My research explores the security of the interface between the software and the hardware. In particular, I am interested in the discrepancy between the way that programmers think about software execution and the concrete execution in modern processors. I work on identifying micro-architectural vulnerabilities, and on exploitation and mitigation techniques.
Contact Information
Email: yuval.yarom@rub.deNews
1 Oct 2025
The paper Revisiting Prime+Prune+Probe: Pitfalls and Remedies with will appear in ACSAC 202529 Sep 2025
The paper Fish and Chips: On the Root Cause of Co-located Website-Fingerprinting Attacks with will appear in IEEE TDSC17 Sep 2025
Preprint available Thunderhammer: Rowhammer Bitflips via PCIe and Thunderbolt (USB-C), co-authored with .
8 Sep 2025
The paper Transient Architectural Execution: from Weird Gates to Weird Programs with will appear in IEEE SP 20268 Sep 2025
The paper Chypnosis: Undervolting-based Static Side-channel Attacks with will appear in IEEE SP 20261 Sep 2025
Welcome to a PhD at the Chair for Computer Security.25 Jul 2025
Congratulations to who completed a PhD on Browser-Based Microarchitectural Side-Channel Attacks.1 Jul 2025
The paper ECC.fail: Mounting Rowhammer Attacks on DDR4 Servers with ECC Memory with will appear in USENIX Security 202514 May 2025
SLAP: Data Speculation Attacks via Load Address Prediction on Apple Silicon received a Distinguished Paper Award at IEEE SP 2025.
8 May 2025
Published a preprint and the Code Artifact
for Reverse-Engineering the Address Translation Caches.More news...
Service
Program Chair: SEED 2022, WOOT 2020, Kangacrypt 2018, SPACE 2018.
Event Organisation:
uASC 2025,
SSS2 2023,
CHES 2020
,
Kangacrypt 2018,
ASEC 2018.
Steering Committees: CHES 2019–2020, uASC 2025–, WOOT 2020–.
Editorial Board: Communications in Cryptography 2024
Program Committees:
- 2025: CHES, DRAMSec, IEEE EuroS&P, IEEE S&P, uASC, USENIX Security
- 2024: ASPLOS (ERC), CHES, DRAMSec, IEEE EuroS&P, IEEE S&P, RWC, USENIX Security, WOOT
- 2023: ACISP, CCS, IEEE S&P (Associate Chair), RWC, SecDev, SILM, USENIX Security, WOOT
- 2022: ACISP, CARDIS, CCS, CFAIL, CHES, DRAMSec, HASP, IEEE S&P, RWC, SecDev, SILM, Top in HES, USENIX Security
- 2021: ACISP, ACSAC, AsiaCCS, CARDIS, CHES, CT-RSA, DATE, DRAMSec, ESORICS, IEEE S&P, SEED, SILM, USENIX Security
- 2020: ACSAC, CARDIS, CHES, IEEE S&P, SCAM, SILM, SPACE, USENIX Security
- 2019: ASPLOS (ERC), CARDIS, CCS, CHES, IEEE EuroS&P, Latincrypt, RWC, SAC, SPACE, USENIX ATC, USENIX Security, WOOT
- 2018: CARDIS, CHES, SysTEX
- 2017: Latincrypt, SPACE, USENIX Security
- 2015: SYSTOR
Awards
- Distinguished Paper Award — IEEE SP 2025
- iLeakage awarded Top Picks in Hardware and Embedded Security — 2024
- German IT Security Prize; 2024
- Distinguished paper award — CCS 2024
- Distinguished paper award — CCS 2024
- Excellent Teaching Award Nominee — RUB 2024
- Humies Gold Award — GECCO 2023
- Distinguished Paper Award — PLDI 2023
- NSA Best Scientific Cybersecurity Paper Competition 2020
- SA Young Tall Poppy Award — 2020
- Best student paper award — ICEIS 2020
- Chris Wallace Award for Outstanding Research — 2020
- Honorable Mention — NSA Best Scientific Cybersecurity Paper Competition 2019
- Distinguished Paper Award — IEEE SP 2019
- Best Paper Award — EuroSys 2019
- Foreshadow chosen for IEEE Micro Top Pick — 2019
- Best Paper Award — APSys 2018
- Pwnie Award — Most Innovative Research — Black Hat 2018
- Pwnie Award — Best Privilege Escalation Bug — Black Hat 2018
- Knuth Reward Cheque — 1999
- Mifal Hapayis Research Prize — 1994
Misc
- My Erdös number is 2.
- PhD Thesis: Software-based Reference Protection for Component Isolation
- Master Thesis: The Deputy Mechanism for Transparent Process Migration
- Simulated Annealing for Standard-Cell Sizing (An Amirim—Science project report — in Hebrew).