Thank you for joining us at the TU Graz Open Day! 😊
| homepage | https://www.isec.tugraz.at |
| our socials | https://www.isec.tugraz.at/follow/ |
ISEC @ TU Graz
- 118 Followers
- 10 Following
- 134 Posts
WE ARE ISEC: The Institute of Information Security at TU Graz
Yesterday, we celebrated the official opening of the new Cybersecurity Campus Graz building! 🔑✨
After the celebratory speeches, Verena Schröppel, Edona Fasllija, and Lukas Maar, three of our researchers, shared their academic journeys and research topics.
📸 photos by Lunghammer – TU Graz
Did you want a closer look at our new campus building? Check out this tour! 😉
Tour durch den Cybersecurity Campus Graz
🎉 Congratulations, Martin! 🎉
Martin Heckel (@lunkw1ll) successfully defended his #PhD thesis “Real-World Rowhammer: Understanding and Addressing the Challenges to Rowhammer Attacks” yesterday. 🥳
We wish him the best in his future endeavors!
🎉 Congratulations, Aikata! 🎉
She successfully defended her #PhD thesis “Secure and Efficient Implementations of Post-Quantum Cryptographic Algorithms” today. 🥳
We wish her the best in her future endeavors!
The discovery of the longest pattern ever for DDR5 Rowhammer flips! 😱
Join us for Kaveh Razavi’s talk “Rowhammer bit flips a decade later”:
📅 April 1st, 2026 | 11:00
📍 CCG Seminar room, CCGEG002
Abstract:
The first Rowhammer exploit was published a little more than a decade ago on a DDR3-based system. Since then, we have had two generations of DRAM technology with proprietary mitigations. In this talk, I present our journey in understanding the security guarantees of these mitigations in DDR4 and DDR5 devices through significant platform building efforts, painstaking reverse engineering, and creative system-level techniques. The results are not encouraging; DRAM is as insecure as a decade ago while the cost of independent security analysis is growing beyond what academia can do. I finish with a brief discussion of possible paths forward.
Details 👇
https://www.isec.tugraz.at/event/rowhammer-bit-flips-a-decade-later/
What a week!
Our move is completed and from now on, you can find us at Sandgasse 38a. 🎉
A big thank you to everyone who made this quick transition possible. 🫶
Our PhD students, Carina Fiedler, Sudheendra Neela (@vmcall) and Hannes Weissteiner (@hweissi) attended the NDSS Symposium 2026 in San Diego, California, this week to present their papers!
Check them out 👇
Carina Fiedler: Memory Band-Aid: A Principled Rowhammer Defense-in-Depth
https://www.ndss-symposium.org/ndss-paper/memory-band-aid-a-principled-rowhammer-defense-in-depth/
Sudheendra Neela: Eviction Notice: Reviving and Advancing Page Cache Attacks
https://www.ndss-symposium.org/ndss-paper/eviction-notice-reviving-and-advancing-page-cache-attacks/
Hannes Weissteiner: Continuous User Behavior Monitoring using DNS Cache Timing Attacks
https://www.ndss-symposium.org/ndss-paper/continuous-user-behavior-monitoring-using-dns-cache-timing-attacks/
Hannes WeissteinerI'm looking forward to presenting my paper, "Continuous User Behavior Monitoring using DNS Cache Timing Attacks" at NDSS next week!
We mount an Evict+Reload-style attack on the local DNS cache, detecting recently accessed domains and evicting to continuously monitor new accesses.
Our attack works from native code, even across virtual machines and containers.
We also run the attack in the browser from a malicious website, using JavaScript or even scriptless HTML+CSS.
Most underlying primitives are OS-agnostic!
Read the paper here: https://hannesweissteiner.com/publications/dmt/
Thanks to Roland Czerny, @silent_bits, @notbobbytables , Johanna Ullrich and @lavados for the amazing collaboration!
SNeelaI'll be presenting our work
Eviction Notice: Reviving and Advancing Page Cache Attacks
Today (Feb/24/2026) at #NDSS2026
Session 1D: Microarchitectural Security Caches to Ashes, Embarcadero
Looking forward to seeing you there!
Jonas Juffinger, Lukas Maar, @lavados
Eviction Notice: Reviving and Advancing Page Cache Attacks
Foreword This blog post is a summarized and introductory write up of our paper recently accepted at NDSS 2026, “Eviction Notice: Reviving and Advancing Page Cache Attacks”. Read the full paper here. Authors: Sudheendra Raghav Neela, Jonas Juffinger, Lukas Maar, Daniel Gruss Artifacts: Github Repository, Zenodo Record (Available, Functional, and Reproducible) CVE-2025-21691: Announcement, Red Hat, NVD NIST, Debian Tracker, Suse. Introduction An operating system deals with pages, the smallest region of memory in a system using virtual memory1.