About Me:
I am a PhD candidate at the Institute of Applied Information Processing and Communications at Graz University of Technology. I focus on microarchitectural attacks and side channels.
Papers
2023
CacheWarp: Software-based Fault Injection using Selective State Reset
Ruiyi Zhang, Lukas Gerlach, Daniel Weber, Lorenz Hetterich, Youheng Lü, Andreas Kogler, Michael Schwarz
USENIX Security 2024
CVE: CVE-2023-20592
Info
Ruiyi Zhang, Lukas Gerlach, Daniel Weber, Lorenz Hetterich, Youheng Lü, Andreas Kogler, Michael Schwarz
USENIX Security 2024
CVE: CVE-2023-20592
Info
Collide+Power: Leaking Inaccessible Data with Software-based Power Side Channels
Andreas Kogler, Jonas Juffinger, Lukas Giner, Lukas Gerlach, Martin Schwarzl, Michael Schwarz, Daniel Gruss, Stefan Mangard
USENIX Security 2023
CVE: CVE-2023-20583
Info
Andreas Kogler, Jonas Juffinger, Lukas Giner, Lukas Gerlach, Martin Schwarzl, Michael Schwarz, Daniel Gruss, Stefan Mangard
USENIX Security 2023
CVE: CVE-2023-20583
Info
PT-Guard: Integrity-Protected Page Tables to Defend Against Breakthrough Rowhammer Attacks
Anish Saxena, Gururaj Saileshwar, Jonas Juffinger, Andreas Kogler, Daniel Gruss, Moinuddin Qureshi
IEEE/IFIP DSN 2023
Anish Saxena, Gururaj Saileshwar, Jonas Juffinger, Andreas Kogler, Daniel Gruss, Moinuddin Qureshi
IEEE/IFIP DSN 2023
2022
Side-Channel Attacks on Optane Persistent Memory
Sihang Liu, Suraaj Kanniwadi, Martin Schwarzl, Andreas Kogler, Daniel Gruss, Samira Khan
USENIX Security 2023
Sihang Liu, Suraaj Kanniwadi, Martin Schwarzl, Andreas Kogler, Daniel Gruss, Samira Khan
USENIX Security 2023
CSI: Rowhammer–Cryptographic Security and Integrity against Rowhammer
Jonas Juffinger, Lukas Lamster, Andreas Kogler, Moritz Lipp, Maria Eichlseder, Daniel Gruss
IEEE Symposium on Security and Privacy 2023
GitHub
Jonas Juffinger, Lukas Lamster, Andreas Kogler, Moritz Lipp, Maria Eichlseder, Daniel Gruss
IEEE Symposium on Security and Privacy 2023
GitHub
ÆPIC Leak: Architecturally Leaking Uninitialized Data from the Microarchitecture
Pietro Borrello, Andreas Kogler, Martin Schwarzl, Moritz Lipp, Daniel Gruss, Michael Schwarz
USENIX Security 2022
CVE: CVE-2022-21233
Info GitHub Slides
Pietro Borrello, Andreas Kogler, Martin Schwarzl, Moritz Lipp, Daniel Gruss, Michael Schwarz
USENIX Security 2022
CVE: CVE-2022-21233
Info GitHub Slides
SQUIP: Exploiting the Scheduler Queue Contention Side Channel
Stefan Gast, Jonas Juffinger, Martin Schwarzl, Gururaj Saileshwar, Andreas Kogler, Simone Franza, Markus Köstl, Daniel Gruss
IEEE Symposium on Security and Privacy 2023
CVE: CVE-2021-46778
Stefan Gast, Jonas Juffinger, Martin Schwarzl, Gururaj Saileshwar, Andreas Kogler, Simone Franza, Markus Köstl, Daniel Gruss
IEEE Symposium on Security and Privacy 2023
CVE: CVE-2021-46778
Half-Double: Hammering From the Next Row Over
Andreas Kogler, Jonas Juffinger, Salman Qazi, Yoongu Kim, Moritz Lipp, Nicolas Boichat, Eric Shiu, Mattias Nissler, Daniel Gruss
USENIX Security 2022
GitHub Slides
Andreas Kogler, Jonas Juffinger, Salman Qazi, Yoongu Kim, Moritz Lipp, Nicolas Boichat, Eric Shiu, Mattias Nissler, Daniel Gruss
USENIX Security 2022
GitHub Slides
Finding and Exploiting CPU Features using MSR Templating
Andreas Kogler, Daniel Weber, Martin Haubenwallner, Moritz Lipp, Daniel Gruss, Michael Schwarz
IEEE Symposium on Security and Privacy 2022
GitHub Slides
Andreas Kogler, Daniel Weber, Martin Haubenwallner, Moritz Lipp, Daniel Gruss, Michael Schwarz
IEEE Symposium on Security and Privacy 2022
GitHub Slides
Minefield: A Software-only Protection for SGX Enclaves against DVFS Attacks
Andreas Kogler, Daniel Gruss, Michael Schwarz
USENIX Security 2022
GitHub Slides
Andreas Kogler, Daniel Gruss, Michael Schwarz
USENIX Security 2022
GitHub Slides
Repurposing Segmentation as a Practical LVI-NULL Mitigation in SGX
Lukas Giner, Andreas Kogler, Claudio Canella, Michael Schwarz, Daniel Gruss
USENIX Security 2022
GitHub
Lukas Giner, Andreas Kogler, Claudio Canella, Michael Schwarz, Daniel Gruss
USENIX Security 2022
GitHub
2021
Domain Page-Table Isolation
Claudio Canella, Andreas Kogler, Lukas Giner, Daniel Gruss, Michael Schwarz
Claudio Canella, Andreas Kogler, Lukas Giner, Daniel Gruss, Michael Schwarz
Dynamic Process Isolation
Martin Schwarzl, Pietro Borrello, Andreas Kogler, Kenton Varda, Thomas Schuster, Daniel Gruss, Michael Schwarz
Martin Schwarzl, Pietro Borrello, Andreas Kogler, Kenton Varda, Thomas Schuster, Daniel Gruss, Michael Schwarz
2020
PLATYPUS: Software-based Power Side-Channel Attacks on x86
Moritz Lipp, Andreas Kogler, David Oswald, Michael Schwarz, Catherine Easdon, Claudio Canella, Daniel Gruss
IEEE Symposium on Security and Privacy 2021
CVE: CVE-2020-8694, CVE-2020-8695
Media: futurezone, sr, heise, golem, zdnet, arstechnica, csoonline, techradar, computerweekly
Info Recording Demo
Moritz Lipp, Andreas Kogler, David Oswald, Michael Schwarz, Catherine Easdon, Claudio Canella, Daniel Gruss
IEEE Symposium on Security and Privacy 2021
CVE: CVE-2020-8694, CVE-2020-8695
Media: futurezone, sr, heise, golem, zdnet, arstechnica, csoonline, techradar, computerweekly
Info Recording Demo
Presentations
2022
CSI:Rowhammer: Closing the Case of Half-Double and Beyond
Andreas Kogler, Jonas Juffinger
Talk @ Blackhat Europe 2022 , London , December 7, 2022
Andreas Kogler, Jonas Juffinger
Talk @ Blackhat Europe 2022 , London , December 7, 2022
AEPIC Leak: Architecturally Leaking Uninitialized Data from the Microarchitecture
Pietro Borrello, Andreas Kogler
Talk @ Blackhat USA 2022 , Las Vegas , August 10, 2022
Pietro Borrello, Andreas Kogler
Talk @ Blackhat USA 2022 , Las Vegas , August 10, 2022
Dynamic Process Isolation
Pietro Borrello, Andreas Kogler, (Martin Schwarzl)
Talk @ Blackhat ASIA 2022 , Singapore , May 13, 2022
Pietro Borrello, Andreas Kogler, (Martin Schwarzl)
Talk @ Blackhat ASIA 2022 , Singapore , May 13, 2022
2020
Attacking CPUs with Power Side Channels from Software: Warum leaked hier Strom?
Moritz Lipp, Michael Schwarz, Andreas Kogler, Daniel Gruss
Talk @ Remote Chaos Experience 2020 , Online , December 27, 2020
Moritz Lipp, Michael Schwarz, Andreas Kogler, Daniel Gruss
Talk @ Remote Chaos Experience 2020 , Online , December 27, 2020
CVEs
2023
CVE-2023-20592
Ruiyi Zhang, Lukas Gerlach, Daniel Weber, Lorenz Hetterich, Youheng Lü, Andreas Kogler, Michael Schwarz
Ruiyi Zhang, Lukas Gerlach, Daniel Weber, Lorenz Hetterich, Youheng Lü, Andreas Kogler, Michael Schwarz
CVE-2023-20583
Andreas Kogler, Jonas Juffinger, Lukas Giner, Lukas Gerlach, Martin Schwarzl, Michael Schwarz, Daniel Gruss, Stefan Mangard
Andreas Kogler, Jonas Juffinger, Lukas Giner, Lukas Gerlach, Martin Schwarzl, Michael Schwarz, Daniel Gruss, Stefan Mangard
2022
CVE-2022-21233
Pietro Borrello, Andreas Kogler, Martin Schwarzl, Moritz Lipp, Daniel Gruss, Michael Schwarz
Pietro Borrello, Andreas Kogler, Martin Schwarzl, Moritz Lipp, Daniel Gruss, Michael Schwarz
CVE-2021-46778
Stefan Gast, Jonas Juffinger, Martin Schwarzl, Gururaj Saileshwar, Andreas Kogler, Simone Franza, Markus Köstl, Daniel Gruss
Execution unit scheduler contention may lead to a side channel vulnerability found on AMD CPU microarchitectures codenamed “Zen 1”, “Zen 2” and “Zen 3” that use simultaneous multithreading (SMT). By measuring the contention level on scheduler queues an attacker may potentially leak sensitive information. , August 9, 2022
Stefan Gast, Jonas Juffinger, Martin Schwarzl, Gururaj Saileshwar, Andreas Kogler, Simone Franza, Markus Köstl, Daniel Gruss
Execution unit scheduler contention may lead to a side channel vulnerability found on AMD CPU microarchitectures codenamed “Zen 1”, “Zen 2” and “Zen 3” that use simultaneous multithreading (SMT). By measuring the contention level on scheduler queues an attacker may potentially leak sensitive information. , August 9, 2022
2020
CVE-2020-8694
Moritz Lipp, Andreas Kogler, David Oswald, Michael Schwarz, Daniel Gruss
Description: Insufficient access control in the Linux kernel driver for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. , November 10, 2020
Moritz Lipp, Andreas Kogler, David Oswald, Michael Schwarz, Daniel Gruss
Description: Insufficient access control in the Linux kernel driver for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. , November 10, 2020
CVE-2020-8695
Moritz Lipp, Andreas Kogler, David Oswald, Michael Schwarz, Daniel Gruss
Description: Observable discrepancy in the RAPL interface for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access. , November 10, 2020
Moritz Lipp, Andreas Kogler, David Oswald, Michael Schwarz, Daniel Gruss
Description: Observable discrepancy in the RAPL interface for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access. , November 10, 2020