I am a security researcher with a focus on system security. I obtained my PhD in November 2022 from Graz University of Technology. In my thesis, I investigated ways to harden the kernel against unprivileged attacks.
Publications
2023
Programmable System Call Security with eBPF
Jinghao Jia, YiFei Zhu, Dan Williams, Andrea Arcangeli, Claudio Canella, Hubertus Franke, Tobin-Feldman-Fitzthum, Dimitrios Skarlatos, Daniel Gruss, Tianyin Xu
E-print arXiv:2202.13716, February 2023
Github
Jinghao Jia, YiFei Zhu, Dan Williams, Andrea Arcangeli, Claudio Canella, Hubertus Franke, Tobin-Feldman-Fitzthum, Dimitrios Skarlatos, Daniel Gruss, Tianyin Xu
E-print arXiv:2202.13716, February 2023
Github
2022
SFIP: Coarse-Grained Syscall-Flow-Integrity Protection in Modern Systems
Claudio Canella, Sebastian Dorn, Daniel Gruss, Michael Schwarz
E-print arXiv:2202.13716, February 2022
Github
Claudio Canella, Sebastian Dorn, Daniel Gruss, Michael Schwarz
E-print arXiv:2202.13716, February 2022
Github
Repurposing Segmentation as a Practical LVI-NULL Mitigation in SGX
Lukas Giner, Andreas Kogler, Claudio Canella, Michael Schwarz, Daniel Gruss
31st USENIX Security Symposium, Boston, USA, August 10-12, 2022
Github
Lukas Giner, Andreas Kogler, Claudio Canella, Michael Schwarz, Daniel Gruss
31st USENIX Security Symposium, Boston, USA, August 10-12, 2022
Github
Systematic Analysis of Programming Languages and Their Execution Environments for Spectre Attacks
Amir Naseredini, Stefan Gast, Martin Schwarzl, Pedro Miguel Sousa Bernardo, Amel Smajic, Claudio Canella, Martin Berger, Daniel Gruss
8th International Conference on Information Systems Security and Privacy (ICISSP2022), Virtual, February 9-11, 2022
E-print arXiv:2111.12528, November 2021
Recording Slides
Amir Naseredini, Stefan Gast, Martin Schwarzl, Pedro Miguel Sousa Bernardo, Amel Smajic, Claudio Canella, Martin Berger, Daniel Gruss
8th International Conference on Information Systems Security and Privacy (ICISSP2022), Virtual, February 9-11, 2022
E-print arXiv:2111.12528, November 2021
Recording Slides
2021
Domain Page-Table Isolation
Claudio Canella, Andreas Kogler, Lukas Giner, Daniel Gruss, Michael Schwarz
E-print arXiv:2111.10876, November 2021
Github
Claudio Canella, Andreas Kogler, Lukas Giner, Daniel Gruss, Michael Schwarz
E-print arXiv:2111.10876, November 2021
Github
Automating Seccomp Filter Generation for Linux Applications
Claudio Canella, Mario Werner, Daniel Gruss, Michael Schwarz
ACM Cloud Computing Security Workshop (CCSW), Best Paper Award Winner, Seoul, Korea, November 14, 2021
E-print arXiv:2012.02554, December 2020
Slides Github
Claudio Canella, Mario Werner, Daniel Gruss, Michael Schwarz
ACM Cloud Computing Security Workshop (CCSW), Best Paper Award Winner, Seoul, Korea, November 14, 2021
E-print arXiv:2012.02554, December 2020
Slides Github
PLATYPUS: Software-based Power Side-Channel Attacks on x86
Moritz Lipp, Andreas Kogler, David Oswald, Michael Schwarz, Catherine Easdon, Claudio Canella, Daniel Gruss
42th IEEE Symposium on Security and Privacy (S&P), Virtual Event, May 23-27, 2021
CVE: CVE-2020-8694, CVE-2020-8695
Recording Slides Homepage
Moritz Lipp, Andreas Kogler, David Oswald, Michael Schwarz, Catherine Easdon, Claudio Canella, Daniel Gruss
42th IEEE Symposium on Security and Privacy (S&P), Virtual Event, May 23-27, 2021
CVE: CVE-2020-8694, CVE-2020-8695
Recording Slides Homepage
Specfuscator: Evaluating Branch Removal as a Spectre Mitigation
Martin Schwarzl, Claudio Canella, Daniel Gruss, Michael Schwarz
Financial Crypto (FC), Virtual Event, March 01-05, 2021 (AR: 25.3%)
Recording Slides
Martin Schwarzl, Claudio Canella, Daniel Gruss, Michael Schwarz
Financial Crypto (FC), Virtual Event, March 01-05, 2021 (AR: 25.3%)
Recording Slides
2020
Evolution of Defenses against Transient-Execution Attacks
Claudio Canella, Sai Manoj Pudukotai Dinakarrao, Daniel Gruss, Khaled N. Khasawneh
GLSVLSI, Virtual Event, China, September 7-9, 2020
Claudio Canella, Sai Manoj Pudukotai Dinakarrao, Daniel Gruss, Khaled N. Khasawneh
GLSVLSI, Virtual Event, China, September 7-9, 2020
The Evolution of Transient-Execution Attacks
Claudio Canella, Khaled N. Khasawneh, Daniel Gruss
GLSVLSI, Virtual Event, China, September 7-9, 2020
Slides
Claudio Canella, Khaled N. Khasawneh, Daniel Gruss
GLSVLSI, Virtual Event, China, September 7-9, 2020
Slides
KASLR: Break It, Fix It, Repeat
Claudio Canella, Michael Schwarz, Martin Haubenwallner, Martin Schwarzl, Daniel Gruss
AsiaCCS, Taipei, Taiwan, October 05-09, 2020 (AR: 21.8%)
Slides Github
Claudio Canella, Michael Schwarz, Martin Haubenwallner, Martin Schwarzl, Daniel Gruss
AsiaCCS, Taipei, Taiwan, October 05-09, 2020 (AR: 21.8%)
Slides Github
ConTExT: A Generic Approach for Mitigating Spectre
Michael Schwarz, Moritz Lipp, Claudio Canella, Robert Schilling, Florian Kargl, Daniel Gruss
Network and Distributed System Security Symposium (NDSS), San Diego, USA, February 23-26, 2020 (AR: 17.4%)
E-print arXiv:1905.09100, May 2019
Info Recording Slides Github
Michael Schwarz, Moritz Lipp, Claudio Canella, Robert Schilling, Florian Kargl, Daniel Gruss
Network and Distributed System Security Symposium (NDSS), San Diego, USA, February 23-26, 2020 (AR: 17.4%)
E-print arXiv:1905.09100, May 2019
Info Recording Slides Github
2019
Fallout: Leaking Data on Meltdown-resistant CPUs
Claudio Canella, Daniel Genkin, Lukas Giner, Daniel Gruss, Moritz Lipp, Marina Minkin, Daniel Moghimi, Frank Piessens, Michael Schwarz, Berk Sunar, Jo Van Bulck, Yuval Yarom
26th ACM Conference on Computer and Communications Security (CCS), London, United Kingdom, November 11-15, 2019
E-print arXiv:1905.12701, May 2019
CVE: CVE-2018-12126
Homepage Wikipedia
Claudio Canella, Daniel Genkin, Lukas Giner, Daniel Gruss, Moritz Lipp, Marina Minkin, Daniel Moghimi, Frank Piessens, Michael Schwarz, Berk Sunar, Jo Van Bulck, Yuval Yarom
26th ACM Conference on Computer and Communications Security (CCS), London, United Kingdom, November 11-15, 2019
E-print arXiv:1905.12701, May 2019
CVE: CVE-2018-12126
Homepage Wikipedia
Store-to-Leak Forwarding: Leaking Data on Meltdown-resistant CPUs
Michael Schwarz, Claudio Canella, Lukas Giner, Daniel Gruss
E-print arXiv:1905.05725, May 2019
Homepage
Michael Schwarz, Claudio Canella, Lukas Giner, Daniel Gruss
E-print arXiv:1905.05725, May 2019
Homepage
A Systematic Evaluation of Transient Execution Attacks and Defenses
Claudio Canella, Jo Van Bulck, Michael Schwarz, Moritz Lipp, Benjamin von Berg, Philipp Ortner, Frank Piessens, Dmitry Evtyushkin, Daniel Gruss
28th USENIX Security Symposium, Santa Clara, California, USA, August 14-16, 2019 (AR: 15.7%)
E-print arXiv:1811.05441, November 2018
Info Recording Slides Github Homepage
Claudio Canella, Jo Van Bulck, Michael Schwarz, Moritz Lipp, Benjamin von Berg, Philipp Ortner, Frank Piessens, Dmitry Evtyushkin, Daniel Gruss
28th USENIX Security Symposium, Santa Clara, California, USA, August 14-16, 2019 (AR: 15.7%)
E-print arXiv:1811.05441, November 2018
Info Recording Slides Github Homepage
Talks
2022
Go With the Flow: Enforcing Program Behavior Through Syscall Sequences and Origins
Claudio Canella
Black Hat USA, Las Vegas, USA, August 10-11, 2022
Info
Claudio Canella
Black Hat USA, Las Vegas, USA, August 10-11, 2022
Info
Performance vs Security: A Never-Ending Battle
Claudio Canella
Invited Talk @ Intel Labs, Virtual, May 24, 2022
Claudio Canella
Invited Talk @ Intel Labs, Virtual, May 24, 2022
Know Where You Come From: Enforcing Program Behavior Through Syscall Sequences and Origins
Claudio Canella
Qualcomm Product Security Summit, San Diego, California, USA, May 18-20, 2022
Claudio Canella
Qualcomm Product Security Summit, San Diego, California, USA, May 18-20, 2022
2021
Enter Sandbox
Claudio Canella, Mario Werner, Michael Schwarz
Black Hat Asia, Singapore (Virtual), May 6-7, 2021
Info Recording
Claudio Canella, Mario Werner, Michael Schwarz
Black Hat Asia, Singapore (Virtual), May 6-7, 2021
Info Recording
2020
Store-to-Leak Forwarding: There and Back Again
Claudio Canella, Lukas Giner
Intel Side Channel Academic Program (SCAP) Annual Meeting, Hillsboro (Virtual), OR, US, September 28-October 1, 2020
Recording
Claudio Canella, Lukas Giner
Intel Side Channel Academic Program (SCAP) Annual Meeting, Hillsboro (Virtual), OR, US, September 28-October 1, 2020
Recording
Store-to-Leak Forwarding: There and Back Again
Claudio Canella, Lukas Giner, Michael Schwarz
Black Hat Asia, Singapore (Virtual), October 1-2, 2020
Info Recording
Claudio Canella, Lukas Giner, Michael Schwarz
Black Hat Asia, Singapore (Virtual), October 1-2, 2020
Info Recording
2019
Cards against Confusion
Claudio Canella, Jo Van Bulck, Daniel Gruss
SHARD: Bridging the Gap Between Software and Hardware Security, Leiden, Netherlands, September 23, 2019
Info
Claudio Canella, Jo Van Bulck, Daniel Gruss
SHARD: Bridging the Gap Between Software and Hardware Security, Leiden, Netherlands, September 23, 2019
Info
Transient Execution Attacks: A Never-Ending Story?
Claudio Canella
ARM, Cambridge, Cambridgeshire, United Kingdom, June 27, 2019
Claudio Canella
ARM, Cambridge, Cambridgeshire, United Kingdom, June 27, 2019
Transient Execution Attacks: Still hARMful?
Barbara Gigerl, Claudio Canella
Qualcomm Product Security Summit, San Diego, California, USA, May 15-17, 2019
Recording
Barbara Gigerl, Claudio Canella
Qualcomm Product Security Summit, San Diego, California, USA, May 15-17, 2019
Recording
A Christmas Carol: The Spectres of the Past, Present, and Future
Daniel Gruss, Moritz Lipp, Michael Schwarz, Claudio Canella, Jo Van Bulck
Grazer Linuxtage, Graz, Austria, April 26-27, 2019
Info Recording
Daniel Gruss, Moritz Lipp, Michael Schwarz, Claudio Canella, Jo Van Bulck
Grazer Linuxtage, Graz, Austria, April 26-27, 2019
Info Recording
2018
A Christmas Carol: The Spectres of the Past, Present, and Future
Daniel Gruss, Moritz Lipp, Michael Schwarz, Claudio Canella
35. Chaos Communication Congress, Leipzig, Germany, December 27-30, 2018
Info Recording
Daniel Gruss, Moritz Lipp, Michael Schwarz, Claudio Canella
35. Chaos Communication Congress, Leipzig, Germany, December 27-30, 2018
Info Recording
Microarchitectural Side-Channel Attacks: From the Basics to Transient Execution Attacks
Claudio Canella
Delft University of Technology, Netherlands, November 26, 2018
Info
Claudio Canella
Delft University of Technology, Netherlands, November 26, 2018
Info
Awards
2021
CCSW Best Paper - Automating Seccomp Filter Generation for Linux Applications
Claudio Canella, Mario Werner, Daniel Gruss, Michael Schwarz
ACM Cloud Computing Security Workshop, Virtual, November 15, 2021
Claudio Canella, Mario Werner, Daniel Gruss, Michael Schwarz
ACM Cloud Computing Security Workshop, Virtual, November 15, 2021