Tommaso Frassetto

TL;DR: IoT Sentinel is presented, a system capable of automatically identifying the types of devices being connected to an IoT network and enabling enforcement of rules for constraining the communications of vulnerable devices so as to minimize damage resulting from their compromise.

TL;DR: NAUTILUS is proposed, a method to efficiently fuzz programs that require highly-structured inputs by combining the use of grammars with theUse of code coverage feedback, which significantly outperforms state-of-the-art approaches like AFL by an order of magnitude and grammar fuzzers by more than a factor of two when measuring code coverage.

TL;DR: Novel exploitation techniques against SGX are presented that do not require any enclave crashes and work in the presence of existing SGX randomization approaches such as SGX-Shield and can be applied to any enclave developed with the standard Intel SGX SDK on either Linux or Windows.

TL;DR: This paper designs and implements a compiler-based tool called DR.SGX that instruments enclave code such that data locations are permuted at the granularity of cache lines, and realizes the permutation with the CPU's cryptographic hardware-acceleration units providing secure randomization.

TL;DR: This work proposes an architecture, dubbed VoiceGuard, that efficiently protects the speech processing task inside a trusted execution environment (TEE) and preserves the privacy of users while at the same time it does not require the service provider to reveal model parameters.