If you made any changes in Pure these will be visible here soon.

Research Output 2016 2019

  • 13 Conference contribution
  • 6 Article
2019

JavaScript Template Attacks: Automatically Inferring Host Information for Targeted Exploits

Schwarz, M., Lackner, F. & Gruss, D. 24 Feb 2019 NDSS.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Spectre Attacks: Exploiting Speculative Execution

Kocher, P., Horn, J., Fogh, A., Genkin, D., Gruss, D., Haas, W., Hamburg, M., Lipp, M., Mangard, S., Prescher, T., Schwarz, M. & Yarom, Y. 20 May 2019 40th IEEE Symposium on Security and Privacy.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

2018

Another Flip in the Wall of Rowhammer Defenses

Gruss, D., Lipp, M., Schwarz, M., Genkin, D., Juffinger, J., O'Connell, S., Schoechl, W. & Yarom, Y. 31 Jan 2018 39th IEEE Symposium on Security and Privacy 2018.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Open Access
File

A Systematic Evaluation of Transient Execution Attacks and Defenses

Canella, C., Bulck, J. V., Schwarz, M., Lipp, M., Berg, B. V., Ortner, P., Piessens, F., Evtyushkin, D. & Gruss, D. 13 Nov 2018 In : arXiv.org e-Print archive.

Research output: Contribution to journalArticle

File
Core meltdown
Firmware
Program processors
Acoustic waves
Industry

Automated Detection, Exploitation, and Elimination of Double-Fetch Bugs using Modern CPU Features

Schwarz, M., Gruss, D., Lipp, M., Maurice, C., Schuster, T., Fogh, A. & Mangard, S. 4 Jun 2018 AsiaCCS' 18, Proceedings of the 2018 on Asia Conference on Computer and Communications Security . New York, NY: Association of Computing Machinery, p. 587-600

Research output: Chapter in Book/Report/Conference proceedingConference contribution

JavaScript Zero: Real JavaScript and Zero Side-Channel Attacks

Schwarz, M., Lipp, M. & Gruss, D. 18 Feb 2018 Network and Distributed System Security Symposium 2018. p. 15

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Open Access
File
Websites
Web browsers
World Wide Web
Interfaces (computer)
Hardware

KeyDrown: Eliminating Software-Based Keystroke Timing Side-Channel Attacks

Schwarz, M., Lipp, M., Gruss, D., Weiser, S., Maurice, C. L. N., Spreitzer, R. & Mangard, S. 18 Feb 2018 Network and Distributed System Security Symposium 2018. p. 15

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Open Access
File
Smartphones
Websites
Side channel attack
Processing
Android (operating system)

Meltdown

Lipp, M., Schwarz, M., Gruss, D., Prescher, T., Haas, W., Mangard, S., Kocher, P., Genkin, D., Yarom, Y. & Hamburg, M. 3 Jan 2018 In : arXiv.org e-Print archive.

Research output: Contribution to journalArticle

Data storage equipment
Data privacy
Personal computers
Computer systems
Hardware

Meltdown: Reading Kernel Memory from User Space

Lipp, M., Schwarz, M., Gruss, D., Prescher, T., Haas, W., Fogh, A., Horn, J., Mangard, S., Kocher, P., Genkin, D., Yarom, Y. & Hamburg, M. 15 Aug 2018 27th USENIX Security Symposium. p. 973-990 19 p.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Nethammer: Inducing Rowhammer Faults through Network Requests

Lipp, M., Aga, M. T., Schwarz, M., Gruss, D., Maurice, C., Raab, L. & Lamster, L. 13 May 2018 In : arXiv.org e-Print archive. 15 p.

Research output: Contribution to journalArticle

File
Data storage equipment
Dynamic random access storage
Landslides
Mobile phones
Personal computers

NetSpectre: Read Arbitrary Memory over Network

Schwarz, M., Schwarzl, M., Lipp, M. & Gruss, D. 27 Jul 2018 In : arXiv.org e-Print archive.

Research output: Contribution to journalArticle

File

Use-after-FreeMail: Generalizing the use-after-free problem and applying it to email services

Gruss, D., Schwarz, M., Wübbeling, M., Guggi, S., Malderle, T., More, S. & Lipp, M. 29 May 2018 ASIACCS 2018 - Proceedings of the 2018 ACM Asia Conference on Computer and Communications Security. Association of Computing Machinery, p. 297-311 15 p.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Electronic mail
Data storage equipment
Gain control
Chemical analysis
2017

Automated Detection, Exploitation, and Elimination of Double-Fetch Bugs using Modern CPU Features

Schwarz, M., Gruss, D., Lipp, M., Maurice, C., Schuster, T., Fogh, A. & Mangard, S. 3 Nov 2017 In : arXiv.org e-Print archive.

Research output: Contribution to journalArticle

Program processors
Hazards and race conditions
Data storage equipment
Retrofitting
Flow control

Fantastic timers and where to find them: High-resolution microarchitectural attacks in javascript

Schwarz, M., Maurice, C., Gruss, D. & Mangard, S. 1 Jan 2017 Financial Cryptography and Data Security - 21st International Conference, FC 2017, Revised Selected Papers. Springer Verlag Wien, Vol. 10322 LNCS, p. 247-267 21 p. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); vol. 10322 LNCS)

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Open Access
File
JavaScript
Websites
High Resolution
Attack
Dynamic random access storage

KASLR is Dead: Long Live KASLR

Gruss, D., Lipp, M., Schwarz, M., Fellner, R., Maurice, C. & Mangard, S. 2017 Engineering Secure Software and Systems - 9th International Symposium, ESSoS 2017, Proceedings. Springer-Verlag Italia, Vol. 10379 LNCS, p. 161-176 16 p. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); vol. 10379 LNCS)

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Open Access
File
kernel
Hardware
Plant shutdowns
Flow control
Side Channel Attacks

Malware guard extension: Using SGX to conceal cache attacks

Schwarz, M., Weiser, S., Gruss, D., Maurice, C. & Mangard, S. 2017 Detection of Intrusions and Malware, and Vulnerability Assessment - 14th International Conference, DIMVA 2017, 2017. Springer-Verlag Italia, Vol. 10327 LNCS, p. 3-24 22 p. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); vol. 10327 LNCS)

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Open Access
File
Malware
Cache
Physical addresses
Attack
Hardware

Practical Keystroke Timing Attacks in Sandboxed JavaScript

Lipp, M., Gruss, D., Schwarz, M., Bidner, D., Maurice, C. & Mangard, S. 2017 Computer Security – ESORICS 2017 - 22nd European Symposium on Research in Computer Security, Proceedings. Springer-Verlag Italia, Vol. 10493 LNCS, p. 191-209 19 p. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); vol. 10493 LNCS)

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Open Access
File
Timing Attack
JavaScript
Attack
Timing
Websites
2016

DRAMA: Exploiting DRAM Addressing for Cross-CPU Attacks

Peßl, P., Gruss, D., Maurice, C. L. N., Schwarz, M. & Mangard, S. 2016 Proceedings of the 25th USENIX Security Symposium. p. 565-581 18 p.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Open Access
File
Dynamic random access storage
Program processors
Data storage equipment
Cloud computing
Computer hardware

Human Computation for Constraint-based Recommenders

Ulz, T., Schwarz, M., Felfernig, A., Haas, S., Shehadeh, A., Reiterer, S. & Stettinger, M. 31 Dec 2016 In : Journal of Intelligent Information Systems. 1, 1, p. 1-21 21 p., 1

Research output: Contribution to journalArticle