Zobrazeno 1 - 10
of 17
pro vyhledávání: '"Schwarzl, Martin"'
Autor:
Unterguggenberger, Martin, Lamster, Lukas, Schrammel, David, Schwarzl, Martin, Mangard, Stefan
Efficient cloud computing relies on in-process isolation to optimize performance by running workloads within a single process. Without heavy-weight process isolation, memory safety errors pose a significant security threat by allowing an adversary to
Externí odkaz:
http://arxiv.org/abs/2407.10740
Cache template attacks demonstrated automated leakage of user input in shared libraries. However, for large binaries, the runtime is prohibitively high. Other automated approaches focused on cryptographic implementations and media software but are no
Externí odkaz:
http://arxiv.org/abs/2208.02093
Autor:
Naseredini, Amir, Gast, Stefan, Schwarzl, Martin, Bernardo, Pedro Miguel Sousa, Smajic, Amel, Canella, Claudio, Berger, Martin, Gruss, Daniel
In this paper, we analyze the security of programming languages and their execution environments (compilers and interpreters) with respect to Spectre attacks. The analysis shows that only 16 out of 42 execution environments have mitigations against a
Externí odkaz:
http://arxiv.org/abs/2111.12528
Memory utilization can be reduced by merging identical memory blocks into copy-on-write mappings. Previous work showed that this so-called memory deduplication can be exploited in local attacks to break ASLR, spy on other programs,and determine the p
Externí odkaz:
http://arxiv.org/abs/2111.08553
Autor:
Schwarzl, Martin, Borrello, Pietro, Saileshwar, Gururaj, Müller, Hanna, Schwarz, Michael, Gruss, Daniel
Compression algorithms are widely used as they save memory without losing data. However, elimination of redundant symbols and sequences in data leads to a compression side channel. So far, compression attacks have only focused on the compression-rati
Externí odkaz:
http://arxiv.org/abs/2111.08404
Autor:
Schwarzl, Martin, Borrello, Pietro, Kogler, Andreas, Varda, Kenton, Schuster, Thomas, Gruss, Daniel, Schwarz, Michael
In the quest for efficiency and performance, edge-computing providers eliminate isolation boundaries between tenants, such as strict process isolation, and instead let them compute in a more lightweight multi-threaded single-process design. Edge-comp
Externí odkaz:
http://arxiv.org/abs/2110.04751
Since 2016, multiple microarchitectural attacks have exploited an effect that is attributed to prefetching. These works observe that certain user-space operations can fetch kernel addresses into the cache. Fetching user-inaccessible data into the cac
Externí odkaz:
http://arxiv.org/abs/2008.02307
In this paper, we present NetSpectre, a generic remote Spectre variant 1 attack. For this purpose, we demonstrate the first access-driven remote Evict+Reload cache attack over network, leaking 15 bits per hour. Beyond retrofitting existing attacks to
Externí odkaz:
http://arxiv.org/abs/1807.10535
Autor:
Naseredini, Amir, Gast, Stefan, Schwarzl, Martin, Bernardo, Pedro Miguel Sousa, Smajic, Amel, Canella, Claudio, Berger, Martin, Gruss, Daniel
Publikováno v:
Proceedings of the 8th International Conference on Information Systems Security and Privacy.
In this paper, we analyze the security of programming languages and their execution environments (compilers and interpreters) with respect to Spectre attacks. The analysis shows that only 16 out of 42 execution environments have mitigations against a
Autor:
Schwarzl, Martin
In der Europäischen Union gilt für Mitarbeitende ein Mindestanspruch an Urlaub von 4 Wochen. Trotzdem geben in einer Studie des Marktforschungsunternehmens Ipsos (2018) unteranderem durchgeführt in Italien, Spanien und Deutschland nur zirka 60% de
Externí odkaz:
https://explore.openaire.eu/search/publication?articleId=od______3007::0a617ccb999ac389cd2ac80904a9b6a6