Publications
- 2026
-
A Principled Rowhammer Defense-in-Depth
We show that memory bandwidth limiting is a viable band-aid solution for systems vulnerable to Rowhammer.
NDSS, San Diego, CA, USA, February 23–27, 2026 - 2025
-
Attacking and Securing Leaky Systems at the Hardware-Software Boundary PhD Thesis
Assessors: Daniel Gruss, Onur Mutlu
-
The HMB Timing Side Channel: Exploiting the SSD's Host Memory Buffer
We are the first to analyze and exploit the timings side channel of the HMB.
DIMVA, Graz, Austria, July 9–11, 2025 Slides -
Not So Secure TSC
We show that AMD's SecureTSC feature can be used for co-location detection.
ACNS, Munich, Germany, June 23–26, 2025 Slides -
Secret Spilling Drive: Leaking User Behavior through SSD Contention
We show that a contention caused timing side-channel can leak websites visited by a victim with high accuracy.
NDSS, San Diego, CA, USA, February 23–28, 2025 Slides -
An Analysis of HMB-based SSD Rowhammer
We analyse SSDs' host memory buffers, how they react to bit flips and if they could hammer themself.
uASC, Bochum, Germany, February 19, 2025 Slides -
Verifying DRAM Addressing in Software
We verify DRAM addressing functions and compare different reverse engineering tools.
ESORICS, Toulouse, France, September 22–24, 2025 -
TEEcorrelate: An Information-Preserving Defense against Performance-Counter Attacks on TEEs
We show that performance counter values can be securily supplied to the hypervisor.
USENIX Security, Seattle, WA, USA, August 13–15, 2025 -
Fast and Efficient Secure L1 Caches for SMT
We propose a new L1 cache design that isolates different security domains.
ARES, Ghent, Belgium, August 11–14, 2025 -
Real-World Study of the Security of Educational Test Systems
We evaluate the security of test systems from computer science university classes and identify various security issues.
Workshop on Operating Systems and Virtualization Security, Venice, Italy, July 04, 2025 -
KernelSnitch: Side-Channel Attacks on Kernel Data Structures
We are the first to show that side channels in kernel data structures can be exploited to leak kernel heap pointers.
NDSS'25, San Diego, CA, USA, February 23–28, 2025 BH Asia Talk - 2024
-
Presshammer: Rowhammer and Rowpress without Physical Address Information
We compare Rowhammer and Rowpress on various DRAM modules and show the first end-to-end Rowpress exploit.
DIMVA, EPFL in Lausanne, Switzerland, July 17–19, 2024 Slides -
SUIT: Secure Undervolting with Instruction Traps
We developed a system that allows securely undervolting CPUs by trapping faulting instructions.
-
SnailLoad: Remote Network Latency Measurements Leak User Activity
Exploiting bottlenecks present on all Internet connections we infer the current network activity on someone else's Internet connection
USENIX Security, Philadelphia, PA, USA, August 14–16, 2024 Website Github Video CVE-2024-39920 -
JavaSQUIP: Remote Scheduler Contention Attacks
We show the SQUIP side channel from JavaScript without a timer using a microarchitectural bingo race.
FC, Willemstad, Curaçao, March 4–8, 2024 -
IdleLeak: Exploiting Idle State Side Effects for Information Leakage
Using the tpause instruction to detect interrupts, we build a covert-channel and spy on user behavior.
NDSS, San Diego, CA, USA, February 26–March 1, 2024 - 2023
-
CSI:Rowhammer - Cryptographic Security and Integrity against Rowhammer
With a MAC instead of ECC bits we are able to detect all data corruptions in DRAM and correct most.
-
Collide+Power: Leaking Inaccessible Data with Software-based Power Side Channels
By colliding victim with attacker controlled data in the CPU cache we can leak arbitrary data.
USENIX Security, Anaheim, CA, USA, August 9–11, 2023 Website GitHub CVE-2023-20583 -
PT-Guard: - Protected Page Tables to Defend Against Breakthrough Rowhammer Attacks
We store a MAC in unused page table bits to detect and correct corruptions caused by Rowhammer.
IEEE IFIP DSN, Porto, Portugal, June 27–30, 2023 -
SQUIP: Exploiting the Scheduler Queue Contention Side Channel
By measuring contention in AMD execution unit scheduler queues we can leak RSA keys.
S&P, San Francisco, California, USA, May 22–26, 2023 CVE-2021-46778 - 2022
-
Half-Double: Hammering From the Next Row Over
We show a new Rohammer method that exploits a mitigation and build a novel exploit for Chromebooks.
- 2021
-
Master’s Thesis: Rowhammer Exploits are still possible
Using half-double Rowhammer we develop a novel privilege escalation exploit targeting a Chromebook.
Graz University of Technology IAIK, September 21, 2021 - 2018
-
Another Flip in the Wall of Rowhammer Defenses
With a new Rowhammer method and from Intel SGX we show a completely undetectable exploit.
Talks — All Recordings
- 2025
-
The HMB Timing Side Channel
DIMVA, Graz, Austria, July 9–11, 2025Slides -
Not So Secure TSC
ACNS, Munich, Germany, Juni 23–26, 2025 -
An Analysis of HMB-based SSD Rowhammer
uASC, Bochum, Germany, February 19, 2025 - 2024
-
CPU Undervolting Hackathon at PEACHES
PEACHES, Schloss Dagstuhl, Germany, Aug 25–30, 2024 -
Presshammer: Rowhammer and Rowpress without Physical Address Information
DIMVA, EPFL in Lausanne, Switzerland, July 17–19, 2024 -
EDAMAME: Exploiting Drastically Absent Message Authentication for Meals at EPFL
DIMVA, EPFL in Lausanne, Switzerland, July 17–19, 2024 -
SUIT - Secure Undervolting with Instruction Traps
ASPLOS, San Diego, USA, April 27–May 1, 2024 -
Rowhammer - A Never Ending Story?
SpyCoDe Retreat at ISTA, Klosterneuburg, Austria, April 02, 2024 -
CPU Undervolting - Exploits and Potentials / SUIT
Research Seminar at TU Wien, Vienna, Austria, January 22, 2024 - 2023
- 2022
-
Half-Double: Hammering From the Next Row Over
CSAW Applied Research Competition, Valence, France, November 11, 2022 -
CSI:Rowhammer - Können wir Computer gleichzeitig sicherer und effizienter machen?
IKT-SICHERHEITSKONFERENZ, Vienna, Austria, September 14–15, 2022
Reviewing
Reviewer for Usenix Security Artifact Evaluation: Distinguished reviewer award
Reviewer for Transactions on Dependable and Secure Computing
Sub-reviewer for NDSS
Sub-reviewer for Usenix Security
Sub-reviewer for CCS
Sub-reviewer for DRAMSec