Submission History
2024 decisions AR: 41%
AIHWS 2024 | Accept | CNN Architecture Extraction on Edge GPU |
ASPLOS 2024 | Reject | —Redacted— |
ASPLOS 2024 | Reject | —Redacted— |
CCS 2024 | Accept | Testing Side-Channel Security of Cryptographic Implementations against Future Microarchitectures |
CCS 2024 | Accept | Elephants Do Not Forget: Differential Privacy with State Continuity for Privacy Budget |
CCS 2024 | Reject | —Redacted— |
CCS 2024 | Accept | Spec-o-Scope: Cache Probing at Cache Speed |
CCS 2024 | Reject | —Redacted— |
CHES 2024 | Accept | Evict+Spec+Time: Exploiting Out-of-Order Execution to Improve Cache-Timing Attacks |
CHES 2024 | Revision | —Redacted— |
EuroSys 2025 | Reject | —Redacted— |
Eurocrypt 2024 | Reject | —Redacted— |
IEEE SP 2025 | Accept | —Redacted— |
IEEE SP 2025 | Reject | —Redacted— |
IEEE SP 2025 | Reject | —Redacted— |
JCEN | Revision | —Redacted— |
NDSS 2025 | Reject | —Redacted— |
NDSS 2025 | Revision | —Redacted— |
USENIX Sec 2024 | Reject | —Redacted— |
USENIX Sec 2024 | Revision | BarraCUDA: GPUs do Leak DNN Weights |
USENIX Sec 2025 | Accept | BarraCUDA: GPUs do Leak DNN Weights |
2023 decisions AR: 62%
AsiaCCS 2023 | Accept | CacheFX: A Framework for Evaluating Cache Security |
AsiaCCS 2024 | Accept | SoK: Can We Really Detect Cache Side-Channel Attacks by Monitoring Performance Counters? |
CCS 2023 | Reject | —Redacted— |
CCS 2023 | Reject | TeeJam: Sub-Cache-Line Leakages Strike Back |
CCS 2023 | Accept | iLeakage: Browser-based Timerless Speculative Execution Attacks on Apple Devices |
CHES 2024 | Revision | Evict+Spec+Time: Exploiting Out-of-Order Execution to Improve Cache-Timing Attacks |
CHES 2024 | Accept | TeeJam: Sub-Cache-Line Leakages Strike Back |
ICSE Demo 2023 | Accept | CryptOpt: Automatic Optimization of Straightline Code |
IEEE SP 2023 | Reject | Pixel Thief: Exploiting SVG Filter Leakage in Firefox and Chrome |
IEEE SP 2023 | Revision | SoK: SGX.Fail: How Stuff Gets eXposed |
IEEE SP 2024 | Reject | Testing Side-Channel Security of Cryptographic Implementations against Future Microarchitectures |
IEEE SP 2024 | Reject | —Redacted— |
IEEE SP 2024 | Accept | SoK: SGX.Fail: How Stuff Gets eXposed |
IEEE SP 2024 | Reject | BarraCUDA: GPUs do Leak DNN Weights |
PLDI 2023 | Accept | CryptOpt: Verified Compilation with Randomized Program Search for Cryptographic Primitives |
USENIX Sec 2023 | Accept | BunnyHop: Exploiting the Instruction Prefetcher |
USENIX Sec 2023 | Accept | Ultimate SLH: Taking Speculative Load Hardening to the Next Level |
USENIX Sec 2023 | Accept | Checking Passwords on Leaky Computers: A Side Channel Analysis of Chrome’s Password Leak Detection Protocol |
USENIX Sec 2023 | Reject | BarraCUDA: GPUs do Leak DNN Weights |
USENIX Sec 2023 | Accept | Hot Pixels: Frequency, Power, and Temperature Attacks on GPUs and Arm SoCs |
USENIX Sec 2024 | Accept | SledgeHammer: Amplifying Rowhammer via Bank-level Parallelism |
USENIX Sec 2024 | Accept | Pixel Thief: Exploiting SVG Filter Leakage in Firefox and Chrome |
USENIX Sec 2024 | Reject | Elephants Do Not Forget: Differential Privacy with State Continuity for Privacy Budget |
2022 decisions AR: 44%
ACSAC 2022 | Reject | CacheFX: A Framework for Evaluating Cache Security |
AsiaCCS 2022 | Accept | SoK: Design Tools for Side-Channel-Aware Implementations |
CCS 2022 | Revision | HammerScope: Observing DRAM Power Consumption Using Rowhammer |
CCS 2022 | Accept | HammerScope: Observing DRAM Power Consumption Using Rowhammer |
GI@GECCO 2022 | Accept | Opportunities for Genetic Improvement of Cryptographic Code |
IEEE SP 2023 | Accept | Spectre Declassified: Reading from the Right Place at the Wrong Time |
IEEE SP 2023 | Reject | iLeakage: Browser-based Timerless Speculative Execution Attacks on Apple Devices |
IEEE TDSC | Reject | —Redacted— |
ISCA 2022 | Reject | CacheFX: A Framework for Evaluating Cache Security |
NDSS 2023 | Reject | SoK: SGX.Fail: How Stuff Gets eXposed |
POPL 2023 | Reject | CryptOpt: Verified Compilation with Randomized Program Search for Cryptographic Primitives |
The Computer Journal | Revision | Row, Row, Row Your Boat: How to Not Find Weak Keys in Pilsung |
The Computer Journal | Accept | Row, Row, Row Your Boat: How to Not Find Weak Keys in Pilsung |
USENIX Sec 2022 | Revision | The Impostor Among US(B): Off Path Injection Attacks on USB Communications |
USENIX Sec 2022 | Reject | HammerScope: Observing DRAM Power Consumption Using Rowhammer |
USENIX Sec 2022 | Reject | SoK: SGX.Fail: How Stuff Gets eXposed |
USENIX Sec 2022 | Revision | The Gates of Time: Improving Cache Attacks with Transient Execution |
USENIX Sec 2022 | Revision | Ultimate SLH: Taking Speculative Load Hardening to the Next Level |
USENIX Sec 2023 | Accept | The Impostor Among US(B): Off Path Injection Attacks on USB Communications |
USENIX Sec 2023 | Accept | The Gates of Time: Improving Cache Attacks with Transient Execution |
USENIX Sec 2023 | Reject | SoK: SGX.Fail: How Stuff Gets eXposed |
2021 decisions AR: 54%
ACNS 2022 | Accept | RSA Key Recovery from Digit Equivalence Information |
Asiacrypt 2021 | Reject | Side-Channeling the Kalyna Key Expansion |
CCS 2021 | Revision | Rosita++: Automatic Higher-Order Leakage Elimination from Cryptographic Code |
CCS 2021 | Accept | Rosita++: Automatic Higher-Order Leakage Elimination from Cryptographic Code |
CFAIL 2021 | Accept | Row, Row, Row Your Boat: How to Not Find Weak Keys in Pilsung |
CHES 2021 | Reject | Side-Channeling the Kalyna Key Expansion |
CT-RSA 2022 | Accept | Side-Channeling the Kalyna Key Expansion |
Euro S&P 2021 | Accept | Nonce@Once: A Single-Trace EM Side Channel Attack on Several Constant-Time Elliptic Curve Implementations in Mobile Platforms |
IEEE Micro | Reject | —Redacted— |
IEEE SP 2022 | Revision | SoK: Design Tools for Side-Channel-Aware Implementations |
IEEE SP 2022 | Accept | Spook.js: Attacking Chrome Strict Site Isolation via Speculative Execution |
IEEE SP 2022 | Reject | SoK: Design Tools for Side-Channel-Aware Implementations |
IEEE SP 2022 | Revision | Spectre Declassified: Reading from the Right Place at the Wrong Time |
NDSS 2022 | Revision | DrawnApart: A Unique Device Identification Technique based on Remote GPU Fingerprinting |
NDSS 2022 | Accept | DrawnApart: A Unique Device Identification Technique based on Remote GPU Fingerprinting |
USENIX Sec 2021 | Reject | DrawnApart: A Unique Device Identification Technique based on Remote GPU Fingerprinting |
USENIX Sec 2022 | Reject | CryptOpt: Verified Compilation with Randomized Program Search for Cryptographic Primitives |
2020 decisions AR: 48%
ACSAC 2020 | Reject | A Queueing Solution to Reduce Delay in Processing of Disclosed Vulnerabilities |
CCS 2020 | Reject | Nonce@Once: A Single-Trace EM Side Channel Attack on Several Constant-Time Elliptic Curve Implementations in Mobile Platforms |
CCS 2020 | Accept | LadderLeak: Breaking ECDSA With Less Than One Bit Of Nonce Leakage |
ICEIS 2020 | Accept | Enterprise Security Architecture: Mythology or Methodology? |
IEEE SP 2020 | Reject | Rosita: Towards Automatic Elimination of Power-Analysis Leakage in Ciphers |
IEEE SP 2021 | Reject | DrawnApart: A Unique Device Identification Technique based on Remote GPU Fingerprinting |
IEEE SP 2021 | Accept | CacheOut: Leaking Data on Intel CPUs via Cache Evictions |
IEEE SP 2021 | Reject | CacheFX: A Framework for Evaluating Cache Security |
IEEE TDSC | Revision | Website Fingerprinting Through the Cache Occupancy Channel and its Real World Practicality |
IEEE TDSC | Reject | A Queueing Solution to Reduce Delay in Processing of Disclosed Vulnerabilities |
IEEE TDSC | Accept | Website Fingerprinting Through the Cache Occupancy Channel and its Real World Practicality |
LNBIP EIS | Accept | Security Architecture Framework for Enterprises |
MICRO 2020 | Accept | PThammer: Cross-User-Kernel-Boundary Rowhammer through Implicit Accesses |
NDSS 2021 | Reject | CacheOut: Leaking Data on Intel CPUs via Cache Evictions |
NDSS 2021 | Revision | Rosita: Towards Automatic Elimination of Power-Analysis Leakage in Ciphers |
NDSS 2021 | Reject | Nonce@Once: A Single-Trace EM Side Channel Attack on Several Constant-Time Elliptic Curve Implementations in Mobile Platforms |
NDSS 2021 | Accept | Rosita: Towards Automatic Elimination of Power-Analysis Leakage in Ciphers |
RAID 2020 | Reject | A Queueing Solution to Reduce Delay in Processing of Disclosed Vulnerabilities |
S&P Mag. | Accept | Whack-a-Meltdown: Microarchitectural Security Games |
SSR 2020 | Reject | A Queueing Solution to Reduce Delay in Processing of Disclosed Vulnerabilities |
TPS-ISA 2020 | Accept | A Queueing Solution to Reduce Delay in Processing of Disclosed Vulnerabilities |
USENIX Sec 2020 | Reject | CacheOut: Leaking Data on Intel CPUs via Cache Evictions |
USENIX Sec 2020 | Revision | Prime+Probe 1, JavaScript 0: Overcoming Browser-based Side-Channel Defenses |
USENIX Sec 2021 | Accept | Prime+Probe 1, JavaScript 0: Overcoming Browser-based Side-Channel Defenses |
2019 decisions AR: 75%
ACIS 2019 | Reject | Enterprise Security Architecture: Mythology or Methodology? |
CACM | Revision | Meltdown: Reading Kernel Memory from User Space |
CACM | Accept | Meltdown: Reading Kernel Memory from User Space |
CACM | Accept | Spectre Attacks: Exploiting Speculative Execution |
CCS 2019 | Reject | —Redacted— |
CCS 2019 | Revision | Fallout: Leaking Data on Meltdown-resistant CPUs |
CCS 2019 | Accept | Fallout: Leaking Data on Meltdown-resistant CPUs |
CHES 2020 | Accept | Cache vs. Key-Dependency: Side Channeling an Implementation of Pilsung |
IEEE Micro | Accept | Breaking Virtual Memory Protection and the SGX Ecosystem with Foreshadow |
IEEE SP 2020 | Accept | RAMBleed: Reading Bits in Memory Without Accessing Them |
IEEE SP 2020 | Accept | Pseudorandom Black Swans: Cache Attacks on CTR_DRBG |
IEEE SP 2020 | Accept | LVI: Hijacking Transient Execution through Microarchitectural Load Value Injection |
USENIX Sec 2019 | Accept | Robust Website Fingerprinting Through the Cache Occupancy Channel |
USENIX Sec 2019 | Reject | Nonce@Once: A Single-Trace EM Side Channel Attack on Several Constant-Time Elliptic Curve Implementations in Mobile Platforms |
2018 decisions AR: 69%
ACNS 2018 | Accept | Drive-by Key-Extraction Cache Attacks from Portable Code |
APSys 2018 | Accept | No Security Without Time protection: We Need a New hardware Software Contract |
ATC 2018 | Reject | No Security Without Time protection: We Need a New hardware Software Contract |
CANDAR 2018 | Accept | The Effect of Common Vulnerability Scoring System Metrics on Vulnerability Exploit Delay |
CCS 2018 | Reject | Robust Website Fingerprinting Through the Cache Occupancy Channel |
ECIS 2018 | Reject | Enterprise Security Architecture: Mythology or Methodology? |
EuroSys 2019 | Accept | Time Protection: the Missing OS Abstraction |
IEEE SP 2018 | Accept | Another Flip in the Wall of Rowhammer Defenses |
IEEE SP 2019 | Accept | Spectre Attacks: Exploiting Speculative Execution |
IEEE SP 2019 | Accept | The 9 Lives of Bleichenbacher's CAT: New Cache ATtacks on TLS Implementations |
NDSS 2019 | Reject | Robust Website Fingerprinting Through the Cache Occupancy Channel |
TCHES | Accept | CacheQuote: Efficiently Recovering Long-term Secrets of SGX EPID via Cache Attacks |
USENIX Sec 2018 | Accept | Meltdown: Reading Kernel Memory from User Space |
2017 decisions AR: 50%
ASPLOS 2018 | Reject | No Security Without Time protection: We Need a New hardware Software Contract |
CCS 2017 | Accept | May the Fourth Be With You: A Microarchitectural Side Channel Attack on Several Real-World Applications of Curve25519 |
CCS 2017 | Accept | To BLISS-B or not to be — Attacking StrongSwan's Implementation of Post-Quantum Signatures |
CCS 2017 | Reject | Drive-by Key-Extraction Cache Attacks from Portable Code |
CHES 2017 | Accept | Sliding Right Into Disaster: Left-to-Right Sliding Windows Leak |
Euro S&P 2018 | Reject | Drive-by Key-Extraction Cache Attacks from Portable Code |
Eurocrypt 2017 | Accept | Modifying an Enciphering Scheme after Deployment |
IEEE SP 2017 | Reject | No Security Without Time protection: We Need a New hardware Software Contract |
IEEE SP 2018 | Revision | Another Flip in the Wall of Rowhammer Defenses |
JCEN | Revision | CacheBleed: A Timing Attack on OpenSSL Constant Time RSA |
JCEN | Accept | CacheBleed: A Timing Attack on OpenSSL Constant Time RSA |
SOSP 2017 | Reject | Time Protection: the Missing OS Abstraction |
Scientific Reports | Revision | Replacing Sanger with Next Generation Sequencing to improve coverage and quality of reference DNA barcodes for plants |
Scientific Reports | Accept | Replacing Sanger with Next Generation Sequencing to improve coverage and quality of reference DNA barcodes for plants |
Security and Privacy | Reject | —Redacted— |
USENIX Sec 2017 | Accept | USB Snooping Made Easy: Crosstalk Leakage Attacks on USB Hubs |
USENIX Sec 2017 | Reject | No Security Without Time protection: We Need a New hardware Software Contract |
2016 decisions AR: 27%
ACIS 2016 | Reject | Enterprise Security Architecture: Mythology or Methodology? |
ACSAC 2016 | Accept | Amplifying Side Channels Through Performance Degradation |
Asiacrypt 2016 | Reject | Modifying an Enciphering Scheme after Deployment |
CCS 2016 | Accept | “Make Sure DSA Signing Exponentiations Really are Constant-Time” |
CCS 2016 | Accept | ECDSA Key Extraction from Mobile Devices via Nonintrusive Physical Side Channels |
CHES 2016 | Accept | CacheBleed: A Timing Attack on OpenSSL Constant Time RSA |
CHES 2016 | Accept | Flush, Gauss, and Reload — A Cache Attack on the BLISS Lattice-Based Signature Scheme |
CHES 2016 | Reject | ECDSA Key Extraction from Mobile Devices via Nonintrusive Physical Side Channels |
COMIND | Reject | Enterprise Security Architecture: Mythology or Methodology? |
CRYPTO 2016 | Reject | Modifying an Enciphering Scheme after Deployment |
Eurocrypt 2016 | Reject | Exploiting Transformations of the Galois Configuration to Improve Guess-and-Determine Attacks on NFSRs |
IEEE SP 2016 | Reject | Enterprise Security Architecture: Mythology or Methodology? |
IEEE SP 2016 | Reject | Amplifying Side Channels Through Performance Degradation |
IJIS | Reject | —Redacted— |
JCEN | Revision | A Survey of Microarchitectural Timing Attacks and Countermeasures on Contemporary Hardware |
JCEN | Accept | A Survey of Microarchitectural Timing Attacks and Countermeasures on Contemporary Hardware |
NDSS 2017 | Reject | USB Snooping Made Easy: Crosstalk Leakage Attacks on USB Hubs |
Nature | Reject | Replacing Sanger with Next Generation Sequencing to improve coverage and quality of reference DNA barcodes for plants |
Nature Communications | Reject | Replacing Sanger with Next Generation Sequencing to improve coverage and quality of reference DNA barcodes for plants |
Nature Plants | Reject | Replacing Sanger with Next Generation Sequencing to improve coverage and quality of reference DNA barcodes for plants |
PNAS | Reject | Replacing Sanger with Next Generation Sequencing to improve coverage and quality of reference DNA barcodes for plants |
TISSEC | Reject | —Redacted— |
USENIX Sec 2016 | Reject | Amplifying Side Channels Through Performance Degradation |
2015 decisions AR: 80%
ACNS 2015 | Accept | Evaluation and Cryptanalysis of the Pandaka Lightweight Cipher |
CT-RSA 2015 | Accept | Just a Little Bit More |
HPCA 2016 | Accept | CATalyst: Defeating Last-Level Cache Side Channel Attacks in Cloud Computing |
IEEE SP 2015 | Accept | Last-Level Cache Side-Channel Attacks are Practical |
IEEE SP 2015 | Reject | A Survey of Microarchitectural Timing Attacks and Countermeasures on Contemporary Hardware |
2014 decisions AR: 50%
Asiacrypt 2014 | Reject | Just a Little Bit More |
CHES 2014 | Accept | “Ooh Aah ... Just a Little Bit”: A Small Amount of Side Channel can go a Long Way |
IEEE SP 2014 | Reject | Flush+Reload: a High Resolution, Low Noise, L3 Cache Side-Channel Attack |
USENIX Sec 2014 | Accept | Flush+Reload: a High Resolution, Low Noise, L3 Cache Side-Channel Attack |
2013 decisions AR: 0%
NDSS 2014 | Reject | Flush+Reload: a High Resolution, Low Noise, L3 Cache Side-Channel Attack |
2012 decisions AR: 50%
OOPSLA 2012 | Reject | S-RVM: a Secure Design for a High-Performance Java Virtual Machine |
VMIL 2012 | Accept | S-RVM: a Secure Design for a High-Performance Java Virtual Machine |
2011 decisions AR: 0%
APSys 2011 | Reject | S-RVM: a Secure Design for a High-Performance Java Virtual Machine |
2008 decisions AR: 100%
ICDSC 2008 | Accept | Estimating Camera Overlap in Large and Growing Networks |