PhD Student
IEEE Symposium on Security and Privacy (S&P)
TREVEX: A Black-Box Detection Framework For Data-Flow Transient Execution Vulnerabilities
Usenix Security Symposium (USENIX-Security)
StackWarp: Breaking AMD SEV-SNP Integrity via Deterministic Stack-Pointer Manipulation through the CPU’s Stack Engine
ACM Conference on Computer and Communications Security (CCS)
Styled to Steal: The Overlooked Attack Surface in Email Clients
ACM Conference on Computer and Communications Security (CCS)
RISCover: Automatic Discovery of User-exploitable Architectural Security Vulnerabilities in Closed-Source RISC-V CPUs
Usenix Security Symposium (USENIX-Security)
Network and Distributed System Security Symposium (NDSS)
Cascading Spy Sheets: Exploiting the Complexity of Modern CSS for Email and Browser Fingerprinting
Annual Computer Security Applications Conference (ACSAC)
No Leakage Without State Change: Repurposing Configurable CPU Exceptions to Prevent Microarchitectural Attacks
Usenix Security Symposium (USENIX-Security)
CacheWarp: Software-based Fault Injection using Selective State Reset
European Symposium on Research in Computer Security (ESORICS)
European Symposium on Research in Computer Security (ESORICS)