Our main research goal is the construction of reliable and secure computing systems. To this end, our research often touches on all layers of the computing stack, from software, all the way down to hardware. We use novel analysis techniques to better understand the attack surface of modern systems and when appropriate, we build systems that can withstand different classes of attacks. We regularly publish our results at top computer architecture, systems and security conferences, and our work ...| comsec.ethz.ch
DRAM Security| comsec.ethz.ch
In our research we explore whether it is possible to compromise confidentiality and integrity of computation on modern microarchitectures. Some examples of our research shows that different active microarchitectural elements (such as Page Table Walkers) can leak sensitive information and certain microarchitectural buffers, deep inside a CPU pipeline, are vulnerable to speculative execution attacks.| comsec.ethz.ch
Branch Privilege Injection (CVE-2024-45332) brings back the full might of branch target injection attacks (Spectre-BTI) on Intel. Intel’s hardware mitigations against these types of attacks have held their ground for almost 6 years. In our work, we demonstrate how these mitigations can be broken due to a race condition in Intel CPUs.| comsec.ethz.ch