Caner Tol

Hello!👋

I received my M.S. and Ph.D. on Electrical and Computer Engineering from Worcester Polytechnic Institute (WPI), where I was a member of the Vernam Lab under the supervision of Prof. Berk Sunar. I earned my B.S. on Electrical and Electronics Engineering from Orta Doğu Teknik Üniversitesi (ODTÜ).

My research interests include:

Microarchitectural security
Side-channel and Fault Injection attacks
Attacks on machine learning models and other critical software
Automated detection and patching of microarchitectural vulnerabilities using AI

Outside of research, I enjoy practicing Aikido, scuba diving, sailing, and tango.

news

Mar 25, 2024	LeapFrog attack has been accepted to hardware.io USA 2024 under the new research category!
Mar 25, 2024	ZeroLeak will appear in Real World Crypto 2024, Toronto, Canada!
Nov 16, 2023	Our Mayhem attack has been accepted to ACM AsiaCCS 2024, Singapore!
Sep 25, 2023	We have issued CVE-2023-42465 for the SUDO library for our Mayhem attack. A series of commits were pushed as countermeasures.
Apr 23, 2023	I’ve been selected to receive a student travel grant for IEEE S&P 2023.

selected publications

μRL: Discovering Transient Execution Vulnerabilities Using Reinforcement Learning

M. Caner Tol, Kemal Derya, and Berk Sunar

2025

Bib PDF

@misc{tol2025uRL,
  title = {μRL: Discovering Transient Execution Vulnerabilities Using Reinforcement Learning},
  author = {Tol, M. Caner and Derya, Kemal and Sunar, Berk},
  publisher = {Under Review},
  year = {2025},
}

LeapFrog: The Rowhammer Instruction Skip Attack

Andrew J. Adiletta, M. Caner Tol, and Berk Sunar

2024

Bib PDF

ZeroLeak: Automated Side-Channel Patching in Source Code Using LLMs

M. Caner Tol, and Berk Sunar

2023

DOI Bib PDF Video

@misc{tol2023zeroleak,
  title = {ZeroLeak: Automated Side-Channel Patching in Source Code Using LLMs},
  author = {Tol, M. Caner and Sunar, Berk},
  booktitle = {Computer Security - {ESORICS} 2024 - 29th European Symposium on Research in Computer Security, Bydgoszcz, Poland, September 16-20, 2024, Proceedings, Part {I}},
  archiveprefix = {arXiv},
  series = {Lecture Notes in Computer Science},
  volume = {14982},
  pages = {290--310},
  publisher = {Springer},
  year = {2023},
  url = {https://doi.org/10.1007/978-3-031-70879-4\_15},
  doi = {10.1007/978-3-031-70879-4\_15},
}

Don’t Knock! Rowhammer at the Backdoor of DNN Models

M. Caner Tol, Saad Islam, Andrew J. Adiletta, Berk Sunar, and Ziming Zhang

In Proceedings of the 2023 IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), 2022

Bib PDF Slides

@inproceedings{tol2023dont,
  title = {Don't {K}nock! {R}owhammer at the {B}ackdoor of {DNN} {M}odels},
  author = {Tol, M. Caner and Islam, Saad and Adiletta, Andrew J. and Sunar, Berk and Zhang, Ziming},
  booktitle = {Proceedings of the 2023 IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)},
  pages = {616--632},
  year = {2022},
  organization = {IEEE},
}