We present Rogue In-flight Data Load (RIDL), a new class of speculative unprivileged and
constrained attacks to leak arbitrary data across address spaces and privilege boundaries (eg…

Recent work shows that the Rowhammer hardware bug can be used to craft powerful attacks
and completely subvert a system. However, existing efforts either describe probabilistic (…

In IaaS clouds, VM startup times are frequently perceived as slow, negatively impacting both
dynamic scaling of web applications and the startup of high-performance computing …

Recent transient execution attacks have demonstrated that attackers may leak sensitive
information across security boundaries on a shared CPU core. Up until now, it seemed possible …

To stop side channel attacks on CPU caches that have allowed attackers to leak secret
information and break basic security mechanisms, the security community has developed a …

Address space layout randomization (ASLR) is an important first line of defense against
memory corruption attacks and a building block for many modern countermeasures. Existing …

We introduce Flip Feng Shui (FFS), a new exploitation vector which allows an attacker to
induce bit flips over arbitrary physical memory in a fully controlled way. FFS relies on hardware …

Memory deduplication, a well-known technique to reduce the memory footprint across
virtual machines, is now also a default-on feature inside the Windows 8.1 and Windows 10 …

After a plethora of high-profile RowHammer attacks, CPU and DRAM vendors scrambled to
deliver what was meant to be the definitive hardware solution against the RowHammer …

Given the increasing impact of Rowhammer, and the dearth of adequate other hardware
defenses, many in the security community have pinned their hopes on error-correcting code (…