var bibbase_data = {"data":"<img src=\"//bibbase.org/img/ajax-loader.gif\" id=\"spinner\"\n  style=\"display: none;\" alt=\"Loading..\" />\n\n<div id=\"bibbase\">\n\n  <script type=\"text/javascript\">\n    var bibbase = {\n      params: {\"bib\":\"https://download.vusec.net/papers/zotero.php?tag=proj_intersect&full=&format=bibtex&sort=date\",\"theme\":\"default\",\"jsonp\":\"1\",\"showSearch\":\"1\",\"owner\":\"none\",\"filter\":\"keywords:type_paper,\",\"host\":\"bibbase.org\"},\n      data: [{\"bibtype\":\"inproceedings\",\"type\":\"inproceedings\",\"title\":\"InSpectre Gadget: Inspecting the Residual Attack Surface of Cross-privilege Spectre v2\",\"booktitle\":\"USENIX Security\",\"author\":[{\"propositions\":[],\"lastnames\":[\"Wiebing\"],\"firstnames\":[\"Sander\"],\"suffixes\":[]},{\"propositions\":[\"de\"],\"lastnames\":[\"Faveri\",\"Tron\"],\"firstnames\":[\"Alvise\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Bos\"],\"firstnames\":[\"Herbert\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Giuffrida\"],\"firstnames\":[\"Cristiano\"],\"suffixes\":[]}],\"month\":\"August\",\"year\":\"2024\",\"keywords\":\"class_sidechannels, proj_allocamelus, proj_intersect, proj_rescale, type_ae, type_conf, type_cve_assigned, type_paper, type_tier1, type_top\",\"bibtex\":\"@inproceedings{wiebing_inspectre_2024,\\n\\ttitle = {{InSpectre} {Gadget}: {Inspecting} the {Residual} {Attack} {Surface} of {Cross}-privilege {Spectre} v2},\\n\\turl = {Paper=https://download.vusec.net/papers/inspectre_sec24.pdf Web=https://vusec.net/projects/native-bhi Code=https://github.com/vusec/inspectre-gadget},\\n\\tbooktitle = {{USENIX} {Security}},\\n\\tauthor = {Wiebing, Sander and de Faveri Tron, Alvise and Bos, Herbert and Giuffrida, Cristiano},\\n\\tmonth = aug,\\n\\tyear = {2024},\\n\\tkeywords = {class\\\\_sidechannels, proj\\\\_allocamelus, proj\\\\_intersect, proj\\\\_rescale, type\\\\_ae, type\\\\_conf, type\\\\_cve\\\\_assigned, type\\\\_paper, type\\\\_tier1, type\\\\_top},\\n}\\n\\n\",\"author_short\":[\"Wiebing, S.\",\"de Faveri Tron, A.\",\"Bos, H.\",\"Giuffrida, C.\"],\"urlPaper\":\"https://download.vusec.net/papers/inspectre_sec24.pdf\",\"urlWeb\":\"https://vusec.net/projects/native-bhi\",\"urlCode\":\"https://github.com/vusec/inspectre-gadget\",\"key\":\"wiebing_inspectre_2024\",\"id\":\"wiebing_inspectre_2024\",\"bibbaseid\":\"wiebing-defaveritron-bos-giuffrida-inspectregadgetinspectingtheresidualattacksurfaceofcrossprivilegespectrev2-2024\",\"role\":\"author\",\"urls\":{\"Paper\":\"https://download.vusec.net/papers/inspectre_sec24.pdf\",\"Web\":\"https://vusec.net/projects/native-bhi\",\"Code\":\"https://github.com/vusec/inspectre-gadget\"},\"keyword\":[\"class_sidechannels\",\"proj_allocamelus\",\"proj_intersect\",\"proj_rescale\",\"type_ae\",\"type_conf\",\"type_cve_assigned\",\"type_paper\",\"type_tier1\",\"type_top\"],\"metadata\":{\"authorlinks\":{}},\"downloads\":118,\"html\":\"\"},{\"bibtype\":\"inproceedings\",\"type\":\"inproceedings\",\"title\":\"Practical Data-Only Attack Generation\",\"booktitle\":\"USENIX Security\",\"author\":[{\"propositions\":[],\"lastnames\":[\"Johannesmeyer\"],\"firstnames\":[\"Brian\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Slowinska\"],\"firstnames\":[\"Asia\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Bos\"],\"firstnames\":[\"Herbert\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Giuffrida\"],\"firstnames\":[\"Cristiano\"],\"suffixes\":[]}],\"month\":\"August\",\"year\":\"2024\",\"keywords\":\"class_binary, proj_intersect, proj_theseus, type_ae, type_conf, type_paper, type_tier1, type_top\",\"bibtex\":\"@inproceedings{johannesmeyer_practical_2024,\\n\\ttitle = {Practical {Data}-{Only} {Attack} {Generation}},\\n\\turl = {Paper=https://download.vusec.net/papers/einstein_sec24.pdf Code=https://github.com/vusec/einstein},\\n\\tbooktitle = {{USENIX} {Security}},\\n\\tauthor = {Johannesmeyer, Brian and Slowinska, Asia and Bos, Herbert and Giuffrida, Cristiano},\\n\\tmonth = aug,\\n\\tyear = {2024},\\n\\tkeywords = {class\\\\_binary, proj\\\\_intersect, proj\\\\_theseus, type\\\\_ae, type\\\\_conf, type\\\\_paper, type\\\\_tier1, type\\\\_top},\\n}\\n\\n\",\"author_short\":[\"Johannesmeyer, B.\",\"Slowinska, A.\",\"Bos, H.\",\"Giuffrida, C.\"],\"urlPaper\":\"https://download.vusec.net/papers/einstein_sec24.pdf\",\"urlCode\":\"https://github.com/vusec/einstein\",\"key\":\"johannesmeyer_practical_2024\",\"id\":\"johannesmeyer_practical_2024\",\"bibbaseid\":\"johannesmeyer-slowinska-bos-giuffrida-practicaldataonlyattackgeneration-2024\",\"role\":\"author\",\"urls\":{\"Paper\":\"https://download.vusec.net/papers/einstein_sec24.pdf\",\"Code\":\"https://github.com/vusec/einstein\"},\"keyword\":[\"class_binary\",\"proj_intersect\",\"proj_theseus\",\"type_ae\",\"type_conf\",\"type_paper\",\"type_tier1\",\"type_top\"],\"metadata\":{\"authorlinks\":{}},\"downloads\":52,\"html\":\"\"},{\"bibtype\":\"inproceedings\",\"type\":\"inproceedings\",\"title\":\"GhostRace: Exploiting and Mitigating Speculative Race Conditions\",\"booktitle\":\"USENIX Security\",\"author\":[{\"propositions\":[],\"lastnames\":[\"Ragab\"],\"firstnames\":[\"Hany\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Mambretti\"],\"firstnames\":[\"Andrea\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Kurmus\"],\"firstnames\":[\"Anil\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Giuffrida\"],\"firstnames\":[\"Cristiano\"],\"suffixes\":[]}],\"month\":\"August\",\"year\":\"2024\",\"keywords\":\"class_sidechannels, proj_allocamelus, proj_intersect, proj_rescale, type_conf, type_cve_assigned, type_paper, type_tier1, type_top\",\"bibtex\":\"@inproceedings{ragab_ghostrace_2024,\\n\\ttitle = {{GhostRace}: {Exploiting} and {Mitigating} {Speculative} {Race} {Conditions}},\\n\\turl = {Paper=https://download.vusec.net/papers/ghostrace_sec24.pdf Web=https://www.vusec.net/projects/ghostrace Code=https://github.com/vusec/ghostrace},\\n\\tbooktitle = {{USENIX} {Security}},\\n\\tauthor = {Ragab, Hany and Mambretti, Andrea and Kurmus, Anil and Giuffrida, Cristiano},\\n\\tmonth = aug,\\n\\tyear = {2024},\\n\\tkeywords = {class\\\\_sidechannels, proj\\\\_allocamelus, proj\\\\_intersect, proj\\\\_rescale, type\\\\_conf, type\\\\_cve\\\\_assigned, type\\\\_paper, type\\\\_tier1, type\\\\_top},\\n}\\n\\n\",\"author_short\":[\"Ragab, H.\",\"Mambretti, A.\",\"Kurmus, A.\",\"Giuffrida, C.\"],\"urlPaper\":\"https://download.vusec.net/papers/ghostrace_sec24.pdf\",\"urlWeb\":\"https://www.vusec.net/projects/ghostrace\",\"urlCode\":\"https://github.com/vusec/ghostrace\",\"key\":\"ragab_ghostrace_2024\",\"id\":\"ragab_ghostrace_2024\",\"bibbaseid\":\"ragab-mambretti-kurmus-giuffrida-ghostraceexploitingandmitigatingspeculativeraceconditions-2024\",\"role\":\"author\",\"urls\":{\"Paper\":\"https://download.vusec.net/papers/ghostrace_sec24.pdf\",\"Web\":\"https://www.vusec.net/projects/ghostrace\",\"Code\":\"https://github.com/vusec/ghostrace\"},\"keyword\":[\"class_sidechannels\",\"proj_allocamelus\",\"proj_intersect\",\"proj_rescale\",\"type_conf\",\"type_cve_assigned\",\"type_paper\",\"type_tier1\",\"type_top\"],\"metadata\":{\"authorlinks\":{}},\"downloads\":356,\"html\":\"\"},{\"bibtype\":\"inproceedings\",\"type\":\"inproceedings\",\"title\":\"SafeFetch: Practical Double-Fetch Protection with Kernel-Fetch Caching\",\"booktitle\":\"USENIX Security\",\"author\":[{\"propositions\":[],\"lastnames\":[\"Duta\"],\"firstnames\":[\"Victor\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Aloserij\"],\"firstnames\":[\"Mitchel\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Giuffrida\"],\"firstnames\":[\"Cristiano\"],\"suffixes\":[]}],\"month\":\"August\",\"year\":\"2024\",\"keywords\":\"class_sanitizer, proj_allocamelus, proj_intersect, proj_rescale, proj_theseus, type_ae, type_conf, type_paper, type_tier1, type_top\",\"bibtex\":\"@inproceedings{duta_safefetch_2024,\\n\\ttitle = {{SafeFetch}: {Practical} {Double}-{Fetch} {Protection} with {Kernel}-{Fetch} {Caching}},\\n\\tbooktitle = {{USENIX} {Security}},\\n\\tauthor = {Duta, Victor and Aloserij, Mitchel and Giuffrida, Cristiano},\\n\\tmonth = aug,\\n\\tyear = {2024},\\n\\tkeywords = {class\\\\_sanitizer, proj\\\\_allocamelus, proj\\\\_intersect, proj\\\\_rescale, proj\\\\_theseus, type\\\\_ae, type\\\\_conf, type\\\\_paper, type\\\\_tier1, type\\\\_top},\\n}\\n\\n\",\"author_short\":[\"Duta, V.\",\"Aloserij, M.\",\"Giuffrida, C.\"],\"key\":\"duta_safefetch_2024\",\"id\":\"duta_safefetch_2024\",\"bibbaseid\":\"duta-aloserij-giuffrida-safefetchpracticaldoublefetchprotectionwithkernelfetchcaching-2024\",\"role\":\"author\",\"urls\":{},\"keyword\":[\"class_sanitizer\",\"proj_allocamelus\",\"proj_intersect\",\"proj_rescale\",\"proj_theseus\",\"type_ae\",\"type_conf\",\"type_paper\",\"type_tier1\",\"type_top\"],\"metadata\":{\"authorlinks\":{}},\"html\":\"\"},{\"bibtype\":\"inproceedings\",\"type\":\"inproceedings\",\"title\":\"Sticky Tags: Efficient and Deterministic Spatial Memory Error Mitigation using Persistent Memory Tags\",\"booktitle\":\"S&P\",\"author\":[{\"propositions\":[],\"lastnames\":[\"Gorter\"],\"firstnames\":[\"Floris\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Kroes\"],\"firstnames\":[\"Taddeus\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Bos\"],\"firstnames\":[\"Herbert\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Giuffrida\"],\"firstnames\":[\"Cristiano\"],\"suffixes\":[]}],\"month\":\"May\",\"year\":\"2024\",\"keywords\":\"class_sanitizer, proj_allocamelus, proj_intersect, proj_rescale, proj_theseus, type_conf, type_paper, type_tier1, type_top\",\"bibtex\":\"@inproceedings{gorter_sticky_2024,\\n\\ttitle = {Sticky {Tags}: {Efficient} and {Deterministic} {Spatial} {Memory} {Error} {Mitigation} using {Persistent} {Memory} {Tags}},\\n\\tbooktitle = {S\\\\&{P}},\\n\\tauthor = {Gorter, Floris and Kroes, Taddeus and Bos, Herbert and Giuffrida, Cristiano},\\n\\tmonth = may,\\n\\tyear = {2024},\\n\\tkeywords = {class\\\\_sanitizer, proj\\\\_allocamelus, proj\\\\_intersect, proj\\\\_rescale, proj\\\\_theseus, type\\\\_conf, type\\\\_paper, type\\\\_tier1, type\\\\_top},\\n}\\n\\n\",\"author_short\":[\"Gorter, F.\",\"Kroes, T.\",\"Bos, H.\",\"Giuffrida, C.\"],\"key\":\"gorter_sticky_2024\",\"id\":\"gorter_sticky_2024\",\"bibbaseid\":\"gorter-kroes-bos-giuffrida-stickytagsefficientanddeterministicspatialmemoryerrormitigationusingpersistentmemorytags-2024\",\"role\":\"author\",\"urls\":{},\"keyword\":[\"class_sanitizer\",\"proj_allocamelus\",\"proj_intersect\",\"proj_rescale\",\"proj_theseus\",\"type_conf\",\"type_paper\",\"type_tier1\",\"type_top\"],\"metadata\":{\"authorlinks\":{}},\"html\":\"\"},{\"bibtype\":\"inproceedings\",\"type\":\"inproceedings\",\"title\":\"Leaky Address Masking: Exploiting Unmasked Spectre Gadgets with Noncanonical Address Translation\",\"booktitle\":\"S&P\",\"author\":[{\"propositions\":[],\"lastnames\":[\"Hertogh\"],\"firstnames\":[\"Mathé\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Wiebing\"],\"firstnames\":[\"Sander\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Giuffrida\"],\"firstnames\":[\"Cristiano\"],\"suffixes\":[]}],\"month\":\"May\",\"year\":\"2024\",\"keywords\":\"class_sidechannels, proj_allocamelus, proj_intersect, proj_rescale, type_conf, type_paper, type_tier1, type_top\",\"bibtex\":\"@inproceedings{hertogh_leaky_2024,\\n\\ttitle = {Leaky {Address} {Masking}: {Exploiting} {Unmasked} {Spectre} {Gadgets} with {Noncanonical} {Address} {Translation}},\\n\\turl = {Paper=https://download.vusec.net/papers/slam_sp24.pdf Web=https://www.vusec.net/projects/slam Code=https://github.com/vusec/slam},\\n\\tbooktitle = {S\\\\&{P}},\\n\\tauthor = {Hertogh, Mathé and Wiebing, Sander and Giuffrida, Cristiano},\\n\\tmonth = may,\\n\\tyear = {2024},\\n\\tkeywords = {class\\\\_sidechannels, proj\\\\_allocamelus, proj\\\\_intersect, proj\\\\_rescale, type\\\\_conf, type\\\\_paper, type\\\\_tier1, type\\\\_top},\\n}\\n\\n\",\"author_short\":[\"Hertogh, M.\",\"Wiebing, S.\",\"Giuffrida, C.\"],\"urlPaper\":\"https://download.vusec.net/papers/slam_sp24.pdf\",\"urlWeb\":\"https://www.vusec.net/projects/slam\",\"urlCode\":\"https://github.com/vusec/slam\",\"key\":\"hertogh_leaky_2024\",\"id\":\"hertogh_leaky_2024\",\"bibbaseid\":\"hertogh-wiebing-giuffrida-leakyaddressmaskingexploitingunmaskedspectregadgetswithnoncanonicaladdresstranslation-2024\",\"role\":\"author\",\"urls\":{\"Paper\":\"https://download.vusec.net/papers/slam_sp24.pdf\",\"Web\":\"https://www.vusec.net/projects/slam\",\"Code\":\"https://github.com/vusec/slam\"},\"keyword\":[\"class_sidechannels\",\"proj_allocamelus\",\"proj_intersect\",\"proj_rescale\",\"type_conf\",\"type_paper\",\"type_tier1\",\"type_top\"],\"metadata\":{\"authorlinks\":{}},\"downloads\":372,\"html\":\"\"},{\"bibtype\":\"inproceedings\",\"type\":\"inproceedings\",\"title\":\"Predictive Context-sensitive Fuzzing\",\"booktitle\":\"NDSS\",\"author\":[{\"propositions\":[],\"lastnames\":[\"Borrello\"],\"firstnames\":[\"Pietro\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Fioraldi\"],\"firstnames\":[\"Andrea\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"D'Elia\"],\"firstnames\":[\"Daniele\",\"Cono\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Balzarotti\"],\"firstnames\":[\"Davide\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Querzoni\"],\"firstnames\":[\"Leonardo\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Giuffrida\"],\"firstnames\":[\"Cristiano\"],\"suffixes\":[]}],\"month\":\"February\",\"year\":\"2024\",\"keywords\":\"class_testing, proj_intersect, proj_memo, proj_rescale, type_conf, type_paper, type_tier1, type_top\",\"bibtex\":\"@inproceedings{borrello_predictive_2024,\\n\\ttitle = {Predictive {Context}-sensitive {Fuzzing}},\\n\\turl = {Paper=https://download.vusec.net/papers/pcsfuzzing_ndss24.pdf Code=https://github.com/eurecom-s3/predictive-cs-fuzzing},\\n\\tbooktitle = {{NDSS}},\\n\\tauthor = {Borrello, Pietro and Fioraldi, Andrea and D'Elia, Daniele Cono and Balzarotti, Davide and Querzoni, Leonardo and Giuffrida, Cristiano},\\n\\tmonth = feb,\\n\\tyear = {2024},\\n\\tkeywords = {class\\\\_testing, proj\\\\_intersect, proj\\\\_memo, proj\\\\_rescale, type\\\\_conf, type\\\\_paper, type\\\\_tier1, type\\\\_top},\\n}\\n\\n\",\"author_short\":[\"Borrello, P.\",\"Fioraldi, A.\",\"D'Elia, D. C.\",\"Balzarotti, D.\",\"Querzoni, L.\",\"Giuffrida, C.\"],\"urlPaper\":\"https://download.vusec.net/papers/pcsfuzzing_ndss24.pdf\",\"urlCode\":\"https://github.com/eurecom-s3/predictive-cs-fuzzing\",\"key\":\"borrello_predictive_2024\",\"id\":\"borrello_predictive_2024\",\"bibbaseid\":\"borrello-fioraldi-delia-balzarotti-querzoni-giuffrida-predictivecontextsensitivefuzzing-2024\",\"role\":\"author\",\"urls\":{\"Paper\":\"https://download.vusec.net/papers/pcsfuzzing_ndss24.pdf\",\"Code\":\"https://github.com/eurecom-s3/predictive-cs-fuzzing\"},\"keyword\":[\"class_testing\",\"proj_intersect\",\"proj_memo\",\"proj_rescale\",\"type_conf\",\"type_paper\",\"type_tier1\",\"type_top\"],\"metadata\":{\"authorlinks\":{}},\"downloads\":43,\"html\":\"\"},{\"bibtype\":\"inproceedings\",\"type\":\"inproceedings\",\"title\":\"Triereme: Speeding up Hybrid Fuzzing through Efficient Query Scheduling\",\"booktitle\":\"ACSAC\",\"author\":[{\"propositions\":[],\"lastnames\":[\"Geretto\"],\"firstnames\":[\"Elia\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Hohnerlein\"],\"firstnames\":[\"Julius\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Giuffrida\"],\"firstnames\":[\"Cristiano\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Bos\"],\"firstnames\":[\"Herbert\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Van\",\"Der\",\"Kouwe\"],\"firstnames\":[\"Erik\"],\"suffixes\":[]},{\"propositions\":[\"von\"],\"lastnames\":[\"Gleissenthall\"],\"firstnames\":[\"Klaus\"],\"suffixes\":[]}],\"month\":\"December\",\"year\":\"2023\",\"keywords\":\"artifacts:reproduced, artifacts:reusable, class_testing, proj_intersect, proj_memo, type_ae, type_conf, type_paper, type_top\",\"bibtex\":\"@inproceedings{geretto_triereme_2023,\\n\\ttitle = {Triereme: {Speeding} up {Hybrid} {Fuzzing} through {Efficient} {Query} {Scheduling}},\\n\\turl = {Paper=https://download.vusec.net/papers/triereme_acsac23.pdf Code=https://github.com/vusec/triereme},\\n\\tbooktitle = {{ACSAC}},\\n\\tauthor = {Geretto, Elia and Hohnerlein, Julius and Giuffrida, Cristiano and Bos, Herbert and Van Der Kouwe, Erik and von Gleissenthall, Klaus},\\n\\tmonth = dec,\\n\\tyear = {2023},\\n\\tkeywords = {artifacts:reproduced, artifacts:reusable, class\\\\_testing, proj\\\\_intersect, proj\\\\_memo, type\\\\_ae, type\\\\_conf, type\\\\_paper, type\\\\_top},\\n}\\n\\n\",\"author_short\":[\"Geretto, E.\",\"Hohnerlein, J.\",\"Giuffrida, C.\",\"Bos, H.\",\"Van Der Kouwe, E.\",\"von Gleissenthall, K.\"],\"urlPaper\":\"https://download.vusec.net/papers/triereme_acsac23.pdf\",\"urlCode\":\"https://github.com/vusec/triereme\",\"key\":\"geretto_triereme_2023\",\"id\":\"geretto_triereme_2023\",\"bibbaseid\":\"geretto-hohnerlein-giuffrida-bos-vanderkouwe-vongleissenthall-trieremespeedinguphybridfuzzingthroughefficientqueryscheduling-2023\",\"role\":\"author\",\"urls\":{\"Paper\":\"https://download.vusec.net/papers/triereme_acsac23.pdf\",\"Code\":\"https://github.com/vusec/triereme\"},\"keyword\":[\"artifacts:reproduced\",\"artifacts:reusable\",\"class_testing\",\"proj_intersect\",\"proj_memo\",\"type_ae\",\"type_conf\",\"type_paper\",\"type_top\"],\"metadata\":{\"authorlinks\":{}},\"downloads\":21,\"html\":\"\"},{\"bibtype\":\"article\",\"type\":\"article\",\"title\":\"FloatZone: How Floating Point Additions can Detect Memory Errors\",\"url\":\"https://www.usenix.org/publications/loginonline/floatzone-how-floating-point-additions-can-detect-memory-errors\",\"journal\":\";login:\",\"author\":[{\"propositions\":[],\"lastnames\":[\"Gorter\"],\"firstnames\":[\"Floris\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Barberis\"],\"firstnames\":[\"Enrico\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Isemann\"],\"firstnames\":[\"Raphael\"],\"suffixes\":[]},{\"propositions\":[\"van\",\"der\"],\"lastnames\":[\"Kouwe\"],\"firstnames\":[\"Erik\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Giuffrida\"],\"firstnames\":[\"Cristiano\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Bos\"],\"firstnames\":[\"Herbert\"],\"suffixes\":[]}],\"month\":\"November\",\"year\":\"2023\",\"keywords\":\"class_sanitizer, proj_allocamelus, proj_intersect, proj_memo, proj_theseus, proj_tropics, type_mag, type_paper\",\"bibtex\":\"@article{gorter_floatzone_2023,\\n\\ttitle = {{FloatZone}: {How} {Floating} {Point} {Additions} can {Detect} {Memory} {Errors}},\\n\\turl = {https://www.usenix.org/publications/loginonline/floatzone-how-floating-point-additions-can-detect-memory-errors},\\n\\tjournal = {;login:},\\n\\tauthor = {Gorter, Floris and Barberis, Enrico and Isemann, Raphael and van der Kouwe, Erik and Giuffrida, Cristiano and Bos, Herbert},\\n\\tmonth = nov,\\n\\tyear = {2023},\\n\\tkeywords = {class\\\\_sanitizer, proj\\\\_allocamelus, proj\\\\_intersect, proj\\\\_memo, proj\\\\_theseus, proj\\\\_tropics, type\\\\_mag, type\\\\_paper},\\n}\\n\\n\",\"author_short\":[\"Gorter, F.\",\"Barberis, E.\",\"Isemann, R.\",\"van der Kouwe, E.\",\"Giuffrida, C.\",\"Bos, H.\"],\"key\":\"gorter_floatzone_2023\",\"id\":\"gorter_floatzone_2023\",\"bibbaseid\":\"gorter-barberis-isemann-vanderkouwe-giuffrida-bos-floatzonehowfloatingpointadditionscandetectmemoryerrors-2023\",\"role\":\"author\",\"urls\":{\"Paper\":\"https://www.usenix.org/publications/loginonline/floatzone-how-floating-point-additions-can-detect-memory-errors\"},\"keyword\":[\"class_sanitizer\",\"proj_allocamelus\",\"proj_intersect\",\"proj_memo\",\"proj_theseus\",\"proj_tropics\",\"type_mag\",\"type_paper\"],\"metadata\":{\"authorlinks\":{}},\"downloads\":20,\"html\":\"\"},{\"bibtype\":\"inproceedings\",\"type\":\"inproceedings\",\"title\":\"Quarantine: Mitigating Transient Execution Attacks with Physical Domain Isolation\",\"booktitle\":\"RAID\",\"author\":[{\"propositions\":[],\"lastnames\":[\"Hertogh\"],\"firstnames\":[\"Mathé\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Wiesinger\"],\"firstnames\":[\"Manuel\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Österlund\"],\"firstnames\":[\"Sebastian\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Muench\"],\"firstnames\":[\"Marius\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Amit\"],\"firstnames\":[\"Nadav\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Bos\"],\"firstnames\":[\"Herbert\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Giuffrida\"],\"firstnames\":[\"Cristiano\"],\"suffixes\":[]}],\"month\":\"October\",\"year\":\"2023\",\"keywords\":\"class_sidechannels, proj_allocamelus, proj_intersect, proj_vmware, type_conf, type_paper, type_top\",\"bibtex\":\"@inproceedings{hertogh_quarantine_2023,\\n\\ttitle = {Quarantine: {Mitigating} {Transient} {Execution} {Attacks} with {Physical} {Domain} {Isolation}},\\n\\turl = {Paper=https://download.vusec.net/papers/quarantine_raid23.pdf Code=https://github.com/vusec/quarantine},\\n\\tbooktitle = {{RAID}},\\n\\tauthor = {Hertogh, Mathé and Wiesinger, Manuel and Österlund, Sebastian and Muench, Marius and Amit, Nadav and Bos, Herbert and Giuffrida, Cristiano},\\n\\tmonth = oct,\\n\\tyear = {2023},\\n\\tkeywords = {class\\\\_sidechannels, proj\\\\_allocamelus, proj\\\\_intersect, proj\\\\_vmware, type\\\\_conf, type\\\\_paper, type\\\\_top},\\n}\\n\\n\",\"author_short\":[\"Hertogh, M.\",\"Wiesinger, M.\",\"Österlund, S.\",\"Muench, M.\",\"Amit, N.\",\"Bos, H.\",\"Giuffrida, C.\"],\"urlPaper\":\"https://download.vusec.net/papers/quarantine_raid23.pdf\",\"urlCode\":\"https://github.com/vusec/quarantine\",\"key\":\"hertogh_quarantine_2023\",\"id\":\"hertogh_quarantine_2023\",\"bibbaseid\":\"hertogh-wiesinger-sterlund-muench-amit-bos-giuffrida-quarantinemitigatingtransientexecutionattackswithphysicaldomainisolation-2023\",\"role\":\"author\",\"urls\":{\"Paper\":\"https://download.vusec.net/papers/quarantine_raid23.pdf\",\"Code\":\"https://github.com/vusec/quarantine\"},\"keyword\":[\"class_sidechannels\",\"proj_allocamelus\",\"proj_intersect\",\"proj_vmware\",\"type_conf\",\"type_paper\",\"type_top\"],\"metadata\":{\"authorlinks\":{}},\"downloads\":53,\"html\":\"\"},{\"bibtype\":\"inproceedings\",\"type\":\"inproceedings\",\"title\":\"Speculation at Fault: Modeling and Testing Microarchitectural Leakage of CPU Exceptions\",\"booktitle\":\"USENIX Security\",\"author\":[{\"propositions\":[],\"lastnames\":[\"Hofmann\"],\"firstnames\":[\"Jana\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Vannacci\"],\"firstnames\":[\"Emanuele\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Fournet\"],\"firstnames\":[\"Cedric\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Köpf\"],\"firstnames\":[\"Boris\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Oleksenko\"],\"firstnames\":[\"Oleksii\"],\"suffixes\":[]}],\"month\":\"August\",\"year\":\"2023\",\"keywords\":\"artifacts:available, artifacts:functional, artifacts:reproduced, class_sidechannels, proj_intersect, type_ae, type_conf, type_paper, type_tier1, type_top\",\"bibtex\":\"@inproceedings{hofmann_speculation_2023,\\n\\ttitle = {Speculation at {Fault}: {Modeling} and {Testing} {Microarchitectural} {Leakage} of {CPU} {Exceptions}},\\n\\turl = {Paper=https://www.usenix.org/system/files/usenixsecurity23-hofmann.pdf},\\n\\tbooktitle = {{USENIX} {Security}},\\n\\tauthor = {Hofmann, Jana and Vannacci, Emanuele and Fournet, Cedric and Köpf, Boris and Oleksenko, Oleksii},\\n\\tmonth = aug,\\n\\tyear = {2023},\\n\\tkeywords = {artifacts:available, artifacts:functional, artifacts:reproduced, class\\\\_sidechannels, proj\\\\_intersect, type\\\\_ae, type\\\\_conf, type\\\\_paper, type\\\\_tier1, type\\\\_top},\\n}\\n\\n\",\"author_short\":[\"Hofmann, J.\",\"Vannacci, E.\",\"Fournet, C.\",\"Köpf, B.\",\"Oleksenko, O.\"],\"urlPaper\":\"https://www.usenix.org/system/files/usenixsecurity23-hofmann.pdf\",\"key\":\"hofmann_speculation_2023\",\"id\":\"hofmann_speculation_2023\",\"bibbaseid\":\"hofmann-vannacci-fournet-kpf-oleksenko-speculationatfaultmodelingandtestingmicroarchitecturalleakageofcpuexceptions-2023\",\"role\":\"author\",\"urls\":{\"Paper\":\"https://www.usenix.org/system/files/usenixsecurity23-hofmann.pdf\"},\"keyword\":[\"artifacts:available\",\"artifacts:functional\",\"artifacts:reproduced\",\"class_sidechannels\",\"proj_intersect\",\"type_ae\",\"type_conf\",\"type_paper\",\"type_tier1\",\"type_top\"],\"metadata\":{\"authorlinks\":{}},\"downloads\":23,\"html\":\"\"},{\"bibtype\":\"inproceedings\",\"type\":\"inproceedings\",\"title\":\"FloatZone: Accelerating Memory Error Detection using the Floating Point Unit\",\"booktitle\":\"USENIX Security\",\"author\":[{\"propositions\":[],\"lastnames\":[\"Gorter\"],\"firstnames\":[\"Floris\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Barberis\"],\"firstnames\":[\"Enrico\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Isemann\"],\"firstnames\":[\"Raphael\"],\"suffixes\":[]},{\"propositions\":[\"van\",\"der\"],\"lastnames\":[\"Kouwe\"],\"firstnames\":[\"Erik\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Giuffrida\"],\"firstnames\":[\"Cristiano\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Bos\"],\"firstnames\":[\"Herbert\"],\"suffixes\":[]}],\"month\":\"August\",\"year\":\"2023\",\"keywords\":\"artifacts:available, artifacts:functional, artifacts:reproduced, class_sanitizer, proj_allocamelus, proj_intersect, proj_memo, proj_theseus, proj_tropics, type_ae, type_conf, type_paper, type_tier1, type_top\",\"bibtex\":\"@inproceedings{gorter_floatzone_2023-1,\\n\\ttitle = {{FloatZone}: {Accelerating} {Memory} {Error} {Detection} using the {Floating} {Point} {Unit}},\\n\\turl = {Paper=https://download.vusec.net/papers/floatzone_sec23.pdf Code=https://github.com/vusec/floatzone},\\n\\tbooktitle = {{USENIX} {Security}},\\n\\tauthor = {Gorter, Floris and Barberis, Enrico and Isemann, Raphael and van der Kouwe, Erik and Giuffrida, Cristiano and Bos, Herbert},\\n\\tmonth = aug,\\n\\tyear = {2023},\\n\\tkeywords = {artifacts:available, artifacts:functional, artifacts:reproduced, class\\\\_sanitizer, proj\\\\_allocamelus, proj\\\\_intersect, proj\\\\_memo, proj\\\\_theseus, proj\\\\_tropics, type\\\\_ae, type\\\\_conf, type\\\\_paper, type\\\\_tier1, type\\\\_top},\\n}\\n\\n\",\"author_short\":[\"Gorter, F.\",\"Barberis, E.\",\"Isemann, R.\",\"van der Kouwe, E.\",\"Giuffrida, C.\",\"Bos, H.\"],\"urlPaper\":\"https://download.vusec.net/papers/floatzone_sec23.pdf\",\"urlCode\":\"https://github.com/vusec/floatzone\",\"key\":\"gorter_floatzone_2023-1\",\"id\":\"gorter_floatzone_2023-1\",\"bibbaseid\":\"gorter-barberis-isemann-vanderkouwe-giuffrida-bos-floatzoneacceleratingmemoryerrordetectionusingthefloatingpointunit-2023\",\"role\":\"author\",\"urls\":{\"Paper\":\"https://download.vusec.net/papers/floatzone_sec23.pdf\",\"Code\":\"https://github.com/vusec/floatzone\"},\"keyword\":[\"artifacts:available\",\"artifacts:functional\",\"artifacts:reproduced\",\"class_sanitizer\",\"proj_allocamelus\",\"proj_intersect\",\"proj_memo\",\"proj_theseus\",\"proj_tropics\",\"type_ae\",\"type_conf\",\"type_paper\",\"type_tier1\",\"type_top\"],\"metadata\":{\"authorlinks\":{}},\"downloads\":340,\"html\":\"\"},{\"bibtype\":\"inproceedings\",\"type\":\"inproceedings\",\"title\":\"Uncontained: Uncovering Container Confusion in the Linux Kernel\",\"booktitle\":\"USENIX Security\",\"author\":[{\"propositions\":[],\"lastnames\":[\"Koschel\"],\"firstnames\":[\"Jakob\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Borrello\"],\"firstnames\":[\"Pietro\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"D'Elia\"],\"firstnames\":[\"Daniele\",\"Cono\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Bos\"],\"firstnames\":[\"Herbert\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Giuffrida\"],\"firstnames\":[\"Cristiano\"],\"suffixes\":[]}],\"month\":\"August\",\"year\":\"2023\",\"note\":\"Distinguished Artifact Award, Pwnie Award Nomination for Best Privilege Escalation\",\"keywords\":\"artifacts:available, artifacts:functional, artifacts:reproduced, class_sanitizer, proj_allocamelus, proj_intersect, proj_memo, proj_theseus, proj_tropics, research_uncontained, type_ae, type_award, type_conf, type_paper, type_tier1, type_top, type_uncontained\",\"bibtex\":\"@inproceedings{koschel_uncontained_2023,\\n\\ttitle = {Uncontained: {Uncovering} {Container} {Confusion} in the {Linux} {Kernel}},\\n\\turl = {Paper=https://download.vusec.net/papers/uncontained_sec23.pdf Web=https://vusec.net/projects/uncontained Code=https://github.com/vusec/uncontained},\\n\\tbooktitle = {{USENIX} {Security}},\\n\\tauthor = {Koschel, Jakob and Borrello, Pietro and D'Elia, Daniele Cono and Bos, Herbert and Giuffrida, Cristiano},\\n\\tmonth = aug,\\n\\tyear = {2023},\\n\\tnote = {Distinguished Artifact Award, Pwnie Award Nomination for Best Privilege Escalation},\\n\\tkeywords = {artifacts:available, artifacts:functional, artifacts:reproduced, class\\\\_sanitizer, proj\\\\_allocamelus, proj\\\\_intersect, proj\\\\_memo, proj\\\\_theseus, proj\\\\_tropics, research\\\\_uncontained, type\\\\_ae, type\\\\_award, type\\\\_conf, type\\\\_paper, type\\\\_tier1, type\\\\_top, type\\\\_uncontained},\\n}\\n\\n\",\"author_short\":[\"Koschel, J.\",\"Borrello, P.\",\"D'Elia, D. C.\",\"Bos, H.\",\"Giuffrida, C.\"],\"urlPaper\":\"https://download.vusec.net/papers/uncontained_sec23.pdf\",\"urlWeb\":\"https://vusec.net/projects/uncontained\",\"urlCode\":\"https://github.com/vusec/uncontained\",\"key\":\"koschel_uncontained_2023\",\"id\":\"koschel_uncontained_2023\",\"bibbaseid\":\"koschel-borrello-delia-bos-giuffrida-uncontaineduncoveringcontainerconfusioninthelinuxkernel-2023\",\"role\":\"author\",\"urls\":{\"Paper\":\"https://download.vusec.net/papers/uncontained_sec23.pdf\",\"Web\":\"https://vusec.net/projects/uncontained\",\"Code\":\"https://github.com/vusec/uncontained\"},\"keyword\":[\"artifacts:available\",\"artifacts:functional\",\"artifacts:reproduced\",\"class_sanitizer\",\"proj_allocamelus\",\"proj_intersect\",\"proj_memo\",\"proj_theseus\",\"proj_tropics\",\"research_uncontained\",\"type_ae\",\"type_award\",\"type_conf\",\"type_paper\",\"type_tier1\",\"type_top\",\"type_uncontained\"],\"metadata\":{\"authorlinks\":{}},\"downloads\":207,\"html\":\"\"},{\"bibtype\":\"inproceedings\",\"type\":\"inproceedings\",\"title\":\"Don't Look UB: Exposing Sanitizer-Eliding Compiler Optimizations\",\"booktitle\":\"PLDI\",\"author\":[{\"propositions\":[],\"lastnames\":[\"Isemann\"],\"firstnames\":[\"Raphael\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Giuffrida\"],\"firstnames\":[\"Cristiano\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Bos\"],\"firstnames\":[\"Herbert\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Van\",\"Der\",\"Kouwe\"],\"firstnames\":[\"Erik\"],\"suffixes\":[]},{\"propositions\":[\"von\"],\"lastnames\":[\"Gleissenthall\"],\"firstnames\":[\"Klaus\"],\"suffixes\":[]}],\"month\":\"June\",\"year\":\"2023\",\"keywords\":\"artifacts:reusable, class_sanitizer, proj_allocamelus, proj_intersect, proj_memo, proj_theseus, type_ae, type_conf, type_paper, type_tier1, type_top\",\"bibtex\":\"@inproceedings{isemann_dont_2023,\\n\\ttitle = {Don't {Look} {UB}: {Exposing} {Sanitizer}-{Eliding} {Compiler} {Optimizations}},\\n\\turl = {Paper=https://download.vusec.net/papers/dontlookub_pldi23.pdf Code=https://github.com/vusec/LookUB},\\n\\tbooktitle = {{PLDI}},\\n\\tauthor = {Isemann, Raphael and Giuffrida, Cristiano and Bos, Herbert and Van Der Kouwe, Erik and von Gleissenthall, Klaus},\\n\\tmonth = jun,\\n\\tyear = {2023},\\n\\tkeywords = {artifacts:reusable, class\\\\_sanitizer, proj\\\\_allocamelus, proj\\\\_intersect, proj\\\\_memo, proj\\\\_theseus, type\\\\_ae, type\\\\_conf, type\\\\_paper, type\\\\_tier1, type\\\\_top},\\n}\\n\\n\",\"author_short\":[\"Isemann, R.\",\"Giuffrida, C.\",\"Bos, H.\",\"Van Der Kouwe, E.\",\"von Gleissenthall, K.\"],\"urlPaper\":\"https://download.vusec.net/papers/dontlookub_pldi23.pdf\",\"urlCode\":\"https://github.com/vusec/LookUB\",\"key\":\"isemann_dont_2023\",\"id\":\"isemann_dont_2023\",\"bibbaseid\":\"isemann-giuffrida-bos-vanderkouwe-vongleissenthall-dontlookubexposingsanitizerelidingcompileroptimizations-2023\",\"role\":\"author\",\"urls\":{\"Paper\":\"https://download.vusec.net/papers/dontlookub_pldi23.pdf\",\"Code\":\"https://github.com/vusec/LookUB\"},\"keyword\":[\"artifacts:reusable\",\"class_sanitizer\",\"proj_allocamelus\",\"proj_intersect\",\"proj_memo\",\"proj_theseus\",\"type_ae\",\"type_conf\",\"type_paper\",\"type_tier1\",\"type_top\"],\"metadata\":{\"authorlinks\":{}},\"downloads\":74,\"html\":\"\"},{\"bibtype\":\"inproceedings\",\"type\":\"inproceedings\",\"title\":\"Enviral: Fuzzing the Environment for Evasive Malware Analysis\",\"booktitle\":\"EuroSec\",\"author\":[{\"propositions\":[],\"lastnames\":[\"Gorter\"],\"firstnames\":[\"Floris\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Giuffrida\"],\"firstnames\":[\"Cristiano\"],\"suffixes\":[]},{\"propositions\":[\"van\",\"der\"],\"lastnames\":[\"Kouwe\"],\"firstnames\":[\"Erik\"],\"suffixes\":[]}],\"month\":\"April\",\"year\":\"2023\",\"keywords\":\"class_malware, proj_intersect, proj_memo, proj_theseus, proj_tropics, type_mscthesis, type_paper, type_workshop\",\"bibtex\":\"@inproceedings{gorter_enviral_2023,\\n\\ttitle = {Enviral: {Fuzzing} the {Environment} for {Evasive} {Malware} {Analysis}},\\n\\turl = {Paper=https://download.vusec.net/papers/enviral_eurosec23.pdf},\\n\\tbooktitle = {{EuroSec}},\\n\\tauthor = {Gorter, Floris and Giuffrida, Cristiano and van der Kouwe, Erik},\\n\\tmonth = apr,\\n\\tyear = {2023},\\n\\tkeywords = {class\\\\_malware, proj\\\\_intersect, proj\\\\_memo, proj\\\\_theseus, proj\\\\_tropics, type\\\\_mscthesis, type\\\\_paper, type\\\\_workshop},\\n}\\n\\n\",\"author_short\":[\"Gorter, F.\",\"Giuffrida, C.\",\"van der Kouwe, E.\"],\"urlPaper\":\"https://download.vusec.net/papers/enviral_eurosec23.pdf\",\"key\":\"gorter_enviral_2023\",\"id\":\"gorter_enviral_2023\",\"bibbaseid\":\"gorter-giuffrida-vanderkouwe-enviralfuzzingtheenvironmentforevasivemalwareanalysis-2023\",\"role\":\"author\",\"urls\":{\"Paper\":\"https://download.vusec.net/papers/enviral_eurosec23.pdf\"},\"keyword\":[\"class_malware\",\"proj_intersect\",\"proj_memo\",\"proj_theseus\",\"proj_tropics\",\"type_mscthesis\",\"type_paper\",\"type_workshop\"],\"metadata\":{\"authorlinks\":{}},\"downloads\":55,\"html\":\"\"},{\"bibtype\":\"inproceedings\",\"type\":\"inproceedings\",\"title\":\"Copy-on-Flip: Hardening ECC Memory Against Rowhammer Attacks\",\"booktitle\":\"NDSS\",\"author\":[{\"propositions\":[],\"lastnames\":[\"Di\",\"Dio\"],\"firstnames\":[\"Andrea\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Koning\"],\"firstnames\":[\"Koen\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Bos\"],\"firstnames\":[\"Herbert\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Giuffrida\"],\"firstnames\":[\"Cristiano\"],\"suffixes\":[]}],\"month\":\"February\",\"year\":\"2023\",\"keywords\":\"class_rowhammer, proj_intersect, proj_offcore, proj_theseus, type_conf, type_mscthesis, type_paper, type_tier1, type_top\",\"bibtex\":\"@inproceedings{di_dio_copy--flip_2023,\\n\\ttitle = {Copy-on-{Flip}: {Hardening} {ECC} {Memory} {Against} {Rowhammer} {Attacks}},\\n\\turl = {Paper=https://download.vusec.net/papers/cof_ndss23.pdf Code=https://github.com/vusec/Copy-on-Flip},\\n\\tbooktitle = {{NDSS}},\\n\\tauthor = {Di Dio, Andrea and Koning, Koen and Bos, Herbert and Giuffrida, Cristiano},\\n\\tmonth = feb,\\n\\tyear = {2023},\\n\\tkeywords = {class\\\\_rowhammer, proj\\\\_intersect, proj\\\\_offcore, proj\\\\_theseus, type\\\\_conf, type\\\\_mscthesis, type\\\\_paper, type\\\\_tier1, type\\\\_top},\\n}\\n\\n\",\"author_short\":[\"Di Dio, A.\",\"Koning, K.\",\"Bos, H.\",\"Giuffrida, C.\"],\"urlPaper\":\"https://download.vusec.net/papers/cof_ndss23.pdf\",\"urlCode\":\"https://github.com/vusec/Copy-on-Flip\",\"key\":\"di_dio_copy--flip_2023\",\"id\":\"di_dio_copy--flip_2023\",\"bibbaseid\":\"didio-koning-bos-giuffrida-copyonfliphardeningeccmemoryagainstrowhammerattacks-2023\",\"role\":\"author\",\"urls\":{\"Paper\":\"https://download.vusec.net/papers/cof_ndss23.pdf\",\"Code\":\"https://github.com/vusec/Copy-on-Flip\"},\"keyword\":[\"class_rowhammer\",\"proj_intersect\",\"proj_offcore\",\"proj_theseus\",\"type_conf\",\"type_mscthesis\",\"type_paper\",\"type_tier1\",\"type_top\"],\"metadata\":{\"authorlinks\":{}},\"downloads\":88,\"html\":\"\"},{\"bibtype\":\"inproceedings\",\"type\":\"inproceedings\",\"title\":\"Let Me Unwind That For You: Exceptions to Backward-Edge Protection\",\"booktitle\":\"NDSS\",\"author\":[{\"propositions\":[],\"lastnames\":[\"Duta\"],\"firstnames\":[\"Victor\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Freyer\"],\"firstnames\":[\"Fabian\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Pagani\"],\"firstnames\":[\"Fabio\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Muench\"],\"firstnames\":[\"Marius\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Giuffrida\"],\"firstnames\":[\"Cristiano\"],\"suffixes\":[]}],\"month\":\"February\",\"year\":\"2023\",\"note\":\"Intel Bounty Reward\",\"keywords\":\"class_binary, proj_intersect, proj_memo, proj_offcore, proj_theseus, proj_tropics, type_award, type_bounty, type_conf, type_cve_assigned, type_paper, type_tier1, type_top\",\"bibtex\":\"@inproceedings{duta_let_2023,\\n\\ttitle = {Let {Me} {Unwind} {That} {For} {You}: {Exceptions} to {Backward}-{Edge} {Protection}},\\n\\turl = {Paper=https://download.vusec.net/papers/chop_ndss23.pdf Code=https://github.com/chop-project/chop},\\n\\tbooktitle = {{NDSS}},\\n\\tauthor = {Duta, Victor and Freyer, Fabian and Pagani, Fabio and Muench, Marius and Giuffrida, Cristiano},\\n\\tmonth = feb,\\n\\tyear = {2023},\\n\\tnote = {Intel Bounty Reward},\\n\\tkeywords = {class\\\\_binary, proj\\\\_intersect, proj\\\\_memo, proj\\\\_offcore, proj\\\\_theseus, proj\\\\_tropics, type\\\\_award, type\\\\_bounty, type\\\\_conf, type\\\\_cve\\\\_assigned, type\\\\_paper, type\\\\_tier1, type\\\\_top},\\n}\\n\\n\",\"author_short\":[\"Duta, V.\",\"Freyer, F.\",\"Pagani, F.\",\"Muench, M.\",\"Giuffrida, C.\"],\"urlPaper\":\"https://download.vusec.net/papers/chop_ndss23.pdf\",\"urlCode\":\"https://github.com/chop-project/chop\",\"key\":\"duta_let_2023\",\"id\":\"duta_let_2023\",\"bibbaseid\":\"duta-freyer-pagani-muench-giuffrida-letmeunwindthatforyouexceptionstobackwardedgeprotection-2023\",\"role\":\"author\",\"urls\":{\"Paper\":\"https://download.vusec.net/papers/chop_ndss23.pdf\",\"Code\":\"https://github.com/chop-project/chop\"},\"keyword\":[\"class_binary\",\"proj_intersect\",\"proj_memo\",\"proj_offcore\",\"proj_theseus\",\"proj_tropics\",\"type_award\",\"type_bounty\",\"type_conf\",\"type_cve_assigned\",\"type_paper\",\"type_tier1\",\"type_top\"],\"metadata\":{\"authorlinks\":{}},\"downloads\":100,\"html\":\"\"},{\"bibtype\":\"inproceedings\",\"type\":\"inproceedings\",\"title\":\"Unwinding the Stack for Fun and Profit\",\"booktitle\":\"Black Hat Europe\",\"author\":[{\"propositions\":[],\"lastnames\":[\"Duta\"],\"firstnames\":[\"Victor\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Freyer\"],\"firstnames\":[\"Fabian\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Pagani\"],\"firstnames\":[\"Fabio\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Muench\"],\"firstnames\":[\"Marius\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Giuffrida\"],\"firstnames\":[\"Cristiano\"],\"suffixes\":[]}],\"month\":\"December\",\"year\":\"2022\",\"keywords\":\"class_binary, proj_intersect, proj_memo, proj_theseus, proj_tropics, type_conf, type_paper\",\"bibtex\":\"@inproceedings{duta_unwinding_2022,\\n\\ttitle = {Unwinding the {Stack} for {Fun} and {Profit}},\\n\\tbooktitle = {Black {Hat} {Europe}},\\n\\tauthor = {Duta, Victor and Freyer, Fabian and Pagani, Fabio and Muench, Marius and Giuffrida, Cristiano},\\n\\tmonth = dec,\\n\\tyear = {2022},\\n\\tkeywords = {class\\\\_binary, proj\\\\_intersect, proj\\\\_memo, proj\\\\_theseus, proj\\\\_tropics, type\\\\_conf, type\\\\_paper},\\n}\\n\\n\",\"author_short\":[\"Duta, V.\",\"Freyer, F.\",\"Pagani, F.\",\"Muench, M.\",\"Giuffrida, C.\"],\"key\":\"duta_unwinding_2022\",\"id\":\"duta_unwinding_2022\",\"bibbaseid\":\"duta-freyer-pagani-muench-giuffrida-unwindingthestackforfunandprofit-2022\",\"role\":\"author\",\"urls\":{},\"keyword\":[\"class_binary\",\"proj_intersect\",\"proj_memo\",\"proj_theseus\",\"proj_tropics\",\"type_conf\",\"type_paper\"],\"metadata\":{\"authorlinks\":{}},\"html\":\"\"},{\"bibtype\":\"inproceedings\",\"type\":\"inproceedings\",\"title\":\"Snappy: Efficient Fuzzing with Adaptive and Mutable Snapshots\",\"booktitle\":\"ACSAC\",\"author\":[{\"propositions\":[],\"lastnames\":[\"Geretto\"],\"firstnames\":[\"Elia\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Giuffrida\"],\"firstnames\":[\"Cristiano\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Bos\"],\"firstnames\":[\"Herbert\"],\"suffixes\":[]},{\"propositions\":[\"van\",\"der\"],\"lastnames\":[\"Kouwe\"],\"firstnames\":[\"Erik\"],\"suffixes\":[]}],\"month\":\"December\",\"year\":\"2022\",\"keywords\":\"artifacts:functional, class_testing, proj_intersect, proj_memo, proj_theseus, proj_tropics, type_ae, type_conf, type_paper, type_top\",\"bibtex\":\"@inproceedings{geretto_snappy_2022,\\n\\ttitle = {Snappy: {Efficient} {Fuzzing} with {Adaptive} and {Mutable} {Snapshots}},\\n\\turl = {Paper=https://download.vusec.net/papers/snappy_acsac22.pdf Code=https://github.com/vusec/snappy},\\n\\tbooktitle = {{ACSAC}},\\n\\tauthor = {Geretto, Elia and Giuffrida, Cristiano and Bos, Herbert and van der Kouwe, Erik},\\n\\tmonth = dec,\\n\\tyear = {2022},\\n\\tkeywords = {artifacts:functional, class\\\\_testing, proj\\\\_intersect, proj\\\\_memo, proj\\\\_theseus, proj\\\\_tropics, type\\\\_ae, type\\\\_conf, type\\\\_paper, type\\\\_top},\\n}\\n\\n\",\"author_short\":[\"Geretto, E.\",\"Giuffrida, C.\",\"Bos, H.\",\"van der Kouwe, E.\"],\"urlPaper\":\"https://download.vusec.net/papers/snappy_acsac22.pdf\",\"urlCode\":\"https://github.com/vusec/snappy\",\"key\":\"geretto_snappy_2022\",\"id\":\"geretto_snappy_2022\",\"bibbaseid\":\"geretto-giuffrida-bos-vanderkouwe-snappyefficientfuzzingwithadaptiveandmutablesnapshots-2022\",\"role\":\"author\",\"urls\":{\"Paper\":\"https://download.vusec.net/papers/snappy_acsac22.pdf\",\"Code\":\"https://github.com/vusec/snappy\"},\"keyword\":[\"artifacts:functional\",\"class_testing\",\"proj_intersect\",\"proj_memo\",\"proj_theseus\",\"proj_tropics\",\"type_ae\",\"type_conf\",\"type_paper\",\"type_top\"],\"metadata\":{\"authorlinks\":{}},\"downloads\":87,\"html\":\"\"},{\"bibtype\":\"inproceedings\",\"type\":\"inproceedings\",\"title\":\"DangZero: Efficient Use-After-Free Detection via Direct Page Table Access\",\"booktitle\":\"CCS\",\"author\":[{\"propositions\":[],\"lastnames\":[\"Gorter\"],\"firstnames\":[\"Floris\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Koning\"],\"firstnames\":[\"Koen\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Bos\"],\"firstnames\":[\"Herbert\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Giuffrida\"],\"firstnames\":[\"Cristiano\"],\"suffixes\":[]}],\"month\":\"November\",\"year\":\"2022\",\"keywords\":\"class_sanitizer, proj_intersect, proj_memo, proj_theseus, proj_tropics, proj_unicore, type_conf, type_paper, type_tier1, type_top\",\"bibtex\":\"@inproceedings{gorter_dangzero_2022,\\n\\ttitle = {{DangZero}: {Efficient} {Use}-{After}-{Free} {Detection} via {Direct} {Page} {Table} {Access}},\\n\\turl = {Paper=https://download.vusec.net/papers/dangzero_ccs22.pdf Code=https://github.com/vusec/dangzero},\\n\\tbooktitle = {{CCS}},\\n\\tauthor = {Gorter, Floris and Koning, Koen and Bos, Herbert and Giuffrida, Cristiano},\\n\\tmonth = nov,\\n\\tyear = {2022},\\n\\tkeywords = {class\\\\_sanitizer, proj\\\\_intersect, proj\\\\_memo, proj\\\\_theseus, proj\\\\_tropics, proj\\\\_unicore, type\\\\_conf, type\\\\_paper, type\\\\_tier1, type\\\\_top},\\n}\\n\\n\",\"author_short\":[\"Gorter, F.\",\"Koning, K.\",\"Bos, H.\",\"Giuffrida, C.\"],\"urlPaper\":\"https://download.vusec.net/papers/dangzero_ccs22.pdf\",\"urlCode\":\"https://github.com/vusec/dangzero\",\"key\":\"gorter_dangzero_2022\",\"id\":\"gorter_dangzero_2022\",\"bibbaseid\":\"gorter-koning-bos-giuffrida-dangzeroefficientuseafterfreedetectionviadirectpagetableaccess-2022\",\"role\":\"author\",\"urls\":{\"Paper\":\"https://download.vusec.net/papers/dangzero_ccs22.pdf\",\"Code\":\"https://github.com/vusec/dangzero\"},\"keyword\":[\"class_sanitizer\",\"proj_intersect\",\"proj_memo\",\"proj_theseus\",\"proj_tropics\",\"proj_unicore\",\"type_conf\",\"type_paper\",\"type_tier1\",\"type_top\"],\"metadata\":{\"authorlinks\":{}},\"downloads\":153,\"html\":\"\"},{\"bibtype\":\"inproceedings\",\"type\":\"inproceedings\",\"title\":\"Branch History Injection: On the Effectiveness of Hardware Mitigations Against Cross-Privilege Spectre-v2 Attacks\",\"booktitle\":\"USENIX Security\",\"author\":[{\"propositions\":[],\"lastnames\":[\"Barberis\"],\"firstnames\":[\"Enrico\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Frigo\"],\"firstnames\":[\"Pietro\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Muench\"],\"firstnames\":[\"Marius\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Bos\"],\"firstnames\":[\"Herbert\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Giuffrida\"],\"firstnames\":[\"Cristiano\"],\"suffixes\":[]}],\"month\":\"August\",\"year\":\"2022\",\"note\":\"Pwnie Award Nomination for Epic Achievement, Intel Bounty Reward\",\"keywords\":\"artifacts:available, artifacts:functional, artifacts:reproduced, class_sidechannels, proj_intersect, proj_offcore, proj_theseus, proj_tropics, proj_unicore, type_ae, type_award, type_bounty, type_conf, type_cve_assigned, type_paper, type_press, type_tier1, type_top\",\"bibtex\":\"@inproceedings{barberis_branch_2022,\\n\\ttitle = {Branch {History} {Injection}: {On} the {Effectiveness} of {Hardware} {Mitigations} {Against} {Cross}-{Privilege} {Spectre}-v2 {Attacks}},\\n\\turl = {Paper=http://download.vusec.net/papers/bhi-spectre-bhb_sec22.pdf Web=https://www.vusec.net/projects/bhi-spectre-bhb Code=https://github.com/vusec/bhi-spectre-bhb},\\n\\tbooktitle = {{USENIX} {Security}},\\n\\tauthor = {Barberis, Enrico and Frigo, Pietro and Muench, Marius and Bos, Herbert and Giuffrida, Cristiano},\\n\\tmonth = aug,\\n\\tyear = {2022},\\n\\tnote = {Pwnie Award Nomination for Epic Achievement, Intel Bounty Reward},\\n\\tkeywords = {artifacts:available, artifacts:functional, artifacts:reproduced, class\\\\_sidechannels, proj\\\\_intersect, proj\\\\_offcore, proj\\\\_theseus, proj\\\\_tropics, proj\\\\_unicore, type\\\\_ae, type\\\\_award, type\\\\_bounty, type\\\\_conf, type\\\\_cve\\\\_assigned, type\\\\_paper, type\\\\_press, type\\\\_tier1, type\\\\_top},\\n}\\n\\n\",\"author_short\":[\"Barberis, E.\",\"Frigo, P.\",\"Muench, M.\",\"Bos, H.\",\"Giuffrida, C.\"],\"urlPaper\":\"http://download.vusec.net/papers/bhi-spectre-bhb_sec22.pdf\",\"urlWeb\":\"https://www.vusec.net/projects/bhi-spectre-bhb\",\"urlCode\":\"https://github.com/vusec/bhi-spectre-bhb\",\"key\":\"barberis_branch_2022\",\"id\":\"barberis_branch_2022\",\"bibbaseid\":\"barberis-frigo-muench-bos-giuffrida-branchhistoryinjectionontheeffectivenessofhardwaremitigationsagainstcrossprivilegespectrev2attacks-2022\",\"role\":\"author\",\"urls\":{\"Paper\":\"http://download.vusec.net/papers/bhi-spectre-bhb_sec22.pdf\",\"Web\":\"https://www.vusec.net/projects/bhi-spectre-bhb\",\"Code\":\"https://github.com/vusec/bhi-spectre-bhb\"},\"keyword\":[\"artifacts:available\",\"artifacts:functional\",\"artifacts:reproduced\",\"class_sidechannels\",\"proj_intersect\",\"proj_offcore\",\"proj_theseus\",\"proj_tropics\",\"proj_unicore\",\"type_ae\",\"type_award\",\"type_bounty\",\"type_conf\",\"type_cve_assigned\",\"type_paper\",\"type_press\",\"type_tier1\",\"type_top\"],\"metadata\":{\"authorlinks\":{}},\"downloads\":572,\"html\":\"\"},{\"bibtype\":\"inproceedings\",\"type\":\"inproceedings\",\"title\":\"Fuzzware: Using Precise MMIO Modeling for Effective Firmware Fuzzing\",\"url\":\"https://www.usenix.org/system/files/sec22summer_scharnowski.pdf\",\"abstract\":\"As embedded devices are becoming more pervasive in our everyday lives, they turn into an attractive target for adversaries. Despite their high value and large attack surface, applying automated testing techniques such as fuzzing is not straightforward for such devices. As fuzz testing firmware on constrained embedded devices is inefficient, state-of-the-art approaches instead opt to run the firmware in an emulator (through a process called re-hosting). However, existing approaches either use coarse-grained static models of hardware behavior or require manual effort to re-host the firmware. We propose a novel combination of lightweight program analysis, re-hosting, and fuzz testing to tackle these challenges. We present the design and implementation of Fuzzware, a software-only system to fuzz test unmodified monolithic firmware in a scalable way. By determining how hardware-generated values are actually used by the firmware logic, Fuzzware can automatically generate models that help focusing the fuzzing process on mutating the inputs that matter, which drastically improves its effectiveness. We evaluate our approach on synthetic and real-world targets comprising a total of 19 hardware platforms and 77 firmware images. Compared to state-of-the-art work, Fuzzware achieves up to 3.25 times the code coverage and our modeling approach reduces the size of the input space by up to 95.5%. The synthetic samples contain 66 unit tests for various hardware interactions, and we find that our approach is the first generic re-hosting solution to automatically pass all of them. Fuzzware discovered 15 completely new bugs including bugs in targets which were previously analyzed by other works; a total of 12 CVEs were assigned.\",\"booktitle\":\"USENIX Security\",\"author\":[{\"firstnames\":[],\"propositions\":[],\"lastnames\":[\"Tobias Scharnowski\"],\"suffixes\":[]},{\"firstnames\":[],\"propositions\":[],\"lastnames\":[\"Nils Bars\"],\"suffixes\":[]},{\"firstnames\":[],\"propositions\":[],\"lastnames\":[\"Moritz Schloegel\"],\"suffixes\":[]},{\"firstnames\":[],\"propositions\":[],\"lastnames\":[\"Eric Gustafson\"],\"suffixes\":[]},{\"firstnames\":[],\"propositions\":[],\"lastnames\":[\"Marius Muench\"],\"suffixes\":[]},{\"firstnames\":[],\"propositions\":[],\"lastnames\":[\"Giovanni Vigna\"],\"suffixes\":[]},{\"firstnames\":[],\"propositions\":[],\"lastnames\":[\"Christopher Kruegel\"],\"suffixes\":[]},{\"firstnames\":[],\"propositions\":[],\"lastnames\":[\"Thorsten Holz\"],\"suffixes\":[]},{\"firstnames\":[],\"propositions\":[],\"lastnames\":[\"Ali Abbasi\"],\"suffixes\":[]}],\"month\":\"August\",\"year\":\"2022\",\"keywords\":\"artifacts:available, artifacts:functional, artifacts:reproduced, class_binary, proj_intersect, proj_tropics, type_ae, type_conf, type_paper, type_tier1, type_top\",\"bibtex\":\"@inproceedings{tobias_scharnowski_fuzzware_2022,\\n\\ttitle = {Fuzzware: {Using} {Precise} {MMIO} {Modeling} for {Effective} {Firmware} {Fuzzing}},\\n\\turl = {https://www.usenix.org/system/files/sec22summer_scharnowski.pdf},\\n\\tabstract = {As embedded devices are becoming more pervasive in our everyday lives, they turn into an attractive target for adversaries. Despite their high value and large attack surface, applying automated testing techniques such as fuzzing is not straightforward for such devices. As fuzz testing firmware on constrained embedded devices is inefficient, state-of-the-art approaches instead opt to run the firmware in an emulator (through a process called re-hosting). However, existing approaches either use coarse-grained static models of hardware behavior or require manual effort to re-host the firmware.\\n\\nWe propose a novel combination of lightweight program analysis, re-hosting, and fuzz testing to tackle these challenges. We present the design and implementation of Fuzzware, a software-only system to fuzz test unmodified monolithic firmware in a scalable way. By determining how hardware-generated values are actually used by the firmware logic, Fuzzware can automatically generate models that help focusing the fuzzing process on mutating the inputs that matter, which drastically improves its effectiveness.\\n\\nWe evaluate our approach on synthetic and real-world targets comprising a total of 19 hardware platforms and 77 firmware images. Compared to state-of-the-art work, Fuzzware achieves up to 3.25 times the code coverage and our modeling approach reduces the size of the input space by up to 95.5\\\\%. The synthetic samples contain 66 unit tests for various hardware interactions, and we find that our approach is the first generic re-hosting solution to automatically pass all of them. Fuzzware discovered 15 completely new bugs including bugs in targets which were previously analyzed by other works; a total of 12 CVEs were assigned.},\\n\\tbooktitle = {{USENIX} {Security}},\\n\\tauthor = {{Tobias Scharnowski} and {Nils Bars} and {Moritz Schloegel} and {Eric Gustafson} and {Marius Muench} and {Giovanni Vigna} and {Christopher Kruegel} and {Thorsten Holz} and {Ali Abbasi}},\\n\\tmonth = aug,\\n\\tyear = {2022},\\n\\tkeywords = {artifacts:available, artifacts:functional, artifacts:reproduced, class\\\\_binary, proj\\\\_intersect, proj\\\\_tropics, type\\\\_ae, type\\\\_conf, type\\\\_paper, type\\\\_tier1, type\\\\_top},\\n}\\n\\n\",\"author_short\":[\"Tobias Scharnowski\",\"Nils Bars\",\"Moritz Schloegel\",\"Eric Gustafson\",\"Marius Muench\",\"Giovanni Vigna\",\"Christopher Kruegel\",\"Thorsten Holz\",\"Ali Abbasi\"],\"key\":\"tobias_scharnowski_fuzzware_2022\",\"id\":\"tobias_scharnowski_fuzzware_2022\",\"bibbaseid\":\"tobiasscharnowski-nilsbars-moritzschloegel-ericgustafson-mariusmuench-giovannivigna-christopherkruegel-thorstenholz-etal-fuzzwareusingprecisemmiomodelingforeffectivefirmwarefuzzing-2022\",\"role\":\"author\",\"urls\":{\"Paper\":\"https://www.usenix.org/system/files/sec22summer_scharnowski.pdf\"},\"keyword\":[\"artifacts:available\",\"artifacts:functional\",\"artifacts:reproduced\",\"class_binary\",\"proj_intersect\",\"proj_tropics\",\"type_ae\",\"type_conf\",\"type_paper\",\"type_tier1\",\"type_top\"],\"metadata\":{\"authorlinks\":{}},\"downloads\":67,\"html\":\"\"},{\"bibtype\":\"inproceedings\",\"type\":\"inproceedings\",\"title\":\"TLB;DR: Enhancing TLB-based Attacks with TLB Desynchronized Reverse Engineering\",\"booktitle\":\"USENIX Security\",\"author\":[{\"propositions\":[],\"lastnames\":[\"Tatar\"],\"firstnames\":[\"Andrei\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Trujillo\"],\"firstnames\":[\"Daniël\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Giuffrida\"],\"firstnames\":[\"Cristiano\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Bos\"],\"firstnames\":[\"Herbert\"],\"suffixes\":[]}],\"month\":\"August\",\"year\":\"2022\",\"keywords\":\"artifacts:available, artifacts:functional, artifacts:reproduced, class_sidechannels, proj_intersect, proj_offcore, proj_theseus, proj_tropics, proj_unicore, type_ae, type_conf, type_paper, type_tier1, type_top\",\"bibtex\":\"@inproceedings{tatar_tlbdr_2022,\\n\\ttitle = {{TLB};{DR}: {Enhancing} {TLB}-based {Attacks} with {TLB} {Desynchronized} {Reverse} {Engineering}},\\n\\turl = {Paper=https://download.vusec.net/papers/tlbdr_sec22.pdf Code=https://github.com/vusec/tlbdr},\\n\\tbooktitle = {{USENIX} {Security}},\\n\\tauthor = {Tatar, Andrei and Trujillo, Daniël and Giuffrida, Cristiano and Bos, Herbert},\\n\\tmonth = aug,\\n\\tyear = {2022},\\n\\tkeywords = {artifacts:available, artifacts:functional, artifacts:reproduced, class\\\\_sidechannels, proj\\\\_intersect, proj\\\\_offcore, proj\\\\_theseus, proj\\\\_tropics, proj\\\\_unicore, type\\\\_ae, type\\\\_conf, type\\\\_paper, type\\\\_tier1, type\\\\_top},\\n}\\n\\n\",\"author_short\":[\"Tatar, A.\",\"Trujillo, D.\",\"Giuffrida, C.\",\"Bos, H.\"],\"urlPaper\":\"https://download.vusec.net/papers/tlbdr_sec22.pdf\",\"urlCode\":\"https://github.com/vusec/tlbdr\",\"key\":\"tatar_tlbdr_2022\",\"id\":\"tatar_tlbdr_2022\",\"bibbaseid\":\"tatar-trujillo-giuffrida-bos-tlbdrenhancingtlbbasedattackswithtlbdesynchronizedreverseengineering-2022\",\"role\":\"author\",\"urls\":{\"Paper\":\"https://download.vusec.net/papers/tlbdr_sec22.pdf\",\"Code\":\"https://github.com/vusec/tlbdr\"},\"keyword\":[\"artifacts:available\",\"artifacts:functional\",\"artifacts:reproduced\",\"class_sidechannels\",\"proj_intersect\",\"proj_offcore\",\"proj_theseus\",\"proj_tropics\",\"proj_unicore\",\"type_ae\",\"type_conf\",\"type_paper\",\"type_tier1\",\"type_top\"],\"metadata\":{\"authorlinks\":{}},\"downloads\":108,\"html\":\"\"},{\"bibtype\":\"inproceedings\",\"type\":\"inproceedings\",\"title\":\"BugsBunny: Hopping to RTL Targets with a Directed Hardware-Design Fuzzer\",\"url\":\"https://download.vusec.net/papers/bugsbunny_silm22.pdf\",\"booktitle\":\"SILM\",\"author\":[{\"propositions\":[],\"lastnames\":[\"Ragab\"],\"firstnames\":[\"Hany\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Koning\"],\"firstnames\":[\"Koen\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Bos\"],\"firstnames\":[\"Herbert\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Giuffrida\"],\"firstnames\":[\"Cristiano\"],\"suffixes\":[]}],\"month\":\"June\",\"year\":\"2022\",\"keywords\":\"class_testing, proj_intersect, proj_offcore, proj_tropics, type_paper, type_workshop\",\"bibtex\":\"@inproceedings{ragab_bugsbunny_2022,\\n\\ttitle = {{BugsBunny}: {Hopping} to {RTL} {Targets} with a {Directed} {Hardware}-{Design} {Fuzzer}},\\n\\turl = {https://download.vusec.net/papers/bugsbunny_silm22.pdf},\\n\\tbooktitle = {{SILM}},\\n\\tauthor = {Ragab, Hany and Koning, Koen and Bos, Herbert and Giuffrida, Cristiano},\\n\\tmonth = jun,\\n\\tyear = {2022},\\n\\tkeywords = {class\\\\_testing, proj\\\\_intersect, proj\\\\_offcore, proj\\\\_tropics, type\\\\_paper, type\\\\_workshop},\\n}\\n\\n\",\"author_short\":[\"Ragab, H.\",\"Koning, K.\",\"Bos, H.\",\"Giuffrida, C.\"],\"key\":\"ragab_bugsbunny_2022\",\"id\":\"ragab_bugsbunny_2022\",\"bibbaseid\":\"ragab-koning-bos-giuffrida-bugsbunnyhoppingtortltargetswithadirectedhardwaredesignfuzzer-2022\",\"role\":\"author\",\"urls\":{\"Paper\":\"https://download.vusec.net/papers/bugsbunny_silm22.pdf\"},\"keyword\":[\"class_testing\",\"proj_intersect\",\"proj_offcore\",\"proj_tropics\",\"type_paper\",\"type_workshop\"],\"metadata\":{\"authorlinks\":{}},\"downloads\":59,\"html\":\"\"},{\"bibtype\":\"inproceedings\",\"type\":\"inproceedings\",\"title\":\"Spring: Spectre Returning in the Browser with Speculative Load Queuing and Deep Stacks\",\"booktitle\":\"WOOT\",\"author\":[{\"propositions\":[],\"lastnames\":[\"Wikner\"],\"firstnames\":[\"Johannes\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Giuffrida\"],\"firstnames\":[\"Cristiano\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Bos\"],\"firstnames\":[\"Herbert\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Razavi\"],\"firstnames\":[\"Kaveh\"],\"suffixes\":[]}],\"month\":\"May\",\"year\":\"2022\",\"note\":\"Mozilla Bounty Reward\",\"keywords\":\"class_sidechannels, proj_intersect, proj_offcore, proj_tropics, type_award, type_bounty, type_mscthesis, type_paper, type_top, type_workshop\",\"bibtex\":\"@inproceedings{wikner_spring_2022,\\n\\ttitle = {Spring: {Spectre} {Returning} in the {Browser} with {Speculative} {Load} {Queuing} and {Deep} {Stacks}},\\n\\turl = {Paper=http://download.vusec.net/papers/spring_woot22.pdf},\\n\\tbooktitle = {{WOOT}},\\n\\tauthor = {Wikner, Johannes and Giuffrida, Cristiano and Bos, Herbert and Razavi, Kaveh},\\n\\tmonth = may,\\n\\tyear = {2022},\\n\\tnote = {Mozilla Bounty Reward},\\n\\tkeywords = {class\\\\_sidechannels, proj\\\\_intersect, proj\\\\_offcore, proj\\\\_tropics, type\\\\_award, type\\\\_bounty, type\\\\_mscthesis, type\\\\_paper, type\\\\_top, type\\\\_workshop},\\n}\\n\\n\",\"author_short\":[\"Wikner, J.\",\"Giuffrida, C.\",\"Bos, H.\",\"Razavi, K.\"],\"urlPaper\":\"http://download.vusec.net/papers/spring_woot22.pdf\",\"key\":\"wikner_spring_2022\",\"id\":\"wikner_spring_2022\",\"bibbaseid\":\"wikner-giuffrida-bos-razavi-springspectrereturninginthebrowserwithspeculativeloadqueuinganddeepstacks-2022\",\"role\":\"author\",\"urls\":{\"Paper\":\"http://download.vusec.net/papers/spring_woot22.pdf\"},\"keyword\":[\"class_sidechannels\",\"proj_intersect\",\"proj_offcore\",\"proj_tropics\",\"type_award\",\"type_bounty\",\"type_mscthesis\",\"type_paper\",\"type_top\",\"type_workshop\"],\"metadata\":{\"authorlinks\":{}},\"downloads\":131,\"html\":\"\"},{\"bibtype\":\"inproceedings\",\"type\":\"inproceedings\",\"title\":\"On the Effectiveness of Same-Domain Memory Deduplication\",\"booktitle\":\"EuroSec\",\"author\":[{\"propositions\":[],\"lastnames\":[\"Costi\"],\"firstnames\":[\"Andreas\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Johannesmeyer\"],\"firstnames\":[\"Brian\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Bosman\"],\"firstnames\":[\"Erik\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Giuffrida\"],\"firstnames\":[\"Cristiano\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Bos\"],\"firstnames\":[\"Herbert\"],\"suffixes\":[]}],\"month\":\"April\",\"year\":\"2022\",\"keywords\":\"class_sidechannels, proj_intersect, proj_unicore, type_mscthesis, type_paper, type_workshop\",\"bibtex\":\"@inproceedings{costi_effectiveness_2022,\\n\\ttitle = {On the {Effectiveness} of {Same}-{Domain} {Memory} {Deduplication}},\\n\\turl = {Paper=https://download.vusec.net/papers/dedupestreturns_eurosec22.pdf Slides=https://download.vusec.net/slides/dedup_eurosec22.pdf Web=https://www.vusec.net/projects/dedup-est-machina-returns/ Code=https://github.com/vusec/dedup-est-returns},\\n\\tbooktitle = {{EuroSec}},\\n\\tauthor = {Costi, Andreas and Johannesmeyer, Brian and Bosman, Erik and Giuffrida, Cristiano and Bos, Herbert},\\n\\tmonth = apr,\\n\\tyear = {2022},\\n\\tkeywords = {class\\\\_sidechannels, proj\\\\_intersect, proj\\\\_unicore, type\\\\_mscthesis, type\\\\_paper, type\\\\_workshop},\\n}\\n\\n\",\"author_short\":[\"Costi, A.\",\"Johannesmeyer, B.\",\"Bosman, E.\",\"Giuffrida, C.\",\"Bos, H.\"],\"urlPaper\":\"https://download.vusec.net/papers/dedupestreturns_eurosec22.pdf\",\"urlSlides\":\"https://download.vusec.net/slides/dedup_eurosec22.pdf\",\"urlWeb\":\"https://www.vusec.net/projects/dedup-est-machina-returns/\",\"urlCode\":\"https://github.com/vusec/dedup-est-returns\",\"key\":\"costi_effectiveness_2022\",\"id\":\"costi_effectiveness_2022\",\"bibbaseid\":\"costi-johannesmeyer-bosman-giuffrida-bos-ontheeffectivenessofsamedomainmemorydeduplication-2022\",\"role\":\"author\",\"urls\":{\"Paper\":\"https://download.vusec.net/papers/dedupestreturns_eurosec22.pdf\",\"Slides\":\"https://download.vusec.net/slides/dedup_eurosec22.pdf\",\"Web\":\"https://www.vusec.net/projects/dedup-est-machina-returns/\",\"Code\":\"https://github.com/vusec/dedup-est-returns\"},\"keyword\":[\"class_sidechannels\",\"proj_intersect\",\"proj_unicore\",\"type_mscthesis\",\"type_paper\",\"type_workshop\"],\"metadata\":{\"authorlinks\":{}},\"downloads\":57,\"html\":\"\"},{\"bibtype\":\"inproceedings\",\"type\":\"inproceedings\",\"title\":\"Kasper: Scanning for Generalized Transient Execution Gadgets in the Linux Kernel\",\"booktitle\":\"NDSS\",\"author\":[{\"propositions\":[],\"lastnames\":[\"Johannesmeyer\"],\"firstnames\":[\"Brian\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Koschel\"],\"firstnames\":[\"Jakob\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Razavi\"],\"firstnames\":[\"Kaveh\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Bos\"],\"firstnames\":[\"Herbert\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Giuffrida\"],\"firstnames\":[\"Cristiano\"],\"suffixes\":[]}],\"month\":\"April\",\"year\":\"2022\",\"keywords\":\"class_sidechannels, proj_intersect, proj_offcore, proj_theseus, proj_tropics, proj_unicore, proj_veripatch, type_conf, type_paper, type_tier1, type_top\",\"bibtex\":\"@inproceedings{johannesmeyer_kasper_2022,\\n\\ttitle = {Kasper: {Scanning} for {Generalized} {Transient} {Execution} {Gadgets} in the {Linux} {Kernel}},\\n\\turl = {Paper=https://download.vusec.net/papers/kasper_ndss22.pdf Slides=https://download.vusec.net/slides/kasper_ndss22.pdf Web=https://www.vusec.net/projects/kasper Code=https://github.com/vusec/kasper Video=https://www.youtube.com/watch?v=v89Zt3vxrww},\\n\\tbooktitle = {{NDSS}},\\n\\tauthor = {Johannesmeyer, Brian and Koschel, Jakob and Razavi, Kaveh and Bos, Herbert and Giuffrida, Cristiano},\\n\\tmonth = apr,\\n\\tyear = {2022},\\n\\tkeywords = {class\\\\_sidechannels, proj\\\\_intersect, proj\\\\_offcore, proj\\\\_theseus, proj\\\\_tropics, proj\\\\_unicore, proj\\\\_veripatch, type\\\\_conf, type\\\\_paper, type\\\\_tier1, type\\\\_top},\\n}\\n\\n\",\"author_short\":[\"Johannesmeyer, B.\",\"Koschel, J.\",\"Razavi, K.\",\"Bos, H.\",\"Giuffrida, C.\"],\"urlPaper\":\"https://download.vusec.net/papers/kasper_ndss22.pdf\",\"urlSlides\":\"https://download.vusec.net/slides/kasper_ndss22.pdf\",\"urlWeb\":\"https://www.vusec.net/projects/kasper\",\"urlCode\":\"https://github.com/vusec/kasper\",\"urlVideo\":\"https://www.youtube.com/watch?v=v89Zt3vxrww\",\"key\":\"johannesmeyer_kasper_2022\",\"id\":\"johannesmeyer_kasper_2022\",\"bibbaseid\":\"johannesmeyer-koschel-razavi-bos-giuffrida-kasperscanningforgeneralizedtransientexecutiongadgetsinthelinuxkernel-2022\",\"role\":\"author\",\"urls\":{\"Paper\":\"https://download.vusec.net/papers/kasper_ndss22.pdf\",\"Slides\":\"https://download.vusec.net/slides/kasper_ndss22.pdf\",\"Web\":\"https://www.vusec.net/projects/kasper\",\"Code\":\"https://github.com/vusec/kasper\",\"Video\":\"https://www.youtube.com/watch?v=v89Zt3vxrww\"},\"keyword\":[\"class_sidechannels\",\"proj_intersect\",\"proj_offcore\",\"proj_theseus\",\"proj_tropics\",\"proj_unicore\",\"proj_veripatch\",\"type_conf\",\"type_paper\",\"type_tier1\",\"type_top\"],\"metadata\":{\"authorlinks\":{}},\"downloads\":518,\"html\":\"\"},{\"bibtype\":\"inproceedings\",\"type\":\"inproceedings\",\"title\":\"DupeFS: Leaking Data Over the Network With Filesystem Deduplication Side Channels\",\"booktitle\":\"FAST\",\"author\":[{\"propositions\":[],\"lastnames\":[\"Bacs\"],\"firstnames\":[\"Andrei\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Musaev\"],\"firstnames\":[\"Saidgani\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Razavi\"],\"firstnames\":[\"Kaveh\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Giuffrida\"],\"firstnames\":[\"Cristiano\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Bos\"],\"firstnames\":[\"Herbert\"],\"suffixes\":[]}],\"month\":\"February\",\"year\":\"2022\",\"keywords\":\"class_sidechannels, proj_intersect, proj_offcore, proj_unicore, type_conf, type_mscthesis, type_paper, type_tier1, type_top\",\"bibtex\":\"@inproceedings{bacs_dupefs_2022,\\n\\ttitle = {{DupeFS}: {Leaking} {Data} {Over} the {Network} {With} {Filesystem} {Deduplication} {Side} {Channels}},\\n\\turl = {Paper=https://download.vusec.net/papers/dupefs_fast22.pdf},\\n\\tbooktitle = {{FAST}},\\n\\tauthor = {Bacs, Andrei and Musaev, Saidgani and Razavi, Kaveh and Giuffrida, Cristiano and Bos, Herbert},\\n\\tmonth = feb,\\n\\tyear = {2022},\\n\\tkeywords = {class\\\\_sidechannels, proj\\\\_intersect, proj\\\\_offcore, proj\\\\_unicore, type\\\\_conf, type\\\\_mscthesis, type\\\\_paper, type\\\\_tier1, type\\\\_top},\\n}\\n\\n\",\"author_short\":[\"Bacs, A.\",\"Musaev, S.\",\"Razavi, K.\",\"Giuffrida, C.\",\"Bos, H.\"],\"urlPaper\":\"https://download.vusec.net/papers/dupefs_fast22.pdf\",\"key\":\"bacs_dupefs_2022\",\"id\":\"bacs_dupefs_2022\",\"bibbaseid\":\"bacs-musaev-razavi-giuffrida-bos-dupefsleakingdataoverthenetworkwithfilesystemdeduplicationsidechannels-2022\",\"role\":\"author\",\"urls\":{\"Paper\":\"https://download.vusec.net/papers/dupefs_fast22.pdf\"},\"keyword\":[\"class_sidechannels\",\"proj_intersect\",\"proj_offcore\",\"proj_unicore\",\"type_conf\",\"type_mscthesis\",\"type_paper\",\"type_tier1\",\"type_top\"],\"metadata\":{\"authorlinks\":{}},\"downloads\":127,\"html\":\"\"},{\"bibtype\":\"inproceedings\",\"type\":\"inproceedings\",\"title\":\"FirmWire: Transparent Dynamic Analysis for Cellular Baseband Firmware\",\"booktitle\":\"NDSS\",\"author\":[{\"firstnames\":[],\"propositions\":[],\"lastnames\":[\"Grant Hernandez\"],\"suffixes\":[]},{\"firstnames\":[],\"propositions\":[],\"lastnames\":[\"Marius Muench\"],\"suffixes\":[]},{\"firstnames\":[],\"propositions\":[],\"lastnames\":[\"Dominik Maier\"],\"suffixes\":[]},{\"firstnames\":[],\"propositions\":[],\"lastnames\":[\"Alyssa Milburn\"],\"suffixes\":[]},{\"firstnames\":[],\"propositions\":[],\"lastnames\":[\"Shinjo Park\"],\"suffixes\":[]},{\"firstnames\":[],\"propositions\":[],\"lastnames\":[\"Tobias Scharnowski\"],\"suffixes\":[]},{\"firstnames\":[],\"propositions\":[],\"lastnames\":[\"Tyler Tucker\"],\"suffixes\":[]},{\"firstnames\":[],\"propositions\":[],\"lastnames\":[\"Patrick Traynor\"],\"suffixes\":[]},{\"firstnames\":[],\"propositions\":[],\"lastnames\":[\"Kevin R. B. Butler\"],\"suffixes\":[]}],\"month\":\"February\",\"year\":\"2022\",\"keywords\":\"class_binary, proj_intersect, proj_tropics, type_conf, type_paper, type_tier1, type_top\",\"bibtex\":\"@inproceedings{grant_hernandez_firmwire_2022,\\n\\ttitle = {{FirmWire}: {Transparent} {Dynamic} {Analysis} for {Cellular} {Baseband} {Firmware}},\\n\\turl = {Paper=https://hernan.de/research/papers/firmwire-ndss22-hernandez.pdf Code=https://github.com/FirmWire/FirmWire},\\n\\tbooktitle = {{NDSS}},\\n\\tauthor = {{Grant Hernandez} and {Marius Muench} and {Dominik Maier} and {Alyssa Milburn} and {Shinjo Park} and {Tobias Scharnowski} and {Tyler Tucker} and {Patrick Traynor} and {Kevin R. B. Butler}},\\n\\tmonth = feb,\\n\\tyear = {2022},\\n\\tkeywords = {class\\\\_binary, proj\\\\_intersect, proj\\\\_tropics, type\\\\_conf, type\\\\_paper, type\\\\_tier1, type\\\\_top},\\n}\\n\\n\",\"author_short\":[\"Grant Hernandez\",\"Marius Muench\",\"Dominik Maier\",\"Alyssa Milburn\",\"Shinjo Park\",\"Tobias Scharnowski\",\"Tyler Tucker\",\"Patrick Traynor\",\"Kevin R. B. Butler\"],\"urlPaper\":\"https://hernan.de/research/papers/firmwire-ndss22-hernandez.pdf\",\"urlCode\":\"https://github.com/FirmWire/FirmWire\",\"key\":\"grant_hernandez_firmwire_2022\",\"id\":\"grant_hernandez_firmwire_2022\",\"bibbaseid\":\"granthernandez-mariusmuench-dominikmaier-alyssamilburn-shinjopark-tobiasscharnowski-tylertucker-patricktraynor-etal-firmwiretransparentdynamicanalysisforcellularbasebandfirmware-2022\",\"role\":\"author\",\"urls\":{\"Paper\":\"https://hernan.de/research/papers/firmwire-ndss22-hernandez.pdf\",\"Code\":\"https://github.com/FirmWire/FirmWire\"},\"keyword\":[\"class_binary\",\"proj_intersect\",\"proj_tropics\",\"type_conf\",\"type_paper\",\"type_tier1\",\"type_top\"],\"metadata\":{\"authorlinks\":{}},\"downloads\":31,\"html\":\"\"},{\"bibtype\":\"inproceedings\",\"type\":\"inproceedings\",\"title\":\"LeanSym: Efficient Hybrid Fuzzing Through Conservative Constraint Debloating\",\"url\":\"https://download.vusec.net/papers/leansym_raid21.pdf\",\"booktitle\":\"RAID\",\"author\":[{\"propositions\":[],\"lastnames\":[\"Mi\"],\"firstnames\":[\"Xianya\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Rawat\"],\"firstnames\":[\"Sanjay\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Giuffrida\"],\"firstnames\":[\"Cristiano\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Bos\"],\"firstnames\":[\"Herbert\"],\"suffixes\":[]}],\"month\":\"October\",\"year\":\"2021\",\"keywords\":\"class_testing, proj_intersect, proj_memo, proj_theseus, proj_tropics, type_conf, type_paper, type_top\",\"bibtex\":\"@inproceedings{mi_leansym_2021,\\n\\ttitle = {{LeanSym}: {Efficient} {Hybrid} {Fuzzing} {Through} {Conservative} {Constraint} {Debloating}},\\n\\turl = {https://download.vusec.net/papers/leansym_raid21.pdf},\\n\\tbooktitle = {{RAID}},\\n\\tauthor = {Mi, Xianya and Rawat, Sanjay and Giuffrida, Cristiano and Bos, Herbert},\\n\\tmonth = oct,\\n\\tyear = {2021},\\n\\tkeywords = {class\\\\_testing, proj\\\\_intersect, proj\\\\_memo, proj\\\\_theseus, proj\\\\_tropics, type\\\\_conf, type\\\\_paper, type\\\\_top},\\n}\\n\\n\",\"author_short\":[\"Mi, X.\",\"Rawat, S.\",\"Giuffrida, C.\",\"Bos, H.\"],\"key\":\"mi_leansym_2021\",\"id\":\"mi_leansym_2021\",\"bibbaseid\":\"mi-rawat-giuffrida-bos-leansymefficienthybridfuzzingthroughconservativeconstraintdebloating-2021\",\"role\":\"author\",\"urls\":{\"Paper\":\"https://download.vusec.net/papers/leansym_raid21.pdf\"},\"keyword\":[\"class_testing\",\"proj_intersect\",\"proj_memo\",\"proj_theseus\",\"proj_tropics\",\"type_conf\",\"type_paper\",\"type_top\"],\"metadata\":{\"authorlinks\":{}},\"downloads\":41,\"html\":\"\"},{\"bibtype\":\"inproceedings\",\"type\":\"inproceedings\",\"title\":\"Rage Against the Machine Clear: A Systematic Analysis of Machine Clears and Their Implications for Transient Execution Attacks\",\"booktitle\":\"USENIX Security\",\"author\":[{\"propositions\":[],\"lastnames\":[\"Ragab\"],\"firstnames\":[\"Hany\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Barberis\"],\"firstnames\":[\"Enrico\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Bos\"],\"firstnames\":[\"Herbert\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Giuffrida\"],\"firstnames\":[\"Cristiano\"],\"suffixes\":[]}],\"month\":\"August\",\"year\":\"2021\",\"note\":\"Distinguished Paper Award, Intel Bounty Reward, Mozilla Bounty Reward, Pwnie Award Nomination for Most Innovative Research, Pwnie Award Nomination for Best Privilege Escalation Bug, Pwnie Award Nomination for Best Client-Side Bug, Pwnie Award Nomination for Epic Achievement, DCSR Paper Award, CSAW Best Paper Award Runner-up\",\"keywords\":\"class_sidechannels, proj_intersect, proj_offcore, proj_react, proj_unicore, type_award, type_bounty, type_conf, type_cve_assigned, type_paper, type_tier1, type_top\",\"bibtex\":\"@inproceedings{ragab_rage_2021,\\n\\ttitle = {Rage {Against} the {Machine} {Clear}: {A} {Systematic} {Analysis} of {Machine} {Clears} and {Their} {Implications} for {Transient} {Execution} {Attacks}},\\n\\turl = {Paper=https://download.vusec.net/papers/fpvi-scsb_sec21.pdf Web=https://www.vusec.net/projects/fpvi-scsb Code=https://github.com/vusec/fpvi-scsb},\\n\\tbooktitle = {{USENIX} {Security}},\\n\\tauthor = {Ragab, Hany and Barberis, Enrico and Bos, Herbert and Giuffrida, Cristiano},\\n\\tmonth = aug,\\n\\tyear = {2021},\\n\\tnote = {Distinguished Paper Award, Intel Bounty Reward, Mozilla Bounty Reward, Pwnie Award Nomination for Most Innovative Research, Pwnie Award Nomination for Best Privilege Escalation Bug, Pwnie Award Nomination for Best Client-Side Bug, Pwnie Award Nomination for Epic Achievement, DCSR Paper Award, CSAW Best Paper Award Runner-up},\\n\\tkeywords = {class\\\\_sidechannels, proj\\\\_intersect, proj\\\\_offcore, proj\\\\_react, proj\\\\_unicore, type\\\\_award, type\\\\_bounty, type\\\\_conf, type\\\\_cve\\\\_assigned, type\\\\_paper, type\\\\_tier1, type\\\\_top},\\n}\\n\\n\",\"author_short\":[\"Ragab, H.\",\"Barberis, E.\",\"Bos, H.\",\"Giuffrida, C.\"],\"urlPaper\":\"https://download.vusec.net/papers/fpvi-scsb_sec21.pdf\",\"urlWeb\":\"https://www.vusec.net/projects/fpvi-scsb\",\"urlCode\":\"https://github.com/vusec/fpvi-scsb\",\"key\":\"ragab_rage_2021\",\"id\":\"ragab_rage_2021\",\"bibbaseid\":\"ragab-barberis-bos-giuffrida-rageagainstthemachineclearasystematicanalysisofmachineclearsandtheirimplicationsfortransientexecutionattacks-2021\",\"role\":\"author\",\"urls\":{\"Paper\":\"https://download.vusec.net/papers/fpvi-scsb_sec21.pdf\",\"Web\":\"https://www.vusec.net/projects/fpvi-scsb\",\"Code\":\"https://github.com/vusec/fpvi-scsb\"},\"keyword\":[\"class_sidechannels\",\"proj_intersect\",\"proj_offcore\",\"proj_react\",\"proj_unicore\",\"type_award\",\"type_bounty\",\"type_conf\",\"type_cve_assigned\",\"type_paper\",\"type_tier1\",\"type_top\"],\"metadata\":{\"authorlinks\":{}},\"downloads\":296,\"html\":\"\"},{\"bibtype\":\"inproceedings\",\"type\":\"inproceedings\",\"title\":\"SoK: Enabling Security Analyses of Embedded Systems via Rehosting\",\"url\":\"https://dl.acm.org/doi/pdf/10.1145/3433210.3453093\",\"doi\":\"10.1145/3433210.3453093\",\"abstract\":\"Closely monitoring the behavior of a software system during its execution enables developers and analysts to observe, and ultimately understand, how it works. This kind of dynamic analysis can be instrumental to reverse engineering, vulnerability discovery, exploit development, and debugging. While these analyses are typically well-supported for homogeneous desktop platforms (e.g., x86 desktop PCs), they can rarely be applied in the heterogeneous world of embedded systems. One approach to enable dynamic analyses of embedded systems is to move software stacks from physical systems into virtual environments that sufficiently model hardware behavior. This process which we call \\\"rehosting\\\" poses a significant research challenge with major implications for security analyses. Although rehosting has traditionally been an unscientific and ad-hoc endeavor undertaken by domain experts with varying time and resources at their disposal, researchers are beginning to address rehosting challenges systematically and in earnest. In this paper, we establish that emulation is insufficient to conduct large-scale dynamic analysis of real-world hardware systems and present rehosting as a firmware-centric alternative. Furthermore, we taxonomize preliminary rehosting efforts, identify the fundamental components of the rehosting process, and propose directions for future research.\",\"booktitle\":\"ASIACCS\",\"author\":[{\"propositions\":[],\"lastnames\":[\"Fasano\"],\"firstnames\":[\"Andrew\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Ballo\"],\"firstnames\":[\"Tiemoko\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Muench\"],\"firstnames\":[\"Marius\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Leek\"],\"firstnames\":[\"Tim\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Bulekov\"],\"firstnames\":[\"Alexander\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Dolan-Gavitt\"],\"firstnames\":[\"Brendan\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Egele\"],\"firstnames\":[\"Manuel\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Francillon\"],\"firstnames\":[\"Aurélien\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Lu\"],\"firstnames\":[\"Long\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Gregory\"],\"firstnames\":[\"Nick\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Balzarotti\"],\"firstnames\":[\"Davide\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Robertson\"],\"firstnames\":[\"William\"],\"suffixes\":[]}],\"month\":\"May\",\"year\":\"2021\",\"keywords\":\"class_binary, dynamic program analysis, embedded systems, emulation, firmware security, internet of things, proj_intersect, proj_tropics, rehosting, type_conf, type_paper, type_top, virtualization\",\"bibtex\":\"@inproceedings{fasano_sok_2021,\\n\\ttitle = {{SoK}: {Enabling} {Security} {Analyses} of {Embedded} {Systems} via {Rehosting}},\\n\\turl = {https://dl.acm.org/doi/pdf/10.1145/3433210.3453093},\\n\\tdoi = {10.1145/3433210.3453093},\\n\\tabstract = {Closely monitoring the behavior of a software system during its execution enables developers and analysts to observe, and ultimately understand, how it works. This kind of dynamic analysis can be instrumental to reverse engineering, vulnerability discovery, exploit development, and debugging. While these analyses are typically well-supported for homogeneous desktop platforms (e.g., x86 desktop PCs), they can rarely be applied in the heterogeneous world of embedded systems. One approach to enable dynamic analyses of embedded systems is to move software stacks from physical systems into virtual environments that sufficiently model hardware behavior. This process which we call \\\"rehosting\\\" poses a significant research challenge with major implications for security analyses. Although rehosting has traditionally been an unscientific and ad-hoc endeavor undertaken by domain experts with varying time and resources at their disposal, researchers are beginning to address rehosting challenges systematically and in earnest. In this paper, we establish that emulation is insufficient to conduct large-scale dynamic analysis of real-world hardware systems and present rehosting as a firmware-centric alternative. Furthermore, we taxonomize preliminary rehosting efforts, identify the fundamental components of the rehosting process, and propose directions for future research.},\\n\\tbooktitle = {{ASIACCS}},\\n\\tauthor = {Fasano, Andrew and Ballo, Tiemoko and Muench, Marius and Leek, Tim and Bulekov, Alexander and Dolan-Gavitt, Brendan and Egele, Manuel and Francillon, Aurélien and Lu, Long and Gregory, Nick and Balzarotti, Davide and Robertson, William},\\n\\tmonth = may,\\n\\tyear = {2021},\\n\\tkeywords = {class\\\\_binary, dynamic program analysis, embedded systems, emulation, firmware security, internet of things, proj\\\\_intersect, proj\\\\_tropics, rehosting, type\\\\_conf, type\\\\_paper, type\\\\_top, virtualization},\\n}\\n\",\"author_short\":[\"Fasano, A.\",\"Ballo, T.\",\"Muench, M.\",\"Leek, T.\",\"Bulekov, A.\",\"Dolan-Gavitt, B.\",\"Egele, M.\",\"Francillon, A.\",\"Lu, L.\",\"Gregory, N.\",\"Balzarotti, D.\",\"Robertson, W.\"],\"key\":\"fasano_sok_2021\",\"id\":\"fasano_sok_2021\",\"bibbaseid\":\"fasano-ballo-muench-leek-bulekov-dolangavitt-egele-francillon-etal-sokenablingsecurityanalysesofembeddedsystemsviarehosting-2021\",\"role\":\"author\",\"urls\":{\"Paper\":\"https://dl.acm.org/doi/pdf/10.1145/3433210.3453093\"},\"keyword\":[\"class_binary\",\"dynamic program analysis\",\"embedded systems\",\"emulation\",\"firmware security\",\"internet of things\",\"proj_intersect\",\"proj_tropics\",\"rehosting\",\"type_conf\",\"type_paper\",\"type_top\",\"virtualization\"],\"metadata\":{\"authorlinks\":{}},\"downloads\":21,\"html\":\"\"}],\n      metadata: {\"authorlinks\":{}},\n      ownerID: undefined\n    };\n  </script>\n\n  <script type=\"text/javascript\">\n  var site$;\n  if (typeof $ != 'undefined') {\n    console.log('existing jquery: storing and then restoring');\n    site$ = $;\n    $ = null;\n  }\n  </script>\n\n  <script src=\"https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js\">\n  </script>\n  <script type=\"text/javascript\">\n  if (site$) {\n    console.log('existing jquery: avoiding conflict and restoring');\n    bb$ = $.noConflict(true);\n    $ = site$;\n  } else {\n    bb$ = $;\n  }\n  </script>\n\n  <script src=\"//bibbase.org/js/bibbase.min.js\"\n          type=\"text/javascript\">\n  </script>\n\n  <script type=\"text/javascript\"\n          src=\"https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.1/MathJax.js?config=TeX-AMS-MML_HTMLorMML\">\n  </script>\n  <script type=\"text/x-mathjax-config\">\n    MathJax.Hub.Config({tex2jax: {inlineMath: [['$','$'], ['\\\\(','\\\\)']]},\n                        skipTags: [\"body\"],\n                        processClass: \"bibbase_paper\"});\n  </script>\n\n  <style>\n  @media print {\n    .dontprint {\n        display: none !important;\n    }\n\n  .bibbase_group {\n    background-color: #E0E0E0;\n    font-style: italic;\n    font-size: larger;\n    text-shadow: 0px 0px 3px #FFFFFF;\n    border-radius: 4px 4px 4px 4px;\n    -moz-border-radius: 4px 4px 4px 4px;\n    -webkit-border-radius: 4px;\n    padding: 5px 40px 5px;\n    margin-top: 10px;\n    margin-bottom: 5px;\n    cursor: pointer;\n  }\n\n  .bibbase_paper {\n    margin-bottom: 5px;\n  }\n\n  }\n  </style>\n\n  \n  <div style=\"float: right; margin-right: 10px; margin-top: 10px; text-align: right; font-size: 12px\">\n    generated by\n    <a href=\"//bibbase.org\"\n       onclick=\"trackOutboundLink('bibbase', 'logo clicked', window.location.href, '//bibbase.org'); return false;\">\n      <img src=\"//bibbase.org/img/logo.svg\"\n           style=\"vertical-align: middle; margin-left: 3px; height: 16px;\"/\n           alt=\"bibbase.org\"\n           title=\"BibBase – The easiest way to maintain your publications page.\"\n        ></a>\n    \n  </div>\n  \n\n  <div id=\"bibbase_header\" class=\"dontprint\" style=\"\">\n\n    <ul class=\"nav nav-pills\" style=\"margin: 0px;\">\n\n      <li class=\"dropdown\" id=\"groupby_dropdown\">\n      <a class=\"dropdown-toggle\"\n         data-toggle=\"dropdown\"\n         href=\"#\">\n          Group by\n          <b class=\"caret\"></b>\n      </a>\n      <ul class=\"dropdown-menu\">\n        <li class=\"groupby year\"><a onclick=\"groupby('year')\">\n            Year</a>\n        </li>\n        <li class=\"groupby author\"><a onclick=\"groupby('author_short')\">\n            Author</a>\n        </li>\n        <li class=\"groupby type\"><a onclick=\"groupby('type')\">\n            Type</a>\n        </li>\n        <li class=\"groupby keyword\"><a onclick=\"groupby('keyword')\">\n            Keyword</a>\n        </li>\n        <li class=\"groupby downloads\"><a onclick=\"groupby('downloads')\">\n            Downloads</a>\n        </li>\n      </ul>\n      </li>\n\n\n      <li class=\"dropdown\" id=\"menu_dropdown\">\n      <a class=\"dropdown-toggle\"\n         data-toggle=\"dropdown\"\n         href=\"#\" alt=\"controls\">\n          <i class=\"fa fa-reorder\" alt=\"controls\"></i>\n          <b class=\"caret\"></b>\n      </a>\n      <ul class=\"dropdown-menu\">\n        <li>\n          <a onclick=\"toggleAll()\">\n            <i class=\"fa fa-chevron-down fa-fw\"></i> Expand/Collapse All\n          </a>\n        </li>\n        <li>\n          <a download=\"zotero.php\" href=\"data:text/bibtex;base64,QGlucHJvY2VlZGluZ3N7d2llYmluZ19pbnNwZWN0cmVfMjAyNCwKCXRpdGxlID0ge3tJblNwZWN0cmV9IHtHYWRnZXR9OiB7SW5zcGVjdGluZ30gdGhlIHtSZXNpZHVhbH0ge0F0dGFja30ge1N1cmZhY2V9IG9mIHtDcm9zc30tcHJpdmlsZWdlIHtTcGVjdHJlfSB2Mn0sCgl1cmwgPSB7UGFwZXI9aHR0cHM6Ly9kb3dubG9hZC52dXNlYy5uZXQvcGFwZXJzL2luc3BlY3RyZV9zZWMyNC5wZGYgV2ViPWh0dHBzOi8vdnVzZWMubmV0L3Byb2plY3RzL25hdGl2ZS1iaGkgQ29kZT1odHRwczovL2dpdGh1Yi5jb20vdnVzZWMvaW5zcGVjdHJlLWdhZGdldH0sCglib29rdGl0bGUgPSB7e1VTRU5JWH0ge1NlY3VyaXR5fX0sCglhdXRob3IgPSB7V2llYmluZywgU2FuZGVyIGFuZCBkZSBGYXZlcmkgVHJvbiwgQWx2aXNlIGFuZCBCb3MsIEhlcmJlcnQgYW5kIEdpdWZmcmlkYSwgQ3Jpc3RpYW5vfSwKCW1vbnRoID0gYXVnLAoJeWVhciA9IHsyMDI0fSwKCWtleXdvcmRzID0ge2NsYXNzXF9zaWRlY2hhbm5lbHMsIHByb2pcX2FsbG9jYW1lbHVzLCBwcm9qXF9pbnRlcnNlY3QsIHByb2pcX3Jlc2NhbGUsIHR5cGVcX2FlLCB0eXBlXF9jb25mLCB0eXBlXF9jdmVcX2Fzc2lnbmVkLCB0eXBlXF9wYXBlciwgdHlwZVxfdGllcjEsIHR5cGVcX3RvcH0sCn0KCgoKQGlucHJvY2VlZGluZ3N7am9oYW5uZXNtZXllcl9wcmFjdGljYWxfMjAyNCwKCXRpdGxlID0ge1ByYWN0aWNhbCB7RGF0YX0te09ubHl9IHtBdHRhY2t9IHtHZW5lcmF0aW9ufX0sCgl1cmwgPSB7UGFwZXI9aHR0cHM6Ly9kb3dubG9hZC52dXNlYy5uZXQvcGFwZXJzL2VpbnN0ZWluX3NlYzI0LnBkZiBDb2RlPWh0dHBzOi8vZ2l0aHViLmNvbS92dXNlYy9laW5zdGVpbn0sCglib29rdGl0bGUgPSB7e1VTRU5JWH0ge1NlY3VyaXR5fX0sCglhdXRob3IgPSB7Sm9oYW5uZXNtZXllciwgQnJpYW4gYW5kIFNsb3dpbnNrYSwgQXNpYSBhbmQgQm9zLCBIZXJiZXJ0IGFuZCBHaXVmZnJpZGEsIENyaXN0aWFub30sCgltb250aCA9IGF1ZywKCXllYXIgPSB7MjAyNH0sCglrZXl3b3JkcyA9IHtjbGFzc1xfYmluYXJ5LCBwcm9qXF9pbnRlcnNlY3QsIHByb2pcX3RoZXNldXMsIHR5cGVcX2FlLCB0eXBlXF9jb25mLCB0eXBlXF9wYXBlciwgdHlwZVxfdGllcjEsIHR5cGVcX3RvcH0sCn0KCgoKQGlucHJvY2VlZGluZ3N7cmFnYWJfZ2hvc3RyYWNlXzIwMjQsCgl0aXRsZSA9IHt7R2hvc3RSYWNlfToge0V4cGxvaXRpbmd9IGFuZCB7TWl0aWdhdGluZ30ge1NwZWN1bGF0aXZlfSB7UmFjZX0ge0NvbmRpdGlvbnN9fSwKCXVybCA9IHtQYXBlcj1odHRwczovL2Rvd25sb2FkLnZ1c2VjLm5ldC9wYXBlcnMvZ2hvc3RyYWNlX3NlYzI0LnBkZiBXZWI9aHR0cHM6Ly93d3cudnVzZWMubmV0L3Byb2plY3RzL2dob3N0cmFjZSBDb2RlPWh0dHBzOi8vZ2l0aHViLmNvbS92dXNlYy9naG9zdHJhY2V9LAoJYm9va3RpdGxlID0ge3tVU0VOSVh9IHtTZWN1cml0eX19LAoJYXV0aG9yID0ge1JhZ2FiLCBIYW55IGFuZCBNYW1icmV0dGksIEFuZHJlYSBhbmQgS3VybXVzLCBBbmlsIGFuZCBHaXVmZnJpZGEsIENyaXN0aWFub30sCgltb250aCA9IGF1ZywKCXllYXIgPSB7MjAyNH0sCglrZXl3b3JkcyA9IHtjbGFzc1xfc2lkZWNoYW5uZWxzLCBwcm9qXF9hbGxvY2FtZWx1cywgcHJvalxfaW50ZXJzZWN0LCBwcm9qXF9yZXNjYWxlLCB0eXBlXF9jb25mLCB0eXBlXF9jdmVcX2Fzc2lnbmVkLCB0eXBlXF9wYXBlciwgdHlwZVxfdGllcjEsIHR5cGVcX3RvcH0sCn0KCgoKQGlucHJvY2VlZGluZ3N7ZHV0YV9zYWZlZmV0Y2hfMjAyNCwKCXRpdGxlID0ge3tTYWZlRmV0Y2h9OiB7UHJhY3RpY2FsfSB7RG91YmxlfS17RmV0Y2h9IHtQcm90ZWN0aW9ufSB3aXRoIHtLZXJuZWx9LXtGZXRjaH0ge0NhY2hpbmd9fSwKCWJvb2t0aXRsZSA9IHt7VVNFTklYfSB7U2VjdXJpdHl9fSwKCWF1dGhvciA9IHtEdXRhLCBWaWN0b3IgYW5kIEFsb3NlcmlqLCBNaXRjaGVsIGFuZCBHaXVmZnJpZGEsIENyaXN0aWFub30sCgltb250aCA9IGF1ZywKCXllYXIgPSB7MjAyNH0sCglrZXl3b3JkcyA9IHtjbGFzc1xfc2FuaXRpemVyLCBwcm9qXF9hbGxvY2FtZWx1cywgcHJvalxfaW50ZXJzZWN0LCBwcm9qXF9yZXNjYWxlLCBwcm9qXF90aGVzZXVzLCB0eXBlXF9hZSwgdHlwZVxfY29uZiwgdHlwZVxfcGFwZXIsIHR5cGVcX3RpZXIxLCB0eXBlXF90b3B9LAp9CgoKCkBpbnByb2NlZWRpbmdze2dvcnRlcl9zdGlja3lfMjAyNCwKCXRpdGxlID0ge1N0aWNreSB7VGFnc306IHtFZmZpY2llbnR9IGFuZCB7RGV0ZXJtaW5pc3RpY30ge1NwYXRpYWx9IHtNZW1vcnl9IHtFcnJvcn0ge01pdGlnYXRpb259IHVzaW5nIHtQZXJzaXN0ZW50fSB7TWVtb3J5fSB7VGFnc319LAoJYm9va3RpdGxlID0ge1NcJntQfX0sCglhdXRob3IgPSB7R29ydGVyLCBGbG9yaXMgYW5kIEtyb2VzLCBUYWRkZXVzIGFuZCBCb3MsIEhlcmJlcnQgYW5kIEdpdWZmcmlkYSwgQ3Jpc3RpYW5vfSwKCW1vbnRoID0gbWF5LAoJeWVhciA9IHsyMDI0fSwKCWtleXdvcmRzID0ge2NsYXNzXF9zYW5pdGl6ZXIsIHByb2pcX2FsbG9jYW1lbHVzLCBwcm9qXF9pbnRlcnNlY3QsIHByb2pcX3Jlc2NhbGUsIHByb2pcX3RoZXNldXMsIHR5cGVcX2NvbmYsIHR5cGVcX3BhcGVyLCB0eXBlXF90aWVyMSwgdHlwZVxfdG9wfSwKfQoKCgpAaW5wcm9jZWVkaW5nc3toZXJ0b2doX2xlYWt5XzIwMjQsCgl0aXRsZSA9IHtMZWFreSB7QWRkcmVzc30ge01hc2tpbmd9OiB7RXhwbG9pdGluZ30ge1VubWFza2VkfSB7U3BlY3RyZX0ge0dhZGdldHN9IHdpdGgge05vbmNhbm9uaWNhbH0ge0FkZHJlc3N9IHtUcmFuc2xhdGlvbn19LAoJdXJsID0ge1BhcGVyPWh0dHBzOi8vZG93bmxvYWQudnVzZWMubmV0L3BhcGVycy9zbGFtX3NwMjQucGRmIFdlYj1odHRwczovL3d3dy52dXNlYy5uZXQvcHJvamVjdHMvc2xhbSBDb2RlPWh0dHBzOi8vZ2l0aHViLmNvbS92dXNlYy9zbGFtfSwKCWJvb2t0aXRsZSA9IHtTXCZ7UH19LAoJYXV0aG9yID0ge0hlcnRvZ2gsIE1hdGjDqSBhbmQgV2llYmluZywgU2FuZGVyIGFuZCBHaXVmZnJpZGEsIENyaXN0aWFub30sCgltb250aCA9IG1heSwKCXllYXIgPSB7MjAyNH0sCglrZXl3b3JkcyA9IHtjbGFzc1xfc2lkZWNoYW5uZWxzLCBwcm9qXF9hbGxvY2FtZWx1cywgcHJvalxfaW50ZXJzZWN0LCBwcm9qXF9yZXNjYWxlLCB0eXBlXF9jb25mLCB0eXBlXF9wYXBlciwgdHlwZVxfdGllcjEsIHR5cGVcX3RvcH0sCn0KCgoKQGlucHJvY2VlZGluZ3N7Ym9ycmVsbG9fcHJlZGljdGl2ZV8yMDI0LAoJdGl0bGUgPSB7UHJlZGljdGl2ZSB7Q29udGV4dH0tc2Vuc2l0aXZlIHtGdXp6aW5nfX0sCgl1cmwgPSB7UGFwZXI9aHR0cHM6Ly9kb3dubG9hZC52dXNlYy5uZXQvcGFwZXJzL3Bjc2Z1enppbmdfbmRzczI0LnBkZiBDb2RlPWh0dHBzOi8vZ2l0aHViLmNvbS9ldXJlY29tLXMzL3ByZWRpY3RpdmUtY3MtZnV6emluZ30sCglib29rdGl0bGUgPSB7e05EU1N9fSwKCWF1dGhvciA9IHtCb3JyZWxsbywgUGlldHJvIGFuZCBGaW9yYWxkaSwgQW5kcmVhIGFuZCBEJ0VsaWEsIERhbmllbGUgQ29ubyBhbmQgQmFsemFyb3R0aSwgRGF2aWRlIGFuZCBRdWVyem9uaSwgTGVvbmFyZG8gYW5kIEdpdWZmcmlkYSwgQ3Jpc3RpYW5vfSwKCW1vbnRoID0gZmViLAoJeWVhciA9IHsyMDI0fSwKCWtleXdvcmRzID0ge2NsYXNzXF90ZXN0aW5nLCBwcm9qXF9pbnRlcnNlY3QsIHByb2pcX21lbW8sIHByb2pcX3Jlc2NhbGUsIHR5cGVcX2NvbmYsIHR5cGVcX3BhcGVyLCB0eXBlXF90aWVyMSwgdHlwZVxfdG9wfSwKfQoKCgpAaW5wcm9jZWVkaW5nc3tnZXJldHRvX3RyaWVyZW1lXzIwMjMsCgl0aXRsZSA9IHtUcmllcmVtZToge1NwZWVkaW5nfSB1cCB7SHlicmlkfSB7RnV6emluZ30gdGhyb3VnaCB7RWZmaWNpZW50fSB7UXVlcnl9IHtTY2hlZHVsaW5nfX0sCgl1cmwgPSB7UGFwZXI9aHR0cHM6Ly9kb3dubG9hZC52dXNlYy5uZXQvcGFwZXJzL3RyaWVyZW1lX2Fjc2FjMjMucGRmIENvZGU9aHR0cHM6Ly9naXRodWIuY29tL3Z1c2VjL3RyaWVyZW1lfSwKCWJvb2t0aXRsZSA9IHt7QUNTQUN9fSwKCWF1dGhvciA9IHtHZXJldHRvLCBFbGlhIGFuZCBIb2huZXJsZWluLCBKdWxpdXMgYW5kIEdpdWZmcmlkYSwgQ3Jpc3RpYW5vIGFuZCBCb3MsIEhlcmJlcnQgYW5kIFZhbiBEZXIgS291d2UsIEVyaWsgYW5kIHZvbiBHbGVpc3NlbnRoYWxsLCBLbGF1c30sCgltb250aCA9IGRlYywKCXllYXIgPSB7MjAyM30sCglrZXl3b3JkcyA9IHthcnRpZmFjdHM6cmVwcm9kdWNlZCwgYXJ0aWZhY3RzOnJldXNhYmxlLCBjbGFzc1xfdGVzdGluZywgcHJvalxfaW50ZXJzZWN0LCBwcm9qXF9tZW1vLCB0eXBlXF9hZSwgdHlwZVxfY29uZiwgdHlwZVxfcGFwZXIsIHR5cGVcX3RvcH0sCn0KCgoKQGFydGljbGV7Z29ydGVyX2Zsb2F0em9uZV8yMDIzLAoJdGl0bGUgPSB7e0Zsb2F0Wm9uZX06IHtIb3d9IHtGbG9hdGluZ30ge1BvaW50fSB7QWRkaXRpb25zfSBjYW4ge0RldGVjdH0ge01lbW9yeX0ge0Vycm9yc319LAoJdXJsID0ge2h0dHBzOi8vd3d3LnVzZW5peC5vcmcvcHVibGljYXRpb25zL2xvZ2lub25saW5lL2Zsb2F0em9uZS1ob3ctZmxvYXRpbmctcG9pbnQtYWRkaXRpb25zLWNhbi1kZXRlY3QtbWVtb3J5LWVycm9yc30sCglqb3VybmFsID0geztsb2dpbjp9LAoJYXV0aG9yID0ge0dvcnRlciwgRmxvcmlzIGFuZCBCYXJiZXJpcywgRW5yaWNvIGFuZCBJc2VtYW5uLCBSYXBoYWVsIGFuZCB2YW4gZGVyIEtvdXdlLCBFcmlrIGFuZCBHaXVmZnJpZGEsIENyaXN0aWFubyBhbmQgQm9zLCBIZXJiZXJ0fSwKCW1vbnRoID0gbm92LAoJeWVhciA9IHsyMDIzfSwKCWtleXdvcmRzID0ge2NsYXNzXF9zYW5pdGl6ZXIsIHByb2pcX2FsbG9jYW1lbHVzLCBwcm9qXF9pbnRlcnNlY3QsIHByb2pcX21lbW8sIHByb2pcX3RoZXNldXMsIHByb2pcX3Ryb3BpY3MsIHR5cGVcX21hZywgdHlwZVxfcGFwZXJ9LAp9CgoKCkBpbnByb2NlZWRpbmdze2hlcnRvZ2hfcXVhcmFudGluZV8yMDIzLAoJdGl0bGUgPSB7UXVhcmFudGluZToge01pdGlnYXRpbmd9IHtUcmFuc2llbnR9IHtFeGVjdXRpb259IHtBdHRhY2tzfSB3aXRoIHtQaHlzaWNhbH0ge0RvbWFpbn0ge0lzb2xhdGlvbn19LAoJdXJsID0ge1BhcGVyPWh0dHBzOi8vZG93bmxvYWQudnVzZWMubmV0L3BhcGVycy9xdWFyYW50aW5lX3JhaWQyMy5wZGYgQ29kZT1odHRwczovL2dpdGh1Yi5jb20vdnVzZWMvcXVhcmFudGluZX0sCglib29rdGl0bGUgPSB7e1JBSUR9fSwKCWF1dGhvciA9IHtIZXJ0b2doLCBNYXRow6kgYW5kIFdpZXNpbmdlciwgTWFudWVsIGFuZCDDlnN0ZXJsdW5kLCBTZWJhc3RpYW4gYW5kIE11ZW5jaCwgTWFyaXVzIGFuZCBBbWl0LCBOYWRhdiBhbmQgQm9zLCBIZXJiZXJ0IGFuZCBHaXVmZnJpZGEsIENyaXN0aWFub30sCgltb250aCA9IG9jdCwKCXllYXIgPSB7MjAyM30sCglrZXl3b3JkcyA9IHtjbGFzc1xfc2lkZWNoYW5uZWxzLCBwcm9qXF9hbGxvY2FtZWx1cywgcHJvalxfaW50ZXJzZWN0LCBwcm9qXF92bXdhcmUsIHR5cGVcX2NvbmYsIHR5cGVcX3BhcGVyLCB0eXBlXF90b3B9LAp9CgoKCkBpbnByb2NlZWRpbmdze2hvZm1hbm5fc3BlY3VsYXRpb25fMjAyMywKCXRpdGxlID0ge1NwZWN1bGF0aW9uIGF0IHtGYXVsdH06IHtNb2RlbGluZ30gYW5kIHtUZXN0aW5nfSB7TWljcm9hcmNoaXRlY3R1cmFsfSB7TGVha2FnZX0gb2Yge0NQVX0ge0V4Y2VwdGlvbnN9fSwKCXVybCA9IHtQYXBlcj1odHRwczovL3d3dy51c2VuaXgub3JnL3N5c3RlbS9maWxlcy91c2VuaXhzZWN1cml0eTIzLWhvZm1hbm4ucGRmfSwKCWJvb2t0aXRsZSA9IHt7VVNFTklYfSB7U2VjdXJpdHl9fSwKCWF1dGhvciA9IHtIb2ZtYW5uLCBKYW5hIGFuZCBWYW5uYWNjaSwgRW1hbnVlbGUgYW5kIEZvdXJuZXQsIENlZHJpYyBhbmQgS8O2cGYsIEJvcmlzIGFuZCBPbGVrc2Vua28sIE9sZWtzaWl9LAoJbW9udGggPSBhdWcsCgl5ZWFyID0gezIwMjN9LAoJa2V5d29yZHMgPSB7YXJ0aWZhY3RzOmF2YWlsYWJsZSwgYXJ0aWZhY3RzOmZ1bmN0aW9uYWwsIGFydGlmYWN0czpyZXByb2R1Y2VkLCBjbGFzc1xfc2lkZWNoYW5uZWxzLCBwcm9qXF9pbnRlcnNlY3QsIHR5cGVcX2FlLCB0eXBlXF9jb25mLCB0eXBlXF9wYXBlciwgdHlwZVxfdGllcjEsIHR5cGVcX3RvcH0sCn0KCgoKQGlucHJvY2VlZGluZ3N7Z29ydGVyX2Zsb2F0em9uZV8yMDIzLTEsCgl0aXRsZSA9IHt7RmxvYXRab25lfToge0FjY2VsZXJhdGluZ30ge01lbW9yeX0ge0Vycm9yfSB7RGV0ZWN0aW9ufSB1c2luZyB0aGUge0Zsb2F0aW5nfSB7UG9pbnR9IHtVbml0fX0sCgl1cmwgPSB7UGFwZXI9aHR0cHM6Ly9kb3dubG9hZC52dXNlYy5uZXQvcGFwZXJzL2Zsb2F0em9uZV9zZWMyMy5wZGYgQ29kZT1odHRwczovL2dpdGh1Yi5jb20vdnVzZWMvZmxvYXR6b25lfSwKCWJvb2t0aXRsZSA9IHt7VVNFTklYfSB7U2VjdXJpdHl9fSwKCWF1dGhvciA9IHtHb3J0ZXIsIEZsb3JpcyBhbmQgQmFyYmVyaXMsIEVucmljbyBhbmQgSXNlbWFubiwgUmFwaGFlbCBhbmQgdmFuIGRlciBLb3V3ZSwgRXJpayBhbmQgR2l1ZmZyaWRhLCBDcmlzdGlhbm8gYW5kIEJvcywgSGVyYmVydH0sCgltb250aCA9IGF1ZywKCXllYXIgPSB7MjAyM30sCglrZXl3b3JkcyA9IHthcnRpZmFjdHM6YXZhaWxhYmxlLCBhcnRpZmFjdHM6ZnVuY3Rpb25hbCwgYXJ0aWZhY3RzOnJlcHJvZHVjZWQsIGNsYXNzXF9zYW5pdGl6ZXIsIHByb2pcX2FsbG9jYW1lbHVzLCBwcm9qXF9pbnRlcnNlY3QsIHByb2pcX21lbW8sIHByb2pcX3RoZXNldXMsIHByb2pcX3Ryb3BpY3MsIHR5cGVcX2FlLCB0eXBlXF9jb25mLCB0eXBlXF9wYXBlciwgdHlwZVxfdGllcjEsIHR5cGVcX3RvcH0sCn0KCgoKQGlucHJvY2VlZGluZ3N7a29zY2hlbF91bmNvbnRhaW5lZF8yMDIzLAoJdGl0bGUgPSB7VW5jb250YWluZWQ6IHtVbmNvdmVyaW5nfSB7Q29udGFpbmVyfSB7Q29uZnVzaW9ufSBpbiB0aGUge0xpbnV4fSB7S2VybmVsfX0sCgl1cmwgPSB7UGFwZXI9aHR0cHM6Ly9kb3dubG9hZC52dXNlYy5uZXQvcGFwZXJzL3VuY29udGFpbmVkX3NlYzIzLnBkZiBXZWI9aHR0cHM6Ly92dXNlYy5uZXQvcHJvamVjdHMvdW5jb250YWluZWQgQ29kZT1odHRwczovL2dpdGh1Yi5jb20vdnVzZWMvdW5jb250YWluZWR9LAoJYm9va3RpdGxlID0ge3tVU0VOSVh9IHtTZWN1cml0eX19LAoJYXV0aG9yID0ge0tvc2NoZWwsIEpha29iIGFuZCBCb3JyZWxsbywgUGlldHJvIGFuZCBEJ0VsaWEsIERhbmllbGUgQ29ubyBhbmQgQm9zLCBIZXJiZXJ0IGFuZCBHaXVmZnJpZGEsIENyaXN0aWFub30sCgltb250aCA9IGF1ZywKCXllYXIgPSB7MjAyM30sCglub3RlID0ge0Rpc3Rpbmd1aXNoZWQgQXJ0aWZhY3QgQXdhcmQsIFB3bmllIEF3YXJkIE5vbWluYXRpb24gZm9yIEJlc3QgUHJpdmlsZWdlIEVzY2FsYXRpb259LAoJa2V5d29yZHMgPSB7YXJ0aWZhY3RzOmF2YWlsYWJsZSwgYXJ0aWZhY3RzOmZ1bmN0aW9uYWwsIGFydGlmYWN0czpyZXByb2R1Y2VkLCBjbGFzc1xfc2FuaXRpemVyLCBwcm9qXF9hbGxvY2FtZWx1cywgcHJvalxfaW50ZXJzZWN0LCBwcm9qXF9tZW1vLCBwcm9qXF90aGVzZXVzLCBwcm9qXF90cm9waWNzLCByZXNlYXJjaFxfdW5jb250YWluZWQsIHR5cGVcX2FlLCB0eXBlXF9hd2FyZCwgdHlwZVxfY29uZiwgdHlwZVxfcGFwZXIsIHR5cGVcX3RpZXIxLCB0eXBlXF90b3AsIHR5cGVcX3VuY29udGFpbmVkfSwKfQoKCgpAaW5wcm9jZWVkaW5nc3tpc2VtYW5uX2RvbnRfMjAyMywKCXRpdGxlID0ge0Rvbid0IHtMb29rfSB7VUJ9OiB7RXhwb3Npbmd9IHtTYW5pdGl6ZXJ9LXtFbGlkaW5nfSB7Q29tcGlsZXJ9IHtPcHRpbWl6YXRpb25zfX0sCgl1cmwgPSB7UGFwZXI9aHR0cHM6Ly9kb3dubG9hZC52dXNlYy5uZXQvcGFwZXJzL2RvbnRsb29rdWJfcGxkaTIzLnBkZiBDb2RlPWh0dHBzOi8vZ2l0aHViLmNvbS92dXNlYy9Mb29rVUJ9LAoJYm9va3RpdGxlID0ge3tQTERJfX0sCglhdXRob3IgPSB7SXNlbWFubiwgUmFwaGFlbCBhbmQgR2l1ZmZyaWRhLCBDcmlzdGlhbm8gYW5kIEJvcywgSGVyYmVydCBhbmQgVmFuIERlciBLb3V3ZSwgRXJpayBhbmQgdm9uIEdsZWlzc2VudGhhbGwsIEtsYXVzfSwKCW1vbnRoID0ganVuLAoJeWVhciA9IHsyMDIzfSwKCWtleXdvcmRzID0ge2FydGlmYWN0czpyZXVzYWJsZSwgY2xhc3NcX3Nhbml0aXplciwgcHJvalxfYWxsb2NhbWVsdXMsIHByb2pcX2ludGVyc2VjdCwgcHJvalxfbWVtbywgcHJvalxfdGhlc2V1cywgdHlwZVxfYWUsIHR5cGVcX2NvbmYsIHR5cGVcX3BhcGVyLCB0eXBlXF90aWVyMSwgdHlwZVxfdG9wfSwKfQoKCgpAaW5wcm9jZWVkaW5nc3tnb3J0ZXJfZW52aXJhbF8yMDIzLAoJdGl0bGUgPSB7RW52aXJhbDoge0Z1enppbmd9IHRoZSB7RW52aXJvbm1lbnR9IGZvciB7RXZhc2l2ZX0ge01hbHdhcmV9IHtBbmFseXNpc319LAoJdXJsID0ge1BhcGVyPWh0dHBzOi8vZG93bmxvYWQudnVzZWMubmV0L3BhcGVycy9lbnZpcmFsX2V1cm9zZWMyMy5wZGZ9LAoJYm9va3RpdGxlID0ge3tFdXJvU2VjfX0sCglhdXRob3IgPSB7R29ydGVyLCBGbG9yaXMgYW5kIEdpdWZmcmlkYSwgQ3Jpc3RpYW5vIGFuZCB2YW4gZGVyIEtvdXdlLCBFcmlrfSwKCW1vbnRoID0gYXByLAoJeWVhciA9IHsyMDIzfSwKCWtleXdvcmRzID0ge2NsYXNzXF9tYWx3YXJlLCBwcm9qXF9pbnRlcnNlY3QsIHByb2pcX21lbW8sIHByb2pcX3RoZXNldXMsIHByb2pcX3Ryb3BpY3MsIHR5cGVcX21zY3RoZXNpcywgdHlwZVxfcGFwZXIsIHR5cGVcX3dvcmtzaG9wfSwKfQoKCgpAaW5wcm9jZWVkaW5nc3tkaV9kaW9fY29weS0tZmxpcF8yMDIzLAoJdGl0bGUgPSB7Q29weS1vbi17RmxpcH06IHtIYXJkZW5pbmd9IHtFQ0N9IHtNZW1vcnl9IHtBZ2FpbnN0fSB7Um93aGFtbWVyfSB7QXR0YWNrc319LAoJdXJsID0ge1BhcGVyPWh0dHBzOi8vZG93bmxvYWQudnVzZWMubmV0L3BhcGVycy9jb2ZfbmRzczIzLnBkZiBDb2RlPWh0dHBzOi8vZ2l0aHViLmNvbS92dXNlYy9Db3B5LW9uLUZsaXB9LAoJYm9va3RpdGxlID0ge3tORFNTfX0sCglhdXRob3IgPSB7RGkgRGlvLCBBbmRyZWEgYW5kIEtvbmluZywgS29lbiBhbmQgQm9zLCBIZXJiZXJ0IGFuZCBHaXVmZnJpZGEsIENyaXN0aWFub30sCgltb250aCA9IGZlYiwKCXllYXIgPSB7MjAyM30sCglrZXl3b3JkcyA9IHtjbGFzc1xfcm93aGFtbWVyLCBwcm9qXF9pbnRlcnNlY3QsIHByb2pcX29mZmNvcmUsIHByb2pcX3RoZXNldXMsIHR5cGVcX2NvbmYsIHR5cGVcX21zY3RoZXNpcywgdHlwZVxfcGFwZXIsIHR5cGVcX3RpZXIxLCB0eXBlXF90b3B9LAp9CgoKCkBpbnByb2NlZWRpbmdze2R1dGFfbGV0XzIwMjMsCgl0aXRsZSA9IHtMZXQge01lfSB7VW53aW5kfSB7VGhhdH0ge0Zvcn0ge1lvdX06IHtFeGNlcHRpb25zfSB0byB7QmFja3dhcmR9LXtFZGdlfSB7UHJvdGVjdGlvbn19LAoJdXJsID0ge1BhcGVyPWh0dHBzOi8vZG93bmxvYWQudnVzZWMubmV0L3BhcGVycy9jaG9wX25kc3MyMy5wZGYgQ29kZT1odHRwczovL2dpdGh1Yi5jb20vY2hvcC1wcm9qZWN0L2Nob3B9LAoJYm9va3RpdGxlID0ge3tORFNTfX0sCglhdXRob3IgPSB7RHV0YSwgVmljdG9yIGFuZCBGcmV5ZXIsIEZhYmlhbiBhbmQgUGFnYW5pLCBGYWJpbyBhbmQgTXVlbmNoLCBNYXJpdXMgYW5kIEdpdWZmcmlkYSwgQ3Jpc3RpYW5vfSwKCW1vbnRoID0gZmViLAoJeWVhciA9IHsyMDIzfSwKCW5vdGUgPSB7SW50ZWwgQm91bnR5IFJld2FyZH0sCglrZXl3b3JkcyA9IHtjbGFzc1xfYmluYXJ5LCBwcm9qXF9pbnRlcnNlY3QsIHByb2pcX21lbW8sIHByb2pcX29mZmNvcmUsIHByb2pcX3RoZXNldXMsIHByb2pcX3Ryb3BpY3MsIHR5cGVcX2F3YXJkLCB0eXBlXF9ib3VudHksIHR5cGVcX2NvbmYsIHR5cGVcX2N2ZVxfYXNzaWduZWQsIHR5cGVcX3BhcGVyLCB0eXBlXF90aWVyMSwgdHlwZVxfdG9wfSwKfQoKCgpAaW5wcm9jZWVkaW5nc3tkdXRhX3Vud2luZGluZ18yMDIyLAoJdGl0bGUgPSB7VW53aW5kaW5nIHRoZSB7U3RhY2t9IGZvciB7RnVufSBhbmQge1Byb2ZpdH19LAoJYm9va3RpdGxlID0ge0JsYWNrIHtIYXR9IHtFdXJvcGV9fSwKCWF1dGhvciA9IHtEdXRhLCBWaWN0b3IgYW5kIEZyZXllciwgRmFiaWFuIGFuZCBQYWdhbmksIEZhYmlvIGFuZCBNdWVuY2gsIE1hcml1cyBhbmQgR2l1ZmZyaWRhLCBDcmlzdGlhbm99LAoJbW9udGggPSBkZWMsCgl5ZWFyID0gezIwMjJ9LAoJa2V5d29yZHMgPSB7Y2xhc3NcX2JpbmFyeSwgcHJvalxfaW50ZXJzZWN0LCBwcm9qXF9tZW1vLCBwcm9qXF90aGVzZXVzLCBwcm9qXF90cm9waWNzLCB0eXBlXF9jb25mLCB0eXBlXF9wYXBlcn0sCn0KCgoKQGlucHJvY2VlZGluZ3N7Z2VyZXR0b19zbmFwcHlfMjAyMiwKCXRpdGxlID0ge1NuYXBweToge0VmZmljaWVudH0ge0Z1enppbmd9IHdpdGgge0FkYXB0aXZlfSBhbmQge011dGFibGV9IHtTbmFwc2hvdHN9fSwKCXVybCA9IHtQYXBlcj1odHRwczovL2Rvd25sb2FkLnZ1c2VjLm5ldC9wYXBlcnMvc25hcHB5X2Fjc2FjMjIucGRmIENvZGU9aHR0cHM6Ly9naXRodWIuY29tL3Z1c2VjL3NuYXBweX0sCglib29rdGl0bGUgPSB7e0FDU0FDfX0sCglhdXRob3IgPSB7R2VyZXR0bywgRWxpYSBhbmQgR2l1ZmZyaWRhLCBDcmlzdGlhbm8gYW5kIEJvcywgSGVyYmVydCBhbmQgdmFuIGRlciBLb3V3ZSwgRXJpa30sCgltb250aCA9IGRlYywKCXllYXIgPSB7MjAyMn0sCglrZXl3b3JkcyA9IHthcnRpZmFjdHM6ZnVuY3Rpb25hbCwgY2xhc3NcX3Rlc3RpbmcsIHByb2pcX2ludGVyc2VjdCwgcHJvalxfbWVtbywgcHJvalxfdGhlc2V1cywgcHJvalxfdHJvcGljcywgdHlwZVxfYWUsIHR5cGVcX2NvbmYsIHR5cGVcX3BhcGVyLCB0eXBlXF90b3B9LAp9CgoKCkBpbnByb2NlZWRpbmdze2dvcnRlcl9kYW5nemVyb18yMDIyLAoJdGl0bGUgPSB7e0RhbmdaZXJvfToge0VmZmljaWVudH0ge1VzZX0te0FmdGVyfS17RnJlZX0ge0RldGVjdGlvbn0gdmlhIHtEaXJlY3R9IHtQYWdlfSB7VGFibGV9IHtBY2Nlc3N9fSwKCXVybCA9IHtQYXBlcj1odHRwczovL2Rvd25sb2FkLnZ1c2VjLm5ldC9wYXBlcnMvZGFuZ3plcm9fY2NzMjIucGRmIENvZGU9aHR0cHM6Ly9naXRodWIuY29tL3Z1c2VjL2Rhbmd6ZXJvfSwKCWJvb2t0aXRsZSA9IHt7Q0NTfX0sCglhdXRob3IgPSB7R29ydGVyLCBGbG9yaXMgYW5kIEtvbmluZywgS29lbiBhbmQgQm9zLCBIZXJiZXJ0IGFuZCBHaXVmZnJpZGEsIENyaXN0aWFub30sCgltb250aCA9IG5vdiwKCXllYXIgPSB7MjAyMn0sCglrZXl3b3JkcyA9IHtjbGFzc1xfc2FuaXRpemVyLCBwcm9qXF9pbnRlcnNlY3QsIHByb2pcX21lbW8sIHByb2pcX3RoZXNldXMsIHByb2pcX3Ryb3BpY3MsIHByb2pcX3VuaWNvcmUsIHR5cGVcX2NvbmYsIHR5cGVcX3BhcGVyLCB0eXBlXF90aWVyMSwgdHlwZVxfdG9wfSwKfQoKCgpAaW5wcm9jZWVkaW5nc3tiYXJiZXJpc19icmFuY2hfMjAyMiwKCXRpdGxlID0ge0JyYW5jaCB7SGlzdG9yeX0ge0luamVjdGlvbn06IHtPbn0gdGhlIHtFZmZlY3RpdmVuZXNzfSBvZiB7SGFyZHdhcmV9IHtNaXRpZ2F0aW9uc30ge0FnYWluc3R9IHtDcm9zc30te1ByaXZpbGVnZX0ge1NwZWN0cmV9LXYyIHtBdHRhY2tzfX0sCgl1cmwgPSB7UGFwZXI9aHR0cDovL2Rvd25sb2FkLnZ1c2VjLm5ldC9wYXBlcnMvYmhpLXNwZWN0cmUtYmhiX3NlYzIyLnBkZiBXZWI9aHR0cHM6Ly93d3cudnVzZWMubmV0L3Byb2plY3RzL2JoaS1zcGVjdHJlLWJoYiBDb2RlPWh0dHBzOi8vZ2l0aHViLmNvbS92dXNlYy9iaGktc3BlY3RyZS1iaGJ9LAoJYm9va3RpdGxlID0ge3tVU0VOSVh9IHtTZWN1cml0eX19LAoJYXV0aG9yID0ge0JhcmJlcmlzLCBFbnJpY28gYW5kIEZyaWdvLCBQaWV0cm8gYW5kIE11ZW5jaCwgTWFyaXVzIGFuZCBCb3MsIEhlcmJlcnQgYW5kIEdpdWZmcmlkYSwgQ3Jpc3RpYW5vfSwKCW1vbnRoID0gYXVnLAoJeWVhciA9IHsyMDIyfSwKCW5vdGUgPSB7UHduaWUgQXdhcmQgTm9taW5hdGlvbiBmb3IgRXBpYyBBY2hpZXZlbWVudCwgSW50ZWwgQm91bnR5IFJld2FyZH0sCglrZXl3b3JkcyA9IHthcnRpZmFjdHM6YXZhaWxhYmxlLCBhcnRpZmFjdHM6ZnVuY3Rpb25hbCwgYXJ0aWZhY3RzOnJlcHJvZHVjZWQsIGNsYXNzXF9zaWRlY2hhbm5lbHMsIHByb2pcX2ludGVyc2VjdCwgcHJvalxfb2ZmY29yZSwgcHJvalxfdGhlc2V1cywgcHJvalxfdHJvcGljcywgcHJvalxfdW5pY29yZSwgdHlwZVxfYWUsIHR5cGVcX2F3YXJkLCB0eXBlXF9ib3VudHksIHR5cGVcX2NvbmYsIHR5cGVcX2N2ZVxfYXNzaWduZWQsIHR5cGVcX3BhcGVyLCB0eXBlXF9wcmVzcywgdHlwZVxfdGllcjEsIHR5cGVcX3RvcH0sCn0KCgoKQGlucHJvY2VlZGluZ3N7dG9iaWFzX3NjaGFybm93c2tpX2Z1enp3YXJlXzIwMjIsCgl0aXRsZSA9IHtGdXp6d2FyZToge1VzaW5nfSB7UHJlY2lzZX0ge01NSU99IHtNb2RlbGluZ30gZm9yIHtFZmZlY3RpdmV9IHtGaXJtd2FyZX0ge0Z1enppbmd9fSwKCXVybCA9IHtodHRwczovL3d3dy51c2VuaXgub3JnL3N5c3RlbS9maWxlcy9zZWMyMnN1bW1lcl9zY2hhcm5vd3NraS5wZGZ9LAoJYWJzdHJhY3QgPSB7QXMgZW1iZWRkZWQgZGV2aWNlcyBhcmUgYmVjb21pbmcgbW9yZSBwZXJ2YXNpdmUgaW4gb3VyIGV2ZXJ5ZGF5IGxpdmVzLCB0aGV5IHR1cm4gaW50byBhbiBhdHRyYWN0aXZlIHRhcmdldCBmb3IgYWR2ZXJzYXJpZXMuIERlc3BpdGUgdGhlaXIgaGlnaCB2YWx1ZSBhbmQgbGFyZ2UgYXR0YWNrIHN1cmZhY2UsIGFwcGx5aW5nIGF1dG9tYXRlZCB0ZXN0aW5nIHRlY2huaXF1ZXMgc3VjaCBhcyBmdXp6aW5nIGlzIG5vdCBzdHJhaWdodGZvcndhcmQgZm9yIHN1Y2ggZGV2aWNlcy4gQXMgZnV6eiB0ZXN0aW5nIGZpcm13YXJlIG9uIGNvbnN0cmFpbmVkIGVtYmVkZGVkIGRldmljZXMgaXMgaW5lZmZpY2llbnQsIHN0YXRlLW9mLXRoZS1hcnQgYXBwcm9hY2hlcyBpbnN0ZWFkIG9wdCB0byBydW4gdGhlIGZpcm13YXJlIGluIGFuIGVtdWxhdG9yICh0aHJvdWdoIGEgcHJvY2VzcyBjYWxsZWQgcmUtaG9zdGluZykuIEhvd2V2ZXIsIGV4aXN0aW5nIGFwcHJvYWNoZXMgZWl0aGVyIHVzZSBjb2Fyc2UtZ3JhaW5lZCBzdGF0aWMgbW9kZWxzIG9mIGhhcmR3YXJlIGJlaGF2aW9yIG9yIHJlcXVpcmUgbWFudWFsIGVmZm9ydCB0byByZS1ob3N0IHRoZSBmaXJtd2FyZS4KCldlIHByb3Bvc2UgYSBub3ZlbCBjb21iaW5hdGlvbiBvZiBsaWdodHdlaWdodCBwcm9ncmFtIGFuYWx5c2lzLCByZS1ob3N0aW5nLCBhbmQgZnV6eiB0ZXN0aW5nIHRvIHRhY2tsZSB0aGVzZSBjaGFsbGVuZ2VzLiBXZSBwcmVzZW50IHRoZSBkZXNpZ24gYW5kIGltcGxlbWVudGF0aW9uIG9mIEZ1enp3YXJlLCBhIHNvZnR3YXJlLW9ubHkgc3lzdGVtIHRvIGZ1enogdGVzdCB1bm1vZGlmaWVkIG1vbm9saXRoaWMgZmlybXdhcmUgaW4gYSBzY2FsYWJsZSB3YXkuIEJ5IGRldGVybWluaW5nIGhvdyBoYXJkd2FyZS1nZW5lcmF0ZWQgdmFsdWVzIGFyZSBhY3R1YWxseSB1c2VkIGJ5IHRoZSBmaXJtd2FyZSBsb2dpYywgRnV6endhcmUgY2FuIGF1dG9tYXRpY2FsbHkgZ2VuZXJhdGUgbW9kZWxzIHRoYXQgaGVscCBmb2N1c2luZyB0aGUgZnV6emluZyBwcm9jZXNzIG9uIG11dGF0aW5nIHRoZSBpbnB1dHMgdGhhdCBtYXR0ZXIsIHdoaWNoIGRyYXN0aWNhbGx5IGltcHJvdmVzIGl0cyBlZmZlY3RpdmVuZXNzLgoKV2UgZXZhbHVhdGUgb3VyIGFwcHJvYWNoIG9uIHN5bnRoZXRpYyBhbmQgcmVhbC13b3JsZCB0YXJnZXRzIGNvbXByaXNpbmcgYSB0b3RhbCBvZiAxOSBoYXJkd2FyZSBwbGF0Zm9ybXMgYW5kIDc3IGZpcm13YXJlIGltYWdlcy4gQ29tcGFyZWQgdG8gc3RhdGUtb2YtdGhlLWFydCB3b3JrLCBGdXp6d2FyZSBhY2hpZXZlcyB1cCB0byAzLjI1IHRpbWVzIHRoZSBjb2RlIGNvdmVyYWdlIGFuZCBvdXIgbW9kZWxpbmcgYXBwcm9hY2ggcmVkdWNlcyB0aGUgc2l6ZSBvZiB0aGUgaW5wdXQgc3BhY2UgYnkgdXAgdG8gOTUuNVwlLiBUaGUgc3ludGhldGljIHNhbXBsZXMgY29udGFpbiA2NiB1bml0IHRlc3RzIGZvciB2YXJpb3VzIGhhcmR3YXJlIGludGVyYWN0aW9ucywgYW5kIHdlIGZpbmQgdGhhdCBvdXIgYXBwcm9hY2ggaXMgdGhlIGZpcnN0IGdlbmVyaWMgcmUtaG9zdGluZyBzb2x1dGlvbiB0byBhdXRvbWF0aWNhbGx5IHBhc3MgYWxsIG9mIHRoZW0uIEZ1enp3YXJlIGRpc2NvdmVyZWQgMTUgY29tcGxldGVseSBuZXcgYnVncyBpbmNsdWRpbmcgYnVncyBpbiB0YXJnZXRzIHdoaWNoIHdlcmUgcHJldmlvdXNseSBhbmFseXplZCBieSBvdGhlciB3b3JrczsgYSB0b3RhbCBvZiAxMiBDVkVzIHdlcmUgYXNzaWduZWQufSwKCWJvb2t0aXRsZSA9IHt7VVNFTklYfSB7U2VjdXJpdHl9fSwKCWF1dGhvciA9IHt7VG9iaWFzIFNjaGFybm93c2tpfSBhbmQge05pbHMgQmFyc30gYW5kIHtNb3JpdHogU2NobG9lZ2VsfSBhbmQge0VyaWMgR3VzdGFmc29ufSBhbmQge01hcml1cyBNdWVuY2h9IGFuZCB7R2lvdmFubmkgVmlnbmF9IGFuZCB7Q2hyaXN0b3BoZXIgS3J1ZWdlbH0gYW5kIHtUaG9yc3RlbiBIb2x6fSBhbmQge0FsaSBBYmJhc2l9fSwKCW1vbnRoID0gYXVnLAoJeWVhciA9IHsyMDIyfSwKCWtleXdvcmRzID0ge2FydGlmYWN0czphdmFpbGFibGUsIGFydGlmYWN0czpmdW5jdGlvbmFsLCBhcnRpZmFjdHM6cmVwcm9kdWNlZCwgY2xhc3NcX2JpbmFyeSwgcHJvalxfaW50ZXJzZWN0LCBwcm9qXF90cm9waWNzLCB0eXBlXF9hZSwgdHlwZVxfY29uZiwgdHlwZVxfcGFwZXIsIHR5cGVcX3RpZXIxLCB0eXBlXF90b3B9LAp9CgoKCkBpbnByb2NlZWRpbmdze3RhdGFyX3RsYmRyXzIwMjIsCgl0aXRsZSA9IHt7VExCfTt7RFJ9OiB7RW5oYW5jaW5nfSB7VExCfS1iYXNlZCB7QXR0YWNrc30gd2l0aCB7VExCfSB7RGVzeW5jaHJvbml6ZWR9IHtSZXZlcnNlfSB7RW5naW5lZXJpbmd9fSwKCXVybCA9IHtQYXBlcj1odHRwczovL2Rvd25sb2FkLnZ1c2VjLm5ldC9wYXBlcnMvdGxiZHJfc2VjMjIucGRmIENvZGU9aHR0cHM6Ly9naXRodWIuY29tL3Z1c2VjL3RsYmRyfSwKCWJvb2t0aXRsZSA9IHt7VVNFTklYfSB7U2VjdXJpdHl9fSwKCWF1dGhvciA9IHtUYXRhciwgQW5kcmVpIGFuZCBUcnVqaWxsbywgRGFuacOrbCBhbmQgR2l1ZmZyaWRhLCBDcmlzdGlhbm8gYW5kIEJvcywgSGVyYmVydH0sCgltb250aCA9IGF1ZywKCXllYXIgPSB7MjAyMn0sCglrZXl3b3JkcyA9IHthcnRpZmFjdHM6YXZhaWxhYmxlLCBhcnRpZmFjdHM6ZnVuY3Rpb25hbCwgYXJ0aWZhY3RzOnJlcHJvZHVjZWQsIGNsYXNzXF9zaWRlY2hhbm5lbHMsIHByb2pcX2ludGVyc2VjdCwgcHJvalxfb2ZmY29yZSwgcHJvalxfdGhlc2V1cywgcHJvalxfdHJvcGljcywgcHJvalxfdW5pY29yZSwgdHlwZVxfYWUsIHR5cGVcX2NvbmYsIHR5cGVcX3BhcGVyLCB0eXBlXF90aWVyMSwgdHlwZVxfdG9wfSwKfQoKCgpAaW5wcm9jZWVkaW5nc3tyYWdhYl9idWdzYnVubnlfMjAyMiwKCXRpdGxlID0ge3tCdWdzQnVubnl9OiB7SG9wcGluZ30gdG8ge1JUTH0ge1RhcmdldHN9IHdpdGggYSB7RGlyZWN0ZWR9IHtIYXJkd2FyZX0te0Rlc2lnbn0ge0Z1enplcn19LAoJdXJsID0ge2h0dHBzOi8vZG93bmxvYWQudnVzZWMubmV0L3BhcGVycy9idWdzYnVubnlfc2lsbTIyLnBkZn0sCglib29rdGl0bGUgPSB7e1NJTE19fSwKCWF1dGhvciA9IHtSYWdhYiwgSGFueSBhbmQgS29uaW5nLCBLb2VuIGFuZCBCb3MsIEhlcmJlcnQgYW5kIEdpdWZmcmlkYSwgQ3Jpc3RpYW5vfSwKCW1vbnRoID0ganVuLAoJeWVhciA9IHsyMDIyfSwKCWtleXdvcmRzID0ge2NsYXNzXF90ZXN0aW5nLCBwcm9qXF9pbnRlcnNlY3QsIHByb2pcX29mZmNvcmUsIHByb2pcX3Ryb3BpY3MsIHR5cGVcX3BhcGVyLCB0eXBlXF93b3Jrc2hvcH0sCn0KCgoKQGlucHJvY2VlZGluZ3N7d2lrbmVyX3NwcmluZ18yMDIyLAoJdGl0bGUgPSB7U3ByaW5nOiB7U3BlY3RyZX0ge1JldHVybmluZ30gaW4gdGhlIHtCcm93c2VyfSB3aXRoIHtTcGVjdWxhdGl2ZX0ge0xvYWR9IHtRdWV1aW5nfSBhbmQge0RlZXB9IHtTdGFja3N9fSwKCXVybCA9IHtQYXBlcj1odHRwOi8vZG93bmxvYWQudnVzZWMubmV0L3BhcGVycy9zcHJpbmdfd29vdDIyLnBkZn0sCglib29rdGl0bGUgPSB7e1dPT1R9fSwKCWF1dGhvciA9IHtXaWtuZXIsIEpvaGFubmVzIGFuZCBHaXVmZnJpZGEsIENyaXN0aWFubyBhbmQgQm9zLCBIZXJiZXJ0IGFuZCBSYXphdmksIEthdmVofSwKCW1vbnRoID0gbWF5LAoJeWVhciA9IHsyMDIyfSwKCW5vdGUgPSB7TW96aWxsYSBCb3VudHkgUmV3YXJkfSwKCWtleXdvcmRzID0ge2NsYXNzXF9zaWRlY2hhbm5lbHMsIHByb2pcX2ludGVyc2VjdCwgcHJvalxfb2ZmY29yZSwgcHJvalxfdHJvcGljcywgdHlwZVxfYXdhcmQsIHR5cGVcX2JvdW50eSwgdHlwZVxfbXNjdGhlc2lzLCB0eXBlXF9wYXBlciwgdHlwZVxfdG9wLCB0eXBlXF93b3Jrc2hvcH0sCn0KCgoKQGlucHJvY2VlZGluZ3N7Y29zdGlfZWZmZWN0aXZlbmVzc18yMDIyLAoJdGl0bGUgPSB7T24gdGhlIHtFZmZlY3RpdmVuZXNzfSBvZiB7U2FtZX0te0RvbWFpbn0ge01lbW9yeX0ge0RlZHVwbGljYXRpb259fSwKCXVybCA9IHtQYXBlcj1odHRwczovL2Rvd25sb2FkLnZ1c2VjLm5ldC9wYXBlcnMvZGVkdXBlc3RyZXR1cm5zX2V1cm9zZWMyMi5wZGYgU2xpZGVzPWh0dHBzOi8vZG93bmxvYWQudnVzZWMubmV0L3NsaWRlcy9kZWR1cF9ldXJvc2VjMjIucGRmIFdlYj1odHRwczovL3d3dy52dXNlYy5uZXQvcHJvamVjdHMvZGVkdXAtZXN0LW1hY2hpbmEtcmV0dXJucy8gQ29kZT1odHRwczovL2dpdGh1Yi5jb20vdnVzZWMvZGVkdXAtZXN0LXJldHVybnN9LAoJYm9va3RpdGxlID0ge3tFdXJvU2VjfX0sCglhdXRob3IgPSB7Q29zdGksIEFuZHJlYXMgYW5kIEpvaGFubmVzbWV5ZXIsIEJyaWFuIGFuZCBCb3NtYW4sIEVyaWsgYW5kIEdpdWZmcmlkYSwgQ3Jpc3RpYW5vIGFuZCBCb3MsIEhlcmJlcnR9LAoJbW9udGggPSBhcHIsCgl5ZWFyID0gezIwMjJ9LAoJa2V5d29yZHMgPSB7Y2xhc3NcX3NpZGVjaGFubmVscywgcHJvalxfaW50ZXJzZWN0LCBwcm9qXF91bmljb3JlLCB0eXBlXF9tc2N0aGVzaXMsIHR5cGVcX3BhcGVyLCB0eXBlXF93b3Jrc2hvcH0sCn0KCgoKQGlucHJvY2VlZGluZ3N7am9oYW5uZXNtZXllcl9rYXNwZXJfMjAyMiwKCXRpdGxlID0ge0thc3Blcjoge1NjYW5uaW5nfSBmb3Ige0dlbmVyYWxpemVkfSB7VHJhbnNpZW50fSB7RXhlY3V0aW9ufSB7R2FkZ2V0c30gaW4gdGhlIHtMaW51eH0ge0tlcm5lbH19LAoJdXJsID0ge1BhcGVyPWh0dHBzOi8vZG93bmxvYWQudnVzZWMubmV0L3BhcGVycy9rYXNwZXJfbmRzczIyLnBkZiBTbGlkZXM9aHR0cHM6Ly9kb3dubG9hZC52dXNlYy5uZXQvc2xpZGVzL2thc3Blcl9uZHNzMjIucGRmIFdlYj1odHRwczovL3d3dy52dXNlYy5uZXQvcHJvamVjdHMva2FzcGVyIENvZGU9aHR0cHM6Ly9naXRodWIuY29tL3Z1c2VjL2thc3BlciBWaWRlbz1odHRwczovL3d3dy55b3V0dWJlLmNvbS93YXRjaD92PXY4OVp0M3Z4cnd3fSwKCWJvb2t0aXRsZSA9IHt7TkRTU319LAoJYXV0aG9yID0ge0pvaGFubmVzbWV5ZXIsIEJyaWFuIGFuZCBLb3NjaGVsLCBKYWtvYiBhbmQgUmF6YXZpLCBLYXZlaCBhbmQgQm9zLCBIZXJiZXJ0IGFuZCBHaXVmZnJpZGEsIENyaXN0aWFub30sCgltb250aCA9IGFwciwKCXllYXIgPSB7MjAyMn0sCglrZXl3b3JkcyA9IHtjbGFzc1xfc2lkZWNoYW5uZWxzLCBwcm9qXF9pbnRlcnNlY3QsIHByb2pcX29mZmNvcmUsIHByb2pcX3RoZXNldXMsIHByb2pcX3Ryb3BpY3MsIHByb2pcX3VuaWNvcmUsIHByb2pcX3ZlcmlwYXRjaCwgdHlwZVxfY29uZiwgdHlwZVxfcGFwZXIsIHR5cGVcX3RpZXIxLCB0eXBlXF90b3B9LAp9CgoKCkBpbnByb2NlZWRpbmdze2JhY3NfZHVwZWZzXzIwMjIsCgl0aXRsZSA9IHt7RHVwZUZTfToge0xlYWtpbmd9IHtEYXRhfSB7T3Zlcn0gdGhlIHtOZXR3b3JrfSB7V2l0aH0ge0ZpbGVzeXN0ZW19IHtEZWR1cGxpY2F0aW9ufSB7U2lkZX0ge0NoYW5uZWxzfX0sCgl1cmwgPSB7UGFwZXI9aHR0cHM6Ly9kb3dubG9hZC52dXNlYy5uZXQvcGFwZXJzL2R1cGVmc19mYXN0MjIucGRmfSwKCWJvb2t0aXRsZSA9IHt7RkFTVH19LAoJYXV0aG9yID0ge0JhY3MsIEFuZHJlaSBhbmQgTXVzYWV2LCBTYWlkZ2FuaSBhbmQgUmF6YXZpLCBLYXZlaCBhbmQgR2l1ZmZyaWRhLCBDcmlzdGlhbm8gYW5kIEJvcywgSGVyYmVydH0sCgltb250aCA9IGZlYiwKCXllYXIgPSB7MjAyMn0sCglrZXl3b3JkcyA9IHtjbGFzc1xfc2lkZWNoYW5uZWxzLCBwcm9qXF9pbnRlcnNlY3QsIHByb2pcX29mZmNvcmUsIHByb2pcX3VuaWNvcmUsIHR5cGVcX2NvbmYsIHR5cGVcX21zY3RoZXNpcywgdHlwZVxfcGFwZXIsIHR5cGVcX3RpZXIxLCB0eXBlXF90b3B9LAp9CgoKCkBpbnByb2NlZWRpbmdze2dyYW50X2hlcm5hbmRlel9maXJtd2lyZV8yMDIyLAoJdGl0bGUgPSB7e0Zpcm1XaXJlfToge1RyYW5zcGFyZW50fSB7RHluYW1pY30ge0FuYWx5c2lzfSBmb3Ige0NlbGx1bGFyfSB7QmFzZWJhbmR9IHtGaXJtd2FyZX19LAoJdXJsID0ge1BhcGVyPWh0dHBzOi8vaGVybmFuLmRlL3Jlc2VhcmNoL3BhcGVycy9maXJtd2lyZS1uZHNzMjItaGVybmFuZGV6LnBkZiBDb2RlPWh0dHBzOi8vZ2l0aHViLmNvbS9GaXJtV2lyZS9GaXJtV2lyZX0sCglib29rdGl0bGUgPSB7e05EU1N9fSwKCWF1dGhvciA9IHt7R3JhbnQgSGVybmFuZGV6fSBhbmQge01hcml1cyBNdWVuY2h9IGFuZCB7RG9taW5payBNYWllcn0gYW5kIHtBbHlzc2EgTWlsYnVybn0gYW5kIHtTaGluam8gUGFya30gYW5kIHtUb2JpYXMgU2NoYXJub3dza2l9IGFuZCB7VHlsZXIgVHVja2VyfSBhbmQge1BhdHJpY2sgVHJheW5vcn0gYW5kIHtLZXZpbiBSLiBCLiBCdXRsZXJ9fSwKCW1vbnRoID0gZmViLAoJeWVhciA9IHsyMDIyfSwKCWtleXdvcmRzID0ge2NsYXNzXF9iaW5hcnksIHByb2pcX2ludGVyc2VjdCwgcHJvalxfdHJvcGljcywgdHlwZVxfY29uZiwgdHlwZVxfcGFwZXIsIHR5cGVcX3RpZXIxLCB0eXBlXF90b3B9LAp9CgoKCkBpbnByb2NlZWRpbmdze21pX2xlYW5zeW1fMjAyMSwKCXRpdGxlID0ge3tMZWFuU3ltfToge0VmZmljaWVudH0ge0h5YnJpZH0ge0Z1enppbmd9IHtUaHJvdWdofSB7Q29uc2VydmF0aXZlfSB7Q29uc3RyYWludH0ge0RlYmxvYXRpbmd9fSwKCXVybCA9IHtodHRwczovL2Rvd25sb2FkLnZ1c2VjLm5ldC9wYXBlcnMvbGVhbnN5bV9yYWlkMjEucGRmfSwKCWJvb2t0aXRsZSA9IHt7UkFJRH19LAoJYXV0aG9yID0ge01pLCBYaWFueWEgYW5kIFJhd2F0LCBTYW5qYXkgYW5kIEdpdWZmcmlkYSwgQ3Jpc3RpYW5vIGFuZCBCb3MsIEhlcmJlcnR9LAoJbW9udGggPSBvY3QsCgl5ZWFyID0gezIwMjF9LAoJa2V5d29yZHMgPSB7Y2xhc3NcX3Rlc3RpbmcsIHByb2pcX2ludGVyc2VjdCwgcHJvalxfbWVtbywgcHJvalxfdGhlc2V1cywgcHJvalxfdHJvcGljcywgdHlwZVxfY29uZiwgdHlwZVxfcGFwZXIsIHR5cGVcX3RvcH0sCn0KCgoKQGlucHJvY2VlZGluZ3N7cmFnYWJfcmFnZV8yMDIxLAoJdGl0bGUgPSB7UmFnZSB7QWdhaW5zdH0gdGhlIHtNYWNoaW5lfSB7Q2xlYXJ9OiB7QX0ge1N5c3RlbWF0aWN9IHtBbmFseXNpc30gb2Yge01hY2hpbmV9IHtDbGVhcnN9IGFuZCB7VGhlaXJ9IHtJbXBsaWNhdGlvbnN9IGZvciB7VHJhbnNpZW50fSB7RXhlY3V0aW9ufSB7QXR0YWNrc319LAoJdXJsID0ge1BhcGVyPWh0dHBzOi8vZG93bmxvYWQudnVzZWMubmV0L3BhcGVycy9mcHZpLXNjc2Jfc2VjMjEucGRmIFdlYj1odHRwczovL3d3dy52dXNlYy5uZXQvcHJvamVjdHMvZnB2aS1zY3NiIENvZGU9aHR0cHM6Ly9naXRodWIuY29tL3Z1c2VjL2Zwdmktc2NzYn0sCglib29rdGl0bGUgPSB7e1VTRU5JWH0ge1NlY3VyaXR5fX0sCglhdXRob3IgPSB7UmFnYWIsIEhhbnkgYW5kIEJhcmJlcmlzLCBFbnJpY28gYW5kIEJvcywgSGVyYmVydCBhbmQgR2l1ZmZyaWRhLCBDcmlzdGlhbm99LAoJbW9udGggPSBhdWcsCgl5ZWFyID0gezIwMjF9LAoJbm90ZSA9IHtEaXN0aW5ndWlzaGVkIFBhcGVyIEF3YXJkLCBJbnRlbCBCb3VudHkgUmV3YXJkLCBNb3ppbGxhIEJvdW50eSBSZXdhcmQsIFB3bmllIEF3YXJkIE5vbWluYXRpb24gZm9yIE1vc3QgSW5ub3ZhdGl2ZSBSZXNlYXJjaCwgUHduaWUgQXdhcmQgTm9taW5hdGlvbiBmb3IgQmVzdCBQcml2aWxlZ2UgRXNjYWxhdGlvbiBCdWcsIFB3bmllIEF3YXJkIE5vbWluYXRpb24gZm9yIEJlc3QgQ2xpZW50LVNpZGUgQnVnLCBQd25pZSBBd2FyZCBOb21pbmF0aW9uIGZvciBFcGljIEFjaGlldmVtZW50LCBEQ1NSIFBhcGVyIEF3YXJkLCBDU0FXIEJlc3QgUGFwZXIgQXdhcmQgUnVubmVyLXVwfSwKCWtleXdvcmRzID0ge2NsYXNzXF9zaWRlY2hhbm5lbHMsIHByb2pcX2ludGVyc2VjdCwgcHJvalxfb2ZmY29yZSwgcHJvalxfcmVhY3QsIHByb2pcX3VuaWNvcmUsIHR5cGVcX2F3YXJkLCB0eXBlXF9ib3VudHksIHR5cGVcX2NvbmYsIHR5cGVcX2N2ZVxfYXNzaWduZWQsIHR5cGVcX3BhcGVyLCB0eXBlXF90aWVyMSwgdHlwZVxfdG9wfSwKfQoKCgpAaW5wcm9jZWVkaW5nc3tmYXNhbm9fc29rXzIwMjEsCgl0aXRsZSA9IHt7U29LfToge0VuYWJsaW5nfSB7U2VjdXJpdHl9IHtBbmFseXNlc30gb2Yge0VtYmVkZGVkfSB7U3lzdGVtc30gdmlhIHtSZWhvc3Rpbmd9fSwKCXVybCA9IHtodHRwczovL2RsLmFjbS5vcmcvZG9pL3BkZi8xMC4xMTQ1LzM0MzMyMTAuMzQ1MzA5M30sCglkb2kgPSB7MTAuMTE0NS8zNDMzMjEwLjM0NTMwOTN9LAoJYWJzdHJhY3QgPSB7Q2xvc2VseSBtb25pdG9yaW5nIHRoZSBiZWhhdmlvciBvZiBhIHNvZnR3YXJlIHN5c3RlbSBkdXJpbmcgaXRzIGV4ZWN1dGlvbiBlbmFibGVzIGRldmVsb3BlcnMgYW5kIGFuYWx5c3RzIHRvIG9ic2VydmUsIGFuZCB1bHRpbWF0ZWx5IHVuZGVyc3RhbmQsIGhvdyBpdCB3b3Jrcy4gVGhpcyBraW5kIG9mIGR5bmFtaWMgYW5hbHlzaXMgY2FuIGJlIGluc3RydW1lbnRhbCB0byByZXZlcnNlIGVuZ2luZWVyaW5nLCB2dWxuZXJhYmlsaXR5IGRpc2NvdmVyeSwgZXhwbG9pdCBkZXZlbG9wbWVudCwgYW5kIGRlYnVnZ2luZy4gV2hpbGUgdGhlc2UgYW5hbHlzZXMgYXJlIHR5cGljYWxseSB3ZWxsLXN1cHBvcnRlZCBmb3IgaG9tb2dlbmVvdXMgZGVza3RvcCBwbGF0Zm9ybXMgKGUuZy4sIHg4NiBkZXNrdG9wIFBDcyksIHRoZXkgY2FuIHJhcmVseSBiZSBhcHBsaWVkIGluIHRoZSBoZXRlcm9nZW5lb3VzIHdvcmxkIG9mIGVtYmVkZGVkIHN5c3RlbXMuIE9uZSBhcHByb2FjaCB0byBlbmFibGUgZHluYW1pYyBhbmFseXNlcyBvZiBlbWJlZGRlZCBzeXN0ZW1zIGlzIHRvIG1vdmUgc29mdHdhcmUgc3RhY2tzIGZyb20gcGh5c2ljYWwgc3lzdGVtcyBpbnRvIHZpcnR1YWwgZW52aXJvbm1lbnRzIHRoYXQgc3VmZmljaWVudGx5IG1vZGVsIGhhcmR3YXJlIGJlaGF2aW9yLiBUaGlzIHByb2Nlc3Mgd2hpY2ggd2UgY2FsbCAicmVob3N0aW5nIiBwb3NlcyBhIHNpZ25pZmljYW50IHJlc2VhcmNoIGNoYWxsZW5nZSB3aXRoIG1ham9yIGltcGxpY2F0aW9ucyBmb3Igc2VjdXJpdHkgYW5hbHlzZXMuIEFsdGhvdWdoIHJlaG9zdGluZyBoYXMgdHJhZGl0aW9uYWxseSBiZWVuIGFuIHVuc2NpZW50aWZpYyBhbmQgYWQtaG9jIGVuZGVhdm9yIHVuZGVydGFrZW4gYnkgZG9tYWluIGV4cGVydHMgd2l0aCB2YXJ5aW5nIHRpbWUgYW5kIHJlc291cmNlcyBhdCB0aGVpciBkaXNwb3NhbCwgcmVzZWFyY2hlcnMgYXJlIGJlZ2lubmluZyB0byBhZGRyZXNzIHJlaG9zdGluZyBjaGFsbGVuZ2VzIHN5c3RlbWF0aWNhbGx5IGFuZCBpbiBlYXJuZXN0LiBJbiB0aGlzIHBhcGVyLCB3ZSBlc3RhYmxpc2ggdGhhdCBlbXVsYXRpb24gaXMgaW5zdWZmaWNpZW50IHRvIGNvbmR1Y3QgbGFyZ2Utc2NhbGUgZHluYW1pYyBhbmFseXNpcyBvZiByZWFsLXdvcmxkIGhhcmR3YXJlIHN5c3RlbXMgYW5kIHByZXNlbnQgcmVob3N0aW5nIGFzIGEgZmlybXdhcmUtY2VudHJpYyBhbHRlcm5hdGl2ZS4gRnVydGhlcm1vcmUsIHdlIHRheG9ub21pemUgcHJlbGltaW5hcnkgcmVob3N0aW5nIGVmZm9ydHMsIGlkZW50aWZ5IHRoZSBmdW5kYW1lbnRhbCBjb21wb25lbnRzIG9mIHRoZSByZWhvc3RpbmcgcHJvY2VzcywgYW5kIHByb3Bvc2UgZGlyZWN0aW9ucyBmb3IgZnV0dXJlIHJlc2VhcmNoLn0sCglib29rdGl0bGUgPSB7e0FTSUFDQ1N9fSwKCWF1dGhvciA9IHtGYXNhbm8sIEFuZHJldyBhbmQgQmFsbG8sIFRpZW1va28gYW5kIE11ZW5jaCwgTWFyaXVzIGFuZCBMZWVrLCBUaW0gYW5kIEJ1bGVrb3YsIEFsZXhhbmRlciBhbmQgRG9sYW4tR2F2aXR0LCBCcmVuZGFuIGFuZCBFZ2VsZSwgTWFudWVsIGFuZCBGcmFuY2lsbG9uLCBBdXLDqWxpZW4gYW5kIEx1LCBMb25nIGFuZCBHcmVnb3J5LCBOaWNrIGFuZCBCYWx6YXJvdHRpLCBEYXZpZGUgYW5kIFJvYmVydHNvbiwgV2lsbGlhbX0sCgltb250aCA9IG1heSwKCXllYXIgPSB7MjAyMX0sCglrZXl3b3JkcyA9IHtjbGFzc1xfYmluYXJ5LCBkeW5hbWljIHByb2dyYW0gYW5hbHlzaXMsIGVtYmVkZGVkIHN5c3RlbXMsIGVtdWxhdGlvbiwgZmlybXdhcmUgc2VjdXJpdHksIGludGVybmV0IG9mIHRoaW5ncywgcHJvalxfaW50ZXJzZWN0LCBwcm9qXF90cm9waWNzLCByZWhvc3RpbmcsIHR5cGVcX2NvbmYsIHR5cGVcX3BhcGVyLCB0eXBlXF90b3AsIHZpcnR1YWxpemF0aW9ufSwKfQo=\">\n            <i class=\"fa fa-download fa-fw\"></i> Download BibTeX\n          </a>\n        </li>\n        <li>\n          <a href=\"//bibbase.org/rss?bib=https://download.vusec.net/papers/zotero.php?tag=proj_intersect&amp;full=&amp;format=bibtex&amp;sort=date\">\n            <i class=\"fa fa-rss fa-fw\"></i> RSS Feed\n          </a>\n          </li>\n      </ul>\n      </li>\n\n      \n\n\n      \n      <div class=\"navbar-form\">\n        <input type=\"text\" class=\"form-control\"\n          onkeyup=\"handleSearch(this.value)\"\n          placeholder=\"Type to filter\"\n          style=\"width: 20em; height: 1.8em; padding: 0.5em\">\n        </input>\n      </div>\n      \n    </ul>\n\n\n    <div class=\"alert alert-success bibbase_msg\" id=\"bibbase_msg_embed\"\n         style=\"display: none;\">\n\n      Excellent! Next you can\n      <a href=\"/network/register?next=/network/newSiteFromTemplate%3Fbiburl=https://download.vusec.net/papers/zotero.php?tag=proj_intersect&amp;full=&amp;format=bibtex&amp;sort=date\"\n      >create a new website with this list</a>, or\n      embed it in an existing web page by copying &amp; pasting\n      any of the following snippets.\n\n      <div style=\"text-align: left; margin-top: 1em;\">\n        <strong>JavaScript</strong>\n        <span class=\"comment recommended\">(easiest)</span>\n        <div class=\"well well-small\">\n          <code>\n            &lt;script src=\"https://bibbase.org/show?bib=https%3A%2F%2Fdownload.vusec.net%2Fpapers%2Fzotero.php%3Ftag%3Dproj_intersect%26full%3D%26format%3Dbibtex%26sort%3Ddate&amp;theme=default&amp;jsonp=1&amp;showSearch=1&amp;owner=none&amp;filter=keywords:type_paper,&amp;jsonp=1\"&gt;&lt;/script&gt;\n          </code>\n        </div>\n\n        <strong>PHP</strong>\n        <div class=\"well well-small\">\n          <code>\n            &lt;?php\n            $contents = file_get_contents(\"https://bibbase.org/show?bib=https%3A%2F%2Fdownload.vusec.net%2Fpapers%2Fzotero.php%3Ftag%3Dproj_intersect%26full%3D%26format%3Dbibtex%26sort%3Ddate&amp;theme=default&amp;jsonp=1&amp;showSearch=1&amp;owner=none&amp;filter=keywords:type_paper,\");\n            print_r($contents);\n            ?&gt;\n          </code>\n        </div>\n\n        <strong>iFrame</strong>\n        <span class=\"comment\">(not recommended)</span>\n        <div class=\"well well-small\">\n          <code>\n            &lt;iframe src=\"https://bibbase.org/show?bib=https%3A%2F%2Fdownload.vusec.net%2Fpapers%2Fzotero.php%3Ftag%3Dproj_intersect%26full%3D%26format%3Dbibtex%26sort%3Ddate&amp;theme=default&amp;jsonp=1&amp;showSearch=1&amp;owner=none&amp;filter=keywords:type_paper,\"&gt;&lt;/iframe&gt;\n          </code>\n        </div>\n\n        <p>\n          For more details see the <a href=\"//bibbase.org/help\">documention</a>.\n        </p>\n      </div>\n    </div>\n\n    <div class=\"alert alert-success bibbase_msg\" id=\"bibbase_msg_preview\"\n         style=\"display: none;\">\n\n      This is a preview! To use this list on your own web site\n      or create a new web site from it,\n      <a href=\"/network/register?next=/network/newAccountWithFile%3FfileId=\"\n      >create a free account</a>. The file will be added\n      and you will be able to edit it in the File Manager.\n      We will show you instructions once you've created your account.\n    </div>\n\n    <div class=\"alert alert-warning bibbase_msg\" id=\"bibbase_msg_mendeley1\"\n         style=\"display: none;\">\n\n      <p>To the site owner:</p>\n\n      <p><strong>Action required!</strong> Mendeley is changing its\n        API. In order to keep using Mendeley with BibBase past April\n        14th, you need to:\n        <ol>\n          <li>renew the authorization for BibBase on Mendeley, and</li>\n          <li>update the BibBase URL\n            in your page the same way you did when you initially set up\n            this page.\n          </li>\n        </ol>\n      </p>\n\n      <p>\n        <a href=\"http://bibbase.org/cgi-bin/mendeley2/get.py\">\n          <i class=\"fa fa-angle-double-right\"></i>\n          Fix it now</a>\n      </p>\n    </div>\n\n  </div>\n\n\n  <div id=\"bibbase_body\">\n    \n  \n  <div class=\"bibbase_group_whole\" id=\"group_2024\">\n    <div class=\"bibbase_group\"\n      onclick=\"toggleGroup('group_2024')\"\n      onkeypress=\"toggleGroup('group_2024')\"\n      tabindex=\"0\">\n      <i class=\"fa fa-angle-down bibbase_group_head_icon\"></i>&nbsp;\n      <span>2024</span>\n      <span class=\"bibbase_group_count\">\n        \n        (7)\n        \n      </span>\n    </div>\n    <div class=\"bibbase_group_body\">\n      \n  \n  <div class=\"bibbase_paper\" id=\"wiebing-defaveritron-bos-giuffrida-inspectregadgetinspectingtheresidualattacksurfaceofcrossprivilegespectrev2-2024\">\n  <span class=\"bibbase_paper_titleauthoryear\">\n\n  \n  <span class=\"bibbase_paper_title\">\n  \n  \n  \n  <a href=\"https://download.vusec.net/papers/inspectre_sec24.pdf\"\n     onclick=\"return trackOutboundLink('publications', 'click', 'wiebing-defaveritron-bos-giuffrida-inspectregadgetinspectingtheresidualattacksurfaceofcrossprivilegespectrev2-2024', 'https://download.vusec.net/papers/inspectre_sec24.pdf', event);\">\n    InSpectre Gadget: Inspecting the Residual Attack Surface of Cross-privilege Spectre v2.\n  </a>\n  \n  \n  \n</span>\n\n  <span class=\"bibbase_paper_author\">\n  Wiebing, S.; de Faveri Tron, A.; Bos, H.;  and Giuffrida, C.\n</span>\n\n  \n\n</span>\n\n  In <i>USENIX Security</i>, August 2024. \n  <span class=\"note\"></span>\n\n<span class=\"bibbase_note\"></span>\n\n<br class=\"bibbase_paper_content\"/>\n\n<span class=\"bibbase_paper_content dontprint\">\n\n  \n  <a href=\"https://download.vusec.net/papers/inspectre_sec24.pdf\"\n     onclick=\"log_download('wiebing-defaveritron-bos-giuffrida-inspectregadgetinspectingtheresidualattacksurfaceofcrossprivilegespectrev2-2024', 'https://download.vusec.net/papers/inspectre_sec24.pdf', event.ctrlKey, event)\">\n    <img src=\"//bibbase.org/img/filetypes/pdf.svg\"\n\t     alt=\"InSpectre Gadget: Inspecting the Residual Attack Surface of Cross-privilege Spectre v2 [pdf]\"\n       title=\"Paper\"\n\t     class=\"bibbase_icon\"\n         ><span class=\"bibbase_icon_text\">Paper</span></a>\n  &nbsp;\n  \n  <a href=\"https://vusec.net/projects/native-bhi\"\n     onclick=\"log_download('wiebing-defaveritron-bos-giuffrida-inspectregadgetinspectingtheresidualattacksurfaceofcrossprivilegespectrev2-2024', 'https://vusec.net/projects/native-bhi', event.ctrlKey, event)\">\n    <img src=\"//bibbase.org/img/filetypes/link.svg\"\n\t     alt=\"InSpectre Gadget: Inspecting the Residual Attack Surface of Cross-privilege Spectre v2 [link]\"\n       title=\"Web\"\n\t     class=\"bibbase_icon\"\n         ><span class=\"bibbase_icon_text\">Web</span></a>\n  &nbsp;\n  \n  <a href=\"https://github.com/vusec/inspectre-gadget\"\n     onclick=\"log_download('wiebing-defaveritron-bos-giuffrida-inspectregadgetinspectingtheresidualattacksurfaceofcrossprivilegespectrev2-2024', 'https://github.com/vusec/inspectre-gadget', event.ctrlKey, event)\">\n    <img src=\"//bibbase.org/img/filetypes/link.svg\"\n\t     alt=\"InSpectre Gadget: Inspecting the Residual Attack Surface of Cross-privilege Spectre v2 [link]\"\n       title=\"Code\"\n\t     class=\"bibbase_icon\"\n         ><span class=\"bibbase_icon_text\">Code</span></a>\n  &nbsp;\n  \n\n  \n\n  \n  <a href=\"//bibbase.org/network/publication/wiebing-defaveritron-bos-giuffrida-inspectregadgetinspectingtheresidualattacksurfaceofcrossprivilegespectrev2-2024\"\n     class=\"bibbase bibbase_page link\">link</a>\n  &nbsp;\n  \n\n  <a href=\"#\"\n     onclick=\"showBib(event); return false;\"\n     class=\"bibbase bibtex link\">bibtex\n    <i class=\"fa fa-caret-down\"></i></a>\n\n  \n\n  \n  &nbsp;\n  <span class=\"bibbase_stats_paper\" style=\"color: #777;\">\n    <span>118 downloads</span>\n  </span>\n  \n\n  <!-- <a class=\"bibbase read link hidden\" -->\n  <!--    href=\"javascript:toggleRead('wiebing-defaveritron-bos-giuffrida-inspectregadgetinspectingtheresidualattacksurfaceofcrossprivilegespectrev2-2024')\" -->\n  <!--    title=\"Marking this paper as read adds it to your library on BibBase.\" -->\n  <!--    > -->\n  <!--   <i class=\"fa fa-check\"></i>&nbsp; -->\n  <!--   <span>mark as read</span> -->\n  <!-- </a> -->\n\n  &nbsp;\n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n\n</span>\n\n<div class=\"well well-small bibbase\" data-type=\"bibtex\"\n     style=\"display:none\">\n  <pre style=\"white-space: pre-wrap;\">@inproceedings{wiebing_inspectre_2024,\n\ttitle = {{InSpectre} {Gadget}: {Inspecting} the {Residual} {Attack} {Surface} of {Cross}-privilege {Spectre} v2},\n\turl = {Paper=https://download.vusec.net/papers/inspectre_sec24.pdf Web=https://vusec.net/projects/native-bhi Code=https://github.com/vusec/inspectre-gadget},\n\tbooktitle = {{USENIX} {Security}},\n\tauthor = {Wiebing, Sander and de Faveri Tron, Alvise and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = aug,\n\tyear = {2024},\n\tkeywords = {class\\_sidechannels, proj\\_allocamelus, proj\\_intersect, proj\\_rescale, type\\_ae, type\\_conf, type\\_cve\\_assigned, type\\_paper, type\\_tier1, type\\_top},\n}\n\n</pre>\n</div>\n\n\n\n</div>\n\n\n  <div class=\"bibbase_paper\" id=\"johannesmeyer-slowinska-bos-giuffrida-practicaldataonlyattackgeneration-2024\">\n  <span class=\"bibbase_paper_titleauthoryear\">\n\n  \n  <span class=\"bibbase_paper_title\">\n  \n  \n  \n  <a href=\"https://download.vusec.net/papers/einstein_sec24.pdf\"\n     onclick=\"return trackOutboundLink('publications', 'click', 'johannesmeyer-slowinska-bos-giuffrida-practicaldataonlyattackgeneration-2024', 'https://download.vusec.net/papers/einstein_sec24.pdf', event);\">\n    Practical Data-Only Attack Generation.\n  </a>\n  \n  \n  \n</span>\n\n  <span class=\"bibbase_paper_author\">\n  Johannesmeyer, B.; Slowinska, A.; Bos, H.;  and Giuffrida, C.\n</span>\n\n  \n\n</span>\n\n  In <i>USENIX Security</i>, August 2024. \n  <span class=\"note\"></span>\n\n<span class=\"bibbase_note\"></span>\n\n<br class=\"bibbase_paper_content\"/>\n\n<span class=\"bibbase_paper_content dontprint\">\n\n  \n  <a href=\"https://download.vusec.net/papers/einstein_sec24.pdf\"\n     onclick=\"log_download('johannesmeyer-slowinska-bos-giuffrida-practicaldataonlyattackgeneration-2024', 'https://download.vusec.net/papers/einstein_sec24.pdf', event.ctrlKey, event)\">\n    <img src=\"//bibbase.org/img/filetypes/pdf.svg\"\n\t     alt=\"Practical Data-Only Attack Generation [pdf]\"\n       title=\"Paper\"\n\t     class=\"bibbase_icon\"\n         ><span class=\"bibbase_icon_text\">Paper</span></a>\n  &nbsp;\n  \n  <a href=\"https://github.com/vusec/einstein\"\n     onclick=\"log_download('johannesmeyer-slowinska-bos-giuffrida-practicaldataonlyattackgeneration-2024', 'https://github.com/vusec/einstein', event.ctrlKey, event)\">\n    <img src=\"//bibbase.org/img/filetypes/link.svg\"\n\t     alt=\"Practical Data-Only Attack Generation [link]\"\n       title=\"Code\"\n\t     class=\"bibbase_icon\"\n         ><span class=\"bibbase_icon_text\">Code</span></a>\n  &nbsp;\n  \n\n  \n\n  \n  <a href=\"//bibbase.org/network/publication/johannesmeyer-slowinska-bos-giuffrida-practicaldataonlyattackgeneration-2024\"\n     class=\"bibbase bibbase_page link\">link</a>\n  &nbsp;\n  \n\n  <a href=\"#\"\n     onclick=\"showBib(event); return false;\"\n     class=\"bibbase bibtex link\">bibtex\n    <i class=\"fa fa-caret-down\"></i></a>\n\n  \n\n  \n  &nbsp;\n  <span class=\"bibbase_stats_paper\" style=\"color: #777;\">\n    <span>52 downloads</span>\n  </span>\n  \n\n  <!-- <a class=\"bibbase read link hidden\" -->\n  <!--    href=\"javascript:toggleRead('johannesmeyer-slowinska-bos-giuffrida-practicaldataonlyattackgeneration-2024')\" -->\n  <!--    title=\"Marking this paper as read adds it to your library on BibBase.\" -->\n  <!--    > -->\n  <!--   <i class=\"fa fa-check\"></i>&nbsp; -->\n  <!--   <span>mark as read</span> -->\n  <!-- </a> -->\n\n  &nbsp;\n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n\n</span>\n\n<div class=\"well well-small bibbase\" data-type=\"bibtex\"\n     style=\"display:none\">\n  <pre style=\"white-space: pre-wrap;\">@inproceedings{johannesmeyer_practical_2024,\n\ttitle = {Practical {Data}-{Only} {Attack} {Generation}},\n\turl = {Paper=https://download.vusec.net/papers/einstein_sec24.pdf Code=https://github.com/vusec/einstein},\n\tbooktitle = {{USENIX} {Security}},\n\tauthor = {Johannesmeyer, Brian and Slowinska, Asia and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = aug,\n\tyear = {2024},\n\tkeywords = {class\\_binary, proj\\_intersect, proj\\_theseus, type\\_ae, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n</pre>\n</div>\n\n\n\n</div>\n\n\n  <div class=\"bibbase_paper\" id=\"ragab-mambretti-kurmus-giuffrida-ghostraceexploitingandmitigatingspeculativeraceconditions-2024\">\n  <span class=\"bibbase_paper_titleauthoryear\">\n\n  \n  <span class=\"bibbase_paper_title\">\n  \n  \n  \n  <a href=\"https://download.vusec.net/papers/ghostrace_sec24.pdf\"\n     onclick=\"return trackOutboundLink('publications', 'click', 'ragab-mambretti-kurmus-giuffrida-ghostraceexploitingandmitigatingspeculativeraceconditions-2024', 'https://download.vusec.net/papers/ghostrace_sec24.pdf', event);\">\n    GhostRace: Exploiting and Mitigating Speculative Race Conditions.\n  </a>\n  \n  \n  \n</span>\n\n  <span class=\"bibbase_paper_author\">\n  Ragab, H.; Mambretti, A.; Kurmus, A.;  and Giuffrida, C.\n</span>\n\n  \n\n</span>\n\n  In <i>USENIX Security</i>, August 2024. \n  <span class=\"note\"></span>\n\n<span class=\"bibbase_note\"></span>\n\n<br class=\"bibbase_paper_content\"/>\n\n<span class=\"bibbase_paper_content dontprint\">\n\n  \n  <a href=\"https://download.vusec.net/papers/ghostrace_sec24.pdf\"\n     onclick=\"log_download('ragab-mambretti-kurmus-giuffrida-ghostraceexploitingandmitigatingspeculativeraceconditions-2024', 'https://download.vusec.net/papers/ghostrace_sec24.pdf', event.ctrlKey, event)\">\n    <img src=\"//bibbase.org/img/filetypes/pdf.svg\"\n\t     alt=\"GhostRace: Exploiting and Mitigating Speculative Race Conditions [pdf]\"\n       title=\"Paper\"\n\t     class=\"bibbase_icon\"\n         ><span class=\"bibbase_icon_text\">Paper</span></a>\n  &nbsp;\n  \n  <a href=\"https://www.vusec.net/projects/ghostrace\"\n     onclick=\"log_download('ragab-mambretti-kurmus-giuffrida-ghostraceexploitingandmitigatingspeculativeraceconditions-2024', 'https://www.vusec.net/projects/ghostrace', event.ctrlKey, event)\">\n    <img src=\"//bibbase.org/img/filetypes/link.svg\"\n\t     alt=\"GhostRace: Exploiting and Mitigating Speculative Race Conditions [link]\"\n       title=\"Web\"\n\t     class=\"bibbase_icon\"\n         ><span class=\"bibbase_icon_text\">Web</span></a>\n  &nbsp;\n  \n  <a href=\"https://github.com/vusec/ghostrace\"\n     onclick=\"log_download('ragab-mambretti-kurmus-giuffrida-ghostraceexploitingandmitigatingspeculativeraceconditions-2024', 'https://github.com/vusec/ghostrace', event.ctrlKey, event)\">\n    <img src=\"//bibbase.org/img/filetypes/link.svg\"\n\t     alt=\"GhostRace: Exploiting and Mitigating Speculative Race Conditions [link]\"\n       title=\"Code\"\n\t     class=\"bibbase_icon\"\n         ><span class=\"bibbase_icon_text\">Code</span></a>\n  &nbsp;\n  \n\n  \n\n  \n  <a href=\"//bibbase.org/network/publication/ragab-mambretti-kurmus-giuffrida-ghostraceexploitingandmitigatingspeculativeraceconditions-2024\"\n     class=\"bibbase bibbase_page link\">link</a>\n  &nbsp;\n  \n\n  <a href=\"#\"\n     onclick=\"showBib(event); return false;\"\n     class=\"bibbase bibtex link\">bibtex\n    <i class=\"fa fa-caret-down\"></i></a>\n\n  \n\n  \n  &nbsp;\n  <span class=\"bibbase_stats_paper\" style=\"color: #777;\">\n    <span>356 downloads</span>\n  </span>\n  \n\n  <!-- <a class=\"bibbase read link hidden\" -->\n  <!--    href=\"javascript:toggleRead('ragab-mambretti-kurmus-giuffrida-ghostraceexploitingandmitigatingspeculativeraceconditions-2024')\" -->\n  <!--    title=\"Marking this paper as read adds it to your library on BibBase.\" -->\n  <!--    > -->\n  <!--   <i class=\"fa fa-check\"></i>&nbsp; -->\n  <!--   <span>mark as read</span> -->\n  <!-- </a> -->\n\n  &nbsp;\n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n\n</span>\n\n<div class=\"well well-small bibbase\" data-type=\"bibtex\"\n     style=\"display:none\">\n  <pre style=\"white-space: pre-wrap;\">@inproceedings{ragab_ghostrace_2024,\n\ttitle = {{GhostRace}: {Exploiting} and {Mitigating} {Speculative} {Race} {Conditions}},\n\turl = {Paper=https://download.vusec.net/papers/ghostrace_sec24.pdf Web=https://www.vusec.net/projects/ghostrace Code=https://github.com/vusec/ghostrace},\n\tbooktitle = {{USENIX} {Security}},\n\tauthor = {Ragab, Hany and Mambretti, Andrea and Kurmus, Anil and Giuffrida, Cristiano},\n\tmonth = aug,\n\tyear = {2024},\n\tkeywords = {class\\_sidechannels, proj\\_allocamelus, proj\\_intersect, proj\\_rescale, type\\_conf, type\\_cve\\_assigned, type\\_paper, type\\_tier1, type\\_top},\n}\n\n</pre>\n</div>\n\n\n\n</div>\n\n\n  <div class=\"bibbase_paper\" id=\"duta-aloserij-giuffrida-safefetchpracticaldoublefetchprotectionwithkernelfetchcaching-2024\">\n  <span class=\"bibbase_paper_titleauthoryear\">\n\n  \n  <span class=\"bibbase_paper_title\">\n  \n  \n  \n  SafeFetch: Practical Double-Fetch Protection with Kernel-Fetch Caching.\n  \n  \n  \n</span>\n\n  <span class=\"bibbase_paper_author\">\n  Duta, V.; Aloserij, M.;  and Giuffrida, C.\n</span>\n\n  \n\n</span>\n\n  In <i>USENIX Security</i>, August 2024. \n  <span class=\"note\"></span>\n\n<span class=\"bibbase_note\"></span>\n\n<br class=\"bibbase_paper_content\"/>\n\n<span class=\"bibbase_paper_content dontprint\">\n\n  \n\n  \n\n  \n  <a href=\"//bibbase.org/network/publication/duta-aloserij-giuffrida-safefetchpracticaldoublefetchprotectionwithkernelfetchcaching-2024\"\n     class=\"bibbase bibbase_page link\">link</a>\n  &nbsp;\n  \n\n  <a href=\"#\"\n     onclick=\"showBib(event); return false;\"\n     class=\"bibbase bibtex link\">bibtex\n    <i class=\"fa fa-caret-down\"></i></a>\n\n  \n\n  \n\n  <!-- <a class=\"bibbase read link hidden\" -->\n  <!--    href=\"javascript:toggleRead('duta-aloserij-giuffrida-safefetchpracticaldoublefetchprotectionwithkernelfetchcaching-2024')\" -->\n  <!--    title=\"Marking this paper as read adds it to your library on BibBase.\" -->\n  <!--    > -->\n  <!--   <i class=\"fa fa-check\"></i>&nbsp; -->\n  <!--   <span>mark as read</span> -->\n  <!-- </a> -->\n\n  &nbsp;\n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n\n</span>\n\n<div class=\"well well-small bibbase\" data-type=\"bibtex\"\n     style=\"display:none\">\n  <pre style=\"white-space: pre-wrap;\">@inproceedings{duta_safefetch_2024,\n\ttitle = {{SafeFetch}: {Practical} {Double}-{Fetch} {Protection} with {Kernel}-{Fetch} {Caching}},\n\tbooktitle = {{USENIX} {Security}},\n\tauthor = {Duta, Victor and Aloserij, Mitchel and Giuffrida, Cristiano},\n\tmonth = aug,\n\tyear = {2024},\n\tkeywords = {class\\_sanitizer, proj\\_allocamelus, proj\\_intersect, proj\\_rescale, proj\\_theseus, type\\_ae, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n</pre>\n</div>\n\n\n\n</div>\n\n\n  <div class=\"bibbase_paper\" id=\"gorter-kroes-bos-giuffrida-stickytagsefficientanddeterministicspatialmemoryerrormitigationusingpersistentmemorytags-2024\">\n  <span class=\"bibbase_paper_titleauthoryear\">\n\n  \n  <span class=\"bibbase_paper_title\">\n  \n  \n  \n  Sticky Tags: Efficient and Deterministic Spatial Memory Error Mitigation using Persistent Memory Tags.\n  \n  \n  \n</span>\n\n  <span class=\"bibbase_paper_author\">\n  Gorter, F.; Kroes, T.; Bos, H.;  and Giuffrida, C.\n</span>\n\n  \n\n</span>\n\n  In <i>S&P</i>, May 2024. \n  <span class=\"note\"></span>\n\n<span class=\"bibbase_note\"></span>\n\n<br class=\"bibbase_paper_content\"/>\n\n<span class=\"bibbase_paper_content dontprint\">\n\n  \n\n  \n\n  \n  <a href=\"//bibbase.org/network/publication/gorter-kroes-bos-giuffrida-stickytagsefficientanddeterministicspatialmemoryerrormitigationusingpersistentmemorytags-2024\"\n     class=\"bibbase bibbase_page link\">link</a>\n  &nbsp;\n  \n\n  <a href=\"#\"\n     onclick=\"showBib(event); return false;\"\n     class=\"bibbase bibtex link\">bibtex\n    <i class=\"fa fa-caret-down\"></i></a>\n\n  \n\n  \n\n  <!-- <a class=\"bibbase read link hidden\" -->\n  <!--    href=\"javascript:toggleRead('gorter-kroes-bos-giuffrida-stickytagsefficientanddeterministicspatialmemoryerrormitigationusingpersistentmemorytags-2024')\" -->\n  <!--    title=\"Marking this paper as read adds it to your library on BibBase.\" -->\n  <!--    > -->\n  <!--   <i class=\"fa fa-check\"></i>&nbsp; -->\n  <!--   <span>mark as read</span> -->\n  <!-- </a> -->\n\n  &nbsp;\n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n\n</span>\n\n<div class=\"well well-small bibbase\" data-type=\"bibtex\"\n     style=\"display:none\">\n  <pre style=\"white-space: pre-wrap;\">@inproceedings{gorter_sticky_2024,\n\ttitle = {Sticky {Tags}: {Efficient} and {Deterministic} {Spatial} {Memory} {Error} {Mitigation} using {Persistent} {Memory} {Tags}},\n\tbooktitle = {S\\&amp;{P}},\n\tauthor = {Gorter, Floris and Kroes, Taddeus and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = may,\n\tyear = {2024},\n\tkeywords = {class\\_sanitizer, proj\\_allocamelus, proj\\_intersect, proj\\_rescale, proj\\_theseus, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n</pre>\n</div>\n\n\n\n</div>\n\n\n  <div class=\"bibbase_paper\" id=\"hertogh-wiebing-giuffrida-leakyaddressmaskingexploitingunmaskedspectregadgetswithnoncanonicaladdresstranslation-2024\">\n  <span class=\"bibbase_paper_titleauthoryear\">\n\n  \n  <span class=\"bibbase_paper_title\">\n  \n  \n  \n  <a href=\"https://download.vusec.net/papers/slam_sp24.pdf\"\n     onclick=\"return trackOutboundLink('publications', 'click', 'hertogh-wiebing-giuffrida-leakyaddressmaskingexploitingunmaskedspectregadgetswithnoncanonicaladdresstranslation-2024', 'https://download.vusec.net/papers/slam_sp24.pdf', event);\">\n    Leaky Address Masking: Exploiting Unmasked Spectre Gadgets with Noncanonical Address Translation.\n  </a>\n  \n  \n  \n</span>\n\n  <span class=\"bibbase_paper_author\">\n  Hertogh, M.; Wiebing, S.;  and Giuffrida, C.\n</span>\n\n  \n\n</span>\n\n  In <i>S&P</i>, May 2024. \n  <span class=\"note\"></span>\n\n<span class=\"bibbase_note\"></span>\n\n<br class=\"bibbase_paper_content\"/>\n\n<span class=\"bibbase_paper_content dontprint\">\n\n  \n  <a href=\"https://download.vusec.net/papers/slam_sp24.pdf\"\n     onclick=\"log_download('hertogh-wiebing-giuffrida-leakyaddressmaskingexploitingunmaskedspectregadgetswithnoncanonicaladdresstranslation-2024', 'https://download.vusec.net/papers/slam_sp24.pdf', event.ctrlKey, event)\">\n    <img src=\"//bibbase.org/img/filetypes/pdf.svg\"\n\t     alt=\"Leaky Address Masking: Exploiting Unmasked Spectre Gadgets with Noncanonical Address Translation [pdf]\"\n       title=\"Paper\"\n\t     class=\"bibbase_icon\"\n         ><span class=\"bibbase_icon_text\">Paper</span></a>\n  &nbsp;\n  \n  <a href=\"https://www.vusec.net/projects/slam\"\n     onclick=\"log_download('hertogh-wiebing-giuffrida-leakyaddressmaskingexploitingunmaskedspectregadgetswithnoncanonicaladdresstranslation-2024', 'https://www.vusec.net/projects/slam', event.ctrlKey, event)\">\n    <img src=\"//bibbase.org/img/filetypes/link.svg\"\n\t     alt=\"Leaky Address Masking: Exploiting Unmasked Spectre Gadgets with Noncanonical Address Translation [link]\"\n       title=\"Web\"\n\t     class=\"bibbase_icon\"\n         ><span class=\"bibbase_icon_text\">Web</span></a>\n  &nbsp;\n  \n  <a href=\"https://github.com/vusec/slam\"\n     onclick=\"log_download('hertogh-wiebing-giuffrida-leakyaddressmaskingexploitingunmaskedspectregadgetswithnoncanonicaladdresstranslation-2024', 'https://github.com/vusec/slam', event.ctrlKey, event)\">\n    <img src=\"//bibbase.org/img/filetypes/link.svg\"\n\t     alt=\"Leaky Address Masking: Exploiting Unmasked Spectre Gadgets with Noncanonical Address Translation [link]\"\n       title=\"Code\"\n\t     class=\"bibbase_icon\"\n         ><span class=\"bibbase_icon_text\">Code</span></a>\n  &nbsp;\n  \n\n  \n\n  \n  <a href=\"//bibbase.org/network/publication/hertogh-wiebing-giuffrida-leakyaddressmaskingexploitingunmaskedspectregadgetswithnoncanonicaladdresstranslation-2024\"\n     class=\"bibbase bibbase_page link\">link</a>\n  &nbsp;\n  \n\n  <a href=\"#\"\n     onclick=\"showBib(event); return false;\"\n     class=\"bibbase bibtex link\">bibtex\n    <i class=\"fa fa-caret-down\"></i></a>\n\n  \n\n  \n  &nbsp;\n  <span class=\"bibbase_stats_paper\" style=\"color: #777;\">\n    <span>372 downloads</span>\n  </span>\n  \n\n  <!-- <a class=\"bibbase read link hidden\" -->\n  <!--    href=\"javascript:toggleRead('hertogh-wiebing-giuffrida-leakyaddressmaskingexploitingunmaskedspectregadgetswithnoncanonicaladdresstranslation-2024')\" -->\n  <!--    title=\"Marking this paper as read adds it to your library on BibBase.\" -->\n  <!--    > -->\n  <!--   <i class=\"fa fa-check\"></i>&nbsp; -->\n  <!--   <span>mark as read</span> -->\n  <!-- </a> -->\n\n  &nbsp;\n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n\n</span>\n\n<div class=\"well well-small bibbase\" data-type=\"bibtex\"\n     style=\"display:none\">\n  <pre style=\"white-space: pre-wrap;\">@inproceedings{hertogh_leaky_2024,\n\ttitle = {Leaky {Address} {Masking}: {Exploiting} {Unmasked} {Spectre} {Gadgets} with {Noncanonical} {Address} {Translation}},\n\turl = {Paper=https://download.vusec.net/papers/slam_sp24.pdf Web=https://www.vusec.net/projects/slam Code=https://github.com/vusec/slam},\n\tbooktitle = {S\\&amp;{P}},\n\tauthor = {Hertogh, Mathé and Wiebing, Sander and Giuffrida, Cristiano},\n\tmonth = may,\n\tyear = {2024},\n\tkeywords = {class\\_sidechannels, proj\\_allocamelus, proj\\_intersect, proj\\_rescale, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n</pre>\n</div>\n\n\n\n</div>\n\n\n  <div class=\"bibbase_paper\" id=\"borrello-fioraldi-delia-balzarotti-querzoni-giuffrida-predictivecontextsensitivefuzzing-2024\">\n  <span class=\"bibbase_paper_titleauthoryear\">\n\n  \n  <span class=\"bibbase_paper_title\">\n  \n  \n  \n  <a href=\"https://download.vusec.net/papers/pcsfuzzing_ndss24.pdf\"\n     onclick=\"return trackOutboundLink('publications', 'click', 'borrello-fioraldi-delia-balzarotti-querzoni-giuffrida-predictivecontextsensitivefuzzing-2024', 'https://download.vusec.net/papers/pcsfuzzing_ndss24.pdf', event);\">\n    Predictive Context-sensitive Fuzzing.\n  </a>\n  \n  \n  \n</span>\n\n  <span class=\"bibbase_paper_author\">\n  Borrello, P.; Fioraldi, A.; D'Elia, D. C.; Balzarotti, D.; Querzoni, L.;  and Giuffrida, C.\n</span>\n\n  \n\n</span>\n\n  In <i>NDSS</i>, February 2024. \n  <span class=\"note\"></span>\n\n<span class=\"bibbase_note\"></span>\n\n<br class=\"bibbase_paper_content\"/>\n\n<span class=\"bibbase_paper_content dontprint\">\n\n  \n  <a href=\"https://download.vusec.net/papers/pcsfuzzing_ndss24.pdf\"\n     onclick=\"log_download('borrello-fioraldi-delia-balzarotti-querzoni-giuffrida-predictivecontextsensitivefuzzing-2024', 'https://download.vusec.net/papers/pcsfuzzing_ndss24.pdf', event.ctrlKey, event)\">\n    <img src=\"//bibbase.org/img/filetypes/pdf.svg\"\n\t     alt=\"Predictive Context-sensitive Fuzzing [pdf]\"\n       title=\"Paper\"\n\t     class=\"bibbase_icon\"\n         ><span class=\"bibbase_icon_text\">Paper</span></a>\n  &nbsp;\n  \n  <a href=\"https://github.com/eurecom-s3/predictive-cs-fuzzing\"\n     onclick=\"log_download('borrello-fioraldi-delia-balzarotti-querzoni-giuffrida-predictivecontextsensitivefuzzing-2024', 'https://github.com/eurecom-s3/predictive-cs-fuzzing', event.ctrlKey, event)\">\n    <img src=\"//bibbase.org/img/filetypes/link.svg\"\n\t     alt=\"Predictive Context-sensitive Fuzzing [link]\"\n       title=\"Code\"\n\t     class=\"bibbase_icon\"\n         ><span class=\"bibbase_icon_text\">Code</span></a>\n  &nbsp;\n  \n\n  \n\n  \n  <a href=\"//bibbase.org/network/publication/borrello-fioraldi-delia-balzarotti-querzoni-giuffrida-predictivecontextsensitivefuzzing-2024\"\n     class=\"bibbase bibbase_page link\">link</a>\n  &nbsp;\n  \n\n  <a href=\"#\"\n     onclick=\"showBib(event); return false;\"\n     class=\"bibbase bibtex link\">bibtex\n    <i class=\"fa fa-caret-down\"></i></a>\n\n  \n\n  \n  &nbsp;\n  <span class=\"bibbase_stats_paper\" style=\"color: #777;\">\n    <span>43 downloads</span>\n  </span>\n  \n\n  <!-- <a class=\"bibbase read link hidden\" -->\n  <!--    href=\"javascript:toggleRead('borrello-fioraldi-delia-balzarotti-querzoni-giuffrida-predictivecontextsensitivefuzzing-2024')\" -->\n  <!--    title=\"Marking this paper as read adds it to your library on BibBase.\" -->\n  <!--    > -->\n  <!--   <i class=\"fa fa-check\"></i>&nbsp; -->\n  <!--   <span>mark as read</span> -->\n  <!-- </a> -->\n\n  &nbsp;\n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n\n</span>\n\n<div class=\"well well-small bibbase\" data-type=\"bibtex\"\n     style=\"display:none\">\n  <pre style=\"white-space: pre-wrap;\">@inproceedings{borrello_predictive_2024,\n\ttitle = {Predictive {Context}-sensitive {Fuzzing}},\n\turl = {Paper=https://download.vusec.net/papers/pcsfuzzing_ndss24.pdf Code=https://github.com/eurecom-s3/predictive-cs-fuzzing},\n\tbooktitle = {{NDSS}},\n\tauthor = {Borrello, Pietro and Fioraldi, Andrea and D&#x27;Elia, Daniele Cono and Balzarotti, Davide and Querzoni, Leonardo and Giuffrida, Cristiano},\n\tmonth = feb,\n\tyear = {2024},\n\tkeywords = {class\\_testing, proj\\_intersect, proj\\_memo, proj\\_rescale, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n</pre>\n</div>\n\n\n\n</div>\n\n\n\n\n\n    </div>\n  </div>\n\n  <div class=\"bibbase_group_whole\" id=\"group_2023\">\n    <div class=\"bibbase_group\"\n      onclick=\"toggleGroup('group_2023')\"\n      onkeypress=\"toggleGroup('group_2023')\"\n      tabindex=\"0\">\n      <i class=\"fa fa-angle-down bibbase_group_head_icon\"></i>&nbsp;\n      <span>2023</span>\n      <span class=\"bibbase_group_count\">\n        \n        (10)\n        \n      </span>\n    </div>\n    <div class=\"bibbase_group_body\">\n      \n  \n  <div class=\"bibbase_paper\" id=\"geretto-hohnerlein-giuffrida-bos-vanderkouwe-vongleissenthall-trieremespeedinguphybridfuzzingthroughefficientqueryscheduling-2023\">\n  <span class=\"bibbase_paper_titleauthoryear\">\n\n  \n  <span class=\"bibbase_paper_title\">\n  \n  \n  \n  <a href=\"https://download.vusec.net/papers/triereme_acsac23.pdf\"\n     onclick=\"return trackOutboundLink('publications', 'click', 'geretto-hohnerlein-giuffrida-bos-vanderkouwe-vongleissenthall-trieremespeedinguphybridfuzzingthroughefficientqueryscheduling-2023', 'https://download.vusec.net/papers/triereme_acsac23.pdf', event);\">\n    Triereme: Speeding up Hybrid Fuzzing through Efficient Query Scheduling.\n  </a>\n  \n  \n  \n</span>\n\n  <span class=\"bibbase_paper_author\">\n  Geretto, E.; Hohnerlein, J.; Giuffrida, C.; Bos, H.; Van Der Kouwe, E.;  and von Gleissenthall, K.\n</span>\n\n  \n\n</span>\n\n  In <i>ACSAC</i>, December 2023. \n  <span class=\"note\"></span>\n\n<span class=\"bibbase_note\"></span>\n\n<br class=\"bibbase_paper_content\"/>\n\n<span class=\"bibbase_paper_content dontprint\">\n\n  \n  <a href=\"https://download.vusec.net/papers/triereme_acsac23.pdf\"\n     onclick=\"log_download('geretto-hohnerlein-giuffrida-bos-vanderkouwe-vongleissenthall-trieremespeedinguphybridfuzzingthroughefficientqueryscheduling-2023', 'https://download.vusec.net/papers/triereme_acsac23.pdf', event.ctrlKey, event)\">\n    <img src=\"//bibbase.org/img/filetypes/pdf.svg\"\n\t     alt=\"Triereme: Speeding up Hybrid Fuzzing through Efficient Query Scheduling [pdf]\"\n       title=\"Paper\"\n\t     class=\"bibbase_icon\"\n         ><span class=\"bibbase_icon_text\">Paper</span></a>\n  &nbsp;\n  \n  <a href=\"https://github.com/vusec/triereme\"\n     onclick=\"log_download('geretto-hohnerlein-giuffrida-bos-vanderkouwe-vongleissenthall-trieremespeedinguphybridfuzzingthroughefficientqueryscheduling-2023', 'https://github.com/vusec/triereme', event.ctrlKey, event)\">\n    <img src=\"//bibbase.org/img/filetypes/link.svg\"\n\t     alt=\"Triereme: Speeding up Hybrid Fuzzing through Efficient Query Scheduling [link]\"\n       title=\"Code\"\n\t     class=\"bibbase_icon\"\n         ><span class=\"bibbase_icon_text\">Code</span></a>\n  &nbsp;\n  \n\n  \n\n  \n  <a href=\"//bibbase.org/network/publication/geretto-hohnerlein-giuffrida-bos-vanderkouwe-vongleissenthall-trieremespeedinguphybridfuzzingthroughefficientqueryscheduling-2023\"\n     class=\"bibbase bibbase_page link\">link</a>\n  &nbsp;\n  \n\n  <a href=\"#\"\n     onclick=\"showBib(event); return false;\"\n     class=\"bibbase bibtex link\">bibtex\n    <i class=\"fa fa-caret-down\"></i></a>\n\n  \n\n  \n  &nbsp;\n  <span class=\"bibbase_stats_paper\" style=\"color: #777;\">\n    <span>21 downloads</span>\n  </span>\n  \n\n  <!-- <a class=\"bibbase read link hidden\" -->\n  <!--    href=\"javascript:toggleRead('geretto-hohnerlein-giuffrida-bos-vanderkouwe-vongleissenthall-trieremespeedinguphybridfuzzingthroughefficientqueryscheduling-2023')\" -->\n  <!--    title=\"Marking this paper as read adds it to your library on BibBase.\" -->\n  <!--    > -->\n  <!--   <i class=\"fa fa-check\"></i>&nbsp; -->\n  <!--   <span>mark as read</span> -->\n  <!-- </a> -->\n\n  &nbsp;\n  <span class=\"bibbase_artifacts_label\">Artifact Evaluation Badges:</span>\n  \n  <img src=\"https://bibbase.org/img/acm_badges/generic_results.png\" title=\"Results Reproduced\" class=\"bibbase_artifact_badge\" />\n  \n  <img src=\"https://bibbase.org/img/acm_badges/generic_evaluated.png\" title=\"Artifacts Reusable\" class=\"bibbase_artifact_badge\" />\n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n\n</span>\n\n<div class=\"well well-small bibbase\" data-type=\"bibtex\"\n     style=\"display:none\">\n  <pre style=\"white-space: pre-wrap;\">@inproceedings{geretto_triereme_2023,\n\ttitle = {Triereme: {Speeding} up {Hybrid} {Fuzzing} through {Efficient} {Query} {Scheduling}},\n\turl = {Paper=https://download.vusec.net/papers/triereme_acsac23.pdf Code=https://github.com/vusec/triereme},\n\tbooktitle = {{ACSAC}},\n\tauthor = {Geretto, Elia and Hohnerlein, Julius and Giuffrida, Cristiano and Bos, Herbert and Van Der Kouwe, Erik and von Gleissenthall, Klaus},\n\tmonth = dec,\n\tyear = {2023},\n\tkeywords = {artifacts:reproduced, artifacts:reusable, class\\_testing, proj\\_intersect, proj\\_memo, type\\_ae, type\\_conf, type\\_paper, type\\_top},\n}\n\n</pre>\n</div>\n\n\n\n</div>\n\n\n  <div class=\"bibbase_paper\" id=\"gorter-barberis-isemann-vanderkouwe-giuffrida-bos-floatzonehowfloatingpointadditionscandetectmemoryerrors-2023\">\n  <span class=\"bibbase_paper_titleauthoryear\">\n\n  \n  <span class=\"bibbase_paper_title\">\n  \n  \n  \n  <a href=\"https://www.usenix.org/publications/loginonline/floatzone-how-floating-point-additions-can-detect-memory-errors\"\n     onclick=\"return trackOutboundLink('publications', 'click', 'gorter-barberis-isemann-vanderkouwe-giuffrida-bos-floatzonehowfloatingpointadditionscandetectmemoryerrors-2023', 'https://www.usenix.org/publications/loginonline/floatzone-how-floating-point-additions-can-detect-memory-errors', event);\">\n    FloatZone: How Floating Point Additions can Detect Memory Errors.\n  </a>\n  \n  \n  \n</span>\n\n  <span class=\"bibbase_paper_author\">\n  Gorter, F.; Barberis, E.; Isemann, R.; van der Kouwe, E.; Giuffrida, C.;  and Bos, H.\n</span>\n\n  \n\n</span>\n\n  <i>;login:</i>. November 2023.\n  <span class=\"note\"></span>\n\n<span class=\"bibbase_note\"></span>\n\n<br class=\"bibbase_paper_content\"/>\n\n<span class=\"bibbase_paper_content dontprint\">\n\n  \n  <a href=\"https://www.usenix.org/publications/loginonline/floatzone-how-floating-point-additions-can-detect-memory-errors\"\n     onclick=\"log_download('gorter-barberis-isemann-vanderkouwe-giuffrida-bos-floatzonehowfloatingpointadditionscandetectmemoryerrors-2023', 'https://www.usenix.org/publications/loginonline/floatzone-how-floating-point-additions-can-detect-memory-errors', event.ctrlKey, event)\">\n    <img src=\"//bibbase.org/img/filetypes/link.svg\"\n\t     alt=\"FloatZone: How Floating Point Additions can Detect Memory Errors [link]\"\n       title=\"Paper\"\n\t     class=\"bibbase_icon\"\n         ><span class=\"bibbase_icon_text\">Paper</span></a>\n  &nbsp;\n  \n\n  \n\n  \n  <a href=\"//bibbase.org/network/publication/gorter-barberis-isemann-vanderkouwe-giuffrida-bos-floatzonehowfloatingpointadditionscandetectmemoryerrors-2023\"\n     class=\"bibbase bibbase_page link\">link</a>\n  &nbsp;\n  \n\n  <a href=\"#\"\n     onclick=\"showBib(event); return false;\"\n     class=\"bibbase bibtex link\">bibtex\n    <i class=\"fa fa-caret-down\"></i></a>\n\n  \n\n  \n  &nbsp;\n  <span class=\"bibbase_stats_paper\" style=\"color: #777;\">\n    <span>20 downloads</span>\n  </span>\n  \n\n  <!-- <a class=\"bibbase read link hidden\" -->\n  <!--    href=\"javascript:toggleRead('gorter-barberis-isemann-vanderkouwe-giuffrida-bos-floatzonehowfloatingpointadditionscandetectmemoryerrors-2023')\" -->\n  <!--    title=\"Marking this paper as read adds it to your library on BibBase.\" -->\n  <!--    > -->\n  <!--   <i class=\"fa fa-check\"></i>&nbsp; -->\n  <!--   <span>mark as read</span> -->\n  <!-- </a> -->\n\n  &nbsp;\n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n\n</span>\n\n<div class=\"well well-small bibbase\" data-type=\"bibtex\"\n     style=\"display:none\">\n  <pre style=\"white-space: pre-wrap;\">@article{gorter_floatzone_2023,\n\ttitle = {{FloatZone}: {How} {Floating} {Point} {Additions} can {Detect} {Memory} {Errors}},\n\turl = {https://www.usenix.org/publications/loginonline/floatzone-how-floating-point-additions-can-detect-memory-errors},\n\tjournal = {;login:},\n\tauthor = {Gorter, Floris and Barberis, Enrico and Isemann, Raphael and van der Kouwe, Erik and Giuffrida, Cristiano and Bos, Herbert},\n\tmonth = nov,\n\tyear = {2023},\n\tkeywords = {class\\_sanitizer, proj\\_allocamelus, proj\\_intersect, proj\\_memo, proj\\_theseus, proj\\_tropics, type\\_mag, type\\_paper},\n}\n\n</pre>\n</div>\n\n\n\n</div>\n\n\n  <div class=\"bibbase_paper\" id=\"hertogh-wiesinger-sterlund-muench-amit-bos-giuffrida-quarantinemitigatingtransientexecutionattackswithphysicaldomainisolation-2023\">\n  <span class=\"bibbase_paper_titleauthoryear\">\n\n  \n  <span class=\"bibbase_paper_title\">\n  \n  \n  \n  <a href=\"https://download.vusec.net/papers/quarantine_raid23.pdf\"\n     onclick=\"return trackOutboundLink('publications', 'click', 'hertogh-wiesinger-sterlund-muench-amit-bos-giuffrida-quarantinemitigatingtransientexecutionattackswithphysicaldomainisolation-2023', 'https://download.vusec.net/papers/quarantine_raid23.pdf', event);\">\n    Quarantine: Mitigating Transient Execution Attacks with Physical Domain Isolation.\n  </a>\n  \n  \n  \n</span>\n\n  <span class=\"bibbase_paper_author\">\n  Hertogh, M.; Wiesinger, M.; Österlund, S.; Muench, M.; Amit, N.; Bos, H.;  and Giuffrida, C.\n</span>\n\n  \n\n</span>\n\n  In <i>RAID</i>, October 2023. \n  <span class=\"note\"></span>\n\n<span class=\"bibbase_note\"></span>\n\n<br class=\"bibbase_paper_content\"/>\n\n<span class=\"bibbase_paper_content dontprint\">\n\n  \n  <a href=\"https://download.vusec.net/papers/quarantine_raid23.pdf\"\n     onclick=\"log_download('hertogh-wiesinger-sterlund-muench-amit-bos-giuffrida-quarantinemitigatingtransientexecutionattackswithphysicaldomainisolation-2023', 'https://download.vusec.net/papers/quarantine_raid23.pdf', event.ctrlKey, event)\">\n    <img src=\"//bibbase.org/img/filetypes/pdf.svg\"\n\t     alt=\"Quarantine: Mitigating Transient Execution Attacks with Physical Domain Isolation [pdf]\"\n       title=\"Paper\"\n\t     class=\"bibbase_icon\"\n         ><span class=\"bibbase_icon_text\">Paper</span></a>\n  &nbsp;\n  \n  <a href=\"https://github.com/vusec/quarantine\"\n     onclick=\"log_download('hertogh-wiesinger-sterlund-muench-amit-bos-giuffrida-quarantinemitigatingtransientexecutionattackswithphysicaldomainisolation-2023', 'https://github.com/vusec/quarantine', event.ctrlKey, event)\">\n    <img src=\"//bibbase.org/img/filetypes/link.svg\"\n\t     alt=\"Quarantine: Mitigating Transient Execution Attacks with Physical Domain Isolation [link]\"\n       title=\"Code\"\n\t     class=\"bibbase_icon\"\n         ><span class=\"bibbase_icon_text\">Code</span></a>\n  &nbsp;\n  \n\n  \n\n  \n  <a href=\"//bibbase.org/network/publication/hertogh-wiesinger-sterlund-muench-amit-bos-giuffrida-quarantinemitigatingtransientexecutionattackswithphysicaldomainisolation-2023\"\n     class=\"bibbase bibbase_page link\">link</a>\n  &nbsp;\n  \n\n  <a href=\"#\"\n     onclick=\"showBib(event); return false;\"\n     class=\"bibbase bibtex link\">bibtex\n    <i class=\"fa fa-caret-down\"></i></a>\n\n  \n\n  \n  &nbsp;\n  <span class=\"bibbase_stats_paper\" style=\"color: #777;\">\n    <span>53 downloads</span>\n  </span>\n  \n\n  <!-- <a class=\"bibbase read link hidden\" -->\n  <!--    href=\"javascript:toggleRead('hertogh-wiesinger-sterlund-muench-amit-bos-giuffrida-quarantinemitigatingtransientexecutionattackswithphysicaldomainisolation-2023')\" -->\n  <!--    title=\"Marking this paper as read adds it to your library on BibBase.\" -->\n  <!--    > -->\n  <!--   <i class=\"fa fa-check\"></i>&nbsp; -->\n  <!--   <span>mark as read</span> -->\n  <!-- </a> -->\n\n  &nbsp;\n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n\n</span>\n\n<div class=\"well well-small bibbase\" data-type=\"bibtex\"\n     style=\"display:none\">\n  <pre style=\"white-space: pre-wrap;\">@inproceedings{hertogh_quarantine_2023,\n\ttitle = {Quarantine: {Mitigating} {Transient} {Execution} {Attacks} with {Physical} {Domain} {Isolation}},\n\turl = {Paper=https://download.vusec.net/papers/quarantine_raid23.pdf Code=https://github.com/vusec/quarantine},\n\tbooktitle = {{RAID}},\n\tauthor = {Hertogh, Mathé and Wiesinger, Manuel and Österlund, Sebastian and Muench, Marius and Amit, Nadav and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = oct,\n\tyear = {2023},\n\tkeywords = {class\\_sidechannels, proj\\_allocamelus, proj\\_intersect, proj\\_vmware, type\\_conf, type\\_paper, type\\_top},\n}\n\n</pre>\n</div>\n\n\n\n</div>\n\n\n  <div class=\"bibbase_paper\" id=\"hofmann-vannacci-fournet-kpf-oleksenko-speculationatfaultmodelingandtestingmicroarchitecturalleakageofcpuexceptions-2023\">\n  <span class=\"bibbase_paper_titleauthoryear\">\n\n  \n  <span class=\"bibbase_paper_title\">\n  \n  \n  \n  <a href=\"https://www.usenix.org/system/files/usenixsecurity23-hofmann.pdf\"\n     onclick=\"return trackOutboundLink('publications', 'click', 'hofmann-vannacci-fournet-kpf-oleksenko-speculationatfaultmodelingandtestingmicroarchitecturalleakageofcpuexceptions-2023', 'https://www.usenix.org/system/files/usenixsecurity23-hofmann.pdf', event);\">\n    Speculation at Fault: Modeling and Testing Microarchitectural Leakage of CPU Exceptions.\n  </a>\n  \n  \n  \n</span>\n\n  <span class=\"bibbase_paper_author\">\n  Hofmann, J.; Vannacci, E.; Fournet, C.; Köpf, B.;  and Oleksenko, O.\n</span>\n\n  \n\n</span>\n\n  In <i>USENIX Security</i>, August 2023. \n  <span class=\"note\"></span>\n\n<span class=\"bibbase_note\"></span>\n\n<br class=\"bibbase_paper_content\"/>\n\n<span class=\"bibbase_paper_content dontprint\">\n\n  \n  <a href=\"https://www.usenix.org/system/files/usenixsecurity23-hofmann.pdf\"\n     onclick=\"log_download('hofmann-vannacci-fournet-kpf-oleksenko-speculationatfaultmodelingandtestingmicroarchitecturalleakageofcpuexceptions-2023', 'https://www.usenix.org/system/files/usenixsecurity23-hofmann.pdf', event.ctrlKey, event)\">\n    <img src=\"//bibbase.org/img/filetypes/pdf.svg\"\n\t     alt=\"Speculation at Fault: Modeling and Testing Microarchitectural Leakage of CPU Exceptions [pdf]\"\n       title=\"Paper\"\n\t     class=\"bibbase_icon\"\n         ><span class=\"bibbase_icon_text\">Paper</span></a>\n  &nbsp;\n  \n\n  \n\n  \n  <a href=\"//bibbase.org/network/publication/hofmann-vannacci-fournet-kpf-oleksenko-speculationatfaultmodelingandtestingmicroarchitecturalleakageofcpuexceptions-2023\"\n     class=\"bibbase bibbase_page link\">link</a>\n  &nbsp;\n  \n\n  <a href=\"#\"\n     onclick=\"showBib(event); return false;\"\n     class=\"bibbase bibtex link\">bibtex\n    <i class=\"fa fa-caret-down\"></i></a>\n\n  \n\n  \n  &nbsp;\n  <span class=\"bibbase_stats_paper\" style=\"color: #777;\">\n    <span>23 downloads</span>\n  </span>\n  \n\n  <!-- <a class=\"bibbase read link hidden\" -->\n  <!--    href=\"javascript:toggleRead('hofmann-vannacci-fournet-kpf-oleksenko-speculationatfaultmodelingandtestingmicroarchitecturalleakageofcpuexceptions-2023')\" -->\n  <!--    title=\"Marking this paper as read adds it to your library on BibBase.\" -->\n  <!--    > -->\n  <!--   <i class=\"fa fa-check\"></i>&nbsp; -->\n  <!--   <span>mark as read</span> -->\n  <!-- </a> -->\n\n  &nbsp;\n  <span class=\"bibbase_artifacts_label\">Artifact Evaluation Badges:</span>\n  \n  <img src=\"https://bibbase.org/img/acm_badges/generic_available.png\" title=\"Artifacts Available\" class=\"bibbase_artifact_badge\" />\n  \n  <img src=\"https://bibbase.org/img/acm_badges/generic_evaluated.png\" title=\"Artifacts Functional\" class=\"bibbase_artifact_badge\" />\n  \n  <img src=\"https://bibbase.org/img/acm_badges/generic_results.png\" title=\"Results Reproduced\" class=\"bibbase_artifact_badge\" />\n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n\n</span>\n\n<div class=\"well well-small bibbase\" data-type=\"bibtex\"\n     style=\"display:none\">\n  <pre style=\"white-space: pre-wrap;\">@inproceedings{hofmann_speculation_2023,\n\ttitle = {Speculation at {Fault}: {Modeling} and {Testing} {Microarchitectural} {Leakage} of {CPU} {Exceptions}},\n\turl = {Paper=https://www.usenix.org/system/files/usenixsecurity23-hofmann.pdf},\n\tbooktitle = {{USENIX} {Security}},\n\tauthor = {Hofmann, Jana and Vannacci, Emanuele and Fournet, Cedric and Köpf, Boris and Oleksenko, Oleksii},\n\tmonth = aug,\n\tyear = {2023},\n\tkeywords = {artifacts:available, artifacts:functional, artifacts:reproduced, class\\_sidechannels, proj\\_intersect, type\\_ae, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n</pre>\n</div>\n\n\n\n</div>\n\n\n  <div class=\"bibbase_paper\" id=\"gorter-barberis-isemann-vanderkouwe-giuffrida-bos-floatzoneacceleratingmemoryerrordetectionusingthefloatingpointunit-2023\">\n  <span class=\"bibbase_paper_titleauthoryear\">\n\n  \n  <span class=\"bibbase_paper_title\">\n  \n  \n  \n  <a href=\"https://download.vusec.net/papers/floatzone_sec23.pdf\"\n     onclick=\"return trackOutboundLink('publications', 'click', 'gorter-barberis-isemann-vanderkouwe-giuffrida-bos-floatzoneacceleratingmemoryerrordetectionusingthefloatingpointunit-2023', 'https://download.vusec.net/papers/floatzone_sec23.pdf', event);\">\n    FloatZone: Accelerating Memory Error Detection using the Floating Point Unit.\n  </a>\n  \n  \n  \n</span>\n\n  <span class=\"bibbase_paper_author\">\n  Gorter, F.; Barberis, E.; Isemann, R.; van der Kouwe, E.; Giuffrida, C.;  and Bos, H.\n</span>\n\n  \n\n</span>\n\n  In <i>USENIX Security</i>, August 2023. \n  <span class=\"note\"></span>\n\n<span class=\"bibbase_note\"></span>\n\n<br class=\"bibbase_paper_content\"/>\n\n<span class=\"bibbase_paper_content dontprint\">\n\n  \n  <a href=\"https://download.vusec.net/papers/floatzone_sec23.pdf\"\n     onclick=\"log_download('gorter-barberis-isemann-vanderkouwe-giuffrida-bos-floatzoneacceleratingmemoryerrordetectionusingthefloatingpointunit-2023', 'https://download.vusec.net/papers/floatzone_sec23.pdf', event.ctrlKey, event)\">\n    <img src=\"//bibbase.org/img/filetypes/pdf.svg\"\n\t     alt=\"FloatZone: Accelerating Memory Error Detection using the Floating Point Unit [pdf]\"\n       title=\"Paper\"\n\t     class=\"bibbase_icon\"\n         ><span class=\"bibbase_icon_text\">Paper</span></a>\n  &nbsp;\n  \n  <a href=\"https://github.com/vusec/floatzone\"\n     onclick=\"log_download('gorter-barberis-isemann-vanderkouwe-giuffrida-bos-floatzoneacceleratingmemoryerrordetectionusingthefloatingpointunit-2023', 'https://github.com/vusec/floatzone', event.ctrlKey, event)\">\n    <img src=\"//bibbase.org/img/filetypes/link.svg\"\n\t     alt=\"FloatZone: Accelerating Memory Error Detection using the Floating Point Unit [link]\"\n       title=\"Code\"\n\t     class=\"bibbase_icon\"\n         ><span class=\"bibbase_icon_text\">Code</span></a>\n  &nbsp;\n  \n\n  \n\n  \n  <a href=\"//bibbase.org/network/publication/gorter-barberis-isemann-vanderkouwe-giuffrida-bos-floatzoneacceleratingmemoryerrordetectionusingthefloatingpointunit-2023\"\n     class=\"bibbase bibbase_page link\">link</a>\n  &nbsp;\n  \n\n  <a href=\"#\"\n     onclick=\"showBib(event); return false;\"\n     class=\"bibbase bibtex link\">bibtex\n    <i class=\"fa fa-caret-down\"></i></a>\n\n  \n\n  \n  &nbsp;\n  <span class=\"bibbase_stats_paper\" style=\"color: #777;\">\n    <span>340 downloads</span>\n  </span>\n  \n\n  <!-- <a class=\"bibbase read link hidden\" -->\n  <!--    href=\"javascript:toggleRead('gorter-barberis-isemann-vanderkouwe-giuffrida-bos-floatzoneacceleratingmemoryerrordetectionusingthefloatingpointunit-2023')\" -->\n  <!--    title=\"Marking this paper as read adds it to your library on BibBase.\" -->\n  <!--    > -->\n  <!--   <i class=\"fa fa-check\"></i>&nbsp; -->\n  <!--   <span>mark as read</span> -->\n  <!-- </a> -->\n\n  &nbsp;\n  <span class=\"bibbase_artifacts_label\">Artifact Evaluation Badges:</span>\n  \n  <img src=\"https://bibbase.org/img/acm_badges/generic_available.png\" title=\"Artifacts Available\" class=\"bibbase_artifact_badge\" />\n  \n  <img src=\"https://bibbase.org/img/acm_badges/generic_evaluated.png\" title=\"Artifacts Functional\" class=\"bibbase_artifact_badge\" />\n  \n  <img src=\"https://bibbase.org/img/acm_badges/generic_results.png\" title=\"Results Reproduced\" class=\"bibbase_artifact_badge\" />\n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n\n</span>\n\n<div class=\"well well-small bibbase\" data-type=\"bibtex\"\n     style=\"display:none\">\n  <pre style=\"white-space: pre-wrap;\">@inproceedings{gorter_floatzone_2023-1,\n\ttitle = {{FloatZone}: {Accelerating} {Memory} {Error} {Detection} using the {Floating} {Point} {Unit}},\n\turl = {Paper=https://download.vusec.net/papers/floatzone_sec23.pdf Code=https://github.com/vusec/floatzone},\n\tbooktitle = {{USENIX} {Security}},\n\tauthor = {Gorter, Floris and Barberis, Enrico and Isemann, Raphael and van der Kouwe, Erik and Giuffrida, Cristiano and Bos, Herbert},\n\tmonth = aug,\n\tyear = {2023},\n\tkeywords = {artifacts:available, artifacts:functional, artifacts:reproduced, class\\_sanitizer, proj\\_allocamelus, proj\\_intersect, proj\\_memo, proj\\_theseus, proj\\_tropics, type\\_ae, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n</pre>\n</div>\n\n\n\n</div>\n\n\n  <div class=\"bibbase_paper\" id=\"koschel-borrello-delia-bos-giuffrida-uncontaineduncoveringcontainerconfusioninthelinuxkernel-2023\">\n  <span class=\"bibbase_paper_titleauthoryear\">\n\n  \n  <span class=\"bibbase_paper_title\">\n  \n  \n  \n  <a href=\"https://download.vusec.net/papers/uncontained_sec23.pdf\"\n     onclick=\"return trackOutboundLink('publications', 'click', 'koschel-borrello-delia-bos-giuffrida-uncontaineduncoveringcontainerconfusioninthelinuxkernel-2023', 'https://download.vusec.net/papers/uncontained_sec23.pdf', event);\">\n    Uncontained: Uncovering Container Confusion in the Linux Kernel.\n  </a>\n  \n  \n  \n</span>\n\n  <span class=\"bibbase_paper_author\">\n  Koschel, J.; Borrello, P.; D'Elia, D. C.; Bos, H.;  and Giuffrida, C.\n</span>\n\n  \n\n</span>\n\n  In <i>USENIX Security</i>, August 2023. \n  <span class=\"note\">Distinguished Artifact Award, Pwnie Award Nomination for Best Privilege Escalation</span>\n\n<span class=\"bibbase_note\"></span>\n\n<br class=\"bibbase_paper_content\"/>\n\n<span class=\"bibbase_paper_content dontprint\">\n\n  \n  <a href=\"https://download.vusec.net/papers/uncontained_sec23.pdf\"\n     onclick=\"log_download('koschel-borrello-delia-bos-giuffrida-uncontaineduncoveringcontainerconfusioninthelinuxkernel-2023', 'https://download.vusec.net/papers/uncontained_sec23.pdf', event.ctrlKey, event)\">\n    <img src=\"//bibbase.org/img/filetypes/pdf.svg\"\n\t     alt=\"Uncontained: Uncovering Container Confusion in the Linux Kernel [pdf]\"\n       title=\"Paper\"\n\t     class=\"bibbase_icon\"\n         ><span class=\"bibbase_icon_text\">Paper</span></a>\n  &nbsp;\n  \n  <a href=\"https://vusec.net/projects/uncontained\"\n     onclick=\"log_download('koschel-borrello-delia-bos-giuffrida-uncontaineduncoveringcontainerconfusioninthelinuxkernel-2023', 'https://vusec.net/projects/uncontained', event.ctrlKey, event)\">\n    <img src=\"//bibbase.org/img/filetypes/link.svg\"\n\t     alt=\"Uncontained: Uncovering Container Confusion in the Linux Kernel [link]\"\n       title=\"Web\"\n\t     class=\"bibbase_icon\"\n         ><span class=\"bibbase_icon_text\">Web</span></a>\n  &nbsp;\n  \n  <a href=\"https://github.com/vusec/uncontained\"\n     onclick=\"log_download('koschel-borrello-delia-bos-giuffrida-uncontaineduncoveringcontainerconfusioninthelinuxkernel-2023', 'https://github.com/vusec/uncontained', event.ctrlKey, event)\">\n    <img src=\"//bibbase.org/img/filetypes/link.svg\"\n\t     alt=\"Uncontained: Uncovering Container Confusion in the Linux Kernel [link]\"\n       title=\"Code\"\n\t     class=\"bibbase_icon\"\n         ><span class=\"bibbase_icon_text\">Code</span></a>\n  &nbsp;\n  \n\n  \n\n  \n  <a href=\"//bibbase.org/network/publication/koschel-borrello-delia-bos-giuffrida-uncontaineduncoveringcontainerconfusioninthelinuxkernel-2023\"\n     class=\"bibbase bibbase_page link\">link</a>\n  &nbsp;\n  \n\n  <a href=\"#\"\n     onclick=\"showBib(event); return false;\"\n     class=\"bibbase bibtex link\">bibtex\n    <i class=\"fa fa-caret-down\"></i></a>\n\n  \n\n  \n  &nbsp;\n  <span class=\"bibbase_stats_paper\" style=\"color: #777;\">\n    <span>207 downloads</span>\n  </span>\n  \n\n  <!-- <a class=\"bibbase read link hidden\" -->\n  <!--    href=\"javascript:toggleRead('koschel-borrello-delia-bos-giuffrida-uncontaineduncoveringcontainerconfusioninthelinuxkernel-2023')\" -->\n  <!--    title=\"Marking this paper as read adds it to your library on BibBase.\" -->\n  <!--    > -->\n  <!--   <i class=\"fa fa-check\"></i>&nbsp; -->\n  <!--   <span>mark as read</span> -->\n  <!-- </a> -->\n\n  &nbsp;\n  <span class=\"bibbase_artifacts_label\">Artifact Evaluation Badges:</span>\n  \n  <img src=\"https://bibbase.org/img/acm_badges/generic_available.png\" title=\"Artifacts Available\" class=\"bibbase_artifact_badge\" />\n  \n  <img src=\"https://bibbase.org/img/acm_badges/generic_evaluated.png\" title=\"Artifacts Functional\" class=\"bibbase_artifact_badge\" />\n  \n  <img src=\"https://bibbase.org/img/acm_badges/generic_results.png\" title=\"Results Reproduced\" class=\"bibbase_artifact_badge\" />\n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n\n</span>\n\n<div class=\"well well-small bibbase\" data-type=\"bibtex\"\n     style=\"display:none\">\n  <pre style=\"white-space: pre-wrap;\">@inproceedings{koschel_uncontained_2023,\n\ttitle = {Uncontained: {Uncovering} {Container} {Confusion} in the {Linux} {Kernel}},\n\turl = {Paper=https://download.vusec.net/papers/uncontained_sec23.pdf Web=https://vusec.net/projects/uncontained Code=https://github.com/vusec/uncontained},\n\tbooktitle = {{USENIX} {Security}},\n\tauthor = {Koschel, Jakob and Borrello, Pietro and D&#x27;Elia, Daniele Cono and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = aug,\n\tyear = {2023},\n\tnote = {Distinguished Artifact Award, Pwnie Award Nomination for Best Privilege Escalation},\n\tkeywords = {artifacts:available, artifacts:functional, artifacts:reproduced, class\\_sanitizer, proj\\_allocamelus, proj\\_intersect, proj\\_memo, proj\\_theseus, proj\\_tropics, research\\_uncontained, type\\_ae, type\\_award, type\\_conf, type\\_paper, type\\_tier1, type\\_top, type\\_uncontained},\n}\n\n</pre>\n</div>\n\n\n\n</div>\n\n\n  <div class=\"bibbase_paper\" id=\"isemann-giuffrida-bos-vanderkouwe-vongleissenthall-dontlookubexposingsanitizerelidingcompileroptimizations-2023\">\n  <span class=\"bibbase_paper_titleauthoryear\">\n\n  \n  <span class=\"bibbase_paper_title\">\n  \n  \n  \n  <a href=\"https://download.vusec.net/papers/dontlookub_pldi23.pdf\"\n     onclick=\"return trackOutboundLink('publications', 'click', 'isemann-giuffrida-bos-vanderkouwe-vongleissenthall-dontlookubexposingsanitizerelidingcompileroptimizations-2023', 'https://download.vusec.net/papers/dontlookub_pldi23.pdf', event);\">\n    Don't Look UB: Exposing Sanitizer-Eliding Compiler Optimizations.\n  </a>\n  \n  \n  \n</span>\n\n  <span class=\"bibbase_paper_author\">\n  Isemann, R.; Giuffrida, C.; Bos, H.; Van Der Kouwe, E.;  and von Gleissenthall, K.\n</span>\n\n  \n\n</span>\n\n  In <i>PLDI</i>, June 2023. \n  <span class=\"note\"></span>\n\n<span class=\"bibbase_note\"></span>\n\n<br class=\"bibbase_paper_content\"/>\n\n<span class=\"bibbase_paper_content dontprint\">\n\n  \n  <a href=\"https://download.vusec.net/papers/dontlookub_pldi23.pdf\"\n     onclick=\"log_download('isemann-giuffrida-bos-vanderkouwe-vongleissenthall-dontlookubexposingsanitizerelidingcompileroptimizations-2023', 'https://download.vusec.net/papers/dontlookub_pldi23.pdf', event.ctrlKey, event)\">\n    <img src=\"//bibbase.org/img/filetypes/pdf.svg\"\n\t     alt=\"Don&#x27;t Look UB: Exposing Sanitizer-Eliding Compiler Optimizations [pdf]\"\n       title=\"Paper\"\n\t     class=\"bibbase_icon\"\n         ><span class=\"bibbase_icon_text\">Paper</span></a>\n  &nbsp;\n  \n  <a href=\"https://github.com/vusec/LookUB\"\n     onclick=\"log_download('isemann-giuffrida-bos-vanderkouwe-vongleissenthall-dontlookubexposingsanitizerelidingcompileroptimizations-2023', 'https://github.com/vusec/LookUB', event.ctrlKey, event)\">\n    <img src=\"//bibbase.org/img/filetypes/link.svg\"\n\t     alt=\"Don&#x27;t Look UB: Exposing Sanitizer-Eliding Compiler Optimizations [link]\"\n       title=\"Code\"\n\t     class=\"bibbase_icon\"\n         ><span class=\"bibbase_icon_text\">Code</span></a>\n  &nbsp;\n  \n\n  \n\n  \n  <a href=\"//bibbase.org/network/publication/isemann-giuffrida-bos-vanderkouwe-vongleissenthall-dontlookubexposingsanitizerelidingcompileroptimizations-2023\"\n     class=\"bibbase bibbase_page link\">link</a>\n  &nbsp;\n  \n\n  <a href=\"#\"\n     onclick=\"showBib(event); return false;\"\n     class=\"bibbase bibtex link\">bibtex\n    <i class=\"fa fa-caret-down\"></i></a>\n\n  \n\n  \n  &nbsp;\n  <span class=\"bibbase_stats_paper\" style=\"color: #777;\">\n    <span>74 downloads</span>\n  </span>\n  \n\n  <!-- <a class=\"bibbase read link hidden\" -->\n  <!--    href=\"javascript:toggleRead('isemann-giuffrida-bos-vanderkouwe-vongleissenthall-dontlookubexposingsanitizerelidingcompileroptimizations-2023')\" -->\n  <!--    title=\"Marking this paper as read adds it to your library on BibBase.\" -->\n  <!--    > -->\n  <!--   <i class=\"fa fa-check\"></i>&nbsp; -->\n  <!--   <span>mark as read</span> -->\n  <!-- </a> -->\n\n  &nbsp;\n  <span class=\"bibbase_artifacts_label\">Artifact Evaluation Badges:</span>\n  \n  <img src=\"https://bibbase.org/img/acm_badges/generic_evaluated.png\" title=\"Artifacts Reusable\" class=\"bibbase_artifact_badge\" />\n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n\n</span>\n\n<div class=\"well well-small bibbase\" data-type=\"bibtex\"\n     style=\"display:none\">\n  <pre style=\"white-space: pre-wrap;\">@inproceedings{isemann_dont_2023,\n\ttitle = {Don&#x27;t {Look} {UB}: {Exposing} {Sanitizer}-{Eliding} {Compiler} {Optimizations}},\n\turl = {Paper=https://download.vusec.net/papers/dontlookub_pldi23.pdf Code=https://github.com/vusec/LookUB},\n\tbooktitle = {{PLDI}},\n\tauthor = {Isemann, Raphael and Giuffrida, Cristiano and Bos, Herbert and Van Der Kouwe, Erik and von Gleissenthall, Klaus},\n\tmonth = jun,\n\tyear = {2023},\n\tkeywords = {artifacts:reusable, class\\_sanitizer, proj\\_allocamelus, proj\\_intersect, proj\\_memo, proj\\_theseus, type\\_ae, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n</pre>\n</div>\n\n\n\n</div>\n\n\n  <div class=\"bibbase_paper\" id=\"gorter-giuffrida-vanderkouwe-enviralfuzzingtheenvironmentforevasivemalwareanalysis-2023\">\n  <span class=\"bibbase_paper_titleauthoryear\">\n\n  \n  <span class=\"bibbase_paper_title\">\n  \n  \n  \n  <a href=\"https://download.vusec.net/papers/enviral_eurosec23.pdf\"\n     onclick=\"return trackOutboundLink('publications', 'click', 'gorter-giuffrida-vanderkouwe-enviralfuzzingtheenvironmentforevasivemalwareanalysis-2023', 'https://download.vusec.net/papers/enviral_eurosec23.pdf', event);\">\n    Enviral: Fuzzing the Environment for Evasive Malware Analysis.\n  </a>\n  \n  \n  \n</span>\n\n  <span class=\"bibbase_paper_author\">\n  Gorter, F.; Giuffrida, C.;  and van der Kouwe, E.\n</span>\n\n  \n\n</span>\n\n  In <i>EuroSec</i>, April 2023. \n  <span class=\"note\"></span>\n\n<span class=\"bibbase_note\"></span>\n\n<br class=\"bibbase_paper_content\"/>\n\n<span class=\"bibbase_paper_content dontprint\">\n\n  \n  <a href=\"https://download.vusec.net/papers/enviral_eurosec23.pdf\"\n     onclick=\"log_download('gorter-giuffrida-vanderkouwe-enviralfuzzingtheenvironmentforevasivemalwareanalysis-2023', 'https://download.vusec.net/papers/enviral_eurosec23.pdf', event.ctrlKey, event)\">\n    <img src=\"//bibbase.org/img/filetypes/pdf.svg\"\n\t     alt=\"Enviral: Fuzzing the Environment for Evasive Malware Analysis [pdf]\"\n       title=\"Paper\"\n\t     class=\"bibbase_icon\"\n         ><span class=\"bibbase_icon_text\">Paper</span></a>\n  &nbsp;\n  \n\n  \n\n  \n  <a href=\"//bibbase.org/network/publication/gorter-giuffrida-vanderkouwe-enviralfuzzingtheenvironmentforevasivemalwareanalysis-2023\"\n     class=\"bibbase bibbase_page link\">link</a>\n  &nbsp;\n  \n\n  <a href=\"#\"\n     onclick=\"showBib(event); return false;\"\n     class=\"bibbase bibtex link\">bibtex\n    <i class=\"fa fa-caret-down\"></i></a>\n\n  \n\n  \n  &nbsp;\n  <span class=\"bibbase_stats_paper\" style=\"color: #777;\">\n    <span>55 downloads</span>\n  </span>\n  \n\n  <!-- <a class=\"bibbase read link hidden\" -->\n  <!--    href=\"javascript:toggleRead('gorter-giuffrida-vanderkouwe-enviralfuzzingtheenvironmentforevasivemalwareanalysis-2023')\" -->\n  <!--    title=\"Marking this paper as read adds it to your library on BibBase.\" -->\n  <!--    > -->\n  <!--   <i class=\"fa fa-check\"></i>&nbsp; -->\n  <!--   <span>mark as read</span> -->\n  <!-- </a> -->\n\n  &nbsp;\n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n\n</span>\n\n<div class=\"well well-small bibbase\" data-type=\"bibtex\"\n     style=\"display:none\">\n  <pre style=\"white-space: pre-wrap;\">@inproceedings{gorter_enviral_2023,\n\ttitle = {Enviral: {Fuzzing} the {Environment} for {Evasive} {Malware} {Analysis}},\n\turl = {Paper=https://download.vusec.net/papers/enviral_eurosec23.pdf},\n\tbooktitle = {{EuroSec}},\n\tauthor = {Gorter, Floris and Giuffrida, Cristiano and van der Kouwe, Erik},\n\tmonth = apr,\n\tyear = {2023},\n\tkeywords = {class\\_malware, proj\\_intersect, proj\\_memo, proj\\_theseus, proj\\_tropics, type\\_mscthesis, type\\_paper, type\\_workshop},\n}\n\n</pre>\n</div>\n\n\n\n</div>\n\n\n  <div class=\"bibbase_paper\" id=\"didio-koning-bos-giuffrida-copyonfliphardeningeccmemoryagainstrowhammerattacks-2023\">\n  <span class=\"bibbase_paper_titleauthoryear\">\n\n  \n  <span class=\"bibbase_paper_title\">\n  \n  \n  \n  <a href=\"https://download.vusec.net/papers/cof_ndss23.pdf\"\n     onclick=\"return trackOutboundLink('publications', 'click', 'didio-koning-bos-giuffrida-copyonfliphardeningeccmemoryagainstrowhammerattacks-2023', 'https://download.vusec.net/papers/cof_ndss23.pdf', event);\">\n    Copy-on-Flip: Hardening ECC Memory Against Rowhammer Attacks.\n  </a>\n  \n  \n  \n</span>\n\n  <span class=\"bibbase_paper_author\">\n  Di Dio, A.; Koning, K.; Bos, H.;  and Giuffrida, C.\n</span>\n\n  \n\n</span>\n\n  In <i>NDSS</i>, February 2023. \n  <span class=\"note\"></span>\n\n<span class=\"bibbase_note\"></span>\n\n<br class=\"bibbase_paper_content\"/>\n\n<span class=\"bibbase_paper_content dontprint\">\n\n  \n  <a href=\"https://download.vusec.net/papers/cof_ndss23.pdf\"\n     onclick=\"log_download('didio-koning-bos-giuffrida-copyonfliphardeningeccmemoryagainstrowhammerattacks-2023', 'https://download.vusec.net/papers/cof_ndss23.pdf', event.ctrlKey, event)\">\n    <img src=\"//bibbase.org/img/filetypes/pdf.svg\"\n\t     alt=\"Copy-on-Flip: Hardening ECC Memory Against Rowhammer Attacks [pdf]\"\n       title=\"Paper\"\n\t     class=\"bibbase_icon\"\n         ><span class=\"bibbase_icon_text\">Paper</span></a>\n  &nbsp;\n  \n  <a href=\"https://github.com/vusec/Copy-on-Flip\"\n     onclick=\"log_download('didio-koning-bos-giuffrida-copyonfliphardeningeccmemoryagainstrowhammerattacks-2023', 'https://github.com/vusec/Copy-on-Flip', event.ctrlKey, event)\">\n    <img src=\"//bibbase.org/img/filetypes/link.svg\"\n\t     alt=\"Copy-on-Flip: Hardening ECC Memory Against Rowhammer Attacks [link]\"\n       title=\"Code\"\n\t     class=\"bibbase_icon\"\n         ><span class=\"bibbase_icon_text\">Code</span></a>\n  &nbsp;\n  \n\n  \n\n  \n  <a href=\"//bibbase.org/network/publication/didio-koning-bos-giuffrida-copyonfliphardeningeccmemoryagainstrowhammerattacks-2023\"\n     class=\"bibbase bibbase_page link\">link</a>\n  &nbsp;\n  \n\n  <a href=\"#\"\n     onclick=\"showBib(event); return false;\"\n     class=\"bibbase bibtex link\">bibtex\n    <i class=\"fa fa-caret-down\"></i></a>\n\n  \n\n  \n  &nbsp;\n  <span class=\"bibbase_stats_paper\" style=\"color: #777;\">\n    <span>88 downloads</span>\n  </span>\n  \n\n  <!-- <a class=\"bibbase read link hidden\" -->\n  <!--    href=\"javascript:toggleRead('didio-koning-bos-giuffrida-copyonfliphardeningeccmemoryagainstrowhammerattacks-2023')\" -->\n  <!--    title=\"Marking this paper as read adds it to your library on BibBase.\" -->\n  <!--    > -->\n  <!--   <i class=\"fa fa-check\"></i>&nbsp; -->\n  <!--   <span>mark as read</span> -->\n  <!-- </a> -->\n\n  &nbsp;\n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n\n</span>\n\n<div class=\"well well-small bibbase\" data-type=\"bibtex\"\n     style=\"display:none\">\n  <pre style=\"white-space: pre-wrap;\">@inproceedings{di_dio_copy--flip_2023,\n\ttitle = {Copy-on-{Flip}: {Hardening} {ECC} {Memory} {Against} {Rowhammer} {Attacks}},\n\turl = {Paper=https://download.vusec.net/papers/cof_ndss23.pdf Code=https://github.com/vusec/Copy-on-Flip},\n\tbooktitle = {{NDSS}},\n\tauthor = {Di Dio, Andrea and Koning, Koen and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = feb,\n\tyear = {2023},\n\tkeywords = {class\\_rowhammer, proj\\_intersect, proj\\_offcore, proj\\_theseus, type\\_conf, type\\_mscthesis, type\\_paper, type\\_tier1, type\\_top},\n}\n\n</pre>\n</div>\n\n\n\n</div>\n\n\n  <div class=\"bibbase_paper\" id=\"duta-freyer-pagani-muench-giuffrida-letmeunwindthatforyouexceptionstobackwardedgeprotection-2023\">\n  <span class=\"bibbase_paper_titleauthoryear\">\n\n  \n  <span class=\"bibbase_paper_title\">\n  \n  \n  \n  <a href=\"https://download.vusec.net/papers/chop_ndss23.pdf\"\n     onclick=\"return trackOutboundLink('publications', 'click', 'duta-freyer-pagani-muench-giuffrida-letmeunwindthatforyouexceptionstobackwardedgeprotection-2023', 'https://download.vusec.net/papers/chop_ndss23.pdf', event);\">\n    Let Me Unwind That For You: Exceptions to Backward-Edge Protection.\n  </a>\n  \n  \n  \n</span>\n\n  <span class=\"bibbase_paper_author\">\n  Duta, V.; Freyer, F.; Pagani, F.; Muench, M.;  and Giuffrida, C.\n</span>\n\n  \n\n</span>\n\n  In <i>NDSS</i>, February 2023. \n  <span class=\"note\">Intel Bounty Reward</span>\n\n<span class=\"bibbase_note\"></span>\n\n<br class=\"bibbase_paper_content\"/>\n\n<span class=\"bibbase_paper_content dontprint\">\n\n  \n  <a href=\"https://download.vusec.net/papers/chop_ndss23.pdf\"\n     onclick=\"log_download('duta-freyer-pagani-muench-giuffrida-letmeunwindthatforyouexceptionstobackwardedgeprotection-2023', 'https://download.vusec.net/papers/chop_ndss23.pdf', event.ctrlKey, event)\">\n    <img src=\"//bibbase.org/img/filetypes/pdf.svg\"\n\t     alt=\"Let Me Unwind That For You: Exceptions to Backward-Edge Protection [pdf]\"\n       title=\"Paper\"\n\t     class=\"bibbase_icon\"\n         ><span class=\"bibbase_icon_text\">Paper</span></a>\n  &nbsp;\n  \n  <a href=\"https://github.com/chop-project/chop\"\n     onclick=\"log_download('duta-freyer-pagani-muench-giuffrida-letmeunwindthatforyouexceptionstobackwardedgeprotection-2023', 'https://github.com/chop-project/chop', event.ctrlKey, event)\">\n    <img src=\"//bibbase.org/img/filetypes/link.svg\"\n\t     alt=\"Let Me Unwind That For You: Exceptions to Backward-Edge Protection [link]\"\n       title=\"Code\"\n\t     class=\"bibbase_icon\"\n         ><span class=\"bibbase_icon_text\">Code</span></a>\n  &nbsp;\n  \n\n  \n\n  \n  <a href=\"//bibbase.org/network/publication/duta-freyer-pagani-muench-giuffrida-letmeunwindthatforyouexceptionstobackwardedgeprotection-2023\"\n     class=\"bibbase bibbase_page link\">link</a>\n  &nbsp;\n  \n\n  <a href=\"#\"\n     onclick=\"showBib(event); return false;\"\n     class=\"bibbase bibtex link\">bibtex\n    <i class=\"fa fa-caret-down\"></i></a>\n\n  \n\n  \n  &nbsp;\n  <span class=\"bibbase_stats_paper\" style=\"color: #777;\">\n    <span>100 downloads</span>\n  </span>\n  \n\n  <!-- <a class=\"bibbase read link hidden\" -->\n  <!--    href=\"javascript:toggleRead('duta-freyer-pagani-muench-giuffrida-letmeunwindthatforyouexceptionstobackwardedgeprotection-2023')\" -->\n  <!--    title=\"Marking this paper as read adds it to your library on BibBase.\" -->\n  <!--    > -->\n  <!--   <i class=\"fa fa-check\"></i>&nbsp; -->\n  <!--   <span>mark as read</span> -->\n  <!-- </a> -->\n\n  &nbsp;\n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n\n</span>\n\n<div class=\"well well-small bibbase\" data-type=\"bibtex\"\n     style=\"display:none\">\n  <pre style=\"white-space: pre-wrap;\">@inproceedings{duta_let_2023,\n\ttitle = {Let {Me} {Unwind} {That} {For} {You}: {Exceptions} to {Backward}-{Edge} {Protection}},\n\turl = {Paper=https://download.vusec.net/papers/chop_ndss23.pdf Code=https://github.com/chop-project/chop},\n\tbooktitle = {{NDSS}},\n\tauthor = {Duta, Victor and Freyer, Fabian and Pagani, Fabio and Muench, Marius and Giuffrida, Cristiano},\n\tmonth = feb,\n\tyear = {2023},\n\tnote = {Intel Bounty Reward},\n\tkeywords = {class\\_binary, proj\\_intersect, proj\\_memo, proj\\_offcore, proj\\_theseus, proj\\_tropics, type\\_award, type\\_bounty, type\\_conf, type\\_cve\\_assigned, type\\_paper, type\\_tier1, type\\_top},\n}\n\n</pre>\n</div>\n\n\n\n</div>\n\n\n\n\n\n    </div>\n  </div>\n\n  <div class=\"bibbase_group_whole\" id=\"group_2022\">\n    <div class=\"bibbase_group\"\n      onclick=\"toggleGroup('group_2022')\"\n      onkeypress=\"toggleGroup('group_2022')\"\n      tabindex=\"0\">\n      <i class=\"fa fa-angle-down bibbase_group_head_icon\"></i>&nbsp;\n      <span>2022</span>\n      <span class=\"bibbase_group_count\">\n        \n        (12)\n        \n      </span>\n    </div>\n    <div class=\"bibbase_group_body\">\n      \n  \n  <div class=\"bibbase_paper\" id=\"duta-freyer-pagani-muench-giuffrida-unwindingthestackforfunandprofit-2022\">\n  <span class=\"bibbase_paper_titleauthoryear\">\n\n  \n  <span class=\"bibbase_paper_title\">\n  \n  \n  \n  Unwinding the Stack for Fun and Profit.\n  \n  \n  \n</span>\n\n  <span class=\"bibbase_paper_author\">\n  Duta, V.; Freyer, F.; Pagani, F.; Muench, M.;  and Giuffrida, C.\n</span>\n\n  \n\n</span>\n\n  In <i>Black Hat Europe</i>, December 2022. \n  <span class=\"note\"></span>\n\n<span class=\"bibbase_note\"></span>\n\n<br class=\"bibbase_paper_content\"/>\n\n<span class=\"bibbase_paper_content dontprint\">\n\n  \n\n  \n\n  \n  <a href=\"//bibbase.org/network/publication/duta-freyer-pagani-muench-giuffrida-unwindingthestackforfunandprofit-2022\"\n     class=\"bibbase bibbase_page link\">link</a>\n  &nbsp;\n  \n\n  <a href=\"#\"\n     onclick=\"showBib(event); return false;\"\n     class=\"bibbase bibtex link\">bibtex\n    <i class=\"fa fa-caret-down\"></i></a>\n\n  \n\n  \n\n  <!-- <a class=\"bibbase read link hidden\" -->\n  <!--    href=\"javascript:toggleRead('duta-freyer-pagani-muench-giuffrida-unwindingthestackforfunandprofit-2022')\" -->\n  <!--    title=\"Marking this paper as read adds it to your library on BibBase.\" -->\n  <!--    > -->\n  <!--   <i class=\"fa fa-check\"></i>&nbsp; -->\n  <!--   <span>mark as read</span> -->\n  <!-- </a> -->\n\n  &nbsp;\n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n\n</span>\n\n<div class=\"well well-small bibbase\" data-type=\"bibtex\"\n     style=\"display:none\">\n  <pre style=\"white-space: pre-wrap;\">@inproceedings{duta_unwinding_2022,\n\ttitle = {Unwinding the {Stack} for {Fun} and {Profit}},\n\tbooktitle = {Black {Hat} {Europe}},\n\tauthor = {Duta, Victor and Freyer, Fabian and Pagani, Fabio and Muench, Marius and Giuffrida, Cristiano},\n\tmonth = dec,\n\tyear = {2022},\n\tkeywords = {class\\_binary, proj\\_intersect, proj\\_memo, proj\\_theseus, proj\\_tropics, type\\_conf, type\\_paper},\n}\n\n</pre>\n</div>\n\n\n\n</div>\n\n\n  <div class=\"bibbase_paper\" id=\"geretto-giuffrida-bos-vanderkouwe-snappyefficientfuzzingwithadaptiveandmutablesnapshots-2022\">\n  <span class=\"bibbase_paper_titleauthoryear\">\n\n  \n  <span class=\"bibbase_paper_title\">\n  \n  \n  \n  <a href=\"https://download.vusec.net/papers/snappy_acsac22.pdf\"\n     onclick=\"return trackOutboundLink('publications', 'click', 'geretto-giuffrida-bos-vanderkouwe-snappyefficientfuzzingwithadaptiveandmutablesnapshots-2022', 'https://download.vusec.net/papers/snappy_acsac22.pdf', event);\">\n    Snappy: Efficient Fuzzing with Adaptive and Mutable Snapshots.\n  </a>\n  \n  \n  \n</span>\n\n  <span class=\"bibbase_paper_author\">\n  Geretto, E.; Giuffrida, C.; Bos, H.;  and van der Kouwe, E.\n</span>\n\n  \n\n</span>\n\n  In <i>ACSAC</i>, December 2022. \n  <span class=\"note\"></span>\n\n<span class=\"bibbase_note\"></span>\n\n<br class=\"bibbase_paper_content\"/>\n\n<span class=\"bibbase_paper_content dontprint\">\n\n  \n  <a href=\"https://download.vusec.net/papers/snappy_acsac22.pdf\"\n     onclick=\"log_download('geretto-giuffrida-bos-vanderkouwe-snappyefficientfuzzingwithadaptiveandmutablesnapshots-2022', 'https://download.vusec.net/papers/snappy_acsac22.pdf', event.ctrlKey, event)\">\n    <img src=\"//bibbase.org/img/filetypes/pdf.svg\"\n\t     alt=\"Snappy: Efficient Fuzzing with Adaptive and Mutable Snapshots [pdf]\"\n       title=\"Paper\"\n\t     class=\"bibbase_icon\"\n         ><span class=\"bibbase_icon_text\">Paper</span></a>\n  &nbsp;\n  \n  <a href=\"https://github.com/vusec/snappy\"\n     onclick=\"log_download('geretto-giuffrida-bos-vanderkouwe-snappyefficientfuzzingwithadaptiveandmutablesnapshots-2022', 'https://github.com/vusec/snappy', event.ctrlKey, event)\">\n    <img src=\"//bibbase.org/img/filetypes/link.svg\"\n\t     alt=\"Snappy: Efficient Fuzzing with Adaptive and Mutable Snapshots [link]\"\n       title=\"Code\"\n\t     class=\"bibbase_icon\"\n         ><span class=\"bibbase_icon_text\">Code</span></a>\n  &nbsp;\n  \n\n  \n\n  \n  <a href=\"//bibbase.org/network/publication/geretto-giuffrida-bos-vanderkouwe-snappyefficientfuzzingwithadaptiveandmutablesnapshots-2022\"\n     class=\"bibbase bibbase_page link\">link</a>\n  &nbsp;\n  \n\n  <a href=\"#\"\n     onclick=\"showBib(event); return false;\"\n     class=\"bibbase bibtex link\">bibtex\n    <i class=\"fa fa-caret-down\"></i></a>\n\n  \n\n  \n  &nbsp;\n  <span class=\"bibbase_stats_paper\" style=\"color: #777;\">\n    <span>87 downloads</span>\n  </span>\n  \n\n  <!-- <a class=\"bibbase read link hidden\" -->\n  <!--    href=\"javascript:toggleRead('geretto-giuffrida-bos-vanderkouwe-snappyefficientfuzzingwithadaptiveandmutablesnapshots-2022')\" -->\n  <!--    title=\"Marking this paper as read adds it to your library on BibBase.\" -->\n  <!--    > -->\n  <!--   <i class=\"fa fa-check\"></i>&nbsp; -->\n  <!--   <span>mark as read</span> -->\n  <!-- </a> -->\n\n  &nbsp;\n  <span class=\"bibbase_artifacts_label\">Artifact Evaluation Badges:</span>\n  \n  <img src=\"https://bibbase.org/img/acm_badges/generic_evaluated.png\" title=\"Artifacts Functional\" class=\"bibbase_artifact_badge\" />\n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n\n</span>\n\n<div class=\"well well-small bibbase\" data-type=\"bibtex\"\n     style=\"display:none\">\n  <pre style=\"white-space: pre-wrap;\">@inproceedings{geretto_snappy_2022,\n\ttitle = {Snappy: {Efficient} {Fuzzing} with {Adaptive} and {Mutable} {Snapshots}},\n\turl = {Paper=https://download.vusec.net/papers/snappy_acsac22.pdf Code=https://github.com/vusec/snappy},\n\tbooktitle = {{ACSAC}},\n\tauthor = {Geretto, Elia and Giuffrida, Cristiano and Bos, Herbert and van der Kouwe, Erik},\n\tmonth = dec,\n\tyear = {2022},\n\tkeywords = {artifacts:functional, class\\_testing, proj\\_intersect, proj\\_memo, proj\\_theseus, proj\\_tropics, type\\_ae, type\\_conf, type\\_paper, type\\_top},\n}\n\n</pre>\n</div>\n\n\n\n</div>\n\n\n  <div class=\"bibbase_paper\" id=\"gorter-koning-bos-giuffrida-dangzeroefficientuseafterfreedetectionviadirectpagetableaccess-2022\">\n  <span class=\"bibbase_paper_titleauthoryear\">\n\n  \n  <span class=\"bibbase_paper_title\">\n  \n  \n  \n  <a href=\"https://download.vusec.net/papers/dangzero_ccs22.pdf\"\n     onclick=\"return trackOutboundLink('publications', 'click', 'gorter-koning-bos-giuffrida-dangzeroefficientuseafterfreedetectionviadirectpagetableaccess-2022', 'https://download.vusec.net/papers/dangzero_ccs22.pdf', event);\">\n    DangZero: Efficient Use-After-Free Detection via Direct Page Table Access.\n  </a>\n  \n  \n  \n</span>\n\n  <span class=\"bibbase_paper_author\">\n  Gorter, F.; Koning, K.; Bos, H.;  and Giuffrida, C.\n</span>\n\n  \n\n</span>\n\n  In <i>CCS</i>, November 2022. \n  <span class=\"note\"></span>\n\n<span class=\"bibbase_note\"></span>\n\n<br class=\"bibbase_paper_content\"/>\n\n<span class=\"bibbase_paper_content dontprint\">\n\n  \n  <a href=\"https://download.vusec.net/papers/dangzero_ccs22.pdf\"\n     onclick=\"log_download('gorter-koning-bos-giuffrida-dangzeroefficientuseafterfreedetectionviadirectpagetableaccess-2022', 'https://download.vusec.net/papers/dangzero_ccs22.pdf', event.ctrlKey, event)\">\n    <img src=\"//bibbase.org/img/filetypes/pdf.svg\"\n\t     alt=\"DangZero: Efficient Use-After-Free Detection via Direct Page Table Access [pdf]\"\n       title=\"Paper\"\n\t     class=\"bibbase_icon\"\n         ><span class=\"bibbase_icon_text\">Paper</span></a>\n  &nbsp;\n  \n  <a href=\"https://github.com/vusec/dangzero\"\n     onclick=\"log_download('gorter-koning-bos-giuffrida-dangzeroefficientuseafterfreedetectionviadirectpagetableaccess-2022', 'https://github.com/vusec/dangzero', event.ctrlKey, event)\">\n    <img src=\"//bibbase.org/img/filetypes/link.svg\"\n\t     alt=\"DangZero: Efficient Use-After-Free Detection via Direct Page Table Access [link]\"\n       title=\"Code\"\n\t     class=\"bibbase_icon\"\n         ><span class=\"bibbase_icon_text\">Code</span></a>\n  &nbsp;\n  \n\n  \n\n  \n  <a href=\"//bibbase.org/network/publication/gorter-koning-bos-giuffrida-dangzeroefficientuseafterfreedetectionviadirectpagetableaccess-2022\"\n     class=\"bibbase bibbase_page link\">link</a>\n  &nbsp;\n  \n\n  <a href=\"#\"\n     onclick=\"showBib(event); return false;\"\n     class=\"bibbase bibtex link\">bibtex\n    <i class=\"fa fa-caret-down\"></i></a>\n\n  \n\n  \n  &nbsp;\n  <span class=\"bibbase_stats_paper\" style=\"color: #777;\">\n    <span>153 downloads</span>\n  </span>\n  \n\n  <!-- <a class=\"bibbase read link hidden\" -->\n  <!--    href=\"javascript:toggleRead('gorter-koning-bos-giuffrida-dangzeroefficientuseafterfreedetectionviadirectpagetableaccess-2022')\" -->\n  <!--    title=\"Marking this paper as read adds it to your library on BibBase.\" -->\n  <!--    > -->\n  <!--   <i class=\"fa fa-check\"></i>&nbsp; -->\n  <!--   <span>mark as read</span> -->\n  <!-- </a> -->\n\n  &nbsp;\n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n\n</span>\n\n<div class=\"well well-small bibbase\" data-type=\"bibtex\"\n     style=\"display:none\">\n  <pre style=\"white-space: pre-wrap;\">@inproceedings{gorter_dangzero_2022,\n\ttitle = {{DangZero}: {Efficient} {Use}-{After}-{Free} {Detection} via {Direct} {Page} {Table} {Access}},\n\turl = {Paper=https://download.vusec.net/papers/dangzero_ccs22.pdf Code=https://github.com/vusec/dangzero},\n\tbooktitle = {{CCS}},\n\tauthor = {Gorter, Floris and Koning, Koen and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = nov,\n\tyear = {2022},\n\tkeywords = {class\\_sanitizer, proj\\_intersect, proj\\_memo, proj\\_theseus, proj\\_tropics, proj\\_unicore, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n</pre>\n</div>\n\n\n\n</div>\n\n\n  <div class=\"bibbase_paper\" id=\"barberis-frigo-muench-bos-giuffrida-branchhistoryinjectionontheeffectivenessofhardwaremitigationsagainstcrossprivilegespectrev2attacks-2022\">\n  <span class=\"bibbase_paper_titleauthoryear\">\n\n  \n  <span class=\"bibbase_paper_title\">\n  \n  \n  \n  <a href=\"http://download.vusec.net/papers/bhi-spectre-bhb_sec22.pdf\"\n     onclick=\"return trackOutboundLink('publications', 'click', 'barberis-frigo-muench-bos-giuffrida-branchhistoryinjectionontheeffectivenessofhardwaremitigationsagainstcrossprivilegespectrev2attacks-2022', 'http://download.vusec.net/papers/bhi-spectre-bhb_sec22.pdf', event);\">\n    Branch History Injection: On the Effectiveness of Hardware Mitigations Against Cross-Privilege Spectre-v2 Attacks.\n  </a>\n  \n  \n  \n</span>\n\n  <span class=\"bibbase_paper_author\">\n  Barberis, E.; Frigo, P.; Muench, M.; Bos, H.;  and Giuffrida, C.\n</span>\n\n  \n\n</span>\n\n  In <i>USENIX Security</i>, August 2022. \n  <span class=\"note\">Pwnie Award Nomination for Epic Achievement, Intel Bounty Reward</span>\n\n<span class=\"bibbase_note\"></span>\n\n<br class=\"bibbase_paper_content\"/>\n\n<span class=\"bibbase_paper_content dontprint\">\n\n  \n  <a href=\"http://download.vusec.net/papers/bhi-spectre-bhb_sec22.pdf\"\n     onclick=\"log_download('barberis-frigo-muench-bos-giuffrida-branchhistoryinjectionontheeffectivenessofhardwaremitigationsagainstcrossprivilegespectrev2attacks-2022', 'http://download.vusec.net/papers/bhi-spectre-bhb_sec22.pdf', event.ctrlKey, event)\">\n    <img src=\"//bibbase.org/img/filetypes/pdf.svg\"\n\t     alt=\"Branch History Injection: On the Effectiveness of Hardware Mitigations Against Cross-Privilege Spectre-v2 Attacks [pdf]\"\n       title=\"Paper\"\n\t     class=\"bibbase_icon\"\n         ><span class=\"bibbase_icon_text\">Paper</span></a>\n  &nbsp;\n  \n  <a href=\"https://www.vusec.net/projects/bhi-spectre-bhb\"\n     onclick=\"log_download('barberis-frigo-muench-bos-giuffrida-branchhistoryinjectionontheeffectivenessofhardwaremitigationsagainstcrossprivilegespectrev2attacks-2022', 'https://www.vusec.net/projects/bhi-spectre-bhb', event.ctrlKey, event)\">\n    <img src=\"//bibbase.org/img/filetypes/link.svg\"\n\t     alt=\"Branch History Injection: On the Effectiveness of Hardware Mitigations Against Cross-Privilege Spectre-v2 Attacks [link]\"\n       title=\"Web\"\n\t     class=\"bibbase_icon\"\n         ><span class=\"bibbase_icon_text\">Web</span></a>\n  &nbsp;\n  \n  <a href=\"https://github.com/vusec/bhi-spectre-bhb\"\n     onclick=\"log_download('barberis-frigo-muench-bos-giuffrida-branchhistoryinjectionontheeffectivenessofhardwaremitigationsagainstcrossprivilegespectrev2attacks-2022', 'https://github.com/vusec/bhi-spectre-bhb', event.ctrlKey, event)\">\n    <img src=\"//bibbase.org/img/filetypes/link.svg\"\n\t     alt=\"Branch History Injection: On the Effectiveness of Hardware Mitigations Against Cross-Privilege Spectre-v2 Attacks [link]\"\n       title=\"Code\"\n\t     class=\"bibbase_icon\"\n         ><span class=\"bibbase_icon_text\">Code</span></a>\n  &nbsp;\n  \n\n  \n\n  \n  <a href=\"//bibbase.org/network/publication/barberis-frigo-muench-bos-giuffrida-branchhistoryinjectionontheeffectivenessofhardwaremitigationsagainstcrossprivilegespectrev2attacks-2022\"\n     class=\"bibbase bibbase_page link\">link</a>\n  &nbsp;\n  \n\n  <a href=\"#\"\n     onclick=\"showBib(event); return false;\"\n     class=\"bibbase bibtex link\">bibtex\n    <i class=\"fa fa-caret-down\"></i></a>\n\n  \n\n  \n  &nbsp;\n  <span class=\"bibbase_stats_paper\" style=\"color: #777;\">\n    <span>572 downloads</span>\n  </span>\n  \n\n  <!-- <a class=\"bibbase read link hidden\" -->\n  <!--    href=\"javascript:toggleRead('barberis-frigo-muench-bos-giuffrida-branchhistoryinjectionontheeffectivenessofhardwaremitigationsagainstcrossprivilegespectrev2attacks-2022')\" -->\n  <!--    title=\"Marking this paper as read adds it to your library on BibBase.\" -->\n  <!--    > -->\n  <!--   <i class=\"fa fa-check\"></i>&nbsp; -->\n  <!--   <span>mark as read</span> -->\n  <!-- </a> -->\n\n  &nbsp;\n  <span class=\"bibbase_artifacts_label\">Artifact Evaluation Badges:</span>\n  \n  <img src=\"https://bibbase.org/img/acm_badges/generic_available.png\" title=\"Artifacts Available\" class=\"bibbase_artifact_badge\" />\n  \n  <img src=\"https://bibbase.org/img/acm_badges/generic_evaluated.png\" title=\"Artifacts Functional\" class=\"bibbase_artifact_badge\" />\n  \n  <img src=\"https://bibbase.org/img/acm_badges/generic_results.png\" title=\"Results Reproduced\" class=\"bibbase_artifact_badge\" />\n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n\n</span>\n\n<div class=\"well well-small bibbase\" data-type=\"bibtex\"\n     style=\"display:none\">\n  <pre style=\"white-space: pre-wrap;\">@inproceedings{barberis_branch_2022,\n\ttitle = {Branch {History} {Injection}: {On} the {Effectiveness} of {Hardware} {Mitigations} {Against} {Cross}-{Privilege} {Spectre}-v2 {Attacks}},\n\turl = {Paper=http://download.vusec.net/papers/bhi-spectre-bhb_sec22.pdf Web=https://www.vusec.net/projects/bhi-spectre-bhb Code=https://github.com/vusec/bhi-spectre-bhb},\n\tbooktitle = {{USENIX} {Security}},\n\tauthor = {Barberis, Enrico and Frigo, Pietro and Muench, Marius and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = aug,\n\tyear = {2022},\n\tnote = {Pwnie Award Nomination for Epic Achievement, Intel Bounty Reward},\n\tkeywords = {artifacts:available, artifacts:functional, artifacts:reproduced, class\\_sidechannels, proj\\_intersect, proj\\_offcore, proj\\_theseus, proj\\_tropics, proj\\_unicore, type\\_ae, type\\_award, type\\_bounty, type\\_conf, type\\_cve\\_assigned, type\\_paper, type\\_press, type\\_tier1, type\\_top},\n}\n\n</pre>\n</div>\n\n\n\n</div>\n\n\n  <div class=\"bibbase_paper\" id=\"tobiasscharnowski-nilsbars-moritzschloegel-ericgustafson-mariusmuench-giovannivigna-christopherkruegel-thorstenholz-etal-fuzzwareusingprecisemmiomodelingforeffectivefirmwarefuzzing-2022\">\n  <span class=\"bibbase_paper_titleauthoryear\">\n\n  \n  <span class=\"bibbase_paper_title\">\n  \n  \n  \n  <a href=\"https://www.usenix.org/system/files/sec22summer_scharnowski.pdf\"\n     onclick=\"return trackOutboundLink('publications', 'click', 'tobiasscharnowski-nilsbars-moritzschloegel-ericgustafson-mariusmuench-giovannivigna-christopherkruegel-thorstenholz-etal-fuzzwareusingprecisemmiomodelingforeffectivefirmwarefuzzing-2022', 'https://www.usenix.org/system/files/sec22summer_scharnowski.pdf', event);\">\n    Fuzzware: Using Precise MMIO Modeling for Effective Firmware Fuzzing.\n  </a>\n  \n  \n  \n</span>\n\n  <span class=\"bibbase_paper_author\">\n  Tobias Scharnowski; Nils Bars; Moritz Schloegel; Eric Gustafson; Marius Muench; Giovanni Vigna; Christopher Kruegel; Thorsten Holz;  and Ali Abbasi\n</span>\n\n  \n\n</span>\n\n  In <i>USENIX Security</i>, August 2022. \n  <span class=\"note\"></span>\n\n<span class=\"bibbase_note\"></span>\n\n<br class=\"bibbase_paper_content\"/>\n\n<span class=\"bibbase_paper_content dontprint\">\n\n  \n  <a href=\"https://www.usenix.org/system/files/sec22summer_scharnowski.pdf\"\n     onclick=\"log_download('tobiasscharnowski-nilsbars-moritzschloegel-ericgustafson-mariusmuench-giovannivigna-christopherkruegel-thorstenholz-etal-fuzzwareusingprecisemmiomodelingforeffectivefirmwarefuzzing-2022', 'https://www.usenix.org/system/files/sec22summer_scharnowski.pdf', event.ctrlKey, event)\">\n    <img src=\"//bibbase.org/img/filetypes/pdf.svg\"\n\t     alt=\"Fuzzware: Using Precise MMIO Modeling for Effective Firmware Fuzzing [pdf]\"\n       title=\"Paper\"\n\t     class=\"bibbase_icon\"\n         ><span class=\"bibbase_icon_text\">Paper</span></a>\n  &nbsp;\n  \n\n  \n\n  \n  <a href=\"//bibbase.org/network/publication/tobiasscharnowski-nilsbars-moritzschloegel-ericgustafson-mariusmuench-giovannivigna-christopherkruegel-thorstenholz-etal-fuzzwareusingprecisemmiomodelingforeffectivefirmwarefuzzing-2022\"\n     class=\"bibbase bibbase_page link\">link</a>\n  &nbsp;\n  \n\n  <a href=\"#\"\n     onclick=\"showBib(event); return false;\"\n     class=\"bibbase bibtex link\">bibtex\n    <i class=\"fa fa-caret-down\"></i></a>\n\n  \n  &nbsp;\n  <a class=\"bibbase_abstract_link bibbase link\"\n     href=\"#\"\n     onclick=\"showAbstract(event); return false;\">\n    abstract <i class=\"fa fa-caret-down\"></i></a>\n  \n\n  \n  &nbsp;\n  <span class=\"bibbase_stats_paper\" style=\"color: #777;\">\n    <span>67 downloads</span>\n  </span>\n  \n\n  <!-- <a class=\"bibbase read link hidden\" -->\n  <!--    href=\"javascript:toggleRead('tobiasscharnowski-nilsbars-moritzschloegel-ericgustafson-mariusmuench-giovannivigna-christopherkruegel-thorstenholz-etal-fuzzwareusingprecisemmiomodelingforeffectivefirmwarefuzzing-2022')\" -->\n  <!--    title=\"Marking this paper as read adds it to your library on BibBase.\" -->\n  <!--    > -->\n  <!--   <i class=\"fa fa-check\"></i>&nbsp; -->\n  <!--   <span>mark as read</span> -->\n  <!-- </a> -->\n\n  &nbsp;\n  <span class=\"bibbase_artifacts_label\">Artifact Evaluation Badges:</span>\n  \n  <img src=\"https://bibbase.org/img/acm_badges/generic_available.png\" title=\"Artifacts Available\" class=\"bibbase_artifact_badge\" />\n  \n  <img src=\"https://bibbase.org/img/acm_badges/generic_evaluated.png\" title=\"Artifacts Functional\" class=\"bibbase_artifact_badge\" />\n  \n  <img src=\"https://bibbase.org/img/acm_badges/generic_results.png\" title=\"Results Reproduced\" class=\"bibbase_artifact_badge\" />\n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n\n</span>\n\n<div class=\"well well-small bibbase\" data-type=\"bibtex\"\n     style=\"display:none\">\n  <pre style=\"white-space: pre-wrap;\">@inproceedings{tobias_scharnowski_fuzzware_2022,\n\ttitle = {Fuzzware: {Using} {Precise} {MMIO} {Modeling} for {Effective} {Firmware} {Fuzzing}},\n\turl = {https://www.usenix.org/system/files/sec22summer_scharnowski.pdf},\n\tabstract = {As embedded devices are becoming more pervasive in our everyday lives, they turn into an attractive target for adversaries. Despite their high value and large attack surface, applying automated testing techniques such as fuzzing is not straightforward for such devices. As fuzz testing firmware on constrained embedded devices is inefficient, state-of-the-art approaches instead opt to run the firmware in an emulator (through a process called re-hosting). However, existing approaches either use coarse-grained static models of hardware behavior or require manual effort to re-host the firmware.\n\nWe propose a novel combination of lightweight program analysis, re-hosting, and fuzz testing to tackle these challenges. We present the design and implementation of Fuzzware, a software-only system to fuzz test unmodified monolithic firmware in a scalable way. By determining how hardware-generated values are actually used by the firmware logic, Fuzzware can automatically generate models that help focusing the fuzzing process on mutating the inputs that matter, which drastically improves its effectiveness.\n\nWe evaluate our approach on synthetic and real-world targets comprising a total of 19 hardware platforms and 77 firmware images. Compared to state-of-the-art work, Fuzzware achieves up to 3.25 times the code coverage and our modeling approach reduces the size of the input space by up to 95.5\\%. The synthetic samples contain 66 unit tests for various hardware interactions, and we find that our approach is the first generic re-hosting solution to automatically pass all of them. Fuzzware discovered 15 completely new bugs including bugs in targets which were previously analyzed by other works; a total of 12 CVEs were assigned.},\n\tbooktitle = {{USENIX} {Security}},\n\tauthor = {{Tobias Scharnowski} and {Nils Bars} and {Moritz Schloegel} and {Eric Gustafson} and {Marius Muench} and {Giovanni Vigna} and {Christopher Kruegel} and {Thorsten Holz} and {Ali Abbasi}},\n\tmonth = aug,\n\tyear = {2022},\n\tkeywords = {artifacts:available, artifacts:functional, artifacts:reproduced, class\\_binary, proj\\_intersect, proj\\_tropics, type\\_ae, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n</pre>\n</div>\n\n\n<div class=\"well well-small bibbase\" data-type=\"abstract\"\n     style=\"display:none\">\n  As embedded devices are becoming more pervasive in our everyday lives, they turn into an attractive target for adversaries. Despite their high value and large attack surface, applying automated testing techniques such as fuzzing is not straightforward for such devices. As fuzz testing firmware on constrained embedded devices is inefficient, state-of-the-art approaches instead opt to run the firmware in an emulator (through a process called re-hosting). However, existing approaches either use coarse-grained static models of hardware behavior or require manual effort to re-host the firmware. We propose a novel combination of lightweight program analysis, re-hosting, and fuzz testing to tackle these challenges. We present the design and implementation of Fuzzware, a software-only system to fuzz test unmodified monolithic firmware in a scalable way. By determining how hardware-generated values are actually used by the firmware logic, Fuzzware can automatically generate models that help focusing the fuzzing process on mutating the inputs that matter, which drastically improves its effectiveness. We evaluate our approach on synthetic and real-world targets comprising a total of 19 hardware platforms and 77 firmware images. Compared to state-of-the-art work, Fuzzware achieves up to 3.25 times the code coverage and our modeling approach reduces the size of the input space by up to 95.5%. The synthetic samples contain 66 unit tests for various hardware interactions, and we find that our approach is the first generic re-hosting solution to automatically pass all of them. Fuzzware discovered 15 completely new bugs including bugs in targets which were previously analyzed by other works; a total of 12 CVEs were assigned.\n</div>\n\n\n</div>\n\n\n  <div class=\"bibbase_paper\" id=\"tatar-trujillo-giuffrida-bos-tlbdrenhancingtlbbasedattackswithtlbdesynchronizedreverseengineering-2022\">\n  <span class=\"bibbase_paper_titleauthoryear\">\n\n  \n  <span class=\"bibbase_paper_title\">\n  \n  \n  \n  <a href=\"https://download.vusec.net/papers/tlbdr_sec22.pdf\"\n     onclick=\"return trackOutboundLink('publications', 'click', 'tatar-trujillo-giuffrida-bos-tlbdrenhancingtlbbasedattackswithtlbdesynchronizedreverseengineering-2022', 'https://download.vusec.net/papers/tlbdr_sec22.pdf', event);\">\n    TLB;DR: Enhancing TLB-based Attacks with TLB Desynchronized Reverse Engineering.\n  </a>\n  \n  \n  \n</span>\n\n  <span class=\"bibbase_paper_author\">\n  Tatar, A.; Trujillo, D.; Giuffrida, C.;  and Bos, H.\n</span>\n\n  \n\n</span>\n\n  In <i>USENIX Security</i>, August 2022. \n  <span class=\"note\"></span>\n\n<span class=\"bibbase_note\"></span>\n\n<br class=\"bibbase_paper_content\"/>\n\n<span class=\"bibbase_paper_content dontprint\">\n\n  \n  <a href=\"https://download.vusec.net/papers/tlbdr_sec22.pdf\"\n     onclick=\"log_download('tatar-trujillo-giuffrida-bos-tlbdrenhancingtlbbasedattackswithtlbdesynchronizedreverseengineering-2022', 'https://download.vusec.net/papers/tlbdr_sec22.pdf', event.ctrlKey, event)\">\n    <img src=\"//bibbase.org/img/filetypes/pdf.svg\"\n\t     alt=\"TLB;DR: Enhancing TLB-based Attacks with TLB Desynchronized Reverse Engineering [pdf]\"\n       title=\"Paper\"\n\t     class=\"bibbase_icon\"\n         ><span class=\"bibbase_icon_text\">Paper</span></a>\n  &nbsp;\n  \n  <a href=\"https://github.com/vusec/tlbdr\"\n     onclick=\"log_download('tatar-trujillo-giuffrida-bos-tlbdrenhancingtlbbasedattackswithtlbdesynchronizedreverseengineering-2022', 'https://github.com/vusec/tlbdr', event.ctrlKey, event)\">\n    <img src=\"//bibbase.org/img/filetypes/link.svg\"\n\t     alt=\"TLB;DR: Enhancing TLB-based Attacks with TLB Desynchronized Reverse Engineering [link]\"\n       title=\"Code\"\n\t     class=\"bibbase_icon\"\n         ><span class=\"bibbase_icon_text\">Code</span></a>\n  &nbsp;\n  \n\n  \n\n  \n  <a href=\"//bibbase.org/network/publication/tatar-trujillo-giuffrida-bos-tlbdrenhancingtlbbasedattackswithtlbdesynchronizedreverseengineering-2022\"\n     class=\"bibbase bibbase_page link\">link</a>\n  &nbsp;\n  \n\n  <a href=\"#\"\n     onclick=\"showBib(event); return false;\"\n     class=\"bibbase bibtex link\">bibtex\n    <i class=\"fa fa-caret-down\"></i></a>\n\n  \n\n  \n  &nbsp;\n  <span class=\"bibbase_stats_paper\" style=\"color: #777;\">\n    <span>108 downloads</span>\n  </span>\n  \n\n  <!-- <a class=\"bibbase read link hidden\" -->\n  <!--    href=\"javascript:toggleRead('tatar-trujillo-giuffrida-bos-tlbdrenhancingtlbbasedattackswithtlbdesynchronizedreverseengineering-2022')\" -->\n  <!--    title=\"Marking this paper as read adds it to your library on BibBase.\" -->\n  <!--    > -->\n  <!--   <i class=\"fa fa-check\"></i>&nbsp; -->\n  <!--   <span>mark as read</span> -->\n  <!-- </a> -->\n\n  &nbsp;\n  <span class=\"bibbase_artifacts_label\">Artifact Evaluation Badges:</span>\n  \n  <img src=\"https://bibbase.org/img/acm_badges/generic_available.png\" title=\"Artifacts Available\" class=\"bibbase_artifact_badge\" />\n  \n  <img src=\"https://bibbase.org/img/acm_badges/generic_evaluated.png\" title=\"Artifacts Functional\" class=\"bibbase_artifact_badge\" />\n  \n  <img src=\"https://bibbase.org/img/acm_badges/generic_results.png\" title=\"Results Reproduced\" class=\"bibbase_artifact_badge\" />\n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n\n</span>\n\n<div class=\"well well-small bibbase\" data-type=\"bibtex\"\n     style=\"display:none\">\n  <pre style=\"white-space: pre-wrap;\">@inproceedings{tatar_tlbdr_2022,\n\ttitle = {{TLB};{DR}: {Enhancing} {TLB}-based {Attacks} with {TLB} {Desynchronized} {Reverse} {Engineering}},\n\turl = {Paper=https://download.vusec.net/papers/tlbdr_sec22.pdf Code=https://github.com/vusec/tlbdr},\n\tbooktitle = {{USENIX} {Security}},\n\tauthor = {Tatar, Andrei and Trujillo, Daniël and Giuffrida, Cristiano and Bos, Herbert},\n\tmonth = aug,\n\tyear = {2022},\n\tkeywords = {artifacts:available, artifacts:functional, artifacts:reproduced, class\\_sidechannels, proj\\_intersect, proj\\_offcore, proj\\_theseus, proj\\_tropics, proj\\_unicore, type\\_ae, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n</pre>\n</div>\n\n\n\n</div>\n\n\n  <div class=\"bibbase_paper\" id=\"ragab-koning-bos-giuffrida-bugsbunnyhoppingtortltargetswithadirectedhardwaredesignfuzzer-2022\">\n  <span class=\"bibbase_paper_titleauthoryear\">\n\n  \n  <span class=\"bibbase_paper_title\">\n  \n  \n  \n  <a href=\"https://download.vusec.net/papers/bugsbunny_silm22.pdf\"\n     onclick=\"return trackOutboundLink('publications', 'click', 'ragab-koning-bos-giuffrida-bugsbunnyhoppingtortltargetswithadirectedhardwaredesignfuzzer-2022', 'https://download.vusec.net/papers/bugsbunny_silm22.pdf', event);\">\n    BugsBunny: Hopping to RTL Targets with a Directed Hardware-Design Fuzzer.\n  </a>\n  \n  \n  \n</span>\n\n  <span class=\"bibbase_paper_author\">\n  Ragab, H.; Koning, K.; Bos, H.;  and Giuffrida, C.\n</span>\n\n  \n\n</span>\n\n  In <i>SILM</i>, June 2022. \n  <span class=\"note\"></span>\n\n<span class=\"bibbase_note\"></span>\n\n<br class=\"bibbase_paper_content\"/>\n\n<span class=\"bibbase_paper_content dontprint\">\n\n  \n  <a href=\"https://download.vusec.net/papers/bugsbunny_silm22.pdf\"\n     onclick=\"log_download('ragab-koning-bos-giuffrida-bugsbunnyhoppingtortltargetswithadirectedhardwaredesignfuzzer-2022', 'https://download.vusec.net/papers/bugsbunny_silm22.pdf', event.ctrlKey, event)\">\n    <img src=\"//bibbase.org/img/filetypes/pdf.svg\"\n\t     alt=\"BugsBunny: Hopping to RTL Targets with a Directed Hardware-Design Fuzzer [pdf]\"\n       title=\"Paper\"\n\t     class=\"bibbase_icon\"\n         ><span class=\"bibbase_icon_text\">Paper</span></a>\n  &nbsp;\n  \n\n  \n\n  \n  <a href=\"//bibbase.org/network/publication/ragab-koning-bos-giuffrida-bugsbunnyhoppingtortltargetswithadirectedhardwaredesignfuzzer-2022\"\n     class=\"bibbase bibbase_page link\">link</a>\n  &nbsp;\n  \n\n  <a href=\"#\"\n     onclick=\"showBib(event); return false;\"\n     class=\"bibbase bibtex link\">bibtex\n    <i class=\"fa fa-caret-down\"></i></a>\n\n  \n\n  \n  &nbsp;\n  <span class=\"bibbase_stats_paper\" style=\"color: #777;\">\n    <span>59 downloads</span>\n  </span>\n  \n\n  <!-- <a class=\"bibbase read link hidden\" -->\n  <!--    href=\"javascript:toggleRead('ragab-koning-bos-giuffrida-bugsbunnyhoppingtortltargetswithadirectedhardwaredesignfuzzer-2022')\" -->\n  <!--    title=\"Marking this paper as read adds it to your library on BibBase.\" -->\n  <!--    > -->\n  <!--   <i class=\"fa fa-check\"></i>&nbsp; -->\n  <!--   <span>mark as read</span> -->\n  <!-- </a> -->\n\n  &nbsp;\n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n\n</span>\n\n<div class=\"well well-small bibbase\" data-type=\"bibtex\"\n     style=\"display:none\">\n  <pre style=\"white-space: pre-wrap;\">@inproceedings{ragab_bugsbunny_2022,\n\ttitle = {{BugsBunny}: {Hopping} to {RTL} {Targets} with a {Directed} {Hardware}-{Design} {Fuzzer}},\n\turl = {https://download.vusec.net/papers/bugsbunny_silm22.pdf},\n\tbooktitle = {{SILM}},\n\tauthor = {Ragab, Hany and Koning, Koen and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = jun,\n\tyear = {2022},\n\tkeywords = {class\\_testing, proj\\_intersect, proj\\_offcore, proj\\_tropics, type\\_paper, type\\_workshop},\n}\n\n</pre>\n</div>\n\n\n\n</div>\n\n\n  <div class=\"bibbase_paper\" id=\"wikner-giuffrida-bos-razavi-springspectrereturninginthebrowserwithspeculativeloadqueuinganddeepstacks-2022\">\n  <span class=\"bibbase_paper_titleauthoryear\">\n\n  \n  <span class=\"bibbase_paper_title\">\n  \n  \n  \n  <a href=\"http://download.vusec.net/papers/spring_woot22.pdf\"\n     onclick=\"return trackOutboundLink('publications', 'click', 'wikner-giuffrida-bos-razavi-springspectrereturninginthebrowserwithspeculativeloadqueuinganddeepstacks-2022', 'http://download.vusec.net/papers/spring_woot22.pdf', event);\">\n    Spring: Spectre Returning in the Browser with Speculative Load Queuing and Deep Stacks.\n  </a>\n  \n  \n  \n</span>\n\n  <span class=\"bibbase_paper_author\">\n  Wikner, J.; Giuffrida, C.; Bos, H.;  and Razavi, K.\n</span>\n\n  \n\n</span>\n\n  In <i>WOOT</i>, May 2022. \n  <span class=\"note\">Mozilla Bounty Reward</span>\n\n<span class=\"bibbase_note\"></span>\n\n<br class=\"bibbase_paper_content\"/>\n\n<span class=\"bibbase_paper_content dontprint\">\n\n  \n  <a href=\"http://download.vusec.net/papers/spring_woot22.pdf\"\n     onclick=\"log_download('wikner-giuffrida-bos-razavi-springspectrereturninginthebrowserwithspeculativeloadqueuinganddeepstacks-2022', 'http://download.vusec.net/papers/spring_woot22.pdf', event.ctrlKey, event)\">\n    <img src=\"//bibbase.org/img/filetypes/pdf.svg\"\n\t     alt=\"Spring: Spectre Returning in the Browser with Speculative Load Queuing and Deep Stacks [pdf]\"\n       title=\"Paper\"\n\t     class=\"bibbase_icon\"\n         ><span class=\"bibbase_icon_text\">Paper</span></a>\n  &nbsp;\n  \n\n  \n\n  \n  <a href=\"//bibbase.org/network/publication/wikner-giuffrida-bos-razavi-springspectrereturninginthebrowserwithspeculativeloadqueuinganddeepstacks-2022\"\n     class=\"bibbase bibbase_page link\">link</a>\n  &nbsp;\n  \n\n  <a href=\"#\"\n     onclick=\"showBib(event); return false;\"\n     class=\"bibbase bibtex link\">bibtex\n    <i class=\"fa fa-caret-down\"></i></a>\n\n  \n\n  \n  &nbsp;\n  <span class=\"bibbase_stats_paper\" style=\"color: #777;\">\n    <span>131 downloads</span>\n  </span>\n  \n\n  <!-- <a class=\"bibbase read link hidden\" -->\n  <!--    href=\"javascript:toggleRead('wikner-giuffrida-bos-razavi-springspectrereturninginthebrowserwithspeculativeloadqueuinganddeepstacks-2022')\" -->\n  <!--    title=\"Marking this paper as read adds it to your library on BibBase.\" -->\n  <!--    > -->\n  <!--   <i class=\"fa fa-check\"></i>&nbsp; -->\n  <!--   <span>mark as read</span> -->\n  <!-- </a> -->\n\n  &nbsp;\n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n\n</span>\n\n<div class=\"well well-small bibbase\" data-type=\"bibtex\"\n     style=\"display:none\">\n  <pre style=\"white-space: pre-wrap;\">@inproceedings{wikner_spring_2022,\n\ttitle = {Spring: {Spectre} {Returning} in the {Browser} with {Speculative} {Load} {Queuing} and {Deep} {Stacks}},\n\turl = {Paper=http://download.vusec.net/papers/spring_woot22.pdf},\n\tbooktitle = {{WOOT}},\n\tauthor = {Wikner, Johannes and Giuffrida, Cristiano and Bos, Herbert and Razavi, Kaveh},\n\tmonth = may,\n\tyear = {2022},\n\tnote = {Mozilla Bounty Reward},\n\tkeywords = {class\\_sidechannels, proj\\_intersect, proj\\_offcore, proj\\_tropics, type\\_award, type\\_bounty, type\\_mscthesis, type\\_paper, type\\_top, type\\_workshop},\n}\n\n</pre>\n</div>\n\n\n\n</div>\n\n\n  <div class=\"bibbase_paper\" id=\"costi-johannesmeyer-bosman-giuffrida-bos-ontheeffectivenessofsamedomainmemorydeduplication-2022\">\n  <span class=\"bibbase_paper_titleauthoryear\">\n\n  \n  <span class=\"bibbase_paper_title\">\n  \n  \n  \n  <a href=\"https://download.vusec.net/papers/dedupestreturns_eurosec22.pdf\"\n     onclick=\"return trackOutboundLink('publications', 'click', 'costi-johannesmeyer-bosman-giuffrida-bos-ontheeffectivenessofsamedomainmemorydeduplication-2022', 'https://download.vusec.net/papers/dedupestreturns_eurosec22.pdf', event);\">\n    On the Effectiveness of Same-Domain Memory Deduplication.\n  </a>\n  \n  \n  \n</span>\n\n  <span class=\"bibbase_paper_author\">\n  Costi, A.; Johannesmeyer, B.; Bosman, E.; Giuffrida, C.;  and Bos, H.\n</span>\n\n  \n\n</span>\n\n  In <i>EuroSec</i>, April 2022. \n  <span class=\"note\"></span>\n\n<span class=\"bibbase_note\"></span>\n\n<br class=\"bibbase_paper_content\"/>\n\n<span class=\"bibbase_paper_content dontprint\">\n\n  \n  <a href=\"https://download.vusec.net/papers/dedupestreturns_eurosec22.pdf\"\n     onclick=\"log_download('costi-johannesmeyer-bosman-giuffrida-bos-ontheeffectivenessofsamedomainmemorydeduplication-2022', 'https://download.vusec.net/papers/dedupestreturns_eurosec22.pdf', event.ctrlKey, event)\">\n    <img src=\"//bibbase.org/img/filetypes/pdf.svg\"\n\t     alt=\"On the Effectiveness of Same-Domain Memory Deduplication [pdf]\"\n       title=\"Paper\"\n\t     class=\"bibbase_icon\"\n         ><span class=\"bibbase_icon_text\">Paper</span></a>\n  &nbsp;\n  \n  <a href=\"https://download.vusec.net/slides/dedup_eurosec22.pdf\"\n     onclick=\"log_download('costi-johannesmeyer-bosman-giuffrida-bos-ontheeffectivenessofsamedomainmemorydeduplication-2022', 'https://download.vusec.net/slides/dedup_eurosec22.pdf', event.ctrlKey, event)\">\n    <img src=\"//bibbase.org/img/filetypes/pdf.svg\"\n\t     alt=\"On the Effectiveness of Same-Domain Memory Deduplication [pdf]\"\n       title=\"Slides\"\n\t     class=\"bibbase_icon\"\n         ><span class=\"bibbase_icon_text\">Slides</span></a>\n  &nbsp;\n  \n  <a href=\"https://www.vusec.net/projects/dedup-est-machina-returns/\"\n     onclick=\"log_download('costi-johannesmeyer-bosman-giuffrida-bos-ontheeffectivenessofsamedomainmemorydeduplication-2022', 'https://www.vusec.net/projects/dedup-est-machina-returns/', event.ctrlKey, event)\">\n    <img src=\"//bibbase.org/img/filetypes/link.svg\"\n\t     alt=\"On the Effectiveness of Same-Domain Memory Deduplication [link]\"\n       title=\"Web\"\n\t     class=\"bibbase_icon\"\n         ><span class=\"bibbase_icon_text\">Web</span></a>\n  &nbsp;\n  \n  <a href=\"https://github.com/vusec/dedup-est-returns\"\n     onclick=\"log_download('costi-johannesmeyer-bosman-giuffrida-bos-ontheeffectivenessofsamedomainmemorydeduplication-2022', 'https://github.com/vusec/dedup-est-returns', event.ctrlKey, event)\">\n    <img src=\"//bibbase.org/img/filetypes/link.svg\"\n\t     alt=\"On the Effectiveness of Same-Domain Memory Deduplication [link]\"\n       title=\"Code\"\n\t     class=\"bibbase_icon\"\n         ><span class=\"bibbase_icon_text\">Code</span></a>\n  &nbsp;\n  \n\n  \n\n  \n  <a href=\"//bibbase.org/network/publication/costi-johannesmeyer-bosman-giuffrida-bos-ontheeffectivenessofsamedomainmemorydeduplication-2022\"\n     class=\"bibbase bibbase_page link\">link</a>\n  &nbsp;\n  \n\n  <a href=\"#\"\n     onclick=\"showBib(event); return false;\"\n     class=\"bibbase bibtex link\">bibtex\n    <i class=\"fa fa-caret-down\"></i></a>\n\n  \n\n  \n  &nbsp;\n  <span class=\"bibbase_stats_paper\" style=\"color: #777;\">\n    <span>57 downloads</span>\n  </span>\n  \n\n  <!-- <a class=\"bibbase read link hidden\" -->\n  <!--    href=\"javascript:toggleRead('costi-johannesmeyer-bosman-giuffrida-bos-ontheeffectivenessofsamedomainmemorydeduplication-2022')\" -->\n  <!--    title=\"Marking this paper as read adds it to your library on BibBase.\" -->\n  <!--    > -->\n  <!--   <i class=\"fa fa-check\"></i>&nbsp; -->\n  <!--   <span>mark as read</span> -->\n  <!-- </a> -->\n\n  &nbsp;\n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n\n</span>\n\n<div class=\"well well-small bibbase\" data-type=\"bibtex\"\n     style=\"display:none\">\n  <pre style=\"white-space: pre-wrap;\">@inproceedings{costi_effectiveness_2022,\n\ttitle = {On the {Effectiveness} of {Same}-{Domain} {Memory} {Deduplication}},\n\turl = {Paper=https://download.vusec.net/papers/dedupestreturns_eurosec22.pdf Slides=https://download.vusec.net/slides/dedup_eurosec22.pdf Web=https://www.vusec.net/projects/dedup-est-machina-returns/ Code=https://github.com/vusec/dedup-est-returns},\n\tbooktitle = {{EuroSec}},\n\tauthor = {Costi, Andreas and Johannesmeyer, Brian and Bosman, Erik and Giuffrida, Cristiano and Bos, Herbert},\n\tmonth = apr,\n\tyear = {2022},\n\tkeywords = {class\\_sidechannels, proj\\_intersect, proj\\_unicore, type\\_mscthesis, type\\_paper, type\\_workshop},\n}\n\n</pre>\n</div>\n\n\n\n</div>\n\n\n  <div class=\"bibbase_paper\" id=\"johannesmeyer-koschel-razavi-bos-giuffrida-kasperscanningforgeneralizedtransientexecutiongadgetsinthelinuxkernel-2022\">\n  <span class=\"bibbase_paper_titleauthoryear\">\n\n  \n  <span class=\"bibbase_paper_title\">\n  \n  \n  \n  <a href=\"https://download.vusec.net/papers/kasper_ndss22.pdf\"\n     onclick=\"return trackOutboundLink('publications', 'click', 'johannesmeyer-koschel-razavi-bos-giuffrida-kasperscanningforgeneralizedtransientexecutiongadgetsinthelinuxkernel-2022', 'https://download.vusec.net/papers/kasper_ndss22.pdf', event);\">\n    Kasper: Scanning for Generalized Transient Execution Gadgets in the Linux Kernel.\n  </a>\n  \n  \n  \n</span>\n\n  <span class=\"bibbase_paper_author\">\n  Johannesmeyer, B.; Koschel, J.; Razavi, K.; Bos, H.;  and Giuffrida, C.\n</span>\n\n  \n\n</span>\n\n  In <i>NDSS</i>, April 2022. \n  <span class=\"note\"></span>\n\n<span class=\"bibbase_note\"></span>\n\n<br class=\"bibbase_paper_content\"/>\n\n<span class=\"bibbase_paper_content dontprint\">\n\n  \n  <a href=\"https://download.vusec.net/papers/kasper_ndss22.pdf\"\n     onclick=\"log_download('johannesmeyer-koschel-razavi-bos-giuffrida-kasperscanningforgeneralizedtransientexecutiongadgetsinthelinuxkernel-2022', 'https://download.vusec.net/papers/kasper_ndss22.pdf', event.ctrlKey, event)\">\n    <img src=\"//bibbase.org/img/filetypes/pdf.svg\"\n\t     alt=\"Kasper: Scanning for Generalized Transient Execution Gadgets in the Linux Kernel [pdf]\"\n       title=\"Paper\"\n\t     class=\"bibbase_icon\"\n         ><span class=\"bibbase_icon_text\">Paper</span></a>\n  &nbsp;\n  \n  <a href=\"https://download.vusec.net/slides/kasper_ndss22.pdf\"\n     onclick=\"log_download('johannesmeyer-koschel-razavi-bos-giuffrida-kasperscanningforgeneralizedtransientexecutiongadgetsinthelinuxkernel-2022', 'https://download.vusec.net/slides/kasper_ndss22.pdf', event.ctrlKey, event)\">\n    <img src=\"//bibbase.org/img/filetypes/pdf.svg\"\n\t     alt=\"Kasper: Scanning for Generalized Transient Execution Gadgets in the Linux Kernel [pdf]\"\n       title=\"Slides\"\n\t     class=\"bibbase_icon\"\n         ><span class=\"bibbase_icon_text\">Slides</span></a>\n  &nbsp;\n  \n  <a href=\"https://www.vusec.net/projects/kasper\"\n     onclick=\"log_download('johannesmeyer-koschel-razavi-bos-giuffrida-kasperscanningforgeneralizedtransientexecutiongadgetsinthelinuxkernel-2022', 'https://www.vusec.net/projects/kasper', event.ctrlKey, event)\">\n    <img src=\"//bibbase.org/img/filetypes/link.svg\"\n\t     alt=\"Kasper: Scanning for Generalized Transient Execution Gadgets in the Linux Kernel [link]\"\n       title=\"Web\"\n\t     class=\"bibbase_icon\"\n         ><span class=\"bibbase_icon_text\">Web</span></a>\n  &nbsp;\n  \n  <a href=\"https://github.com/vusec/kasper\"\n     onclick=\"log_download('johannesmeyer-koschel-razavi-bos-giuffrida-kasperscanningforgeneralizedtransientexecutiongadgetsinthelinuxkernel-2022', 'https://github.com/vusec/kasper', event.ctrlKey, event)\">\n    <img src=\"//bibbase.org/img/filetypes/link.svg\"\n\t     alt=\"Kasper: Scanning for Generalized Transient Execution Gadgets in the Linux Kernel [link]\"\n       title=\"Code\"\n\t     class=\"bibbase_icon\"\n         ><span class=\"bibbase_icon_text\">Code</span></a>\n  &nbsp;\n  \n  <a href=\"https://www.youtube.com/watch?v=v89Zt3vxrww\"\n     onclick=\"log_download('johannesmeyer-koschel-razavi-bos-giuffrida-kasperscanningforgeneralizedtransientexecutiongadgetsinthelinuxkernel-2022', 'https://www.youtube.com/watch?v=v89Zt3vxrww', event.ctrlKey, event)\">\n    <img src=\"//bibbase.org/img/filetypes/link.svg\"\n\t     alt=\"Kasper: Scanning for Generalized Transient Execution Gadgets in the Linux Kernel [link]\"\n       title=\"Video\"\n\t     class=\"bibbase_icon\"\n         ><span class=\"bibbase_icon_text\">Video</span></a>\n  &nbsp;\n  \n\n  \n\n  \n  <a href=\"//bibbase.org/network/publication/johannesmeyer-koschel-razavi-bos-giuffrida-kasperscanningforgeneralizedtransientexecutiongadgetsinthelinuxkernel-2022\"\n     class=\"bibbase bibbase_page link\">link</a>\n  &nbsp;\n  \n\n  <a href=\"#\"\n     onclick=\"showBib(event); return false;\"\n     class=\"bibbase bibtex link\">bibtex\n    <i class=\"fa fa-caret-down\"></i></a>\n\n  \n\n  \n  &nbsp;\n  <span class=\"bibbase_stats_paper\" style=\"color: #777;\">\n    <span>518 downloads</span>\n  </span>\n  \n\n  <!-- <a class=\"bibbase read link hidden\" -->\n  <!--    href=\"javascript:toggleRead('johannesmeyer-koschel-razavi-bos-giuffrida-kasperscanningforgeneralizedtransientexecutiongadgetsinthelinuxkernel-2022')\" -->\n  <!--    title=\"Marking this paper as read adds it to your library on BibBase.\" -->\n  <!--    > -->\n  <!--   <i class=\"fa fa-check\"></i>&nbsp; -->\n  <!--   <span>mark as read</span> -->\n  <!-- </a> -->\n\n  &nbsp;\n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n\n</span>\n\n<div class=\"well well-small bibbase\" data-type=\"bibtex\"\n     style=\"display:none\">\n  <pre style=\"white-space: pre-wrap;\">@inproceedings{johannesmeyer_kasper_2022,\n\ttitle = {Kasper: {Scanning} for {Generalized} {Transient} {Execution} {Gadgets} in the {Linux} {Kernel}},\n\turl = {Paper=https://download.vusec.net/papers/kasper_ndss22.pdf Slides=https://download.vusec.net/slides/kasper_ndss22.pdf Web=https://www.vusec.net/projects/kasper Code=https://github.com/vusec/kasper Video=https://www.youtube.com/watch?v=v89Zt3vxrww},\n\tbooktitle = {{NDSS}},\n\tauthor = {Johannesmeyer, Brian and Koschel, Jakob and Razavi, Kaveh and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = apr,\n\tyear = {2022},\n\tkeywords = {class\\_sidechannels, proj\\_intersect, proj\\_offcore, proj\\_theseus, proj\\_tropics, proj\\_unicore, proj\\_veripatch, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n</pre>\n</div>\n\n\n\n</div>\n\n\n  <div class=\"bibbase_paper\" id=\"bacs-musaev-razavi-giuffrida-bos-dupefsleakingdataoverthenetworkwithfilesystemdeduplicationsidechannels-2022\">\n  <span class=\"bibbase_paper_titleauthoryear\">\n\n  \n  <span class=\"bibbase_paper_title\">\n  \n  \n  \n  <a href=\"https://download.vusec.net/papers/dupefs_fast22.pdf\"\n     onclick=\"return trackOutboundLink('publications', 'click', 'bacs-musaev-razavi-giuffrida-bos-dupefsleakingdataoverthenetworkwithfilesystemdeduplicationsidechannels-2022', 'https://download.vusec.net/papers/dupefs_fast22.pdf', event);\">\n    DupeFS: Leaking Data Over the Network With Filesystem Deduplication Side Channels.\n  </a>\n  \n  \n  \n</span>\n\n  <span class=\"bibbase_paper_author\">\n  Bacs, A.; Musaev, S.; Razavi, K.; Giuffrida, C.;  and Bos, H.\n</span>\n\n  \n\n</span>\n\n  In <i>FAST</i>, February 2022. \n  <span class=\"note\"></span>\n\n<span class=\"bibbase_note\"></span>\n\n<br class=\"bibbase_paper_content\"/>\n\n<span class=\"bibbase_paper_content dontprint\">\n\n  \n  <a href=\"https://download.vusec.net/papers/dupefs_fast22.pdf\"\n     onclick=\"log_download('bacs-musaev-razavi-giuffrida-bos-dupefsleakingdataoverthenetworkwithfilesystemdeduplicationsidechannels-2022', 'https://download.vusec.net/papers/dupefs_fast22.pdf', event.ctrlKey, event)\">\n    <img src=\"//bibbase.org/img/filetypes/pdf.svg\"\n\t     alt=\"DupeFS: Leaking Data Over the Network With Filesystem Deduplication Side Channels [pdf]\"\n       title=\"Paper\"\n\t     class=\"bibbase_icon\"\n         ><span class=\"bibbase_icon_text\">Paper</span></a>\n  &nbsp;\n  \n\n  \n\n  \n  <a href=\"//bibbase.org/network/publication/bacs-musaev-razavi-giuffrida-bos-dupefsleakingdataoverthenetworkwithfilesystemdeduplicationsidechannels-2022\"\n     class=\"bibbase bibbase_page link\">link</a>\n  &nbsp;\n  \n\n  <a href=\"#\"\n     onclick=\"showBib(event); return false;\"\n     class=\"bibbase bibtex link\">bibtex\n    <i class=\"fa fa-caret-down\"></i></a>\n\n  \n\n  \n  &nbsp;\n  <span class=\"bibbase_stats_paper\" style=\"color: #777;\">\n    <span>127 downloads</span>\n  </span>\n  \n\n  <!-- <a class=\"bibbase read link hidden\" -->\n  <!--    href=\"javascript:toggleRead('bacs-musaev-razavi-giuffrida-bos-dupefsleakingdataoverthenetworkwithfilesystemdeduplicationsidechannels-2022')\" -->\n  <!--    title=\"Marking this paper as read adds it to your library on BibBase.\" -->\n  <!--    > -->\n  <!--   <i class=\"fa fa-check\"></i>&nbsp; -->\n  <!--   <span>mark as read</span> -->\n  <!-- </a> -->\n\n  &nbsp;\n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n\n</span>\n\n<div class=\"well well-small bibbase\" data-type=\"bibtex\"\n     style=\"display:none\">\n  <pre style=\"white-space: pre-wrap;\">@inproceedings{bacs_dupefs_2022,\n\ttitle = {{DupeFS}: {Leaking} {Data} {Over} the {Network} {With} {Filesystem} {Deduplication} {Side} {Channels}},\n\turl = {Paper=https://download.vusec.net/papers/dupefs_fast22.pdf},\n\tbooktitle = {{FAST}},\n\tauthor = {Bacs, Andrei and Musaev, Saidgani and Razavi, Kaveh and Giuffrida, Cristiano and Bos, Herbert},\n\tmonth = feb,\n\tyear = {2022},\n\tkeywords = {class\\_sidechannels, proj\\_intersect, proj\\_offcore, proj\\_unicore, type\\_conf, type\\_mscthesis, type\\_paper, type\\_tier1, type\\_top},\n}\n\n</pre>\n</div>\n\n\n\n</div>\n\n\n  <div class=\"bibbase_paper\" id=\"granthernandez-mariusmuench-dominikmaier-alyssamilburn-shinjopark-tobiasscharnowski-tylertucker-patricktraynor-etal-firmwiretransparentdynamicanalysisforcellularbasebandfirmware-2022\">\n  <span class=\"bibbase_paper_titleauthoryear\">\n\n  \n  <span class=\"bibbase_paper_title\">\n  \n  \n  \n  <a href=\"https://hernan.de/research/papers/firmwire-ndss22-hernandez.pdf\"\n     onclick=\"return trackOutboundLink('publications', 'click', 'granthernandez-mariusmuench-dominikmaier-alyssamilburn-shinjopark-tobiasscharnowski-tylertucker-patricktraynor-etal-firmwiretransparentdynamicanalysisforcellularbasebandfirmware-2022', 'https://hernan.de/research/papers/firmwire-ndss22-hernandez.pdf', event);\">\n    FirmWire: Transparent Dynamic Analysis for Cellular Baseband Firmware.\n  </a>\n  \n  \n  \n</span>\n\n  <span class=\"bibbase_paper_author\">\n  Grant Hernandez; Marius Muench; Dominik Maier; Alyssa Milburn; Shinjo Park; Tobias Scharnowski; Tyler Tucker; Patrick Traynor;  and Kevin R. B. Butler\n</span>\n\n  \n\n</span>\n\n  In <i>NDSS</i>, February 2022. \n  <span class=\"note\"></span>\n\n<span class=\"bibbase_note\"></span>\n\n<br class=\"bibbase_paper_content\"/>\n\n<span class=\"bibbase_paper_content dontprint\">\n\n  \n  <a href=\"https://hernan.de/research/papers/firmwire-ndss22-hernandez.pdf\"\n     onclick=\"log_download('granthernandez-mariusmuench-dominikmaier-alyssamilburn-shinjopark-tobiasscharnowski-tylertucker-patricktraynor-etal-firmwiretransparentdynamicanalysisforcellularbasebandfirmware-2022', 'https://hernan.de/research/papers/firmwire-ndss22-hernandez.pdf', event.ctrlKey, event)\">\n    <img src=\"//bibbase.org/img/filetypes/pdf.svg\"\n\t     alt=\"FirmWire: Transparent Dynamic Analysis for Cellular Baseband Firmware [pdf]\"\n       title=\"Paper\"\n\t     class=\"bibbase_icon\"\n         ><span class=\"bibbase_icon_text\">Paper</span></a>\n  &nbsp;\n  \n  <a href=\"https://github.com/FirmWire/FirmWire\"\n     onclick=\"log_download('granthernandez-mariusmuench-dominikmaier-alyssamilburn-shinjopark-tobiasscharnowski-tylertucker-patricktraynor-etal-firmwiretransparentdynamicanalysisforcellularbasebandfirmware-2022', 'https://github.com/FirmWire/FirmWire', event.ctrlKey, event)\">\n    <img src=\"//bibbase.org/img/filetypes/link.svg\"\n\t     alt=\"FirmWire: Transparent Dynamic Analysis for Cellular Baseband Firmware [link]\"\n       title=\"Code\"\n\t     class=\"bibbase_icon\"\n         ><span class=\"bibbase_icon_text\">Code</span></a>\n  &nbsp;\n  \n\n  \n\n  \n  <a href=\"//bibbase.org/network/publication/granthernandez-mariusmuench-dominikmaier-alyssamilburn-shinjopark-tobiasscharnowski-tylertucker-patricktraynor-etal-firmwiretransparentdynamicanalysisforcellularbasebandfirmware-2022\"\n     class=\"bibbase bibbase_page link\">link</a>\n  &nbsp;\n  \n\n  <a href=\"#\"\n     onclick=\"showBib(event); return false;\"\n     class=\"bibbase bibtex link\">bibtex\n    <i class=\"fa fa-caret-down\"></i></a>\n\n  \n\n  \n  &nbsp;\n  <span class=\"bibbase_stats_paper\" style=\"color: #777;\">\n    <span>31 downloads</span>\n  </span>\n  \n\n  <!-- <a class=\"bibbase read link hidden\" -->\n  <!--    href=\"javascript:toggleRead('granthernandez-mariusmuench-dominikmaier-alyssamilburn-shinjopark-tobiasscharnowski-tylertucker-patricktraynor-etal-firmwiretransparentdynamicanalysisforcellularbasebandfirmware-2022')\" -->\n  <!--    title=\"Marking this paper as read adds it to your library on BibBase.\" -->\n  <!--    > -->\n  <!--   <i class=\"fa fa-check\"></i>&nbsp; -->\n  <!--   <span>mark as read</span> -->\n  <!-- </a> -->\n\n  &nbsp;\n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n\n</span>\n\n<div class=\"well well-small bibbase\" data-type=\"bibtex\"\n     style=\"display:none\">\n  <pre style=\"white-space: pre-wrap;\">@inproceedings{grant_hernandez_firmwire_2022,\n\ttitle = {{FirmWire}: {Transparent} {Dynamic} {Analysis} for {Cellular} {Baseband} {Firmware}},\n\turl = {Paper=https://hernan.de/research/papers/firmwire-ndss22-hernandez.pdf Code=https://github.com/FirmWire/FirmWire},\n\tbooktitle = {{NDSS}},\n\tauthor = {{Grant Hernandez} and {Marius Muench} and {Dominik Maier} and {Alyssa Milburn} and {Shinjo Park} and {Tobias Scharnowski} and {Tyler Tucker} and {Patrick Traynor} and {Kevin R. B. Butler}},\n\tmonth = feb,\n\tyear = {2022},\n\tkeywords = {class\\_binary, proj\\_intersect, proj\\_tropics, type\\_conf, type\\_paper, type\\_tier1, type\\_top},\n}\n\n</pre>\n</div>\n\n\n\n</div>\n\n\n\n\n\n    </div>\n  </div>\n\n  <div class=\"bibbase_group_whole\" id=\"group_2021\">\n    <div class=\"bibbase_group\"\n      onclick=\"toggleGroup('group_2021')\"\n      onkeypress=\"toggleGroup('group_2021')\"\n      tabindex=\"0\">\n      <i class=\"fa fa-angle-down bibbase_group_head_icon\"></i>&nbsp;\n      <span>2021</span>\n      <span class=\"bibbase_group_count\">\n        \n        (3)\n        \n      </span>\n    </div>\n    <div class=\"bibbase_group_body\">\n      \n  \n  <div class=\"bibbase_paper\" id=\"mi-rawat-giuffrida-bos-leansymefficienthybridfuzzingthroughconservativeconstraintdebloating-2021\">\n  <span class=\"bibbase_paper_titleauthoryear\">\n\n  \n  <span class=\"bibbase_paper_title\">\n  \n  \n  \n  <a href=\"https://download.vusec.net/papers/leansym_raid21.pdf\"\n     onclick=\"return trackOutboundLink('publications', 'click', 'mi-rawat-giuffrida-bos-leansymefficienthybridfuzzingthroughconservativeconstraintdebloating-2021', 'https://download.vusec.net/papers/leansym_raid21.pdf', event);\">\n    LeanSym: Efficient Hybrid Fuzzing Through Conservative Constraint Debloating.\n  </a>\n  \n  \n  \n</span>\n\n  <span class=\"bibbase_paper_author\">\n  Mi, X.; Rawat, S.; Giuffrida, C.;  and Bos, H.\n</span>\n\n  \n\n</span>\n\n  In <i>RAID</i>, October 2021. \n  <span class=\"note\"></span>\n\n<span class=\"bibbase_note\"></span>\n\n<br class=\"bibbase_paper_content\"/>\n\n<span class=\"bibbase_paper_content dontprint\">\n\n  \n  <a href=\"https://download.vusec.net/papers/leansym_raid21.pdf\"\n     onclick=\"log_download('mi-rawat-giuffrida-bos-leansymefficienthybridfuzzingthroughconservativeconstraintdebloating-2021', 'https://download.vusec.net/papers/leansym_raid21.pdf', event.ctrlKey, event)\">\n    <img src=\"//bibbase.org/img/filetypes/pdf.svg\"\n\t     alt=\"LeanSym: Efficient Hybrid Fuzzing Through Conservative Constraint Debloating [pdf]\"\n       title=\"Paper\"\n\t     class=\"bibbase_icon\"\n         ><span class=\"bibbase_icon_text\">Paper</span></a>\n  &nbsp;\n  \n\n  \n\n  \n  <a href=\"//bibbase.org/network/publication/mi-rawat-giuffrida-bos-leansymefficienthybridfuzzingthroughconservativeconstraintdebloating-2021\"\n     class=\"bibbase bibbase_page link\">link</a>\n  &nbsp;\n  \n\n  <a href=\"#\"\n     onclick=\"showBib(event); return false;\"\n     class=\"bibbase bibtex link\">bibtex\n    <i class=\"fa fa-caret-down\"></i></a>\n\n  \n\n  \n  &nbsp;\n  <span class=\"bibbase_stats_paper\" style=\"color: #777;\">\n    <span>41 downloads</span>\n  </span>\n  \n\n  <!-- <a class=\"bibbase read link hidden\" -->\n  <!--    href=\"javascript:toggleRead('mi-rawat-giuffrida-bos-leansymefficienthybridfuzzingthroughconservativeconstraintdebloating-2021')\" -->\n  <!--    title=\"Marking this paper as read adds it to your library on BibBase.\" -->\n  <!--    > -->\n  <!--   <i class=\"fa fa-check\"></i>&nbsp; -->\n  <!--   <span>mark as read</span> -->\n  <!-- </a> -->\n\n  &nbsp;\n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n\n</span>\n\n<div class=\"well well-small bibbase\" data-type=\"bibtex\"\n     style=\"display:none\">\n  <pre style=\"white-space: pre-wrap;\">@inproceedings{mi_leansym_2021,\n\ttitle = {{LeanSym}: {Efficient} {Hybrid} {Fuzzing} {Through} {Conservative} {Constraint} {Debloating}},\n\turl = {https://download.vusec.net/papers/leansym_raid21.pdf},\n\tbooktitle = {{RAID}},\n\tauthor = {Mi, Xianya and Rawat, Sanjay and Giuffrida, Cristiano and Bos, Herbert},\n\tmonth = oct,\n\tyear = {2021},\n\tkeywords = {class\\_testing, proj\\_intersect, proj\\_memo, proj\\_theseus, proj\\_tropics, type\\_conf, type\\_paper, type\\_top},\n}\n\n</pre>\n</div>\n\n\n\n</div>\n\n\n  <div class=\"bibbase_paper\" id=\"ragab-barberis-bos-giuffrida-rageagainstthemachineclearasystematicanalysisofmachineclearsandtheirimplicationsfortransientexecutionattacks-2021\">\n  <span class=\"bibbase_paper_titleauthoryear\">\n\n  \n  <span class=\"bibbase_paper_title\">\n  \n  \n  \n  <a href=\"https://download.vusec.net/papers/fpvi-scsb_sec21.pdf\"\n     onclick=\"return trackOutboundLink('publications', 'click', 'ragab-barberis-bos-giuffrida-rageagainstthemachineclearasystematicanalysisofmachineclearsandtheirimplicationsfortransientexecutionattacks-2021', 'https://download.vusec.net/papers/fpvi-scsb_sec21.pdf', event);\">\n    Rage Against the Machine Clear: A Systematic Analysis of Machine Clears and Their Implications for Transient Execution Attacks.\n  </a>\n  \n  \n  \n</span>\n\n  <span class=\"bibbase_paper_author\">\n  Ragab, H.; Barberis, E.; Bos, H.;  and Giuffrida, C.\n</span>\n\n  \n\n</span>\n\n  In <i>USENIX Security</i>, August 2021. \n  <span class=\"note\">Distinguished Paper Award, Intel Bounty Reward, Mozilla Bounty Reward, Pwnie Award Nomination for Most Innovative Research, Pwnie Award Nomination for Best Privilege Escalation Bug, Pwnie Award Nomination for Best Client-Side Bug, Pwnie Award Nomination for Epic Achievement, DCSR Paper Award, CSAW Best Paper Award Runner-up</span>\n\n<span class=\"bibbase_note\"></span>\n\n<br class=\"bibbase_paper_content\"/>\n\n<span class=\"bibbase_paper_content dontprint\">\n\n  \n  <a href=\"https://download.vusec.net/papers/fpvi-scsb_sec21.pdf\"\n     onclick=\"log_download('ragab-barberis-bos-giuffrida-rageagainstthemachineclearasystematicanalysisofmachineclearsandtheirimplicationsfortransientexecutionattacks-2021', 'https://download.vusec.net/papers/fpvi-scsb_sec21.pdf', event.ctrlKey, event)\">\n    <img src=\"//bibbase.org/img/filetypes/pdf.svg\"\n\t     alt=\"Rage Against the Machine Clear: A Systematic Analysis of Machine Clears and Their Implications for Transient Execution Attacks [pdf]\"\n       title=\"Paper\"\n\t     class=\"bibbase_icon\"\n         ><span class=\"bibbase_icon_text\">Paper</span></a>\n  &nbsp;\n  \n  <a href=\"https://www.vusec.net/projects/fpvi-scsb\"\n     onclick=\"log_download('ragab-barberis-bos-giuffrida-rageagainstthemachineclearasystematicanalysisofmachineclearsandtheirimplicationsfortransientexecutionattacks-2021', 'https://www.vusec.net/projects/fpvi-scsb', event.ctrlKey, event)\">\n    <img src=\"//bibbase.org/img/filetypes/link.svg\"\n\t     alt=\"Rage Against the Machine Clear: A Systematic Analysis of Machine Clears and Their Implications for Transient Execution Attacks [link]\"\n       title=\"Web\"\n\t     class=\"bibbase_icon\"\n         ><span class=\"bibbase_icon_text\">Web</span></a>\n  &nbsp;\n  \n  <a href=\"https://github.com/vusec/fpvi-scsb\"\n     onclick=\"log_download('ragab-barberis-bos-giuffrida-rageagainstthemachineclearasystematicanalysisofmachineclearsandtheirimplicationsfortransientexecutionattacks-2021', 'https://github.com/vusec/fpvi-scsb', event.ctrlKey, event)\">\n    <img src=\"//bibbase.org/img/filetypes/link.svg\"\n\t     alt=\"Rage Against the Machine Clear: A Systematic Analysis of Machine Clears and Their Implications for Transient Execution Attacks [link]\"\n       title=\"Code\"\n\t     class=\"bibbase_icon\"\n         ><span class=\"bibbase_icon_text\">Code</span></a>\n  &nbsp;\n  \n\n  \n\n  \n  <a href=\"//bibbase.org/network/publication/ragab-barberis-bos-giuffrida-rageagainstthemachineclearasystematicanalysisofmachineclearsandtheirimplicationsfortransientexecutionattacks-2021\"\n     class=\"bibbase bibbase_page link\">link</a>\n  &nbsp;\n  \n\n  <a href=\"#\"\n     onclick=\"showBib(event); return false;\"\n     class=\"bibbase bibtex link\">bibtex\n    <i class=\"fa fa-caret-down\"></i></a>\n\n  \n\n  \n  &nbsp;\n  <span class=\"bibbase_stats_paper\" style=\"color: #777;\">\n    <span>296 downloads</span>\n  </span>\n  \n\n  <!-- <a class=\"bibbase read link hidden\" -->\n  <!--    href=\"javascript:toggleRead('ragab-barberis-bos-giuffrida-rageagainstthemachineclearasystematicanalysisofmachineclearsandtheirimplicationsfortransientexecutionattacks-2021')\" -->\n  <!--    title=\"Marking this paper as read adds it to your library on BibBase.\" -->\n  <!--    > -->\n  <!--   <i class=\"fa fa-check\"></i>&nbsp; -->\n  <!--   <span>mark as read</span> -->\n  <!-- </a> -->\n\n  &nbsp;\n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n\n</span>\n\n<div class=\"well well-small bibbase\" data-type=\"bibtex\"\n     style=\"display:none\">\n  <pre style=\"white-space: pre-wrap;\">@inproceedings{ragab_rage_2021,\n\ttitle = {Rage {Against} the {Machine} {Clear}: {A} {Systematic} {Analysis} of {Machine} {Clears} and {Their} {Implications} for {Transient} {Execution} {Attacks}},\n\turl = {Paper=https://download.vusec.net/papers/fpvi-scsb_sec21.pdf Web=https://www.vusec.net/projects/fpvi-scsb Code=https://github.com/vusec/fpvi-scsb},\n\tbooktitle = {{USENIX} {Security}},\n\tauthor = {Ragab, Hany and Barberis, Enrico and Bos, Herbert and Giuffrida, Cristiano},\n\tmonth = aug,\n\tyear = {2021},\n\tnote = {Distinguished Paper Award, Intel Bounty Reward, Mozilla Bounty Reward, Pwnie Award Nomination for Most Innovative Research, Pwnie Award Nomination for Best Privilege Escalation Bug, Pwnie Award Nomination for Best Client-Side Bug, Pwnie Award Nomination for Epic Achievement, DCSR Paper Award, CSAW Best Paper Award Runner-up},\n\tkeywords = {class\\_sidechannels, proj\\_intersect, proj\\_offcore, proj\\_react, proj\\_unicore, type\\_award, type\\_bounty, type\\_conf, type\\_cve\\_assigned, type\\_paper, type\\_tier1, type\\_top},\n}\n\n</pre>\n</div>\n\n\n\n</div>\n\n\n  <div class=\"bibbase_paper\" id=\"fasano-ballo-muench-leek-bulekov-dolangavitt-egele-francillon-etal-sokenablingsecurityanalysesofembeddedsystemsviarehosting-2021\">\n  <span class=\"bibbase_paper_titleauthoryear\">\n\n  \n  <span class=\"bibbase_paper_title\">\n  \n  \n  \n  <a href=\"https://dl.acm.org/doi/pdf/10.1145/3433210.3453093\"\n     onclick=\"return trackOutboundLink('publications', 'click', 'fasano-ballo-muench-leek-bulekov-dolangavitt-egele-francillon-etal-sokenablingsecurityanalysesofembeddedsystemsviarehosting-2021', 'https://dl.acm.org/doi/pdf/10.1145/3433210.3453093', event);\">\n    SoK: Enabling Security Analyses of Embedded Systems via Rehosting.\n  </a>\n  \n  \n  \n</span>\n\n  <span class=\"bibbase_paper_author\">\n  Fasano, A.; Ballo, T.; Muench, M.; Leek, T.; Bulekov, A.; Dolan-Gavitt, B.; Egele, M.; Francillon, A.; Lu, L.; Gregory, N.; Balzarotti, D.;  and Robertson, W.\n</span>\n\n  \n\n</span>\n\n  In <i>ASIACCS</i>, May 2021. \n  <span class=\"note\"></span>\n\n<span class=\"bibbase_note\"></span>\n\n<br class=\"bibbase_paper_content\"/>\n\n<span class=\"bibbase_paper_content dontprint\">\n\n  \n  <a href=\"https://dl.acm.org/doi/pdf/10.1145/3433210.3453093\"\n     onclick=\"log_download('fasano-ballo-muench-leek-bulekov-dolangavitt-egele-francillon-etal-sokenablingsecurityanalysesofembeddedsystemsviarehosting-2021', 'https://dl.acm.org/doi/pdf/10.1145/3433210.3453093', event.ctrlKey, event)\">\n    <img src=\"//bibbase.org/img/filetypes/link.svg\"\n\t     alt=\"SoK: Enabling Security Analyses of Embedded Systems via Rehosting [link]\"\n       title=\"Paper\"\n\t     class=\"bibbase_icon\"\n         ><span class=\"bibbase_icon_text\">Paper</span></a>\n  &nbsp;\n  \n\n  \n  <a href=\"http://doi.org/10.1145/3433210.3453093\"\n     onclick=\"log_download('fasano-ballo-muench-leek-bulekov-dolangavitt-egele-francillon-etal-sokenablingsecurityanalysesofembeddedsystemsviarehosting-2021', 'http://doi.org/10.1145/3433210.3453093', event.ctrlKey)\"\n     class=\"bibbase doi link\">\n    <span>doi</span></a>\n  &nbsp;\n  \n\n  \n  <a href=\"//bibbase.org/network/publication/fasano-ballo-muench-leek-bulekov-dolangavitt-egele-francillon-etal-sokenablingsecurityanalysesofembeddedsystemsviarehosting-2021\"\n     class=\"bibbase bibbase_page link\">link</a>\n  &nbsp;\n  \n\n  <a href=\"#\"\n     onclick=\"showBib(event); return false;\"\n     class=\"bibbase bibtex link\">bibtex\n    <i class=\"fa fa-caret-down\"></i></a>\n\n  \n  &nbsp;\n  <a class=\"bibbase_abstract_link bibbase link\"\n     href=\"#\"\n     onclick=\"showAbstract(event); return false;\">\n    abstract <i class=\"fa fa-caret-down\"></i></a>\n  \n\n  \n  &nbsp;\n  <span class=\"bibbase_stats_paper\" style=\"color: #777;\">\n    <span>21 downloads</span>\n  </span>\n  \n\n  <!-- <a class=\"bibbase read link hidden\" -->\n  <!--    href=\"javascript:toggleRead('fasano-ballo-muench-leek-bulekov-dolangavitt-egele-francillon-etal-sokenablingsecurityanalysesofembeddedsystemsviarehosting-2021')\" -->\n  <!--    title=\"Marking this paper as read adds it to your library on BibBase.\" -->\n  <!--    > -->\n  <!--   <i class=\"fa fa-check\"></i>&nbsp; -->\n  <!--   <span>mark as read</span> -->\n  <!-- </a> -->\n\n  &nbsp;\n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n\n</span>\n\n<div class=\"well well-small bibbase\" data-type=\"bibtex\"\n     style=\"display:none\">\n  <pre style=\"white-space: pre-wrap;\">@inproceedings{fasano_sok_2021,\n\ttitle = {{SoK}: {Enabling} {Security} {Analyses} of {Embedded} {Systems} via {Rehosting}},\n\turl = {https://dl.acm.org/doi/pdf/10.1145/3433210.3453093},\n\tdoi = {10.1145/3433210.3453093},\n\tabstract = {Closely monitoring the behavior of a software system during its execution enables developers and analysts to observe, and ultimately understand, how it works. This kind of dynamic analysis can be instrumental to reverse engineering, vulnerability discovery, exploit development, and debugging. While these analyses are typically well-supported for homogeneous desktop platforms (e.g., x86 desktop PCs), they can rarely be applied in the heterogeneous world of embedded systems. One approach to enable dynamic analyses of embedded systems is to move software stacks from physical systems into virtual environments that sufficiently model hardware behavior. This process which we call &quot;rehosting&quot; poses a significant research challenge with major implications for security analyses. Although rehosting has traditionally been an unscientific and ad-hoc endeavor undertaken by domain experts with varying time and resources at their disposal, researchers are beginning to address rehosting challenges systematically and in earnest. In this paper, we establish that emulation is insufficient to conduct large-scale dynamic analysis of real-world hardware systems and present rehosting as a firmware-centric alternative. Furthermore, we taxonomize preliminary rehosting efforts, identify the fundamental components of the rehosting process, and propose directions for future research.},\n\tbooktitle = {{ASIACCS}},\n\tauthor = {Fasano, Andrew and Ballo, Tiemoko and Muench, Marius and Leek, Tim and Bulekov, Alexander and Dolan-Gavitt, Brendan and Egele, Manuel and Francillon, Aurélien and Lu, Long and Gregory, Nick and Balzarotti, Davide and Robertson, William},\n\tmonth = may,\n\tyear = {2021},\n\tkeywords = {class\\_binary, dynamic program analysis, embedded systems, emulation, firmware security, internet of things, proj\\_intersect, proj\\_tropics, rehosting, type\\_conf, type\\_paper, type\\_top, virtualization},\n}\n</pre>\n</div>\n\n\n<div class=\"well well-small bibbase\" data-type=\"abstract\"\n     style=\"display:none\">\n  Closely monitoring the behavior of a software system during its execution enables developers and analysts to observe, and ultimately understand, how it works. This kind of dynamic analysis can be instrumental to reverse engineering, vulnerability discovery, exploit development, and debugging. While these analyses are typically well-supported for homogeneous desktop platforms (e.g., x86 desktop PCs), they can rarely be applied in the heterogeneous world of embedded systems. One approach to enable dynamic analyses of embedded systems is to move software stacks from physical systems into virtual environments that sufficiently model hardware behavior. This process which we call \"rehosting\" poses a significant research challenge with major implications for security analyses. Although rehosting has traditionally been an unscientific and ad-hoc endeavor undertaken by domain experts with varying time and resources at their disposal, researchers are beginning to address rehosting challenges systematically and in earnest. In this paper, we establish that emulation is insufficient to conduct large-scale dynamic analysis of real-world hardware systems and present rehosting as a firmware-centric alternative. Furthermore, we taxonomize preliminary rehosting efforts, identify the fundamental components of the rehosting process, and propose directions for future research.\n</div>\n\n\n</div>\n\n\n\n\n\n    </div>\n  </div>\n\n\n\n\n  </div>\n\n\n  <!-- Modal -->\n\n  <!-- <iframe id=\"bibbase_network_frame\" -->\n  <!--         src=\"//bibbase.org/network/control\" -->\n  <!--         style=\"display: none;\"> -->\n  <!-- </iframe> -->\n\n</div>\n"}; document.write(bibbase_data.data);