Research Outputs

Conference and journal papers

  1. Digital Threats 2022
    Faulty Point Unit: ABI Poisoning Attacks on Trusted Execution Environments
    Alder, Fritz, Van Bulck, Jo, Spielman, Jesse, Oswald, David, and Piessens, Frank
    Digital Threats 2022
  2. PETS
    SoK: TEE-assisted confidential smart contract
    Li, Rujia, Wang, Qin, Wang, Qi, Galindo, David, and Ryan, Mark
    Proceedings on Privacy Enhancing Technologies Symposium 2022
  3. CCS
    MetaEmu: An Architecture Agnostic Rehosting Framework for Automotive Firmware
    Chen, Zitai, Thomas, Sam L., and Garcia, Flavio D.
    In Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security 2022
  4. ESORICS 2022
    A Tale of Four Gates: Privilege Escalation and Permission Bypasses on Android Through App Components
    Aldoseri, Abdulla, Oswald, David, and Chiper, Robert
    In Computer Security – ESORICS 2022: 27th European Symposium on Research in Computer Security, Copenhagen, Denmark, September 26–30, 2022, Proceedings, Part II 2022
  5. CARDIS 2022
    Reveal the Invisible Secret: Chosen-Ciphertext Side-Channel Attacks on NTRU
    Xu, Zhuang, Pemberton, Owen, Oswald, David, and Zheng, Zhiming
    In Proceedings of the 21st Smart Card Research and Advanced Application Conference (CARDIS) 2022 2022
  1. USENIX Security
    VoltPillager: Hardware-based fault injection attacks against Intel SGX Enclaves using the SVID voltage scaling interface
    Chen, Zitai, Vasilakis, Georgios, Murdock, Kit, Dean, Edward, Oswald, David, and Garcia, Flavio D.
    In 30th USENIX Security Symposium (USENIX Security 21) 2021


                                                                1. CHERITech22
                                                                  CHERI and Trusted Execution Environments
                                                                  Jackson, Jennifer
                                                                  CHERI Technical Workshop 2022 2022
                                                                2. CARDIS 2022
                                                                  Workshop on the CHERI security features and the ARM Morello prototype implementation
                                                                  Jennifer Jackson, Jacqui Henes, and Oswald, David
                                                                  CARDIS Fall School 2022 2022
                                                                1. SILM
                                                                  Plundering and Pillaging with Voltage: Software and Hardware-based Fault-injection Attacks against SGX
                                                                  Garcia, Flavio D.
                                                                  3rd edition of workshop on the Security of Software / Hardware Interfaces (SILM 2021). Co-located with EuroS&P. 2021
                                                                  Stealing secrets from Intel vaults, with side channels and voltage faults
                                                                  Oswald, David, and Chen, Zitai
                                                         Webiner 2021


                                                                                                                              1. Thesis Chapter
                                                                                                                                CHERI-TrEE: Flexible enclaves on capability machines (Chapter 4 of thesis: Formal Reasoning about Hardware Capability Architectures)
                                                                                                                                Thomas Van Strydonck, Job Noorman, Leonardo Alves Dias, Jennifer Jackson, Robin Vanderstraeten, David Oswald, Frank Piessens, and Dominique Devriese,
                                                                                                                              2. GitHub
                                                                                                                                GitHub Repo: Morello baremetal examples
                                                                                                                                Jackson, Jennifer
                                                                                                                              1. CVE
                                                                                                                                Security issue in the Occlum Rust TEE runtime, which can be used to leak enclave secrets
                                                                                                                                CVE-2021-44421, 2021
                                                                                                                              2. GitHub
                                                                                                                                OpenSource Contribution: Giles and Oswald: buffer overflow vulnerabilities in OpenPLC were reported and fixed
                                                                                                                                Giles, Lorne, and Oswald, David
                                                                                                                              1. GitHub
                                                                                                                                GitHub Repo: CHERI documentation
                                                                                                                                Jackson, Jennifer, and Oswald, David