Research Outputs

Conference and journal papers

  1. PETS
    Watching your call: Breaking VoLTE Privacy in LTE/5G Networks
    Cheng, Zishuai, Ordean, Mihai, Garcia, Flavio D., Cui, Baojiang, and Rys, Dominik
    Proceedings on Privacy Enhancing Technologies Symposium 2023
  1. Digital Threats 2022
    Faulty Point Unit: ABI Poisoning Attacks on Trusted Execution Environments
    Alder, Fritz, Van Bulck, Jo, Spielman, Jesse, Oswald, David, and Piessens, Frank
    Digital Threats 2022
  2. PETS
    SoK: TEE-assisted confidential smart contract
    Li, Rujia, Wang, Qin, Wang, Qi, Galindo, David, and Ryan, Mark
    Proceedings on Privacy Enhancing Technologies Symposium 2022
  3. CCS
    MetaEmu: An Architecture Agnostic Rehosting Framework for Automotive Firmware
    Chen, Zitai, Thomas, Sam L., and Garcia, Flavio D.
    In Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security 2022
  4. PETS
    A Tale of Four Gates: Privilege Escalation and Permission Bypasses on Android Through App Components
    Aldoseri, Abdulla, Oswald, David, and Chiper, Robert
    In Computer Security – ESORICS 2022: 27th European Symposium on Research in Computer Security, Copenhagen, Denmark, September 26–30, 2022, Proceedings, Part II 2022
  5. CARDIS 2022
    Reveal the Invisible Secret: Chosen-Ciphertext Side-Channel Attacks on NTRU
    Xu, Zhuang, Pemberton, Owen, Oswald, David, and Zheng, Zhiming
    In Proceedings of the 21st Smart Card Research and Advanced Application Conference (CARDIS) 2022 2022
  1. USENIX Security
    VoltPillager: Hardware-based fault injection attacks against Intel SGX Enclaves using the SVID voltage scaling interface
    Chen, Zitai, Vasilakis, Georgios, Murdock, Kit, Dean, Edward, Oswald, David, and Garcia, Flavio D.
    In 30th USENIX Security Symposium (USENIX Security 21) 2021


                                                                  1. CHERITech22
                                                                    CHERI and Trusted Execution Environments
                                                                    Jackson, Jennifer
                                                                    CHERI Technical Workshop 2022 2022
                                                                  2. CARDIS 2022
                                                                    Workshop on the CHERI security features and the ARM Morello prototype implementation
                                                                    Jennifer Jackson, Jacqui Henes, and Oswald, David
                                                                    CARDIS Fall School 2022 2022
                                                                  1. SILM
                                                                    Plundering and Pillaging with Voltage: Software and Hardware-based Fault-injection Attacks against SGX
                                                                    Garcia, Flavio D.
                                                                    3rd edition of workshop on the Security of Software / Hardware Interfaces (SILM 2021). Co-located with EuroS&P. 2021
                                                                    Stealing secrets from Intel vaults, with side channels and voltage faults
                                                                    Oswald, David, and Chen, Zitai
                                                           Webiner 2021


                                                                                                                                  1. Thesis Chapter
                                                                                                                                    CHERI-TrEE: Flexible enclaves on capability machines (Chapter 4 of thesis: Formal Reasoning about Hardware Capability Architectures)
                                                                                                                                    Thomas Van Strydonck, Job Noorman, Leonardo Alves Dias, Jennifer Jackson, Robin Vanderstraeten, David Oswald, Frank Piessens, and Dominique Devriese,
                                                                                                                                  2. GitHub
                                                                                                                                    GitHub Repo: Morello baremetal examples
                                                                                                                                    Jackson, Jennifer
                                                                                                                                  1. CVE
                                                                                                                                    Security issue in the Occlum Rust TEE runtime, which can be used to leak enclave secrets
                                                                                                                                    CVE-2021-44421, 2021
                                                                                                                                  2. GitHub
                                                                                                                                    OpenSource Contribution: Giles and Oswald: buffer overflow vulnerabilities in OpenPLC were reported and fixed
                                                                                                                                    Giles, Lorne, and Oswald, David
                                                                                                                                  1. GitHub
                                                                                                                                    GitHub Repo: CHERI documentation
                                                                                                                                    Jackson, Jennifer, and Oswald, David