Daniel Gruss
Daniel Gruss (@lavados) is a Professor at Graz University of Technology. He has been teaching undergraduate courses since 2010. Daniel's research focuses on side channels and transient execution attacks. He implemented the first remote fault attack running in a website, known as Rowhammer.js. His research team was one of the teams that found the Meltdown and Spectre bugs published in early 2018. In 2023, he received an ERC Starting Grant to research the sustainability of security. He frequently speaks at top international venues.
Session
The density of memory cells in modern DRAM is so high that disturbance errors, like the Rowhammer effect, have become quite frequent. An attacker can exploit Rowhammer to flip bits in inaccessible memory locations by reading the contents of nearby accessible memory rows. Since its discovery in 2014, we have seen a cat-and-mouse security game with a continuous stream of new attacks and new defenses. Now, in 2024, exactly 10 years after Rowhammer was discovered, it is time to look back and reflect on the progress we have made and give an outlook on the future. Additionally, we will present an open-source framework to check if your system is vulnerable to Rowhammer.