Conference Program

All submissions were peer-reviewed: double-blind for paper submissions, single or double-blind for other submissions. Below is the program with all accepted submissions.

Wednesday, February 19

09:00 to 09:10

Chair's welcome to µASC'25

09:15 to 09:55

Session 1: Rowhammer 1 (chair: Jo Van Bulck)

REFault: A Fault Injection Platform for Rowhammer Research on DDR5 Memory
Paper by Stefan Gloor, Patrick Jattke, Kaveh Razavi (ETH Zurich)

Flipper: Rowhammer on Steroids
Paper by Martin Heckel, Florian Adamsky (Hof University of Applied Sciences, Institute of Information Systems (iisys))

10:05 to 11:05

Session 2: Rowhammer 2 (chair: Michael Schwarz)

BadRAM: Practical Memory Aliasing Attacks on Trusted Execution Environments
Talk by Jesse De Meulemeester (KU Leuven); Luca Wilke (University of Lübeck); David Oswald (University of Birmingham, UK); Thomas Eisenbarth (University of Lübeck); Ingrid Verbauwhede (KU Leuven); Jo Van Bulck (DistriNet, KU Leuven)

GlueZilla: Efficient and Scalable Software to Hardware Binding using Rowhammer
Talk by Ruben Mechelinck (DistriNet, KU Leuven); Daniel Dorfmeister (Software Competence Center Hagenberg); Bernhard Fischer (Software Competence Center Hagenberg GmbH (SCCH)); Stefan Brunthaler (μCSRL, CODE Research Institute, University of the Bundeswehr Munich); Stijn Volckaert (DistriNet, KU Leuven)

An Analysis of HMB-based SSD Rowhammer
Paper by Jonas Juffinger (Graz University of Technology)

11:15 to 11:55

Session 3: CPU Side Channels (chair: Thomas Eisenbarth)

PortPrint: Identifying Inaccessible Code with Port Contention
Talk by Tristan Hornetz, Michael Schwarz (CISPA Helmholtz Center for Information Security)

Reverse-Engineering the Address Translation Caches
Paper by Philipp Ertmer, Robert Dumitru, Yuval Yarom (Ruhr University Bochum)

11:55 to 13:00

Lunch

13:00 to 13:40

Session 4: Data Cache Side Channels (chair: Yossi Oren)

Stealing Cryptographic Keys with Weird Gates
Talk by Eyal Ronen (Tel Aviv University); Chitchanok Chuengsatiansup (The University of Klagenfurt); Yuval Yarom (Ruhr University Bochum)

Hidden in Plain Sight: Scriptless Microarchitectural Attacks via TrueType Font Hinting
Paper by Leon Trampert, Michael Schwarz (CISPA Helmholtz Center for Information Security)

14:00 to 14:40

Session 5: Transient Execution Attacks (chair: Peter Schwabe)

Transient-execution attacks on the CHERI Morello platform
Talk by Jacqueline Henes, Marius Muench, David Oswald (University of Birmingham, UK); Hany Ragab (Vrije Universiteit Amsterdam)

Key recovery on static Kyber based on transient execution attacks
Paper by Diego F. Aranha, Alexander Nørgaard Henriksen, Rasmus Østerskov Gammelgaard, Luccas Ruben J. Constantin-Sukul (Aarhus University)

15:00 to 16:00

Session 6: Defenses (chair: Florian Adamsky)

Countering Memory-Centric Side-Channel Leakage Through Interleaving
Talk by Anna Pätschke (University of Luebeck)

Blurring Enclave Page Accesses in Space and Time with Compile-Time Instrumentation
Talk by Daan Vanoverloop (DistriNet, KU Leuven); Andres Sanchez (EPFL); Victor Bullynck (DistriNet, KU Leuven); Flavio Toffalini (RUB); Frank Piessens (DistriNet, KU Leuven); Mathias Payer (EPFL); Jo Van Bulck (DistriNet, KU Leuven)

Testing CPU Mitigations in Linux
Talk by Jakob Koschel, Alexandra Sandulescu

16:00 to 17:00

Poster Session

EntrySign: Unlocking arbitrary microcode development on modern AMD Zen CPUs
Poster by Kristoffer Janke, Josh Eads, Tavis Ormandy, Matteo Rizzo, Eduardo Vela Nava (Google)

Hardware Security Counters built from micro-architectural signals modeling
Poster by Lucas Georget (LAAS-CNRS / EDF R&D); Vincent Migliore, Vincent Nicomette (LAAS-CNRS); Frédéric Silvi, Arthur Villard (EDF R&D)

Isolating PIM from OS Level Adversaries
Poster by Fabian van Rissenbeck (TU Dortmund); Amit Choudhari, Christian Rossow (CISPA Helmholtz Center for Information Security)

LOCKEDAPART: Faster GPU Fingerprinting Through the Compute API
Poster by Tomer Laor, Yossi Oren (Ben-Gurion University of the Negev)

Systematic Evaluation of Automated Tools for Side-Channel Vulnerability Detection in Cryptographic Libraries
Poster by Antoine Geimer (Univ. Lille, CNRS, Inria); Mathéo Vergnolle, Frédéric Recoules (CEA List, Université Paris-Saclay); Lesly-Ann Daniel (KU Leuven); Sébastien Bardin (CEA List, Université Paris Saclay); Clémentine Maurice (Univ. Lille, CNRS, Inria)

WiP: Secure prefetching on RISC-V
Poster by Jens Sprengers, Marton Bognar, Lesly-Ann Daniel, Frank Piessens (DistriNet, KU Leuven)

17:00 to 19:00

TBD

TBD


Topics of Interest

uASC solicits submissions of high-quality, original scientific papers presenting novel research on microarchitecture security (attacks and defenses). This includes explicitly, papers that provide interesting insights with security implications under limited threat models (e.g., an attack that would be interesting on a trusted-execution environment on platforms that do not have a trusted-execution environment, outdated patch levels, unlikely system configurations) as well as reproducibility studies that provide an independent understanding of prior attacks and defenses.

Papers will be judged on scientific rigor, insights, novelty, correctness, and clarity as well as the clear documentation of limitations. We expect all papers to provide enough details to enable reproducibility of the experimental results.



Call for Papers/Posters/Talks

Important Dates (AoE)

  • Submission: from December 1, 2024 until January 27, 2025 January 28, 2025
  • Notifications are sent out as early as possible - we will try to stay within 2 weeks after submission. All decisions and notifications will be concluded by February 10, 2025.
  • Camera ready deadline: February 17, 2025

Posters

High quality posters enable discussion of recent research results, deep interactions with interested attendees, a peek into ongoing work, and presentation of new crazy ideas. uASC welcomes the submission of posters on preliminary findings, ongoing work, or recently published work. Posters will be presented in a forum where attendees can mingle and interact. Poster submissions may contain an extended abstract of up to two pages in the µASC paper submission format along with a draft of the poster, which will be included in the conference proceedings. If the poster refers to a published paper, it must be referenced. At the conference, we will provide posters stands. Attendees can bring their printed posters up to size A0.

Talks

High quality talks enable discussion of recent open problems from practice and theory, give a peek into ongoing work, or to discuss crazy ideas. uASC welcomes the submission of talks and invites talks to also submit an extended abstract of up to two pages, which will be included in the conference proceedings.

Submissions

Full papers are limited to 20 pages in Springer LNCS format, including bibliography and appendices. Papers that do not follow this format may be rejected without review. All talks (with and without papers) are 20 minutes.

Submission Guidelines

uASC has a double-blind reviewing process for papers. All submitted papers must be appropriately anonymized. Author names and affiliations must be excluded from the paper. Furthermore, authors should avoid obvious self-references, and should cite their own previous work in third person, whenever necessary. Papers that are not properly anonymized risk being rejected without review.

All submitted papers must be original work and may not be under submission to another venue at the time of review. At least one author of each accepted paper is required to physically present the submitted work at the conference, for the paper to be included in the proceedings.

Authors are encouraged to submit code appropriately anonymized, using, e.g., https://anonymous.4open.science/.

Papers can be submitted using https://uasc25.hotcrp.com/.

Poster and talk submissions can be either anonymized or not anonymized.

Ethical considerations

Submissions that describe experiments related to vulnerabilities in software or systems should discuss the steps taken to avoid negatively affecting any third-parties (e.g., in case of probing of network devices), and how the authors plan to responsibly disclose the vulnerabilities to the appropriate software or system vendors or owners before publication.

If you have any questions, please contact the program chairs at pc@uasc.cc.



Committee

Program chair (email: daniel.gruss@iaik.tugraz.at)

Publication chair

General chairs

Steering committee and inaugural program committee



Venue: Ruhr University Bochum

Ruhr University aerial view

uASC will be held at Ruhr University Bochum. Attendees receive the exact conference location (room and directions) via email. You can take the subway ("U-Bahn") U35 to the station "Ruhr-Universität". From the station, it is a 5-10 minute walk to the conference building.


Sponsors


We thank our Sponsors!

Imprint

Medieninhaber, Herausgeber und Verleger

Institute of Information Security Graz University of Technology Inffeldgasse 16a 8010 Graz Austria E-Mail: daniel.gruss@tugraz.at Telephone: +43 316 873 5544 DVR: 008 1833

Editorial

Daniel Gruss

Webmaster

E-Mail: daniel.gruss@tugraz.at

Images

Picture of Ruhr University Bochum © RUB, Marquard

Privacy Policy

1. General Information

This website (uasc.cc) does not collect, store, or process any personal data. It serves as an informational platform for the µASC conference and provides links to external services, such as a Google Form for submissions.

2. External Services

Our website contains links to third-party services (e.g., Google Forms). When you submit data via these external services, their respective privacy policies apply. We recommend reviewing [Google's Privacy Policy](https://policies.google.com/privacy) before submitting any personal data.

3. Server Logs

For security and maintenance purposes, our web hosting provider may log access data (such as IP addresses). However, we do not process, analyze, or use this data beyond what is necessary for ensuring the website's functionality.

4. Cookies and Tracking

This website does not use cookies, analytics, or tracking technologies.

5. Contact

If you have any questions about this privacy policy, please contact us at daniel.gruss@tugraz.at.