PhD Student
Usenix Security Symposium (USENIX-Security)
InstrSem: Automatically and Generically Inferring Semantics of (Undocumented) CPU Instructions
IEEE Symposium on Security and Privacy (S&P)
RISCy Cache Coherence: Timer-Free Architectural Cache Attacks via Instruction/Data Cache Incoherence
IEEE Symposium on Security and Privacy (S&P)
TREVEX: A Black-Box Detection Framework For Data-Flow Transient Execution Vulnerabilities
Usenix Security Symposium (USENIX-Security)
StackWarp: Breaking AMD SEV-SNP Integrity via Deterministic Stack-Pointer Manipulation through the CPU’s Stack Engine
ACM Conference on Computer and Communications Security (CCS)
RISCover: Automatic Discovery of User-exploitable Architectural Security Vulnerabilities in Closed-Source RISC-V CPUs
ACM Conference on Computer and Communications Security (CCS)
ExfilState: Automated Discovery of Timer-Free Cache Side Channels on ARM CPUs
IEEE Symposium on Security and Privacy (S&P)
Rapid Reversing of Non-Linear CPU Cache Slice Functions: Unlocking Physical Address Leakage
International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS)
ShadowLoad: Injecting State into Hardware Prefetchers
European Symposium on Research in Computer Security (ESORICS)
A Rowhammer Reproduction Study Using the Blacksmith Fuzzer
European Symposium on Research in Computer Security (ESORICS)