Publications

2025
Cascading Spy Sheets: Exploiting the Complexity of Modern CSS for Email and Browser Fingerprinting

Leon Trampert, Daniel Weber, Lukas Gerlach, Christian Rossow, Michael Schwarz

NDSS

San

Diego,

California,

USA,

February 23-28

2025

PDFCITECODE
2024
No Leakage Without State Change: Repurposing Configurable CPU Exceptions to Prevent Microarchitectural Attacks

Daniel Weber, Leonard Niemann, Lukas Gerlach, Jan Reineke, Michael Schwarz

ACSAC

Waikiki,

Hawaii,

USA,

December 9-13

2024

PDFCITECODE
Switchpoline: A Software Mitigation for Spectre-BTB and Spectre-BHB on ARMv8

Markus Bauer, Lorenz Hetterich, Christian Rossow, Michael Schwarz

ASIACCS

Singapore,

July 1-5

2024

PDFCITECODE
CacheWarp: Software-based Fault Injection using Selective State Reset

Ruiyi Zhang, Lukas Gerlach, Daniel Weber, Lorenz Hetterich, Youheng Lü, Andreas Kogler, Michael Schwarz

USENIX Security

Philadelphia,

PA,

USA,

August 14-16

2024

PDFCITECODEINFO
Efficient and Generic Microarchitectural Hash-Function Recovery

Lukas Gerlach, Simon Schwarz, Nicolas Faroß, Michael Schwarz

S&P

San

Francisco,

California,

USA,

May 20-23

2024

PDFCITECODE
2023
FetchBench: Systematic Identification and Characterization of Proprietary Prefetchers

Till Schlüter, Amit Choudhari, Lorenz Hetterich, Leon Trampert, Hamed Nemati, Ahmad Ibrahim, Michael Schwarz, Christian Rossow, Nils Ole Tippenhauer

CCS

Copenhagen,

Denmark,

November 26-30

2023

PDFCITECODE
Honey, I Cached our Security Tokens - Re-usage of Security Tokens in the Wild

Leon Trampert, Ben Stock, Sebastian Roth

RAID

Hong

Kong,

October 16-18

2023

CITE
Indirect Meltdown: Building Novel Side-Channel Attacks from Transient Execution Attacks

Daniel Weber, Fabian Thomas, Lukas Gerlach, Ruiyi Zhang, Michael Schwarz

ESORICS

The

Hague,

The

Netherlands,

September 25-29

2023

PDFCITECODE
Reviving Meltdown 3a

Daniel Weber, Fabian Thomas, Lukas Gerlach, Ruiyi Zhang, Michael Schwarz

ESORICS

The

Hague,

The

Netherlands,

September 25-29

2023

PDFCITECODE
A Rowhammer Reproduction Study Using the Blacksmith Fuzzer

Lukas Gerlach, Fabian Thomas, Robert Pietsch, Michael Schwarz

ESORICS

The

Hague,

The

Netherlands,

September 25-29

2023

PDFCITE
Collide+Power: Leaking Inaccessible Data with Software-based Power Side Channels

Andreas Kogler, Jonas Juffinger, Lukas Giner, Lukas Gerlach, Martin Schwarzl, Michael Schwarz, Daniel Gruss, Stefan Mangard

USENIX Security

Anaheim,

California,

USA,

August 9-11

2023

PDFCITECODEINFO
Hammulator: Simulate Now - Exploit Later

Fabian Thomas, Lukas Gerlach, Michael Schwarz

DRAMSec

Virtual,

June 17

2023

PDFCITECODE
A Security RISC: Microarchitectural Attacks on Hardware RISC-V CPUs

Lukas Gerlach, Daniel Weber, Ruiyi Zhang, Michael Schwarz

S&P

San

Francisco,

California,

USA,

May 22-25

2023

PDFCITECODE
Practical Timing Side-Channel Attacks on Memory Compression

Martin Schwarzl, Pietro Borrello, Gururaj Saileshwar, Hanna Müller, Michael Schwarz, Daniel Gruss

S&P

San

Francisco,

California,

USA,

May 22-25

2023

PDFCITE
CustomProcessingUnit: Reverse Engineering and Customization of Intel Microcode

Pietro Borrello, Catherine Easdon, Martin Schwarzl, Roland Czerny, Michael Schwarz

WOOT

San

Francisco,

California,

USA,

May 25

2023

PDFCITECODE
(M)WAIT for It: Bridging the Gap between Microarchitectural and Architectural Side Channels

Ruiyi Zhang, Taehyun Kim, Daniel Weber, Michael Schwarz

USENIX Security

Anaheim,

California,

USA,

August 9-11

2023

PDFCITE
TALUS: Reinforcing TEE Confidentiality with Cryptographic Coprocessors

Dhiman Chakraborty, Michael Schwarz, Sven Bugiel

FC

Bol,

Brač,

Croatia,

May 1-5

2023

PDFCITE
2022
ÆPIC Leak: Architecturally Leaking Uninitialized Data from the Microarchitecture

Pietro Borrello, Andreas Kogler, Martin Schwarzl, Moritz Lipp, Daniel Gruss, Michael Schwarz

USENIX Security

Boston,

Massachusetts,

USA,

August 10-12

2022

PDFCITECODEINFO
HyperDbg: Reinventing Hardware-Assisted Debugging

Mohammad Sina Karvandi, MohammadHossein Gholamrezaei, Saleh Khalaj Monfared, Soroush Meghdadizanjani, Behrooz Abbassi, Ali Amini, Reza Mortazavi, Saeid Gorgin, Dara Rahmati, Michael Schwarz

CCS

Los

Angeles,

California,

USA,

November 7-11

2022

PDFCITECODEINFO
Robust and Scalable Process Isolation against Spectre in the Cloud

Martin Schwarzl, Pietro Borrello, Andreas Kogler, Kenton Varda, Thomas Schuster, Michael Schwarz, Daniel Gruss

ESORICS

Copenhagen,

Denmark,

September 26 - 30

2022

PDFCITE
Browser-based CPU Fingerprinting

Leon Trampert, Christian Rossow, Michael Schwarz

ESORICS

Copenhagen,

Denmark,

September 26 - 30

2022

PDFCITECODEINFO
CPU Port Contention Without SMT

Thomas Rokicki, Clémentine Maurice, Michael Schwarz

ESORICS

Copenhagen,

Denmark,

September 26 - 30

2022

PDFCITECODEINFO
Branch Different - Spectre Attacks on Apple Silicon

Lorenz Hetterich, Michael Schwarz

DIMVA

Cagliari,

Italy,

June 29 - July 1

2022

PDFCITECODE
Finding and Exploiting CPU Features using MSR Templating

Andreas Kogler, Daniel Weber, Martin Haubenwallner, Moritz Lipp, Daniel Gruss, Michael Schwarz

S&P

San

Francisco,

California,

USA,

May 23-26

2022

PDFCITECODE
Minefield: A Software-only Protection for SGX Enclaves against DVFS Attacks

Andreas Kogler, Daniel Gruss, Michael Schwarz

USENIX Security

Boston,

Massachusetts,

USA,

August 10-12

2022

PDFCITECODEINFO
AMD Prefetch Attacks through Power and Time

Moritz Lipp, Daniel Gruss, Michael Schwarz

USENIX Security

Boston,

Massachusetts,

USA,

August 10-12

2022

PDFCITECODEINFO
Repurposing Segmentation as a Practical LVI-NULL Mitigation in SGX

Lukas Giner, Andreas Kogler, Claudio Canella, Michael Schwarz, Daniel Gruss

USENIX Security

Boston,

Massachusetts,

USA,

August 10-12

2022

PDFCITECODEINFO
Rapid Prototyping for Microarchitectural Attacks

Catherine Easdon, Michael Schwarz, Martin Schwarzl, Daniel Gruss

USENIX Security

Boston,

Massachusetts,

USA,

August 10-12

2022

PDFCITECODEINFO
2021
Automating Seccomp Filter Generation for Linux Applications

Claudio Canella, Mario Werner, Daniel Gruss, Michael Schwarz

CCSW

Virtual,

November 14

2021

PDFCITECODE
Osiris: Automated Discovery of Microarchitectural Side Channels

Daniel Weber, Ahmad Ibrahim, Hamed Nemati, Michael Schwarz, Christian Rossow

USENIX Security

Virtual,

August 11-13

2021

PDFCITECODEINFO
PLATYPUS: Software-based Power Side-Channel Attacks on x86

Moritz Lipp, Andreas Kogler, David Oswald, Michael Schwarz, Catherine Easdon, Claudio Canella, Daniel Gruss

S&P

Virtual,

May 23-27

2021

PDFCITEINFO
Speculative Dereferencing of Registers: Reviving Foreshadow

Martin Schwarzl, Thomas Schuster, Michael Schwarz, Daniel Gruss

FC

Virtual,

March 1-5

2021

PDFCITE
Specfuscator: Evaluating Branch Removal as a Spectre Mitigation

Martin Schwarzl, Claudio Canella, Daniel Gruss, Michael Schwarz

FC

Virtual,

March 1-5

2021

PDFCITE