Michael Schwarz

misc0110
@misc0110
Google Scholar
michael.schwarz91@gmail.com

I am an infosec Ph.D. student at Graz University of Technology. I am part of the Secure Systems group at the Institute of Applied Information Processing and Communications.
As part of the university's CTF team I frequently participate in CTFs.
During the semester I teach Systems Programming, Operating Systems and Security Aspects in Software Development.

Publications

2019
  Spectre Attacks: Exploiting Speculative Execution
Paul Kocher, Jann Horn, Anders Fogh, Daniel Genkin, Daniel Gruss, Werner Haas, Mike Hamburg, Moritz Lipp, Stefan Mangard, Thomas Prescher, Michael Schwarz, Yuval Yarom
40th IEEE Symposium on Security and Privacy (S&P'19), San Francisco, California, USA, May 20-22, 2019
E-print arXiv:1801.01203, January 2018
Info Wikipedia
2018
  NetSpectre: Read Arbitrary Memory over Network
Michael Schwarz, Martin Schwarzl, Moritz Lipp, Daniel Gruss
arXiv:1807.10535, January 2018
  Meltdown: Reading Kernel Memory from User Space
Moritz Lipp, Michael Schwarz, Daniel Gruss, Thomas Prescher, Werner Haas, Anders Fogh, Jann Horn, Stefan Mangard, Paul Kocher, Daniel Genkin, Yuval Yarom, Mike Hamburg
27th USENIX Security Symposium, Baltimore, Maryland, USA, August 15-17, 2018
E-print arXiv:1801.01207, January 2018
Info Wikipedia GitHub
  Automated Detection, Exploitation, and Elimination of Double-Fetch Bugs using Modern CPU Features
Michael Schwarz, Daniel Gruss, Moritz Lipp, Clémentine Maurice, Thomas Schuster, Anders Fogh, Stefan Mangard
13th ACM ASIA Conference on Information, Computer and Communications Security (AsiaCCS'18), Songdo, Incheon, Korea, June 4-8, 2018 (AR: 20.0%)
GitHub Slides
  Use-After-FreeMail: Generalizing the Use-After-Free Problem and Applying it to Email Services
Daniel Gruss, Michael Schwarz, Matthias Wübbeling, Simon Guggi, Timo Malderle, Stefan More, Moritz Lipp
13th ACM ASIA Conference on Information, Computer and Communications Security (AsiaCCS'18), Songdo, Incheon, Korea, June 4-8, 2018 (AR: 20.0%)
  Another Flip in the Wall of Rowhammer Defenses
Daniel Gruss, Moritz Lipp, Michael Schwarz, Daniel Genkin, Jonas Juffinger, Sioli O'Connell, Wolfgang Schoechl, Yuval Yarom
39th IEEE Symposium on Security and Privacy (S&P'18), San Francisco, California, USA, May 21-23, 2018 (AR: 10.0%)
Media: BleepingComputer, SecurityNow, TU Graz, The Register
 GitHub Recording
  JavaScript Zero: Real JavaScript and Zero Side-Channel Attacks
Michael Schwarz, Moritz Lipp, Daniel Gruss
Network and Distributed System Security Symposium 2018 (NDSS'18), San Diego, California, USA, February 18-21, 2018 (AR: 21.5%)
Media: BleepingComputer
 GitHub Slides Recording
  KeyDrown: Eliminating Software-Based Keystroke Timing Side-Channel Attacks
Michael Schwarz, Moritz Lipp, Daniel Gruss, Samuel Weiser, Clémentine Maurice, Raphael Spreitzer, Stefan Mangard
Network and Distributed System Security Symposium 2018 (NDSS'18), San Diego, California, USA, February 18-21, 2018 (AR: 21.5%)
GitHub Slides Recording
2017
  Practical Keystroke Timing Attacks in Sandboxed JavaScript
Moritz Lipp, Daniel Gruss, Michael Schwarz, David Bidner, Clémentine Maurice, Stefan Mangard
22nd European Symposium on Research in Computer Security (ESORICS'17), Oslo, Norway, September 11-15, 2017 (AR: 15.9%)
GitHub Slides
  Quality Assurance for Human Computation Based Recommendation
Michael Schwarz
Master's Thesis, Graz University of Technology, June 13, 2017
Slides
  KASLR is Dead: Long Live KASLR
Daniel Gruss, Moritz Lipp, Michael Schwarz, Richard Fellner, Clémentine Maurice, Stefan Mangard
International Symposium on Engineering Secure Software and Systems (ESSoS'17), Bonn, Germany, July 2017 (AR: 46.9%)
Media: LWN
 GitHub Slides Wikipedia
  Malware Guard Extension: Using SGX to Conceal Cache Attacks
Michael Schwarz, Samuel Weiser, Daniel Gruss, Clémentine Maurice, Stefan Mangard
14th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA'17), Bonn, Germany, July 2017 (AR: 26.9%)
E-print (extended version) arXiv:1702.08719, February 2017
Media: The Register, Schneier on Security, Wikipedia, Information Security Newspaper, SecurityIntelligence, Digital Trends, BleepingComputer, SecurityWeek
Extended Version Slides Wikipedia
  Fantastic Timers and Where to Find Them:
High-Resolution Microarchitectural Attacks in JavaScript
Michael Schwarz, Clémentine Maurice, Daniel Gruss and Stefan Mangard
Financial Cryptography and Data Security 2017 (FC'17), Malta, April 2017
Media: Mozilla Security Blog
Slides
  Hello from the Other Side: SSH over Robust Cache Covert Channels in the Cloud
Clémentine Maurice, Manuel Weber, Michael Schwarz, Lukas Giner, Daniel Gruss, Carlo Alberto Boano, Kay Römer, Stefan Mangard
Network and Distributed System Security Symposium 2017 (NDSS'17), San Diego, California, USA, February 2017 (AR: 16.1%)
Media: The Register
Info Slides Recording
2016
  DRAMA: Exploiting DRAM Buffers for Fun and Profit
Michael Schwarz
Master's Thesis, Graz University of Technology, October 13, 2016
Slides
  Human computation for constraint-based recommenders
Thomas Ulz, Michael Schwarz, Alexander Felfernig, Sarah Haas, Amal Shehadeh, Stefan Reiterer, Martin Stettinger
Journal of Intelligent Information Systems (JIIS), September 28, 2016
  DRAMA: Exploiting DRAM Addressing for Cross-CPU Attacks
Peter Pessl, Daniel Gruss, Clémentine Maurice, Michael Schwarz, Stefan Mangard
25th USENIX Security Symposium, Austin, Texas, USA, August 10-12, 2016 (AR: 15.6%)
Info Slides GitHub Recording
2015
  Peopleviews: Human computation for constraint-based recommendation
Alexander Felfernig, Thomas Ulz, Sarah Haas, Michael Schwarz, Stefan Reiterer, Martin Stettinger
ACM RecSys 2015 CrowdRec Workshop, Vienna, Austria, September 19, 2015
Slides
  Human computation based acquisition of financial service advisory practices
Alexander Felfernig, Michael Jeran, Martin Stettinger, Thomas Absenger, Thomas Gruber, Sarah Haas, Emanuel Kirchengast, Michael Schwarz, Lukas Skofitsch, Thomas Ulz
1st International Workshop on Personalization & Recommender Systems in Financial Services (FinRec'15), Graz, Austria, April 16, 2015
2014
  Recturk: Constraint-based recommendation based on human computation
Alexander Felfernig, Sarah Haas, Gerald Ninaus, Michael Schwarz, Thomas Ulz, Martin Stettinger, Klaus Isak, Michael Jeran, Stefan Reiterer
ACM RecSys 2014 CrowdRec Workshop, Silicon Valley, California, USA, October 6, 2014

Presentations

2018
  Red Team vs Blue Team: Memory Safety, Exploitation, and Countermeasures
Michael Schwarz
Graz Security Days for Industry, Graz, Austria, September 4-5, 2018
Info
  Another Flip in the Row
Daniel Gruss, Michael Schwarz, Moritz Lipp
BlackHat USA, Mandalay Bays, Las Vegas, USA, August 4-9, 2018
Info
  Meltdown: Basics, Details, Consequences
Daniel Gruss, Michael Schwarz, Moritz Lipp
BlackHat USA, Mandalay Bays, Las Vegas, USA, August 4-9, 2018
Info
  DRAMA: Exploiting DRAM Buffers for Fun and Profit
Michael Schwarz
Shortlisted Candidate Talk @ Forum Technik und Gesellschaft, Graz, Austria, June 6, 2018
Info
  Fehlerfreie Software und trotzdem unsicher? Eine Einführung in die Mikroarchitekturangriffe anhand von Meltdown, Spectre, und Rowhammer
Daniel Gruss, Moritz Lipp, Michael Schwarz
Invited Talk @ Monat der freien Bildung, Graz, Austria, May 25, 2018
Info
  Flush+Reload, Meltdown, Spectre, Rowhammer
Michael Schwarz
Guest Talk @ BORG Monsberger, Graz, Austria, May 25, 2018
  Meltdown and Spectre: Side-channels considered hARMful
Moritz Lipp, Michael Schwarz
Qualcomm Mobile Security Summit, San Diego, California, USA, May 16-18, 2018
Info
  X-Factor: Das Unfassbare - Die Geschichte von Meltdown und Spectre
Michael Schwarz
Grazer Linuxtage, Graz, Austria, April 27-28, 2018
Info Recording
  When Good Turns Evil: Using Intel SGX to Stealthily Steal Bitcoins
Michael Schwarz, Moritz Lipp
BlackHat Asia, Marina Bay Sands, Singapore, March 20-23, 2018
Media: DARKReading
Info Paper Live Demo
  Rowhammer: From the Basics to Sophisticated New Variants
Moritz Lipp, Michael Schwarz
Guest Talk @ Qualcomm, San Diego, California, USA, February 21, 2018
  Spectre and Meltdown on x86 and ARM
Michael Schwarz, Moritz Lipp, Stefan Mangard
Guest Talk @ NXP, Gratkorn, Austria, February 15, 2018
  Microarchitectural Attacks and Defenses in JavaScript
Michael Schwarz, Daniel Gruss, Moritz Lipp
Guest Talk @ Google, Munich, Germany, January 25, 2018
  Beyond Belief: The Case of Spectre and Meltdown
Daniel Gruss, Moritz Lipp, Michael Schwarz
Keynote @ BlueHat IL, Tel Aviv, Israel, January 24, 2018
Info Recording
  Prozessorlücken: Wer ist betroffen und was ist zu tun?
Michael Schwarz, Wolfgang Prentner, Benjamin Borchers
Webinar @ colited, January 16, 2018
2017
  Hello from the Other Side: Reliable Communication over Cache Covert Channels in the Cloud
Michael Schwarz, Manuel Weber
Invited Talk @ ISACA Venice V Conference on Application Security and Modern Technologies, Mestre, Venice, Italy, October 6, 2017
Info Program
  Cash Attacks on SGX
Daniel Gruss, Michael Schwarz
Invited Talk @ Breaking Bitcoin, Paris, France, September 9-10, 2017
Info Recording
  Programming Lab Binary Exploitation (ARM)
Michael Schwarz
IACR Cryptology School 2017 Security & Correctness in the IoT, Graz, Austria, May 8-12, 2017
Info
  Robust Cache Covert Channels in the Cloud (Rump Session)
Michael Schwarz
Financial Cryptography, Sliema, Malta, April 2-7, 2017
  Hello from the Other Side: SSH over Robust Cache Covert Channels in the Cloud
Michael Schwarz, Manuel Weber
BlackHat Asia, Marina Bay Sands, Singapore, March 30-31, 2017
Media: The Register
Info GitHub Paper Live Demo Recording
2016
  DRAMA: How your DRAM becomes a security problem
Michael Schwarz, Anders Fogh
BlackHat Europe, London, United Kingdom, November 3-4, 2016
Media: SecurityWeek
Info GitHub Paper Live Demo Recording
  CTF Training Session: Easy Crypto & ECDSA
Michael Schwarz
LosFuzzys CTF Training, Graz, Austria, September 13, 2016

Awards

2018
  Pwnie Award for Best Privilege Escalation Bug
Moritz Lipp, Michael Schwarz, Daniel Gruss, Thomas Prescher, Werner Haas, Stefan Mangard, Paul Kocher, Daniel Genkin, Yuval Yarom, Mike Hamburg, Jann Horn, Anders Fogh
BlackHat USA, Las Vegas, USA, August 8, 2018
  Pwnie Award for Most Innovative Research
Jann Horn, Paul Kocher, Daniel Genkin, Mike Hamburg, Moritz Lipp, Yval Yarom, Werner Haas, Thomas Prescher, Daniel Gruss, Stefan Mangard, Michael Schwarz
BlackHat USA, Las Vegas, USA, August 8, 2018
  Sponsorship Award for master thesis of particular relevance to society, 2nd place:
DRAMA: Exploiting DRAM Buffers for Fun and Profit
Michael Schwarz
Forum Technik und Gesellschaft, Graz, Austria, June 7, 2018
2017
  Pwnie Award for Best Song
Manuel Weber, Daniel Gruss, Michael Schwarz, Moritz Lipp, Rebekka Aigner
BlackHat USA, Las Vegas, USA, July 26, 2017
2016
  IAIK Student Research Excellence Awards
Michael Schwarz
IAIK Graz University of Technology, Graz, Austria, December 2, 2016

Projects

2017
  asciicast2vector
Convert asciicast (asciinema recordings) to vector graphics (SVG and TikZ).
Project
  LiveTikZ
A live preview for TikZ drawings.
Project
  ProcDetails
The ProcDetails kernel module shows details about procfs files.
Project
  libattopng
libattopng is a minimal C library to create uncompressed PNG images.
Project
2016
  Amazon Dash Button Fun
Make the Amazon Dash button useful using this IoT framework.
Project
  FAINT - FAult INjection Tester
FAINT is a fully automated tool to dynamically check the out of memory handling in C and C++ programs.
Project
  Configurable DES
Configurable DES provides a fully customizable DES implementation especially designed to test attacks against DES.
Project
  Jackbox Party Pack - Drawful Question Editor
A question editor for the Drawful game of Jackbox Party Pack based on my reverse-engineering of the file format.
Project
2015
  Universal Header Decoder
This tool decoded file headers based on a description file.
Project
  BF.js
A simple Javascript Brainfuck implementation for educational purposes.
Project
  ESP Trainer (German)
An interactive web application for learning C programming.
Run
2014
  TU Graz Newsreader
TU Graz Newsreader is an Android newsgroup reader for Graz University of Technology.
Info Play Store
2013
  Raspberry Webradio
Raspberry Webradio, a do-it-yourself internet streaming client using the Raspberry Pi..
Info (German) Code
  C Declaration Explainer
This little tool can translate C variable declarations to human readable definitions.
Run
  AVR Fuse Calculator
An offline AVR fuse calculator, supporting 144 devices.
Play Store
  TU Graz Raumsuche (German)
App that provides a search functionality to find and locate rooms on the TU Graz Campus.
Play Store Code