Michael Schwarz

I am an infosec Ph.D. student at Graz University of Technology. I am part of the Secure Systems group at the Institute of Applied Information Processing and Communications.
As part of the university's CTF team I frequently participate in CTFs.
During the semester I teach Systems Programming, Operating Systems and Security Aspects in Software Development.


Publications

2019
  Spectre Attacks: Exploiting Speculative Execution
Paul Kocher, Jann Horn, Anders Fogh, Daniel Genkin, Daniel Gruss, Werner Haas, Mike Hamburg, Moritz Lipp, Stefan Mangard, Thomas Prescher, Michael Schwarz, Yuval Yarom
40th IEEE Symposium on Security and Privacy (S&P'19), San Francisco, California, USA, May 20-22, 2019
E-print arXiv:1801.01203, January 2018
Info Wikipedia

2018
  Meltdown: Reading Kernel Memory from User Space
Moritz Lipp, Michael Schwarz, Daniel Gruss, Thomas Prescher, Werner Haas, Anders Fogh, Jann Horn, Stefan Mangard, Paul Kocher, Daniel Genkin, Yuval Yarom, Mike Hamburg
27th USENIX Security Symposium, Baltimore, Maryland, USA, August 15-17, 2018
E-print arXiv:1801.01207, January 2018
Info Wikipedia GitHub

  Automated Detection, Exploitation, and Elimination of Double-Fetch Bugs using Modern CPU Features
Michael Schwarz, Daniel Gruss, Moritz Lipp, Clémentine Maurice, Thomas Schuster, Anders Fogh, Stefan Mangard
13th ACM ASIA Conference on Information, Computer and Communications Security (AsiaCCS'18), Songdo, Incheon, Korea, June 4-8, 2018 (AR: 20.0%)
GitHub Slides

  Use-After-FreeMail: Generalizing the Use-After-Free Problem and Applying it to Email Services
Daniel Gruss, Michael Schwarz, Matthias Wübbeling, Simon Guggi, Timo Malderle, Stefan More, Moritz Lipp
13th ACM ASIA Conference on Information, Computer and Communications Security (AsiaCCS'18), Songdo, Incheon, Korea, June 4-8, 2018 (AR: 20.0%)

  Another Flip in the Wall of Rowhammer Defenses
Daniel Gruss, Moritz Lipp, Michael Schwarz, Daniel Genkin, Jonas Juffinger, Sioli O'Connell, Wolfgang Schoechl, Yuval Yarom
39th IEEE Symposium on Security and Privacy (S&P'18), San Francisco, California, USA, May 21-23, 2018 (AR: 10.0%)
Media: BleepingComputer, SecurityNow, TU Graz, The Register
GitHub Recording

  JavaScript Zero: Real JavaScript and Zero Side-Channel Attacks
Michael Schwarz, Moritz Lipp, Daniel Gruss
Network and Distributed System Security Symposium 2018 (NDSS'18), San Diego, California, USA, February 18-21, 2018 (AR: 21.5%)
Media: BleepingComputer
GitHub Slides Recording

  KeyDrown: Eliminating Software-Based Keystroke Timing Side-Channel Attacks
Michael Schwarz, Moritz Lipp, Daniel Gruss, Samuel Weiser, Clémentine Maurice, Raphael Spreitzer, Stefan Mangard
Network and Distributed System Security Symposium 2018 (NDSS'18), San Diego, California, USA, February 18-21, 2018 (AR: 21.5%)
GitHub Slides Recording

2017
  Practical Keystroke Timing Attacks in Sandboxed JavaScript
Moritz Lipp, Daniel Gruss, Michael Schwarz, David Bidner, Clémentine Maurice, Stefan Mangard
22nd European Symposium on Research in Computer Security (ESORICS'17), Oslo, Norway, September 11-15, 2017 (AR: 15.9%)
GitHub Slides

  Quality Assurance for Human Computation Based Recommendation
Michael Schwarz
Master's Thesis, Graz University of Technology, June 13, 2017
Slides

  KASLR is Dead: Long Live KASLR
Daniel Gruss, Moritz Lipp, Michael Schwarz, Richard Fellner, Clémentine Maurice, Stefan Mangard
International Symposium on Engineering Secure Software and Systems (ESSoS'17), Bonn, Germany, July 2017 (AR: 46.9%)
Media: LWN
GitHub Slides Wikipedia

  Malware Guard Extension: Using SGX to Conceal Cache Attacks
Michael Schwarz, Samuel Weiser, Daniel Gruss, Clémentine Maurice, Stefan Mangard
14th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA'17), Bonn, Germany, July 2017 (AR: 26.9%)
E-print (extended version) arXiv:1702.08719, February 2017
Media: The Register, Schneier on Security, Wikipedia, Information Security Newspaper, SecurityIntelligence, Digital Trends, BleepingComputer, SecurityWeek
Extended Version Slides Wikipedia

  Fantastic Timers and Where to Find Them:
High-Resolution Microarchitectural Attacks in JavaScript

Michael Schwarz, Clémentine Maurice, Daniel Gruss and Stefan Mangard
Financial Cryptography and Data Security 2017 (FC'17), Malta, April 2017
Media: Mozilla Security Blog
Slides

  Hello from the Other Side: SSH over Robust Cache Covert Channels in the Cloud
Clémentine Maurice, Manuel Weber, Michael Schwarz, Lukas Giner, Daniel Gruss, Carlo Alberto Boano, Kay Römer, Stefan Mangard
Network and Distributed System Security Symposium 2017 (NDSS'17), San Diego, California, USA, February 2017 (AR: 16.1%)
Media: The Register
Info Slides Recording

2016
  DRAMA: Exploiting DRAM Buffers for Fun and Profit
Michael Schwarz
Master's Thesis, Graz University of Technology, October 13, 2016
Slides

  Human computation for constraint-based recommenders
Thomas Ulz, Michael Schwarz, Alexander Felfernig, Sarah Haas, Amal Shehadeh, Stefan Reiterer, Martin Stettinger
Journal of Intelligent Information Systems (JIIS), September 28, 2016

  DRAMA: Exploiting DRAM Addressing for Cross-CPU Attacks
Peter Pessl, Daniel Gruss, Clémentine Maurice, Michael Schwarz, Stefan Mangard
25th USENIX Security Symposium, Austin, Texas, USA, August 10-12, 2016 (AR: 15.6%)
Info Slides GitHub Recording

2015
  Peopleviews: Human computation for constraint-based recommendation
Alexander Felfernig, Thomas Ulz, Sarah Haas, Michael Schwarz, Stefan Reiterer, Martin Stettinger
ACM RecSys 2015 CrowdRec Workshop, Vienna, Austria, September 19, 2015
Slides

  Human computation based acquisition of financial service advisory practices
Alexander Felfernig, Michael Jeran, Martin Stettinger, Thomas Absenger, Thomas Gruber, Sarah Haas, Emanuel Kirchengast, Michael Schwarz, Lukas Skofitsch, Thomas Ulz
1st International Workshop on Personalization & Recommender Systems in Financial Services (FinRec'15), Graz, Austria, April 16, 2015

2014
  Recturk: Constraint-based recommendation based on human computation
Alexander Felfernig, Sarah Haas, Gerald Ninaus, Michael Schwarz, Thomas Ulz, Martin Stettinger, Klaus Isak, Michael Jeran, Stefan Reiterer
ACM RecSys 2014 CrowdRec Workshop, Silicon Valley, California, USA, October 6, 2014

Presentations

2018
  Another Flip in the Row
Daniel Gruss, Michael Schwarz, Moritz Lipp
BlackHat USA, Mandalay Bays, Las Vegas, USA, August 4-9, 2018
Info

  Meltdown: Basics, Details, Consequences
Daniel Gruss, Michael Schwarz, Moritz Lipp
BlackHat USA, Mandalay Bays, Las Vegas, USA, August 4-9, 2018
Info

  DRAMA: Exploiting DRAM Buffers for Fun and Profit
Michael Schwarz
Shortlisted Candidate Talk @ Forum Technik und Gesellschaft, Graz, Austria, June 6, 2018
Info

  Fehlerfreie Software und trotzdem unsicher? Eine Einführung in die Mikroarchitekturangriffe anhand von Meltdown, Spectre, und Rowhammer
Daniel Gruss, Moritz Lipp, Michael Schwarz
Invited Talk @ Monat der freien Bildung, Graz, Austria, May 25, 2018
Info

  Flush+Reload, Meltdown, Spectre, Rowhammer
Michael Schwarz
Guest Talk @ BORG Monsberger, Graz, Austria, May 25, 2018

  Meltdown and Spectre: Side-channels considered hARMful
Moritz Lipp, Michael Schwarz
Qualcomm Mobile Security Summit, San Diego, California, USA, May 16-18, 2018
Info

  X-Factor: Das Unfassbare - Die Geschichte von Meltdown und Spectre
Michael Schwarz
Grazer Linuxtage, Graz, Austria, April 27-28, 2018
Info Recording

  When Good Turns Evil: Using Intel SGX to Stealthily Steal Bitcoins
Michael Schwarz, Moritz Lipp
BlackHat Asia, Marina Bay Sands, Singapore, March 20-23, 2018
Media: DARKReading
Info Paper Live Demo

  Rowhammer: From the Basics to Sophisticated New Variants
Moritz Lipp, Michael Schwarz
Guest Talk @ Qualcomm, San Diego, California, USA, February 21, 2018

  Spectre and Meltdown on x86 and ARM
Michael Schwarz, Moritz Lipp, Stefan Mangard
Guest Talk @ NXP, Gratkorn, Austria, February 15, 2018

  Microarchitectural Attacks and Defenses in JavaScript
Michael Schwarz, Daniel Gruss, Moritz Lipp
Guest Talk @ Google, Munich, Germany, January 25, 2018

  Beyond Belief: The Case of Spectre and Meltdown
Daniel Gruss, Moritz Lipp, Michael Schwarz
Keynote @ BlueHat IL, Tel Aviv, Israel, January 24, 2018
Info Recording

  Prozessorlücken: Wer ist betroffen und was ist zu tun?
Michael Schwarz, Wolfgang Prentner, Benjamin Borchers
Webinar @ colited, January 16, 2018

2017
  Hello from the Other Side: Reliable Communication over Cache Covert Channels in the Cloud
Michael Schwarz, Manuel Weber
Invited Talk @ ISACA Venice V Conference on Application Security and Modern Technologies, Mestre, Venice, Italy, October 6, 2017
Info Program

  Cash Attacks on SGX
Daniel Gruss, Michael Schwarz
Invited Talk @ Breaking Bitcoin, Paris, France, September 9-10, 2017
Info Recording

  Programming Lab Binary Exploitation (ARM)
Michael Schwarz
IACR Cryptology School 2017 Security & Correctness in the IoT, Graz, Austria, May 8-12, 2017
Info

  Robust Cache Covert Channels in the Cloud (Rump Session)
Michael Schwarz
Financial Cryptography, Sliema, Malta, April 2-7, 2017

  Hello from the Other Side: SSH over Robust Cache Covert Channels in the Cloud
Michael Schwarz, Manuel Weber
BlackHat Asia, Marina Bay Sands, Singapore, March 30-31, 2017
Media: The Register
Info GitHub Paper Live Demo Recording

2016
  DRAMA: How your DRAM becomes a security problem
Michael Schwarz, Anders Fogh
BlackHat Europe, London, United Kingdom, November 3-4, 2016
Media: SecurityWeek
Info GitHub Paper Live Demo Recording

  CTF Training Session: Easy Crypto & ECDSA
Michael Schwarz
LosFuzzys CTF Training, Graz, Austria, September 13, 2016

Awards


2017
  Pwnie Award for Best Song
Manuel Weber, Daniel Gruss, Michael Schwarz, Moritz Lipp, Rebekka Aigner
BlackHat USA, Las Vegas, USA, July 26, 2017

2016
  IAIK Student Research Excellence Awards
Michael Schwarz
IAIK Graz University of Technology, Graz, Austria, December 2, 2016

Projects

2017
  asciicast2vector
Convert asciicast (asciinema recordings) to vector graphics (SVG and TikZ).
Project

  LiveTikZ
A live preview for TikZ drawings.
Project

  ProcDetails
The ProcDetails kernel module shows details about procfs files.
Project

  libattopng
libattopng is a minimal C library to create uncompressed PNG images.
Project

2016
  Amazon Dash Button Fun
Make the Amazon Dash button useful using this IoT framework.
Project

  FAINT - FAult INjection Tester
FAINT is a fully automated tool to dynamically check the out of memory handling in C and C++ programs.
Project

  Configurable DES
Configurable DES provides a fully customizable DES implementation especially designed to test attacks against DES.
Project

  Jackbox Party Pack - Drawful Question Editor
A question editor for the Drawful game of Jackbox Party Pack based on my reverse-engineering of the file format.
Project

2015
  Universal Header Decoder
This tool decoded file headers based on a description file.
Project

  BF.js
A simple Javascript Brainfuck implementation for educational purposes.
Project

  ESP Trainer (German)
An interactive web application for learning C programming.
Run

2014
  TU Graz Newsreader
TU Graz Newsreader is an Android newsgroup reader for Graz University of Technology.
Info Play Store

2013
  Raspberry Webradio
Raspberry Webradio, a do-it-yourself internet streaming client using the Raspberry Pi..
Info (German) Code

  C Declaration Explainer
This little tool can translate C variable declarations to human readable definitions.
Run

  AVR Fuse Calculator
An offline AVR fuse calculator, supporting 144 devices.
Play Store

  TU Graz Raumsuche (German)
App that provides a search functionality to find and locate rooms on the TU Graz Campus.
Play Store Code