Publications

Stephanie de Smale, Rik van Dijk, Xander Bouwman, Jeroen van der Ham, Michel van Eeten. No One Drinks From the Firehose: How Organizations Filter and Prioritize Vulnerability Information. IEEE S&P, 2023.

Elia Geretto, Cristiano Giuffrida, Herbert Bos, Erik van der Kouwe. Snappy: Efficient Fuzzing with Adaptive and Mutable Snapshots. ACM ACSAC, 2022.

Mannat Kaur, Simon Parkin, Marijn Janssen, Tobias Fiebig. "I needed to solve their overwhelmness": How System Administration Work was Affected by COVID-19. ACM CSCW, 2022.

Floris Gorter, Koen Koning, Herbert Bos, Cristiano Giuffrida. DangZero: Efficient Use-After-Free Detection via Direct Page Table Access. ACM CCS, 2022.

Andrei Tatar, Daniël Trujillo, Cristiano Giuffrida, Herbert Bos. TLB;DR: Enhancing TLB-based Attacks with TLB Desynchronized Reverse Engineering. USENIX Security, 2022.

Enrico Barberis, Pietro Frigo, Marius Muench, Herbert Bos, Cristiano Giuffrida. Branch History Injection: On the Effectiveness of Hardware Mitigations Against Cross-Privilege Spectre-v2 Attacks. USENIX Security, 2022.

Alyssa Milburn, Erik van der Kouwe, Cristiano Giuffrida. Mitigating Information Leakage Vulnerabilities with Type-based Data Isolation. IEEE S&P, 2022.

Brian Johannesmeyer, Jakob Koschel, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida. Kasper: Scanning for Generalized Transient Execution Gadgets in the Linux Kernel. NDSS, 2022.

Xianya Mi, Sanjay Rawat, Cristiano Giuffrida, Herbert Bos. LeanSym: Efficient Hybrid Fuzzing Through Conservative Constraint Debloating. RAID, 2021.