Erik is presenting Dedup Est Machina, a cool new attack (abusing memory deduplication and rowhammer) on Microsoft Edge browser with all defenses up — without a single software bug. See also our demo.
Category Archives: publication
TypeArmor presented at Oakland
Enes and Victor are presenting TypeArmor, our new strict binary-level Control-Flow Integrity (CFI) and Control-Flow Containment (CFC) solution to mitigate advanced code-reuse attacks.
4 papers accepted at USENIX Security
This year, VUSec had 4 papers accepted at USENIX Security. (1) flip feng shui (or how to abuse memory deduplication to make Rowhammer attacks deterministic), (2) an in-depth analysis of disassembly, (3) thread spraying to attack information hiding, and (4) a paper that also “pokes holes into information hiding” and demonstrates that using ASLR/64 to hide safe regions is completely insecure.
Dedup presentation accepted at Black Hat USA
Our work on owning Microsoft Edge by a combination of dedup primitives and rowhammer was accepted for presentation at Black Hat USA in July/August 2016.