Hardware is often considered as an abstract layer that behaves correctly, executing instructions and giving an output. However, side effects due to software implementation and its execution on actual hardware can cause information leakage from side channels, resulting in critical vulnerabilities impacting both the security and privacy of these systems.
The MIAOUS project targets in particular information leakage that does not require any physical proximity to devices and that is due to processor microarchitecture, as well as the constructions of novel countermeasures.
The main goal of this project is to propose a generic framework to provide a better understanding of the attack surface for microarchitectural attacks, both on the hardware and on the software side, and the tools to close the attack surface.
DrawnApart: A Device Identification Technique
based on Remote GPU Fingerprinting
Network and Distributed System Security Symposium 2022 (NDSS'22), San Diego, California, USA
6th IEEE European Symposium on Security and Privacy (EuroS&P'21), Vienna, Austria (acceptance rate: 19.4%)
Calibration Done Right: Noiseless Flush+Flush Attacks
18th Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA'21),
Lisbon, Portugal, Online (acceptance rate: 28.8%)
Nethammer: Inducing Rowhammer Faults through Network Requests
Workshop on the Security of Software/Hardware Interfaces (SILM'20, co-located with EuroS&P 2020), Genova, Italy
Take A Way: Exploring the Security Implications of AMD's Cache Way Predictors
15th ACM ASIA Conference on Computer and Communications Security (ASIACCS'20), Taipei, Taiwan (acceptance rate: 21.8%)