Lukas Maar

2025

Cryptographic Least Privilege Enforcement for Scalable Memory Isolation
Martin Unterguggenberger, David Schrammel, Lukas Maar, Lukas Lamster, Vedad Hadzic, Stefan Mangard
IEEE International Symposium on Hardware Oriented Security and Trust (HOST) 2025
Info BibTex

@inproceedings{Unterguggenberger2025CLPE,
  author = {Martin Unterguggenberger and David Schrammel and Lukas Maar and Lukas Lamster and Vedad Hadzic and Stefan Mangard},
  booktitle = {{HOST}},
  title = {{Cryptographic Least Privilege Enforcement for Scalable Memory Isolation}},
  year = {2025}
}

When Good Kernel Defenses Go Bad: Reliable and Stable Kernel Exploits via Defense-Amplified TLB Side-Channel Leaks
Lukas Maar, Lukas Giner, Daniel Gruss, Stefan Mangard
USENIX Security Symposium 2025
Artifacts evaluated: Available, Functional, Reproduced
Info BibTex GitHub Zenodo

@inproceedings{Maar2025LocationDisclosures,
  author = {Lukas Maar and Lukas Giner and Daniel Gruss and Stefan Mangard},
  booktitle = {{USENIX Security}},
  title = {{When Good Kernel Defenses Go Bad: Reliable and Stable Kernel Exploits via Defense-Amplified TLB Side-Channel Leaks}},
  year = {2025}
}

ChoiceJacking: Compromising Mobile Devices through Malicious Chargers like a Decade ago
Florian Draschbacher, Lukas Maar, Mathias Oberhuber, Stefan Mangard
USENIX Security Symposium 2025
Artifacts evaluated: Available CVE-2024-20900, CVE-2024-43085, CVE-2025-24193
Info BibTex Zenodo Black Hat Asia

@inproceedings{Draschbacher2025ChoiceJacking,
  author = {Florian Draschbacher and Lukas Maar and Mathias Oberhuber and Stefan Mangard},
  booktitle = {{USENIX Security}},
  title = {{ChoiceJacking: Compromising Mobile Devices through Malicious Chargers like a Decade ago}},
  year = {2025}
}

KernelSnitch: Side-Channel Attacks on Kernel Data Structures
Lukas Maar, Jonas Juffinger, Thomas Steinbauer, Daniel Gruss, Stefan Mangard
Network and Distributed System Security (NDSS) 2025
Artifacts evaluated: Available, Functional, Reproduced
Info BibTex GitHub Slides Black Hat Asia

@inproceedings{Maar2025KernelSnitch,
  author = {Lukas Maar and Jonas Juffinger and Thomas Steinbauer and Daniel Gruss and Stefan Mangard},
  booktitle = {{NDSS}},
  title = {{KernelSnitch: Side-Channel Attacks on Kernel Data Structures}},
  year = {2025}
}

Power-Related Side-Channel Attacks using the Android Sensor Framework
Mathias Oberhuber, Martin Unterguggenberger, Lukas Maar, Andreas Kogler, Stefan Mangard
Network and Distributed System Security (NDSS) 2025
Info BibTex

@inproceedings{Oberhuber2025PowerAndroidSensor,
  author = {Mathias Oberhuber and Martin Unterguggenberger and Lukas Maar and Andreas Kogler and Stefan Mangard},
  booktitle = {{NDSS}},
  title = {{Power-Related Side-Channel Attacks using the Android Sensor Framework}},
  year = {2025}
}

2024

Manifest Problems: Analyzing Code Transparency for Android Application Bundles
Florian Draschbacher, Lukas Maar
Annual Computer Security Applications Conference (ACSAC) 2024
Artifacts evaluated: Available, Functional, Reproduced CVE-2023-21387
Info BibTex GitHub

@inproceedings{Draschbacher2024ManifestProblems,
  author = {Florian Draschbacher and Lukas Maar},
  booktitle = {{ACSAC}},
  title = {{Manifest Problems: Analyzing Code Transparency for Android Application Bundles}},
  year = {2024}
}

Defects-in-Depth: Analyzing the Integration of Effective Defenses against One-Day Exploits in Android Kernels
Lukas Maar, Florian Draschbacher, Lukas Lamster, Stefan Mangard
USENIX Security Symposium 2024
Artifacts evaluated: Available, Functional, Reproduced
Info BibTex GitHub Slides

@inproceedings{Maar2024DefectsInDepth,
  author = {Lukas Maar and Florian Draschbacher and Lukas Lamster and Stefan Mangard},
  booktitle = {{USENIX Security}},
  title = {{Defects-in-Depth: Analyzing the Integration of Effective Defenses against One-Day Exploits in Android Kernels}},
  year = {2024}
}

SLUBStick: Arbitrary Memory Writes through Practical Software Cross-Cache Attacks within the Linux Kernel
Lukas Maar, Stefan Gast, Martin Unterguggenberger, Mathias Oberhuber, Stefan Mangard
USENIX Security Symposium 2024
Artifacts evaluated: Available, Functional, Reproduced CSAW'24 Europe Applied Research Competition (ARC) Finalist
Info BibTex Poster GitHub Slides

@inproceedings{Maar2024SLUBStick,
  author = {Lukas Maar and Stefan Gast and Martin Unterguggenberger and Mathias Oberhuber and Stefan Mangard},
  booktitle = {{USENIX Security}},
  title = {{SLUBStick: Arbitrary Memory Writes through Practical Software Cross-Cache Attacks within the Linux Kernel}},
  year = {2024}
}

Beyond the Edges of Kernel Control-Flow Hijacking Protection with HEK-CFI
Lukas Maar, Pascal Nasahl, Stefan Mangard
ACM ASIA Conference on Computer and Communications Security (AsiaCCS) 2024
Info BibTex Slides

@inproceedings{Maar2024HEKCFI,
  author = {Lukas Maar and Pascal Nasahl and Stefan Mangard},
  booktitle = {{AsiaCCS}},
  title = {{Beyond the Edges of Kernel Control-Flow Hijacking Protection with HEK-CFI}},
  year = {2024}
}

Remote Scheduler Contention Attacks
Stefan Gast, Jonas Juffinger, Lukas Maar, Christoph Royer, Andreas Kogler, Daniel Gruss
Financial Cryptography (FC) 2024
Info BibTex

@inproceedings{Gast2024Remote,
  author = {Stefan Gast and Jonas Juffinger and Lukas Maar and Christoph Royer and Andreas Kogler and Daniel Gruss},
  booktitle = {{FC}},
  title = {{Remote Scheduler Contention Attacks}},
  year = {2024}
}

2023

DOPE: DOmain Protection Enforcement with PKS
Lukas Maar, Martin Schwarzl, Fabian Rauscher, Daniel Gruss, Stefan Mangard
Annual Computer Security Applications Conference (ACSAC) 2023
Artifacts evaluated: Functional
Info BibTex GitHub Slides

@inproceedings{Maar2023DOPE,
  author = {Lukas Maar and Martin Schwarzl and Fabian Rauscher and Daniel Gruss and Stefan Mangard},
  booktitle = {{ACSAC}},
  title = {{DOPE: DOmain Protection Enforcement with PKS}},
  year = {2023}
}

About Me:

Publications