Cristiano Giuffrida

Orcid: 0000-0002-8329-5929

Affiliations:
  • Vrije Universiteit Amsterdam, The Netherlands


According to our database1, Cristiano Giuffrida authored at least 121 papers between 2009 and 2024.

Collaborative distances:

Timeline

Legend:

Book 
In proceedings 
Article 
PhD thesis 
Dataset
Other 

Links

Online presence:

On csauthors.net:

Bibliography

2024
InSpectre Gadget: Inspecting the Residual Attack Surface of Cross-privilege Spectre v2.
Proceedings of the 33rd USENIX Security Symposium, 2024

GhostRace: Exploiting and Mitigating Speculative Race Conditions.
Proceedings of the 33rd USENIX Security Symposium, 2024

Practical Data-Only Attack Generation.
Proceedings of the 33rd USENIX Security Symposium, 2024

SafeFetch: Practical Double-Fetch Protection with Kernel-Fetch Caching.
Proceedings of the 33rd USENIX Security Symposium, 2024

Leaky Address Masking: Exploiting Unmasked Spectre Gadgets with Noncanonical Address Translation.
Proceedings of the IEEE Symposium on Security and Privacy, 2024

Sticky Tags: Efficient and Deterministic Spatial Memory Error Mitigation using Persistent Memory Tags.
Proceedings of the IEEE Symposium on Security and Privacy, 2024

Predictive Context-sensitive Fuzzing.
Proceedings of the 31st Annual Network and Distributed System Security Symposium, 2024

2023
Don't Look UB: Exposing Sanitizer-Eliding Compiler Optimizations.
Proc. ACM Program. Lang., 2023

Uncontained: Uncovering Container Confusion in the Linux Kernel.
Proceedings of the 32nd USENIX Security Symposium, 2023

FloatZone: Accelerating Memory Error Detection using the Floating Point Unit.
Proceedings of the 32nd USENIX Security Symposium, 2023

Quarantine: Mitigating Transient Execution Attacks with Physical Domain Isolation.
Proceedings of the 26th International Symposium on Research in Attacks, 2023

Let Me Unwind That For You: Exceptions to Backward-Edge Protection.
Proceedings of the 30th Annual Network and Distributed System Security Symposium, 2023

Copy-on-Flip: Hardening ECC Memory Against Rowhammer Attacks.
Proceedings of the 30th Annual Network and Distributed System Security Symposium, 2023

Enviral: Fuzzing the Environment for Evasive Malware Analysis.
Proceedings of the 16th European Workshop on System Security, 2023

Triereme: Speeding up hybrid fuzzing through efficient query scheduling.
Proceedings of the Annual Computer Security Applications Conference, 2023

2022
TLB;DR: Enhancing TLB-based Attacks with TLB Desynchronized Reverse Engineering.
Proceedings of the 31st USENIX Security Symposium, 2022

Branch History Injection: On the Effectiveness of Hardware Mitigations Against Cross-Privilege Spectre-v2 Attacks.
Proceedings of the 31st USENIX Security Symposium, 2022

Mitigating Information Leakage Vulnerabilities with Type-based Data Isolation.
Proceedings of the 43rd IEEE Symposium on Security and Privacy, 2022

Kasper: Scanning for Generalized Transient Execution Gadgets in the Linux Kernel.
Proceedings of the 29th Annual Network and Distributed System Security Symposium, 2022

DUPEFS: Leaking Data Over the Network With Filesystem Deduplication Side Channels.
Proceedings of the 20th USENIX Conference on File and Storage Technologies, 2022

On the effectiveness of same-domain memory deduplication.
Proceedings of the EuroSec@EUROSYS 2022: Proceedings of the 15th European Workshop on Systems Security, 2022

DangZero: Efficient Use-After-Free Detection via Direct Page Table Access.
Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security, 2022

Snappy: Efficient Fuzzing with Adaptive and Mutable Snapshots.
Proceedings of the Annual Computer Security Applications Conference, 2022

2021
SMASH: Synchronized Many-sided Rowhammer Attacks from JavaScript.
Proceedings of the 30th USENIX Security Symposium, 2021

Rage Against the Machine Clear: A Systematic Analysis of Machine Clears and Their Implications for Transient Execution Attacks.
Proceedings of the 30th USENIX Security Symposium, 2021

CrossTalk: Speculative Data Leaks Across Cores Are Real.
Proceedings of the 42nd IEEE Symposium on Security and Privacy, 2021

LeanSym: Efficient Hybrid Fuzzing Through Conservative Constraint Debloating.
Proceedings of the RAID '21: 24th International Symposium on Research in Attacks, 2021

CollabFuzz: A Framework for Collaborative Fuzzing.
Proceedings of the EuroSec '21: Proceedings of the 14th European Workshop on Systems Security, 2021

FIRestarter: Practical Software Crash Recovery with Targeted Library-level Fault Injection.
Proceedings of the 51st Annual IEEE/IFIP International Conference on Dependable Systems and Networks, 2021

Constantine: Automatic Side-Channel Resistance Using Efficient Control and Data Flow Linearization.
Proceedings of the CCS '21: 2021 ACM SIGSAC Conference on Computer and Communications Security, Virtual Event, Republic of Korea, November 15, 2021

Who's debugging the debuggers? exposing debug information bugs in optimized binaries.
Proceedings of the ASPLOS '21: 26th ACM International Conference on Architectural Support for Programming Languages and Operating Systems, 2021

PIBE: practical kernel control-flow hardening with profile-guided indirect branch elimination.
Proceedings of the ASPLOS '21: 26th ACM International Conference on Architectural Support for Programming Languages and Operating Systems, 2021

2020
Benchmarking Flaws Undermine Security Research.
IEEE Secur. Priv., 2020

Who is Debugging the Debuggers? Exposing Debug Information Bugs in Optimized Binaries.
CoRR, 2020

ParmeSan: Sanitizer-guided Greybox Fuzzing.
Proceedings of the 29th USENIX Security Symposium, 2020

: Practical Cache Attacks from the Network.
Proceedings of the 2020 IEEE Symposium on Security and Privacy, 2020

TRRespass: Exploiting the Many Sides of Target Row Refresh.
Proceedings of the 2020 IEEE Symposium on Security and Privacy, 2020

ABSynthe: Automatic Blackbox Side-channel Synthesis on Commodity Microarchitectures.
Proceedings of the 27th Annual Network and Distributed System Security Symposium, 2020

BinRec: dynamic binary lifting and recompilation.
Proceedings of the EuroSys '20: Fifteenth EuroSys Conference 2020, 2020

TagBleed: Breaking KASLR on the Isolated Kernel Address Space using Tagged TLBs.
Proceedings of the IEEE European Symposium on Security and Privacy, 2020

Speculative Probing: Hacking Blind in the Spectre Era.
Proceedings of the CCS '20: 2020 ACM SIGSAC Conference on Computer and Communications Security, 2020

Cupid : Automatic Fuzzer Selection for Collaborative Fuzzing.
Proceedings of the ACSAC '20: Annual Computer Security Applications Conference, 2020

2019
Are all citations worth the same? Valuing citations by the value of the citing items.
J. Informetrics, 2019

Terminal Brain Damage: Exposing the Graceless Degradation in Deep Neural Networks Under Hardware Fault Attacks.
Proceedings of the 28th USENIX Security Symposium, 2019

RIDL: Rogue In-Flight Data Load.
Proceedings of the 2019 IEEE Symposium on Security and Privacy, 2019

Exploiting Correcting Codes: On the Effectiveness of ECC Memory Against Rowhammer Attacks.
Proceedings of the 2019 IEEE Symposium on Security and Privacy, 2019

SoK: Benchmarking Flaws in Systems Security.
Proceedings of the IEEE European Symposium on Security and Privacy, 2019

kMVX: Detecting Kernel Information Leaks with Multi-variant Execution.
Proceedings of the Twenty-Fourth International Conference on Architectural Support for Programming Languages and Operating Systems, 2019

ProbeGuard: Mitigating Probing Attacks Through Reactive Program Transformations.
Proceedings of the Twenty-Fourth International Conference on Architectural Support for Programming Languages and Operating Systems, 2019

VPS: excavating high-level C++ constructs from low-level binaries to protect dynamic dispatching.
Proceedings of the 35th Annual Computer Security Applications Conference, 2019

2018
Do all citations value the same? Valuing citations by the value of the citing items.
CoRR, 2018

Benchmarking Crimes: An Emerging Threat in Systems Security.
CoRR, 2018

Malicious Management Unit: Why Stopping Cache Attacks in Software is Harder Than You Think.
Proceedings of the 27th USENIX Security Symposium, 2018

Translation Leak-aside Buffer: Defeating Cache Side-channel Protections with TLB Attacks.
Proceedings of the 27th USENIX Security Symposium, 2018

Throwhammer: Rowhammer Attacks over the Network and Defenses.
Proceedings of the 2018 USENIX Annual Technical Conference, 2018

Grand Pwning Unit: Accelerating Microarchitectural Attacks with the GPU.
Proceedings of the 2018 IEEE Symposium on Security and Privacy, 2018

Defeating Software Mitigations Against Rowhammer: A Surgical Precision Hammer.
Proceedings of the Research in Attacks, Intrusions, and Defenses, 2018

On the Effectiveness of Code Normalization for Function Identification.
Proceedings of the 23rd IEEE Pacific Rim International Symposium on Dependable Computing, 2018

ZebRAM: Comprehensive and Compatible Software Protection Against Rowhammer Attacks.
Proceedings of the 13th USENIX Symposium on Operating Systems Design and Implementation, 2018

BinRec: Attack Surface Reduction Through Dynamic Binary Recovery.
Proceedings of the 2018 Workshop on Forming an Ecosystem Around Software Transformation, 2018

Towards Automated Vulnerability Scanning of Network Servers.
Proceedings of the 11th European Workshop on Systems Security, 2018

Delta pointers: buffer overflow checks without the checks.
Proceedings of the Thirteenth EuroSys Conference, 2018

Position-Independent Code Reuse: On the Effectiveness of ASLR in the Absence of Information Disclosure.
Proceedings of the 2018 IEEE European Symposium on Security and Privacy, 2018

Type-After-Type: Practical and Complete Type-Safe Memory Reuse.
Proceedings of the 34th Annual Computer Security Applications Conference, 2018

TIFF: Using Input Type Inference To Improve Fuzzing.
Proceedings of the 34th Annual Computer Security Applications Conference, 2018

2017
Automating Live Update for Generic Server Programs.
IEEE Trans. Software Eng., 2017

Secure Page Fusion with VUsion: https: //www.vusec.net/projects/VUsion.
Proceedings of the 26th Symposium on Operating Systems Principles, 2017

MARX: Uncovering Class Hierarchies in C++ Programs.
Proceedings of the 24th Annual Network and Distributed System Security Symposium, 2017

Safelnit: Comprehensive and Practical Mitigation of Uninitialized Read Vulnerabilities.
Proceedings of the 24th Annual Network and Distributed System Security Symposium, 2017

ASLR on the Line: Practical Cache Attacks on the MMU.
Proceedings of the 24th Annual Network and Distributed System Security Symposium, 2017

VUzzer: Application-aware Evolutionary Fuzzing.
Proceedings of the 24th Annual Network and Distributed System Security Symposium, 2017

DangSan: Scalable Use-after-free Detection.
Proceedings of the Twelfth European Conference on Computer Systems, 2017

No Need to Hide: Protecting Safe Regions on Commodity Hardware.
Proceedings of the Twelfth European Conference on Computer Systems, 2017

CodeArmor: Virtualizing the Code Space to Counter Disclosure Attacks.
Proceedings of the 2017 IEEE European Symposium on Security and Privacy, 2017

RevAnC: A Framework for Reverse Engineering Hardware Page Table Caches.
Proceedings of the 10th European Workshop on Systems Security, 2017

Fast and Generic Metadata Management with Mid-Fat Pointers.
Proceedings of the 10th European Workshop on Systems Security, 2017

Secure Hardware-Software Architectures for Robust Computing Systems - SHARCS.
Proceedings of the European Project Space on Networks, 2017

Towards Automated Discovery of Crash-Resistant Primitives in Binary Executables.
Proceedings of the 47th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, 2017

The Dynamics of Innocent Flesh on the Bone: Code Reuse Ten Years Later.
Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, 2017

2016
Finding fault with fault injection: an empirical exploration of distortion in fault injection experiments.
Softw. Qual. J., 2016

Binary Rejuvenation: Applications and Challenges.
IEEE Secur. Priv., 2016

Flip Feng Shui: Hammering a Needle in the Software Stack.
Proceedings of the 25th USENIX Security Symposium, 2016

Poking Holes in Information Hiding.
Proceedings of the 25th USENIX Security Symposium, 2016

Undermining Information Hiding (and What to Do about It).
Proceedings of the 25th USENIX Security Symposium, 2016

A Tough Call: Mitigating Advanced Code-Reuse Attacks at the Binary Level.
Proceedings of the IEEE Symposium on Security and Privacy, 2016

Dedup Est Machina: Memory Deduplication as an Advanced Exploitation Vector.
Proceedings of the IEEE Symposium on Security and Privacy, 2016

Slick: an intrusion detection system for virtualized storage devices.
Proceedings of the 31st Annual ACM Symposium on Applied Computing, 2016

Peeking into the Past: Efficient Checkpoint-Assisted Time-Traveling Debugging.
Proceedings of the 27th IEEE International Symposium on Software Reliability Engineering, 2016

METAlloc: efficient and comprehensive metadata management for software security hardening.
Proceedings of the 9th European Workshop on System Security, 2016

Secure and Efficient Multi-Variant Execution Using Hardware-Assisted Process Virtualization.
Proceedings of the 46th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, 2016

OSIRIS: Efficient and Consistent Recovery of Compartmentalized Operating Systems.
Proceedings of the 46th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, 2016

A NEaT Design for Reliable and Scalable Network Stacks.
Proceedings of the 12th International on Conference on emerging Networking EXperiments and Technologies, 2016

On the Effectiveness of Sensor-enhanced Keystroke Dynamics Against Statistical Attacks.
Proceedings of the Sixth ACM on Conference on Data and Application Security and Privacy, 2016

Drammer: Deterministic Rowhammer Attacks on Mobile Platforms.
Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, 2016

TypeSan: Practical Type Confusion Detection.
Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, 2016

VTPin: practical VTable hijacking protection for binaries.
Proceedings of the 32nd Annual Conference on Computer Security Applications, 2016

2015
StackArmor: Comprehensive Protection From Stack-based Memory Error Vulnerabilities for Binaries.
Proceedings of the 22nd Annual Network and Distributed System Security Symposium, 2015

Speculative Memory Checkpointing.
Proceedings of the 16th Annual Middleware Conference, Vancouver, BC, Canada, December 07, 2015

A Methodology to Efficiently Compare Operating System Stability.
Proceedings of the 16th IEEE International Symposium on High Assurance Systems Engineering, 2015

Secure Hardware-Software Architectures for Robust Computing Systems.
Proceedings of the E-Democracy - Citizen Rights in the World of the New Computing Paradigms, 2015

Lightweight Memory Checkpointing.
Proceedings of the 45th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, 2015

Practical Context-Sensitive CFI.
Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, 2015

2014
Techniques for efficient in-memory checkpointing.
ACM SIGOPS Oper. Syst. Rev., 2014

Mutable checkpoint-restart: automating live update for generic server programs.
Proceedings of the 15th International Middleware Conference, 2014

Evaluating Distortion in Fault Injection Experiments.
Proceedings of the 15th International IEEE Symposium on High-Assurance Systems Engineering, 2014

On the Soundness of Silence: Investigating Silent Failures Using Fault Injection Experiments.
Proceedings of the 2014 Tenth European Dependable Computing Conference, 2014

I Sensed It Was You: Authenticating Mobile Users with Sensor-Enhanced Keystroke Dynamics.
Proceedings of the Detection of Intrusions and Malware, and Vulnerability Assessment, 2014

2013
Unprivileged Black-Box Detection of User-Space Keyloggers.
IEEE Trans. Dependable Secur. Comput., 2013

EDFI: A Dependable Fault Injection Tool for Dependability Benchmarking Experiments.
Proceedings of the IEEE 19th Pacific Rim International Symposium on Dependable Computing, 2013

Back to the Future: Fault-tolerant Live Update with Time-traveling State Transfer.
Proceedings of the Lucky LISA: Proceedings of the 27th Large Installation System Administration Conference, 2013

Practical automated vulnerability monitoring using program state invariants.
Proceedings of the 2013 43rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), 2013

Safe and automatic live update for operating systems.
Proceedings of the Architectural Support for Programming Languages and Operating Systems, 2013

2012
Enhanced Operating System Security Through Efficient and Fine-grained Address Space Randomization.
Proceedings of the 21th USENIX Security Symposium, Bellevue, WA, USA, August 8-10, 2012, 2012

Safe and automated state transfer for secure and reliable live update.
Proceedings of the 4th International Workshop on Hot Topics in Software Upgrades, 2012

Memoirs of a browser: a cross-browser detection model for privacy-breaching extensions.
Proceedings of the 7th ACM Symposium on Information, Compuer and Communications Security, 2012

2011
A heuristic approach to author name disambiguation in bibliometrics databases for large-scale research assessments.
J. Assoc. Inf. Sci. Technol., 2011

KLIMAX: Profiling Memory Write Patterns to Detect Keystroke-Harvesting Malware.
Proceedings of the Recent Advances in Intrusion Detection - 14th International Symposium, 2011

2010
MINIX 3: Status Report and Current Research.
login Usenix Mag., 2010

Bait Your Hook: A Novel Detection Technique for Keyloggers.
Proceedings of the Recent Advances in Intrusion Detection, 13th International Symposium, 2010

We Crashed, Now What?
Proceedings of the Sixth Workshop on Hot Topics in System Dependability, 2010

2009
Cooperative Update: A New Model for Dependable Live Update.
Proceedings of the 2nd ACM Workshop on Hot Topics in Software Upgrades, 2009


  Loading...