This year, VUSec had 2 papers accepted at USENIX Security ’18: Malicious Management Unit (how to use the MMU to mount indirect cache attacks and bypass software-based defenses) and TLBleed (how to mount TLB side-channel attacks across threads and leak fine-grained information).
This year, VUSec had 4 papers accepted at NDSS ’17: AnC (a new side-channel-based ASLR bypass), SafeInit (efficient protection against uninitialized reads), a new evolutionary fuzzer (AFL on steroids), and Marx (uncovering class hierarchies in C++ programs, with @thorstenholz’s group at @ruhrunibochum).
This year, VUSec had 2 papers accepted at EuroS&P ’17: Nucleus (compiler-agnostic function detection) and CodeArmor (how to efficiently re-randomize code every few microseconds).
This year, VUSec had 2 papers accepted at CCS: Drammer (Deterministic Rowhammer attacks) and TypeSan (a practical type confusion detector).
This year, VUSec presented 3 papers at DSN. (1) OSIRIS (efficient and consistent whole-OS crash recovery), (2) HSFI (scalable and representative fault injection), (3) MvArmor (secure and efficient MVX with Dune). All the code is open source. Check it out at https://github.com/vusec. OSIRIS was selected for the Best paper session.
Enes and Victor are presenting TypeArmor, our new strict binary-level Control-Flow Integrity (CFI) and Control-Flow Containment (CFC) solution to mitigate advanced code-reuse attacks.