中文 English

Author's Latest Posts


PTAuth: Temporal Memory Safety via Robust Points-to Authentication


Authors: Reza Mirzazade Farkhani, Mansour Ahmadi, and Long Lu, Northeastern University Abstract: "Temporal memory corruptions are commonly exploited software vulnerabilities that can lead to powerful attacks. Despite significant progress made by decades of research on mitigation techniques, existing countermeasures fall short due to either limited coverage or overly high overhead. Further... » read more

Database Reconstruction from Noisy Volumes: A Cache Side-Channel Attack on SQLite


Authors: Aria Shahverdi, University of Maryland; Mahammad Shirinov, Bilkent University; Dana Dachman-Soled, University of Maryland Abstract: "We demonstrate the feasibility of database reconstruction under a cache side-channel attack on SQLite. Specifically, we present a Flush+Reload attack on SQLite that obtains approximate (or "noisy") volumes of range queries made to a private database... » read more

SMASH: Synchronized Many-sided Rowhammer Attacks from JavaScript


Authors: Finn de Ridder, ETH Zurich and VU Amsterdam; Pietro Frigo, Emanuele Vannacci, Herbert Bos, and Cristiano Giuffrida, VU Amsterdam; Kaveh Razavi, ETH Zurich Abstract: "Despite their in-DRAM Target Row Refresh (TRR) mitigations, some of the most recent DDR4 modules are still vulnerable to many-sided Rowhammer bit flips. While these bit flips are exploitable from native code, tri... » read more

Automatic Extraction of Secrets from the Transistor Jungle using Laser-Assisted Side-Channel Attacks


Abstract:  "The security of modern electronic devices relies on secret keys stored on secure hardware modules as the root-of-trust (RoT). Extracting those keys would break the security of the entire system. As shown before, sophisticated side-channel analysis (SCA) attacks, using chip failure analysis (FA) techniques, can extract data from on-chip memory cells. However, since the chip's... » read more

On the Design and Misuse of Microcoded (Embedded) Processors — A Cautionary Note


Abstract:  "Today's microprocessors often rely on microcode updates to address issues such as security or functional patches. Unfortunately, microcode update flexibility opens up new attack vectors through malicious microcode alterations. Such attacks share many features with hardware Trojans and have similar devastating consequences for system security. However, due to microcode's opaq... » read more

Usability of Authenticity Checks for Hardware Security Tokens


Abstract:  "The final responsibility to verify whether a newly purchased hardware security token (HST) is authentic and unmodified lies with the end user. However, recently reported attacks on such tokens suggest that users cannot take the security guarantees of their HSTs for granted, even despite widely deployed authenticity checks. We present the first comprehensive market review eva... » read more

Memory Technology: Innovations needed for continued technology scaling and enabling advanced computing systems


Abstract: "An increasing demand for data generation, storage, and intelligence generation from data is driving advances in memory technology and advanced computing applications. Memory performance is starting to define modern day computing in both mobile and server environments. There is an absolute need to continue the tremendous pace of memory technology improvements to deliver performanc... » read more

Dynamic Flash Memory with Dual Gate Surrounding Gate Transistor (SGT)


Abstract: "This paper proposes an ultra-scaled memory device, called `Dynamic Flash Memory (DFM)'. With a dual-gate Surrounding Gate Transistor (SGT), a capacitorless 4F2 cell can be achieved. Similar to DRAM [1], refresh is needed, but high speed block refresh can improve the duty ratio. Analogous to Flash [2], three fundamental operations of “0” Erase, “1” Program, and Read are nee... » read more

Convolutional Compaction-Based MRAM Fault Diagnosis


Abstract: "Spin-transfer torque magnetoresistive random-access memories (STT-MRAMs) are gradually superseding conventional SRAMs as last-level cache in System-on-Chip designs. Their manufacturing process includes trimming a reference resistance in STT-MRAM modules to reliably determine the logic values of 0 and 1 during read operations. Typically, an on-chip trimming routine consists of mult... » read more

MBIST-supported Trim Adjustment to Compensate Thermal Behavior of MRAM


Abstract: "Spin Transfer Torque Magnetic Random Access Memory (STT-MRAM) is one of the most promising candidates to replace conventional embedded memory such as Static RAM and Dynamic RAM. However, due to the small on/off ratio of MRAM cells, process variations may reduce the operating margin of a chip. Reference trimming was suggested as one of the ways to reduce variation impact to the chi... » read more

← Older posts