshop},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n A Gossip-based Churn Estimator for Large Dynamic Networks.\n \n \n \n \n\n\n \n Giuffrida, C.; and Ortolani, S.\n\n\n \n\n\n\n In ASCI, August 2010. \n \n\n\n\n
\n\n\n\n \n \n $\"A$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n\n\n\n

@inproceedings{giuffrida_gossip-based_2010,\n\ttitle = {A {Gossip}-based {Churn} {Estimator} for {Large} {Dynamic} {Networks}},\n\turl = {http://www.cs.vu.nl/~giuffrida/papers/asci-2010-2.pdf},\n\tbooktitle = {{ASCI}},\n\tauthor = {Giuffrida, Cristiano and Ortolani, Stefano},\n\tmonth = aug,\n\tyear = {2010},\n\tkeywords = {type\\_conf, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n A Taxonomy of Live Updates.\n \n \n \n \n\n\n \n Giuffrida, C.; and Tanenbaum, A. S.\n\n\n \n\n\n\n In ASCI, August 2010. \n \n\n\n\n
\n\n\n\n \n \n $\"A$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 3 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{giuffrida_taxonomy_2010,\n\ttitle = {A {Taxonomy} of {Live} {Updates}},\n\turl = {http://www.cs.vu.nl/~giuffrida/papers/asci-2010.pdf},\n\tbooktitle = {{ASCI}},\n\tauthor = {Giuffrida, Cristiano and Tanenbaum, Andrew S.},\n\tmonth = aug,\n\tyear = {2010},\n\tkeywords = {class\\_updating, type\\_conf, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n MINIX 3: Status Report and Current Research.\n \n \n \n \n\n\n \n Tanenbaum, A. S.; Appuswamy, R.; Bos, H.; Cavallaro, L.; Giuffrida, C.; Hrubỳ, T.; Herder, J.; and van der Kouwe, E.\n\n\n \n\n\n\n ;login, 35(3). June 2010.\n \n\n\n\n
\n\n\n\n \n \n $\"MINIX$ Paper\n \n \n \n $\"MINIX$ Web\n \n \n \n $\"MINIX$ Code\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 2 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n\n\n\n

@article{tanenbaum_minix_2010,\n\ttitle = {{MINIX} 3: {Status} {Report} and {Current} {Research}},\n\tvolume = {35},\n\turl = {Paper=http://www.cs.vu.nl/~giuffrida/papers/login-2010.pdf Web=http://www.minix3.org Code=https://github.com/Stichting-MINIX-Research-Foundation},\n\tnumber = {3},\n\tjournal = {;login},\n\tauthor = {Tanenbaum, Andrew S. and Appuswamy, Raja and Bos, Herbert and Cavallaro, Lorenzo and Giuffrida, Cristiano and Hrubỳ, Tomáš and Herder, Jorrit and van der Kouwe, Erik},\n\tmonth = jun,\n\tyear = {2010},\n\tkeywords = {class\\_reliability, type\\_mag, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n\n\n\n

\n\n

\n \n 2009\n \n \n (5)\n \n \n

\n \n \n

\n \n\n \n \n \n \n \n \n Pointless Tainting? Evaluating the Practicality of Pointer Tainting.\n \n \n \n \n\n\n \n Slowinska, A.; and Bos, H.\n\n\n \n\n\n\n In EuroSys, December 2009. \n \n\n\n\n
\n\n\n\n \n \n $\"Pointless$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{slowinska_pointless_2009,\n\ttitle = {Pointless {Tainting}? {Evaluating} the {Practicality} of {Pointer} {Tainting}},\n\turl = {http://www.cs.vu.nl/~herbertb/papers/pointless_eurosys09.pdf},\n\tbooktitle = {{EuroSys}},\n\tauthor = {Slowinska, Asia and Bos, Herbert},\n\tmonth = dec,\n\tyear = {2009},\n\tkeywords = {class\\_binary, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Fault Isolation for Device Drivers.\n \n \n \n \n\n\n \n Herder, J. N.; Bos, H.; Gras, B.; Homburg, P.; and Tanenbaum, A. S.\n\n\n \n\n\n\n In DSN, October 2009. \n \n\n\n\n
\n\n\n\n \n \n $\"Fault$ Paper\n \n \n \n $\"Fault$ Web\n \n \n \n $\"Fault$ Code\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{herder_fault_2009,\n\ttitle = {Fault {Isolation} for {Device} {Drivers}},\n\turl = {Paper=http://www.cs.vu.nl/~herbertb/papers/minix3_dsn09.pdf Web=http://www.minix3.org Code=https://github.com/Stichting-MINIX-Research-Foundation},\n\tbooktitle = {{DSN}},\n\tauthor = {Herder, Jorrit N. and Bos, Herbert and Gras, Ben and Homburg, Philip and Tanenbaum, Andrew S.},\n\tmonth = oct,\n\tyear = {2009},\n\tkeywords = {class\\_reliability, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Mapping and Synchronizing Streaming Applications on Cell Processors.\n \n \n \n \n\n\n \n Nijhuis, M.; Bos, H.; Bal, H.; and Augonnet, C.\n\n\n \n\n\n\n In HiPEAC, September 2009. \n \n\n\n\n
\n\n\n\n \n \n $\"Mapping$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{nijhuis_mapping_2009,\n\ttitle = {Mapping and {Synchronizing} {Streaming} {Applications} on {Cell} {Processors}},\n\turl = {http://www.cs.vu.nl/~herbertb/papers/cell_hipeac09.pdf},\n\tbooktitle = {{HiPEAC}},\n\tauthor = {Nijhuis, Maik and Bos, Herbert and Bal, Henri and Augonnet, Cedric},\n\tmonth = sep,\n\tyear = {2009},\n\tkeywords = {class\\_network, type\\_conf, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Cooperative Update: A New Model for Dependable Live Update.\n \n \n \n \n\n\n \n Giuffrida, C.; and Tanenbaum, A. S.\n\n\n \n\n\n\n In HotSwUp, September 2009. \n \n\n\n\n
\n\n\n\n \n \n $\"Cooperative$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{giuffrida_cooperative_2009,\n\ttitle = {Cooperative {Update}: {A} {New} {Model} for {Dependable} {Live} {Update}},\n\turl = {http://www.cs.vu.nl/~giuffrida/papers/hotswup-2009.pdf},\n\tbooktitle = {{HotSwUp}},\n\tauthor = {Giuffrida, Cristiano and Tanenbaum, Andrew S.},\n\tmonth = sep,\n\tyear = {2009},\n\tkeywords = {class\\_updating, dependability, dsu, live update, maintenance, type\\_paper, type\\_workshop, update validity},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n CacheCard: A Transparent Cache for Static and Dynamic Content on the NIC.\n \n \n \n \n\n\n \n Bos, H.; and Huang, K.\n\n\n \n\n\n\n In ANCS, September 2009. \n \n\n\n\n
\n\n\n\n \n \n $\"CacheCard:$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{bos_cachecard_2009,\n\ttitle = {{CacheCard}: {A} {Transparent} {Cache} for {Static} and {Dynamic} {Content} on the {NIC}},\n\turl = {http://www.cs.vu.nl/~herbertb/papers/cachecard_ancs09.pdf},\n\tbooktitle = {{ANCS}},\n\tauthor = {Bos, Herbert and Huang, Kaiming},\n\tmonth = sep,\n\tyear = {2009},\n\tkeywords = {class\\_network, type\\_conf, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n\n\n\n

\n\n

\n \n 2008\n \n \n (7)\n \n \n

\n \n \n

\n \n\n \n \n \n \n \n \n Eudaemon: Involuntary and On-Demand Emulation Against Zero-Day Exploits.\n \n \n \n \n\n\n \n Portokalidis, G.; and Bos, H.\n\n\n \n\n\n\n In EuroSys, December 2008. \n \n\n\n\n
\n\n\n\n \n \n $\"Eudaemon:$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 2 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{portokalidis_eudaemon_2008,\n\ttitle = {Eudaemon: {Involuntary} and {On}-{Demand} {Emulation} {Against} {Zero}-{Day} {Exploits}},\n\turl = {http://www.cs.vu.nl/~herbertb/papers/eudaemon_eurosys08.pdf},\n\tbooktitle = {{EuroSys}},\n\tauthor = {Portokalidis, Georgios and Bos, Herbert},\n\tmonth = dec,\n\tyear = {2008},\n\tkeywords = {class\\_binary, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Beltway Buffers: Avoiding the OS Traffic Jam.\n \n \n \n \n\n\n \n Bruijn, W. d.; and Bos, H.\n\n\n \n\n\n\n In INFOCOM, November 2008. \n \n\n\n\n
\n\n\n\n \n \n $\"Beltway$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{bruijn_beltway_2008,\n\ttitle = {Beltway {Buffers}: {Avoiding} the {OS} {Traffic} {Jam}},\n\turl = {http://www.cs.vu.nl/~herbertb/papers/beltway_infocom08.pdf},\n\tbooktitle = {{INFOCOM}},\n\tauthor = {Bruijn, Willem de and Bos, Herbert},\n\tmonth = nov,\n\tyear = {2008},\n\tkeywords = {class\\_network, class\\_os, type\\_conf, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n PipesFS: Fast Linux I/O in the Unix Tradition.\n \n \n \n \n\n\n \n Bruijn, W. d.; and Bos, H.\n\n\n \n\n\n\n OSR. September 2008.\n \n\n\n\n
\n\n\n\n \n \n $\"PipesFS:$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n\n\n\n

@article{bruijn_pipesfs_2008,\n\ttitle = {{PipesFS}: {Fast} {Linux} {I}/{O} in the {Unix} {Tradition}},\n\tissn = {0163-5980},\n\turl = {http://www.cs.vu.nl/~herbertb/projects/streamline/papers/pipesfs-osreview2008.pdf},\n\tjournal = {OSR},\n\tauthor = {Bruijn, Willem de and Bos, Herbert},\n\tmonth = sep,\n\tyear = {2008},\n\tkeywords = {class\\_network, type\\_journal, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Countering IPC Threats in Multiserver Operating Systems.\n \n \n \n \n\n\n \n Herder, J.; Bos, H.; Homburg, P.; Gras, B.; and Tanenbaum, A. S.\n\n\n \n\n\n\n In PRDC, September 2008. \n \n\n\n\n
\n\n\n\n \n \n $\"Countering$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{herder_countering_2008,\n\ttitle = {Countering {IPC} {Threats} in {Multiserver} {Operating} {Systems}},\n\turl = {http://cs.vu.nl/~ast/Publications/Papers/prdc-2008.pdf},\n\tbooktitle = {{PRDC}},\n\tauthor = {Herder, Jorrit and Bos, Herbert and Homburg, Philip and Gras, Ben and Tanenbaum, Andrew S.},\n\tmonth = sep,\n\tyear = {2008},\n\tkeywords = {class\\_reliability, type\\_conf, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Future Threats to Future Trust.\n \n \n \n \n\n\n \n Bos, H.; Ioannidis, S.; Jonsson, E.; Kirda, E.; and Kruegel, C.\n\n\n \n\n\n\n In FTC, September 2008. \n \n\n\n\n
\n\n\n\n \n \n $\"Future$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n\n\n\n

@inproceedings{bos_future_2008,\n\ttitle = {Future {Threats} to {Future} {Trust}},\n\turl = {http://users.ics.forth.gr/~sotiris/publications/conference/29ftc2008.pdf},\n\tbooktitle = {{FTC}},\n\tauthor = {Bos, Herbert and Ioannidis, Sotiris and Jonsson, Erland and Kirda, Engin and Kruegel, Chris},\n\tmonth = sep,\n\tyear = {2008},\n\tkeywords = {type\\_conf, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Safe Execution of Untrusted Applications on Embedded Network Processors.\n \n \n \n \n\n\n \n Bos, H.; Samwel, B.; Cristea, M.; and Anagnostakis, K.\n\n\n \n\n\n\n IJES, 4(3). September 2008.\n \n\n\n\n
\n\n\n\n \n \n $\"Safe$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 1 download\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@article{bos_safe_2008,\n\ttitle = {Safe {Execution} of {Untrusted} {Applications} on {Embedded} {Network} {Processors}},\n\tvolume = {4},\n\turl = {http://www.cs.vu.nl/~herbertb/papers/ixpoke-2col.pdf},\n\tnumber = {3},\n\tjournal = {IJES},\n\tauthor = {Bos, Herbert and Samwel, Bart and Cristea, Mihai and Anagnostakis, Kostas},\n\tmonth = sep,\n\tyear = {2008},\n\tkeywords = {class\\_network, class\\_os, type\\_journal, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Model-T: Rethinking the OS for Terabit Speeds.\n \n \n \n \n\n\n \n Bruijn, W. d.; and Bos, H.\n\n\n \n\n\n\n In HSN, September 2008. \n \n\n\n\n
\n\n\n\n \n \n $\"Model-T:$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{bruijn_model-t_2008,\n\ttitle = {Model-{T}: {Rethinking} the {OS} for {Terabit} {Speeds}},\n\turl = {http://www.cs.vu.nl/~herbertb/projects/streamline/papers/debruijn-hsn2008-modelt.pdf},\n\tbooktitle = {{HSN}},\n\tauthor = {Bruijn, Willem de and Bos, Herbert},\n\tmonth = sep,\n\tyear = {2008},\n\tkeywords = {class\\_network, class\\_os, type\\_conf, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n\n\n\n

\n\n

\n \n 2007\n \n \n (8)\n \n \n

\n \n \n

\n \n\n \n \n \n \n \n \n Failure Resilience for Device Drivers.\n \n \n \n \n\n\n \n Herder, J. N.; Bos, H.; Gras, B.; Homburg, P.; and Tanenbaum, A. S.\n\n\n \n\n\n\n In DSN, October 2007. \n William C. Carter Award\n\n\n\n
\n\n\n\n \n \n $\"Failure$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 2 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{herder_failure_2007,\n\ttitle = {Failure {Resilience} for {Device} {Drivers}},\n\turl = {http://cs.vu.nl/~ast/Publications/Papers/dsn-2007.pdf},\n\tbooktitle = {{DSN}},\n\tauthor = {Herder, Jorrit N. and Bos, Herbert and Gras, Ben and Homburg, Philip and Tanenbaum, Andrew S.},\n\tmonth = oct,\n\tyear = {2007},\n\tnote = {William C. Carter Award},\n\tkeywords = {class\\_reliability, type\\_award, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n The Age of Data: Pinpointing Guilty Bytes in Polymorphic Buffer Overflows on Heap or Stack.\n \n \n \n \n\n\n \n Slowinska, A.; and Bos, H.\n\n\n \n\n\n\n In ACSAC, October 2007. \n \n\n\n\n
\n\n\n\n \n \n $\"The$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 1 download\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{slowinska_age_2007,\n\ttitle = {The {Age} of {Data}: {Pinpointing} {Guilty} {Bytes} in {Polymorphic} {Buffer} {Overflows} on {Heap} or {Stack}},\n\turl = {http://www.few.vu.nl/~asia/papers/prospector_acsac07.pdf},\n\tbooktitle = {{ACSAC}},\n\tauthor = {Slowinska, Asia and Bos, Herbert},\n\tmonth = oct,\n\tyear = {2007},\n\tkeywords = {class\\_provenance, class\\_reveng, type\\_conf, type\\_paper, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n SweetBait: Zero-Hour Worm Detection and Containment Using Low- and High-Interaction Honeypots.\n \n \n \n \n\n\n \n Portokalidis, G.; and Bos, H.\n\n\n \n\n\n\n Computer Networks, 51(5). September 2007.\n \n\n\n\n
\n\n\n\n \n \n $\"SweetBait:$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 1 download\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n\n\n\n

@article{portokalidis_sweetbait_2007,\n\ttitle = {{SweetBait}: {Zero}-{Hour} {Worm} {Detection} and {Containment} {Using} {Low}- and {High}-{Interaction} {Honeypots}},\n\tvolume = {51},\n\turl = {http://www.cs.vu.nl/~herbertb/papers/sweetbait_compnet2006_preprint.pdf},\n\tnumber = {5},\n\tjournal = {Computer Networks},\n\tauthor = {Portokalidis, Georgios and Bos, Herbert},\n\tmonth = sep,\n\tyear = {2007},\n\tkeywords = {class\\_binary, type\\_journal, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n A Component-Based Coordination Language for Efficient Reconfigurable Streaming Applications.\n \n \n \n \n\n\n \n Nijhuis, M.; Bos, H.; and Bal, H.\n\n\n \n\n\n\n In ICPP, September 2007. \n \n\n\n\n
\n\n\n\n \n \n $\"A$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{nijhuis_component-based_2007,\n\ttitle = {A {Component}-{Based} {Coordination} {Language} for {Efficient} {Reconfigurable} {Streaming} {Applications}},\n\turl = {http://www.ds.ewi.tudelft.nl/pubs/papers/icpp2007nijhuis.pdf},\n\tbooktitle = {{ICPP}},\n\tauthor = {Nijhuis, Maik and Bos, Herbert and Bal, Henri},\n\tmonth = sep,\n\tyear = {2007},\n\tkeywords = {class\\_network, type\\_conf, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n The Token Based Switch: Per-Packet Access Authorisation to Optical Shortcuts.\n \n \n \n \n\n\n \n Cristea, M.; Gommans, L.; Xu, L.; and Bos, H.\n\n\n \n\n\n\n In Networking, September 2007. \n \n\n\n\n
\n\n\n\n \n \n $\"The$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{cristea_token_2007,\n\ttitle = {The {Token} {Based} {Switch}: {Per}-{Packet} {Access} {Authorisation} to {Optical} {Shortcuts}},\n\turl = {http://opendl.ifip-tc6.org/db/conf/networking/networking2007/CristeaGXB07.pdf},\n\tbooktitle = {Networking},\n\tauthor = {Cristea, Mihai-Lucian and Gommans, Leon and Xu, Li and Bos, Herbert},\n\tmonth = sep,\n\tyear = {2007},\n\tkeywords = {class\\_network, type\\_conf, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Tales from the Crypt: Fingerprinting Attacks on Encrypted Channels by Way of Retainting.\n \n \n \n \n\n\n \n Valkering, M.; Slowinska, A.; and Bos, H.\n\n\n \n\n\n\n In EC2ND, September 2007. \n \n\n\n\n
\n\n\n\n \n \n $\"Tales$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{valkering_tales_2007,\n\ttitle = {Tales from the {Crypt}: {Fingerprinting} {Attacks} on {Encrypted} {Channels} by {Way} of {Retainting}},\n\turl = {http://www.cs.vu.nl/~herbertb/papers/hassle_ec2nd07_nice.pdf},\n\tbooktitle = {{EC2ND}},\n\tauthor = {Valkering, Michael and Slowinska, Asia and Bos, Herbert},\n\tmonth = sep,\n\tyear = {2007},\n\tkeywords = {class\\_malware, type\\_conf, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Ruler: Easy Packet Matching and Rewriting on Network Processors.\n \n \n \n \n\n\n \n Hruby, T.; Reeuwijk, K. v.; and Bos, H.\n\n\n \n\n\n\n In ANCS, September 2007. \n \n\n\n\n
\n\n\n\n \n \n $\"Ruler:$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 2 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{hruby_ruler_2007,\n\ttitle = {Ruler: {Easy} {Packet} {Matching} and {Rewriting} on {Network} {Processors}},\n\turl = {http://www.cs.vu.nl/~herbertb/papers/ruler_ancs07.pdf},\n\tbooktitle = {{ANCS}},\n\tauthor = {Hruby, Thomas and Reeuwijk, Kees van and Bos, Herbert},\n\tmonth = sep,\n\tyear = {2007},\n\tkeywords = {class\\_network, type\\_conf, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Roadmap to a Failure-Resilient Operating System.\n \n \n \n \n\n\n \n Herder, J.; Bos, H.; Gras, B.; Homburg, P.; and Tanenbaum, A. S.\n\n\n \n\n\n\n ;login, 32(1). August 2007.\n \n\n\n\n
\n\n\n\n \n \n $\"Roadmap$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n\n\n\n

@article{herder_roadmap_2007,\n\ttitle = {Roadmap to a {Failure}-{Resilient} {Operating} {System}},\n\tvolume = {32},\n\turl = {https://www.usenix.org/system/files/login/articles/618-herder.pdf},\n\tnumber = {1},\n\tjournal = {;login},\n\tauthor = {Herder, Jorrit and Bos, Herbert and Gras, Ben and Homburg, Philip and Tanenbaum, Andrew S.},\n\tmonth = aug,\n\tyear = {2007},\n\tkeywords = {class\\_reliability, type\\_mag, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n\n\n\n

\n\n

\n \n 2006\n \n \n (11)\n \n \n

\n \n \n

\n \n\n \n \n \n \n \n \n Argos: an Emulator for Fingerprinting Zero-Day Attacks.\n \n \n \n \n\n\n \n Portokalidis, G.; Slowinska, A.; and Bos, H.\n\n\n \n\n\n\n In EuroSys, December 2006. \n \n\n\n\n
\n\n\n\n \n \n $\"Argos:$ Paper\n \n \n \n $\"Argos:$ Web\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 6 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{portokalidis_argos_2006,\n\ttitle = {Argos: an {Emulator} for {Fingerprinting} {Zero}-{Day} {Attacks}},\n\turl = {Paper=http://www.cs.vu.nl/~herbertb/papers/argos_eurosys06.pdf Web=http://www.few.vu.nl/argos},\n\tbooktitle = {{EuroSys}},\n\tauthor = {Portokalidis, Georgios and Slowinska, Asia and Bos, Herbert},\n\tmonth = dec,\n\tyear = {2006},\n\tkeywords = {class\\_binary, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Supporting Reconfigurable Parallel Multimedia Applications.\n \n \n \n \n\n\n \n Nijhuis, M.; Bos, H.; and Bal, H. E.\n\n\n \n\n\n\n In EuroPar, October 2006. \n Distinguished Paper Award\n\n\n\n
\n\n\n\n \n \n $\"Supporting$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{nijhuis_supporting_2006,\n\ttitle = {Supporting {Reconfigurable} {Parallel} {Multimedia} {Applications}},\n\turl = {http://www.ds.ewi.tudelft.nl/pubs/papers/europar2006b.pdf},\n\tbooktitle = {{EuroPar}},\n\tauthor = {Nijhuis, Maik and Bos, Herbert and Bal, Henri E.},\n\tmonth = oct,\n\tyear = {2006},\n\tnote = {Distinguished Paper Award},\n\tkeywords = {class\\_network, type\\_award, type\\_conf, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Can We Make Operating Systems Reliable and Secure?.\n \n \n \n \n\n\n \n Andrew S. Tanenbaum, J. N. H.; and Bos, H.\n\n\n \n\n\n\n IEEE Computer, 39(4). October 2006.\n \n\n\n\n
\n\n\n\n \n \n $\"Can$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n\n\n\n

@article{andrew_s_tanenbaum_can_2006,\n\ttitle = {Can {We} {Make} {Operating} {Systems} {Reliable} and {Secure}?},\n\tvolume = {39},\n\turl = {http://www.cs.vu.nl/~ast/Publications/Papers/computer-2006a.pdf},\n\tnumber = {4},\n\tjournal = {IEEE Computer},\n\tauthor = {Andrew S. Tanenbaum, Jorrit N. Herder and Bos, Herbert},\n\tmonth = oct,\n\tyear = {2006},\n\tkeywords = {class\\_reliability, type\\_journal, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n SafeCard: A Gigabit IPS on the Network Card.\n \n \n \n \n\n\n \n Bruijn, W. d.; Slowinska, A.; Reeuwijk, K. v.; Hruby, T.; Xu, L.; and Bos, H.\n\n\n \n\n\n\n In RAID, October 2006. \n \n\n\n\n
\n\n\n\n \n \n $\"SafeCard:$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{bruijn_safecard_2006,\n\ttitle = {{SafeCard}: {A} {Gigabit} {IPS} on the {Network} {Card}},\n\turl = {http://few.vu.nl/~asia/papers/pdf_files/safecard_raid06.pdf},\n\tbooktitle = {{RAID}},\n\tauthor = {Bruijn, Willem de and Slowinska, Asia and Reeuwijk, Kees van and Hruby, Tomas and Xu, Li and Bos, Herbert},\n\tmonth = oct,\n\tyear = {2006},\n\tkeywords = {class\\_network, type\\_conf, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n SP@CE - An SP-based Programming Model for Consumer Electronics Streaming Applications.\n \n \n \n \n\n\n \n Varbanescu, A. L.; Nijhuis, M.; Gonzalez, A.; Escribano; Sips, H.; Bos, H.; and Ba, H.\n\n\n \n\n\n\n In LCPC, September 2006. \n \n\n\n\n
\n\n\n\n \n \n $\"SP@CE$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{varbanescu_spce_2006,\n\ttitle = {{SP}@{CE} - {An} {SP}-based {Programming} {Model} for {Consumer} {Electronics} {Streaming} {Applications}},\n\turl = {http://www.cs.vu.nl/~herbertb/papers/space_lcpc06.pdf},\n\tbooktitle = {{LCPC}},\n\tauthor = {Varbanescu, Ana Lucia and Nijhuis, Maik and Gonzalez, Arturo and {Escribano} and Sips, Henk and Bos, Herbert and Ba, Henri},\n\tmonth = sep,\n\tyear = {2006},\n\tkeywords = {class\\_network, type\\_conf, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Reorganizing UNIX for Reliability.\n \n \n \n \n\n\n \n Herder, J.; Bos, H.; Gras, B.; Homburg, P.; and Tanenbaum, A.\n\n\n \n\n\n\n In ACSAC, September 2006. \n \n\n\n\n
\n\n\n\n \n \n $\"Reorganizing$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{herder_reorganizing_2006,\n\ttitle = {Reorganizing {UNIX} for {Reliability}},\n\turl = {https://www.researchgate.net/publication/221035690_Reorganizing_UNIX_for_reliability/link/02e7e517507a148f56000000/download},\n\tbooktitle = {{ACSAC}},\n\tauthor = {Herder, J. and Bos, H. and Gras, B. and Homburg, P. and Tanenbaum, A.S.},\n\tmonth = sep,\n\tyear = {2006},\n\tkeywords = {class\\_reliability, type\\_conf, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Minix 3: A Highly Reliable, Self-Repairing Operating System.\n \n \n \n \n\n\n \n Herder, J. N.; Bos, H.; Gras, B.; Homburg, P.; and Tanenbaum, A. S.\n\n\n \n\n\n\n OSR, 40(3). September 2006.\n \n\n\n\n
\n\n\n\n \n \n $\"Minix$ Paper\n \n \n \n $\"Minix$ Web\n \n \n \n $\"Minix$ Code\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n\n\n\n

@article{herder_minix_2006,\n\ttitle = {Minix 3: {A} {Highly} {Reliable}, {Self}-{Repairing} {Operating} {System}},\n\tvolume = {40},\n\turl = {Paper=http://cs.vu.nl/~ast/Publications/Papers/osr-jul-2006.pdf Web=http://www.minix3.org Code=https://github.com/Stichting-MINIX-Research-Foundation},\n\tnumber = {3},\n\tjournal = {OSR},\n\tauthor = {Herder, Jorrit N. and Bos, Herbert and Gras, Ben and Homburg, Philip and Tanenbaum, Andrew S.},\n\tmonth = sep,\n\tyear = {2006},\n\tkeywords = {class\\_reliability, type\\_journal, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Construction of a Highly Dependable Operating System.\n \n \n \n \n\n\n \n Jorrit N. Herder, H. B.; and Tanenbaum, A. S.\n\n\n \n\n\n\n In EDCC, September 2006. \n \n\n\n\n
\n\n\n\n \n \n $\"Construction$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{jorrit_n_herder_construction_2006,\n\ttitle = {Construction of a {Highly} {Dependable} {Operating} {System}},\n\turl = {http://www.cs.vu.nl/~ast/afscheid/publications/edcc-2006.pdf},\n\tbooktitle = {{EDCC}},\n\tauthor = {Jorrit N. Herder, Herbert Bos, Ben Gras, Philip Homburg,  and Tanenbaum, Andrew S.},\n\tmonth = sep,\n\tyear = {2006},\n\tkeywords = {class\\_reliability, type\\_conf, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n File Size Distribution on UNIX Systems - Then and Now.\n \n \n \n \n\n\n \n Tanenbaum, A. S.; Herder, J.; and Bos, H.\n\n\n \n\n\n\n OSR, 40(1). September 2006.\n \n\n\n\n
\n\n\n\n \n \n $\"File$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n\n\n\n

@article{tanenbaum_file_2006,\n\ttitle = {File {Size} {Distribution} on {UNIX} {Systems} - {Then} and {Now}},\n\tvolume = {40},\n\turl = {http://www.cs.vu.nl/~ast/Publications/Papers/osr-jan-2006.pdf},\n\tnumber = {1},\n\tjournal = {OSR},\n\tauthor = {Tanenbaum, Andrew S. and Herder, Jorrit and Bos, Herbert},\n\tmonth = sep,\n\tyear = {2006},\n\tkeywords = {class\\_os, type\\_journal, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Dynamically Extending the Corral with Native Code for High-Speed Packet Processing.\n \n \n \n \n\n\n \n Bos, H.; Samwel, B.; and Booij, I.\n\n\n \n\n\n\n Computer Networks, 50(14). September 2006.\n \n\n\n\n
\n\n\n\n \n \n $\"Dynamically$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n\n\n\n

@article{bos_dynamically_2006,\n\ttitle = {Dynamically {Extending} the {Corral} with {Native} {Code} for {High}-{Speed} {Packet} {Processing}},\n\tvolume = {50},\n\turl = {http://www.cs.vu.nl/~herbertb/papers/corralcompnet_preprint.pdf},\n\tnumber = {14},\n\tjournal = {Computer Networks},\n\tauthor = {Bos, Herbert and Samwel, Bart and Booij, Ilja},\n\tmonth = sep,\n\tyear = {2006},\n\tkeywords = {class\\_network, type\\_journal, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Modular System Programming in Minix 3.\n \n \n \n \n\n\n \n Herder, J. N.; Bos, H.; Gras, B.; Homburg, P.; and Tanenbaum, A. S.\n\n\n \n\n\n\n ;login, 31(2). August 2006.\n \n\n\n\n
\n\n\n\n \n \n $\"Modular$ Paper\n \n \n \n $\"Modular$ Web\n \n \n \n $\"Modular$ Code\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n\n\n\n

@article{herder_modular_2006,\n\ttitle = {Modular {System} {Programming} in {Minix} 3},\n\tvolume = {31},\n\turl = {Paper=http://static.usenix.org/publications/login/2006-04/openpdfs/herder.pdf Web=http://www.minix3.org Code=https://github.com/Stichting-MINIX-Research-Foundation},\n\tnumber = {2},\n\tjournal = {;login},\n\tauthor = {Herder, Jorrit N. and Bos, Herbert and Gras, Ben and Homburg, Philip and Tanenbaum, Andrew S.},\n\tmonth = aug,\n\tyear = {2006},\n\tkeywords = {class\\_reliability, type\\_mag, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n\n\n\n

\n\n

\n \n 2005\n \n \n (4)\n \n \n

\n \n \n

\n \n\n \n \n \n \n \n \n Towards Software-Based Signature Detection for Intrusion Prevention on the Network Card.\n \n \n \n \n\n\n \n Bos, H.; and Huang, K.\n\n\n \n\n\n\n In RAID, October 2005. \n \n\n\n\n
\n\n\n\n \n \n $\"Towards$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 1 download\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{bos_towards_2005,\n\ttitle = {Towards {Software}-{Based} {Signature} {Detection} for {Intrusion} {Prevention} on the {Network} {Card}},\n\turl = {http://www.cs.vu.nl/herbertb/papers/cardguard_raid05.pdf},\n\tbooktitle = {{RAID}},\n\tauthor = {Bos, Herbert and Huang, Kaiming},\n\tmonth = oct,\n\tyear = {2005},\n\tkeywords = {class\\_network, type\\_conf, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n FPL-3E: Towards Language Support for Reconfigurable Packet Processing.\n \n \n \n \n\n\n \n Cristea, M. L.; Zissulescu, C.; Deprettere, E.; and Bos, H.\n\n\n \n\n\n\n In SAMOS, September 2005. \n \n\n\n\n
\n\n\n\n \n \n $\"FPL-3E:$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{cristea_fpl-3e_2005,\n\ttitle = {{FPL}-{3E}: {Towards} {Language} {Support} for {Reconfigurable} {Packet} {Processing}},\n\turl = {http://link.springer.com/chapter/10.1007/11512622_10},\n\tbooktitle = {{SAMOS}},\n\tauthor = {Cristea, Mihai Lucian and Zissulescu, Claudiu and Deprettere, Ed and Bos, Herbert},\n\tmonth = sep,\n\tyear = {2005},\n\tkeywords = {class\\_network, type\\_conf, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Robust Distributed Systems - Achieving Self-Management Through Inference.\n \n \n \n \n\n\n \n Bruijn, W. d.; Bos, H.; and Bal, H.\n\n\n \n\n\n\n In ACC, September 2005. \n \n\n\n\n
\n\n\n\n \n \n $\"Robust$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{bruijn_robust_2005,\n\ttitle = {Robust {Distributed} {Systems} - {Achieving} {Self}-{Management} {Through} {Inference}},\n\turl = {http://www.cs.vu.nl/~herbertb/papers/wdb_robust_acc05.pdf},\n\tbooktitle = {{ACC}},\n\tauthor = {Bruijn, Willem de and Bos, Herbert and Bal, Henri},\n\tmonth = sep,\n\tyear = {2005},\n\tkeywords = {class\\_network, type\\_conf, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n FPL-3: Towards Language Support for Distributed Packet Processing.\n \n \n \n \n\n\n \n Cristea, M.; Bruijn, W. d.; and Bos, H.\n\n\n \n\n\n\n In Networking, September 2005. \n \n\n\n\n
\n\n\n\n \n \n $\"FPL-3:$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{cristea_fpl-3_2005,\n\ttitle = {{FPL}-3: {Towards} {Language} {Support} for {Distributed} {Packet} {Processing}},\n\turl = {http://dl.ifip.org/db/conf/networking/networking2005/CristeaBB05.pdf},\n\tbooktitle = {Networking},\n\tauthor = {Cristea, Mihai and Bruijn, Willem de and Bos, Herbert},\n\tmonth = sep,\n\tyear = {2005},\n\tkeywords = {class\\_network, type\\_conf, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n\n\n\n

\n\n

\n \n 2004\n \n \n (4)\n \n \n

\n \n \n

\n \n\n \n \n \n \n \n \n FFPF: Fairly Fast Packet Filters.\n \n \n \n \n\n\n \n Bos, H.; Bruijn, W. d.; Cristea, M.; Nguyen, T.; and Portokalidis, G.\n\n\n \n\n\n\n In OSDI, December 2004. \n \n\n\n\n
\n\n\n\n \n \n $\"FFPF:$ Paper\n \n \n \n $\"FFPF:$ Web\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 2 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{bos_ffpf_2004,\n\ttitle = {{FFPF}: {Fairly} {Fast} {Packet} {Filters}},\n\turl = {Paper=http://static.usenix.org/legacy/events/osdi04/tech/full_papers/bos/bos.pdf Web=https://www.cs.vu.nl/~herbertb/projects/streamline},\n\tbooktitle = {{OSDI}},\n\tauthor = {Bos, Herbert and Bruijn, Willem de and Cristea, Mihai and Nguyen, Trung and Portokalidis, Georgios},\n\tmonth = dec,\n\tyear = {2004},\n\tkeywords = {class\\_network, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n On the Feasibility of Using Network Processors for DNA Queries.\n \n \n \n \n\n\n \n Bos, H.; and Huang, K.\n\n\n \n\n\n\n In NP, September 2004. \n \n\n\n\n
\n\n\n\n \n \n $\"On$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{bos_feasibility_2004,\n\ttitle = {On the {Feasibility} of {Using} {Network} {Processors} for {DNA} {Queries}},\n\turl = {http://www.cs.vu.nl/~herbertb/papers/ixpblast.pdf},\n\tbooktitle = {{NP}},\n\tauthor = {Bos, Herbert and Huang, Kaiming},\n\tmonth = sep,\n\tyear = {2004},\n\tkeywords = {class\\_network, type\\_conf, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Scalable Network Monitors for High-Speed Links:a Bottom-Up Approach.\n \n \n \n \n\n\n \n Nguyen, T.; Bruijn, W. d.; Cristea, M.; and Bos, H.\n\n\n \n\n\n\n In IPOM, September 2004. \n \n\n\n\n
\n\n\n\n \n \n $\"Scalable$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{nguyen_scalable_2004,\n\ttitle = {Scalable {Network} {Monitors} for {High}-{Speed} {Links}:a {Bottom}-{Up} {Approach}},\n\turl = {http://www.cs.vu.nl/~herbertb/projects/streamline/papers/ipom04.pdf},\n\tbooktitle = {{IPOM}},\n\tauthor = {Nguyen, Trung and Bruijn, Willem de and Cristea, Mihai and Bos, Herbert},\n\tmonth = sep,\n\tyear = {2004},\n\tkeywords = {class\\_network, type\\_conf, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n SNMP Plus a Lightweight API for SNAP Handling (SPLASH).\n \n \n \n \n\n\n \n Bruijn, W. d.; Bos, H.; and Moore, J.\n\n\n \n\n\n\n In NOMS, September 2004. \n \n\n\n\n
\n\n\n\n \n \n $\"SNMP$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{bruijn_snmp_2004,\n\ttitle = {{SNMP} {Plus} a {Lightweight} {API} for {SNAP} {Handling} ({SPLASH})},\n\turl = {https://pdfs.semanticscholar.org/b69e/26711ffdc0c57f4e314a869dae6a17043d85.pdf},\n\tbooktitle = {{NOMS}},\n\tauthor = {Bruijn, Willem de and Bos, Herbert and Moore, Jon},\n\tmonth = sep,\n\tyear = {2004},\n\tkeywords = {class\\_network, type\\_conf, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n\n\n\n

\n\n

\n \n 2003\n \n \n (2)\n \n \n

\n \n \n

\n \n\n \n \n \n \n \n \n SCAMPI: A Scalable and Programmable Architecture for Monitoring Gigabit Networks.\n \n \n \n \n\n\n \n Coppens, J.; Berghe, S. V. d.; Bos, H.; Markatos, E.; Turck, F. D.; Oslebo, A.; and Ubik, S.\n\n\n \n\n\n\n In E2EMON, September 2003. \n \n\n\n\n
\n\n\n\n \n \n $\"SCAMPI:$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 1 download\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{coppens_scampi_2003,\n\ttitle = {{SCAMPI}: {A} {Scalable} and {Programmable} {Architecture} for {Monitoring} {Gigabit} {Networks}},\n\turl = {http://s3.amazonaws.com/academia.edu.documents/43693345/978-3-540-39404-4_36.pdf?AWSAccessKeyId=AKIAJ56TQJRTWSMTNPEA&Expires=1476580913&Signature=MnrWp5pdg2cVq4WLu3Din58Co7Y%3D&response-content-disposition=inline%3B%20filename%3DSCAMPI_A_Scalable_and_Programmable_Archi.pdf},\n\tbooktitle = {{E2EMON}},\n\tauthor = {Coppens, Jan and Berghe, Steven Van den and Bos, Herbert and Markatos, Evangelos and Turck, Filip De and Oslebo, Arne and Ubik, Sven},\n\tmonth = sep,\n\tyear = {2003},\n\tkeywords = {class\\_network, type\\_paper, type\\_workshop},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n HOKES/POKES: Lightweight Resource Sharing.\n \n \n \n \n\n\n \n Bos, H.; and Samwel, B.\n\n\n \n\n\n\n In EmSoft, September 2003. \n \n\n\n\n
\n\n\n\n \n \n $\"HOKES/POKES:$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{bos_hokespokes_2003,\n\ttitle = {{HOKES}/{POKES}: {Lightweight} {Resource} {Sharing}},\n\turl = {http://www.cs.vu.nl/~herbertb/papers/okeemsoft.pdf},\n\tbooktitle = {{EmSoft}},\n\tauthor = {Bos, Herbert and Samwel, Bart},\n\tmonth = sep,\n\tyear = {2003},\n\tkeywords = {class\\_network, class\\_os, type\\_conf, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n\n\n\n

\n\n

\n \n 2002\n \n \n (4)\n \n \n

\n \n \n

\n \n\n \n \n \n \n \n \n A perspective on how ATM lost Control.\n \n \n \n \n\n\n \n Crosby, S.; Rooney, S.; Isaacs, I.; and Bos, H.\n\n\n \n\n\n\n ACM SIGCOMM Computer Communication Review, 32(5). November 2002.\n \n\n\n\n
\n\n\n\n \n \n $\"A$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@article{crosby_perspective_2002,\n\ttitle = {A perspective on how {ATM} lost {Control}},\n\tvolume = {32},\n\turl = {http://www.cs.vu.nl/~herbertb/papers/ccr_atm_perspective.pdf},\n\tnumber = {5},\n\tjournal = {ACM SIGCOMM Computer Communication Review},\n\tauthor = {Crosby, S. and Rooney, S. and Isaacs, I. and Bos, H.},\n\tmonth = nov,\n\tyear = {2002},\n\tkeywords = {class\\_network, networks, type\\_journal, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n The OKE Corral: Code Organisation and Reconfiguration at Runtime using Active Linking.\n \n \n \n \n\n\n \n Bos, H.; and Samwel, B.\n\n\n \n\n\n\n In IWAN, September 2002. \n \n\n\n\n
\n\n\n\n \n \n $\"The$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{bos_oke_2002,\n\ttitle = {The {OKE} {Corral}: {Code} {Organisation} and {Reconfiguration} at {Runtime} using {Active} {Linking}},\n\turl = {http://www.cs.vu.nl/~herbertb/papers/corraltr.pdf},\n\tbooktitle = {{IWAN}},\n\tauthor = {Bos, Herbert and Samwel, Bart},\n\tmonth = sep,\n\tyear = {2002},\n\tkeywords = {class\\_network, class\\_os, type\\_conf, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Safe Kernel Programming in the OKE.\n \n \n \n \n\n\n \n Bos, H.; and Samwel, B.\n\n\n \n\n\n\n In OPENARCH, September 2002. \n \n\n\n\n
\n\n\n\n \n \n $\"Safe$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{bos_safe_2002,\n\ttitle = {Safe {Kernel} {Programming} in the {OKE}},\n\turl = {http://www.cs.vu.nl/~herbertb/papers/openk_ieee.pdf},\n\tbooktitle = {{OPENARCH}},\n\tauthor = {Bos, Herbert and Samwel, Bart},\n\tmonth = sep,\n\tyear = {2002},\n\tkeywords = {class\\_network, class\\_os, type\\_conf, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Towards Flexible Real-Time Network Monitoring Using a Network Processor.\n \n \n \n \n\n\n \n Anagnostakis, K.; and Bos, H.\n\n\n \n\n\n\n In SANE, May 2002. \n \n\n\n\n
\n\n\n\n \n \n $\"Towards$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{anagnostakis_towards_2002,\n\ttitle = {Towards {Flexible} {Real}-{Time} {Network} {Monitoring} {Using} a {Network} {Processor}.},\n\turl = {https://www.narcis.nl/publication/RecordID/oai%3Aresearch.vu.nl%3Apublications%2F7b09e580-30fa-4d94-97ae-9bbdb76d632e},\n\tbooktitle = {{SANE}},\n\tauthor = {Anagnostakis, K. and Bos, H.},\n\tmonth = may,\n\tyear = {2002},\n\tkeywords = {class\\_network, networks, type\\_conf, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n\n\n\n

\n\n

\n \n 2001\n \n \n (2)\n \n \n

\n \n \n

\n \n\n \n \n \n \n \n \n Elastic Network Control: An Alternative to Active Networks.\n \n \n \n \n\n\n \n Bos, H.; Isaacs, R.; Mortier, M.; and Leslie, I.\n\n\n \n\n\n\n JCN, 3(2). January 2001.\n \n\n\n\n
\n\n\n\n \n \n $\"Elastic$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 1 download\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@article{bos_elastic_2001,\n\ttitle = {Elastic {Network} {Control}: {An} {Alternative} to {Active} {Networks}},\n\tvolume = {3},\n\turl = {http://www.cs.vu.nl/~herbertb/papers/jcn2001.pdf},\n\tnumber = {2},\n\tjournal = {JCN},\n\tauthor = {Bos, H. and Isaacs, R. and Mortier, M. and Leslie, I.},\n\tmonth = jan,\n\tyear = {2001},\n\tkeywords = {class\\_network, networks, type\\_journal, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Efficient Reservations in Open ATM Network Control Using Online Measurements.\n \n \n \n \n\n\n \n Bos, H.\n\n\n \n\n\n\n JCS. January 2001.\n \n\n\n\n
\n\n\n\n \n \n $\"Efficient$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@article{bos_efficient_2001,\n\ttitle = {Efficient {Reservations} in {Open} {ATM} {Network} {Control} {Using} {Online} {Measurements}},\n\turl = {https://www.cs.vu.nl/~herbertb/papers/jcs01.pdf},\n\tjournal = {JCS},\n\tauthor = {Bos, H.},\n\tmonth = jan,\n\tyear = {2001},\n\tkeywords = {atm, class\\_network, networks, type\\_journal, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n\n\n\n

\n\n

\n \n 2000\n \n \n (1)\n \n \n

\n \n \n

\n \n\n \n \n \n \n \n \n Open Extensible Network Control.\n \n \n \n \n\n\n \n Bos, H.\n\n\n \n\n\n\n JNSM, 8(1). January 2000.\n \n\n\n\n
\n\n\n\n \n \n $\"Open$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n\n\n\n

@article{bos_open_2000,\n\ttitle = {Open {Extensible} {Network} {Control}},\n\tvolume = {8},\n\turl = {https://link.springer.com/article/10.1023%2FA%3A1009467009116},\n\tnumber = {1},\n\tjournal = {JNSM},\n\tauthor = {Bos, H.},\n\tmonth = jan,\n\tyear = {2000},\n\tkeywords = {class\\_network, type\\_journal, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n\n\n\n

\n\n

\n \n 1999\n \n \n (2)\n \n \n

\n \n \n

\n \n\n \n \n \n \n \n Application-Specific Policies: Beyond the Domain Boundaries.\n \n \n \n\n\n \n Bos, H.\n\n\n \n\n\n\n In IM, May 1999. \n \n\n\n\n
\n\n\n\n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{bos_application-specific_1999,\n\ttitle = {Application-{Specific} {Policies}: {Beyond} the {Domain} {Boundaries}},\n\tbooktitle = {{IM}},\n\tauthor = {Bos, H.},\n\tmonth = may,\n\tyear = {1999},\n\tkeywords = {class\\_network, networks, type\\_conf, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Application-specific Behaviour in Distributed Network Control.\n \n \n \n \n\n\n \n Bos, H.\n\n\n \n\n\n\n In ERSADS, January 1999. \n \n\n\n\n
\n\n\n\n \n \n $\"Application-specific$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{bos_application-specific_1999-1,\n\ttitle = {Application-specific {Behaviour} in {Distributed} {Network} {Control}},\n\turl = {http://www.cs.vu.nl/~herbertb/papers/ersads99.pdf},\n\tbooktitle = {{ERSADS}},\n\tauthor = {Bos, H.},\n\tmonth = jan,\n\tyear = {1999},\n\tkeywords = {class\\_network, networks, type\\_conf, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n\n\n\n

\n\n

\n \n 1998\n \n \n (2)\n \n \n

\n \n \n

\n \n\n \n \n \n \n \n \n ATM Admission Control based on Reservations and Measurements.\n \n \n \n \n\n\n \n Bos, H.\n\n\n \n\n\n\n In IPCCC, February 1998. \n \n\n\n\n
\n\n\n\n \n \n $\"ATM$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 1 download\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{bos_atm_1998,\n\ttitle = {{ATM} {Admission} {Control} based on {Reservations} and {Measurements}},\n\turl = {http://www.cs.vu.nl/~herbertb/papers/ipccc98.pdf},\n\tbooktitle = {{IPCCC}},\n\tauthor = {Bos, H.},\n\tmonth = feb,\n\tyear = {1998},\n\tkeywords = {class\\_network, type\\_conf, type\\_paper},\n}\n\n

\n\n\n\n

\n\n\n

\n \n\n \n \n \n \n \n \n Building a Distributed Video Server using Advanced ATM Network Support.\n \n \n \n \n\n\n \n Bos, H.\n\n\n \n\n\n\n In MMNS, January 1998. \n \n\n\n\n
\n\n\n\n \n \n $\"Building$ Paper\n \n \n\n \n\n \n link\n \n \n\n bibtex\n \n\n \n\n \n \n \n 2 downloads\n \n \n\n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n\n\n\n

@inproceedings{bos_building_1998,\n\ttitle = {Building a {Distributed} {Video} {Server} using {Advanced} {ATM} {Network} {Support}},\n\turl = {http://www.cs.vu.nl/~herbertb/papers/mmns98.pdf},\n\tbooktitle = {{MMNS}},\n\tauthor = {Bos, H.},\n\tmonth = jan,\n\tyear = {1998},\n\tkeywords = {class\\_network, networks, type\\_conf, type\\_paper},\n}\n\n\n

\n\n\n\n

\n\n\n\n\n\n

\n\n\n\n\n

\n\n\n \n\n \n \n \n \n\n