Caner Tol

Hello!👋

I am a recent Ph.D. graduate from Vernam Lab, WPI, advised by Berk Sunar.

My current research interests are

Microarchitectural (μarch) security
Side-channel and Fault Injection attacks
Attacks on ML models and other critical software
Automated detection and patching of μarch vulnerabilities using AI

Outside of work, I do Aikido, scuba diving, sailing, tango…

news

Mar 25, 2024	LeapFrog attack has been accepted to hardware.io USA 2024 under the new research category!
Mar 25, 2024	ZeroLeak will appear in Real World Crypto 2024, Toronto, Canada!
Nov 16, 2023	Our Mayhem attack has been accepted to ACM AsiaCCS 2024, Singapore!
Sep 25, 2023	We have issued CVE-2023-42465 for the SUDO library for our Mayhem attack. A series of commits were pushed as countermeasures.
Apr 23, 2023	I’ve been selected to receive a student travel grant for IEEE S&P 2023.

selected publications

μRL: Discovering Transient Execution Vulnerabilities Using Reinforcement Learning

M. Caner Tol, Kemal Derya, and Berk Sunar

2025

Bib PDF

@misc{tol2025uRL,
  title = {μRL: Discovering Transient Execution Vulnerabilities Using Reinforcement Learning},
  author = {Tol, M. Caner and Derya, Kemal and Sunar, Berk},
  publisher = {Under Review},
  year = {2025},
}

LeapFrog: The Rowhammer Instruction Skip Attack

Andrew J. Adiletta, M. Caner Tol, and Berk Sunar

2024

Bib PDF

ZeroLeak: Automated Side-Channel Patching in Source Code Using LLMs

M. Caner Tol, and Berk Sunar

2023

DOI Bib PDF Video

@misc{tol2023zeroleak,
  title = {ZeroLeak: Automated Side-Channel Patching in Source Code Using LLMs},
  author = {Tol, M. Caner and Sunar, Berk},
  booktitle = {Computer Security - {ESORICS} 2024 - 29th European Symposium on Research in Computer Security, Bydgoszcz, Poland, September 16-20, 2024, Proceedings, Part {I}},
  archiveprefix = {arXiv},
  series = {Lecture Notes in Computer Science},
  volume = {14982},
  pages = {290--310},
  publisher = {Springer},
  year = {2023},
  url = {https://doi.org/10.1007/978-3-031-70879-4\_15},
  doi = {10.1007/978-3-031-70879-4\_15},
}

Don’t Knock! Rowhammer at the Backdoor of DNN Models

M. Caner Tol, Saad Islam, Andrew J. Adiletta, Berk Sunar, and Ziming Zhang

In Proceedings of the 2023 IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), 2022

Bib PDF Slides

@inproceedings{tol2023dont,
  title = {Don't {K}nock! {R}owhammer at the {B}ackdoor of {DNN} {M}odels},
  author = {Tol, M. Caner and Islam, Saad and Adiletta, Andrew J. and Sunar, Berk and Zhang, Ziming},
  booktitle = {Proceedings of the 2023 IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)},
  pages = {616--632},
  year = {2022},
  organization = {IEEE},
}