Stefan Saroiu
Microsoft Research
This talk will present the work done over the past six years as part of Project STEMA at Microsoft. STEMA stands for Secure, Trusted, and Enhanced Memory for Azure. We will discuss our journey in understanding Rowhammer, developing a testing methodology for cloud providers, and finding effective solutions for the DRAM industry to address Rowhammer once and for all. We will also highlight significant related work that has helped keep the DRAM industry honest. We will explain why Rowhammer remains a significant attack vector, particularly in the context of nation-state attacks, and how this has driven us to develop a suite of pragmatic solutions. Finally, we will argue that Rowhammer is far from being a solved problem and outline several important research challenges that remain in this space.
Bio: Stefan Saroiu is a researcher with Microsoft Research. His research interests cover many aspects of systems and networks, although his recent work has primarily focused on systems security. Stefan's work has been published at top conferences in the fields of security, systems, networking, and mobile computing. Stefan takes his work beyond publishing results. With his colleagues at Microsoft, he (1) is helping the DRAM industry address the threat of Rowhammer attacks once and for all, (2) has designed a methodology for testing cloud servers for the susceptibility to Rowhammer attacks, (3) has designed, deployed, and operated Microsoft Embedded Social, a cloud service aimed at user engagement in mobile apps, which had 20 million users, (4) created the reference implementation of a software-based Trusted Platform Module (TPM) used in hundreds of millions of smartphones and tablets, and (5) designed and operated Zero-Effort Payments (ZEP), one of the first face recognition-based payment systems in the world. Before joining Microsoft in 2008, Stefan spent three years as an Assistant Professor at the University of Toronto, and four months as a visiting researcher at Amazon.com, where he contributed to the early designs of their new shopping cart system, also known as Dynamo. Stefan is an ACM Fellow.