publications

2025

1. μRL: Discovering Transient Execution Vulnerabilities Using Reinforcement Learning

   M. Caner Tol, Kemal Derya, and Berk Sunar

   2025

   Bib PDF

   

   @misc{tol2025uRL,
     title = {μRL: Discovering Transient Execution Vulnerabilities Using Reinforcement Learning},
     author = {Tol, M. Caner and Derya, Kemal and Sunar, Berk},
     publisher = {Under Review},
     year = {2025},
   }

2024

1. Fault+Probe: A Generic Rowhammer-based Bit Recovery Attack

   Kemal Derya, M. Caner Tol, and Berk Sunar

   2024

   Bib PDF

   

   @misc{derya2024faultprobe,
     title = {Fault+Probe: A Generic Rowhammer-based Bit Recovery Attack},
     author = {Derya, Kemal and Tol, M. Caner and Sunar, Berk},
     publisher = {Under Review},
     year = {2024},
   }

2. LeapFrog: The Rowhammer Instruction Skip Attack

   Andrew J. Adiletta, M. Caner Tol, and Berk Sunar

   2024

   Bib PDF

   

   @misc{adiletta2024leapfrog,
     title = {LeapFrog: The Rowhammer Instruction Skip Attack},
     author = {Adiletta, Andrew J. and Tol, M. Caner and Sunar, Berk},
     publisher = {true},
     year = {2024},
   }

2023

1. ZeroLeak: Automated Side-Channel Patching in Source Code Using LLMs

   M. Caner Tol, and Berk Sunar

   2023

   DOI Bib PDF Video

   

   @misc{tol2023zeroleak,
     title = {ZeroLeak: Automated Side-Channel Patching in Source Code Using LLMs},
     author = {Tol, M. Caner and Sunar, Berk},
     booktitle = {Computer Security - {ESORICS} 2024 - 29th European Symposium on Research in Computer Security, Bydgoszcz, Poland, September 16-20, 2024, Proceedings, Part {I}},
     archiveprefix = {arXiv},
     series = {Lecture Notes in Computer Science},
     volume = {14982},
     pages = {290--310},
     publisher = {Springer},
     year = {2023},
     url = {https://doi.org/10.1007/978-3-031-70879-4\_15},
     doi = {10.1007/978-3-031-70879-4\_15},
   }

2. Mayhem: Targeted Corruption of Register and Stack Variables

   Andrew J. Adiletta, M. Caner Tol, Yarkın Doröz, and Berk Sunar

   In Proceedings of the 2024 ACM Asia Conference on Computer and Communications Security, 2023

   Bib PDF

   

   @inproceedings{adiletta2023mayhem,
     title = {Mayhem: Targeted Corruption of Register and Stack Variables},
     author = {Adiletta, Andrew J. and Tol, M. Caner and Doröz, Yarkın and Sunar, Berk},
     booktitle = {Proceedings of the 2024 ACM Asia Conference on Computer and Communications Security},
     year = {2023},
   }

2022

1. Jolt - Recovering TLS Signing Keys via Rowhammer Faults

   Koksal Mus, Yarkın Doröz, M. Caner Tol, Kristi Rahman, and Berk Sunar

   In Proceedings of the 2023 IEEE Symposium on Security and Privacy (SP), 2022

   Bib PDF Video Slides

   

   @inproceedings{mus2022jolt,
     title = {Jolt - Recovering TLS Signing Keys via Rowhammer Faults},
     author = {Mus, Koksal and Doröz, Yarkın and Tol, M. Caner and Rahman, Kristi and Sunar, Berk},
     booktitle = {Proceedings of the 2023 IEEE Symposium on Security and Privacy (SP)},
     year = {2022},
   }

2. Don’t Knock! Rowhammer at the Backdoor of DNN Models

   M. Caner Tol, Saad Islam, Andrew J. Adiletta, Berk Sunar, and Ziming Zhang

   In Proceedings of the 2023 IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), 2022

   Bib PDF Slides

   

   @inproceedings{tol2023dont,
     title = {Don't {K}nock! {R}owhammer at the {B}ackdoor of {DNN} {M}odels},
     author = {Tol, M. Caner and Islam, Saad and Adiletta, Andrew J. and Sunar, Berk and Zhang, Ziming},
     booktitle = {Proceedings of the 2023 IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)},
     pages = {616--632},
     year = {2022},
     organization = {IEEE},
   }

2021

1. FastSpec- Scalable Generation and Detection of Spectre Gadgets Using Neural Embeddings

   M. Caner Tol, Berk Gulmezoglu, Koray Yurtseven, and Berk Sunar

   In Proceedings of the 2021 IEEE European Symposium on Security and Privacy (EuroS&P), 2021

   Bib PDF Video Slides

   

   @inproceedings{tol2021fastspec,
     title = {FastSpec- Scalable Generation and Detection of Spectre Gadgets Using Neural Embeddings},
     author = {Tol, M. Caner and Gulmezoglu, Berk and Yurtseven, Koray and Sunar, Berk},
     booktitle = {Proceedings of the 2021 IEEE European Symposium on Security and Privacy (EuroS\&P)},
     pages = {616--632},
     year = {2021},
     organization = {IEEE},
   }

2020

1. Gimme That Model!- A Trusted ML Model Trading Protocol

   Laia Amorós, Syed Mahbub Hafiz, Keewoo Lee, and M Caner Tol

   Protecting Privacy through Homomorphic Encryption, 2020

   Bib PDF Video

   

   @article{amoros2021gimme,
     title = {Gimme That Model!- A Trusted ML Model Trading Protocol},
     author = {Amor{\'o}s, Laia and Hafiz, Syed Mahbub and Lee, Keewoo and Tol, M Caner},
     journal = {Protecting Privacy through Homomorphic Encryption},
     pages = {147--155},
     publisher = {Springer},
     year = {2020},
   }

2019

1. Undermining User Privacy on Mobile Devices Using AI

   Berk Gulmezoglu, Andreas Zankl, M. Caner Tol, Saad Islam, Thomas Eisenbarth, and Berk Sunar

   In Proceedings of the 2019 ACM Asia Conference on Computer and Communications Security, 2019

   Bib PDF

   

   @inproceedings{gulmezoglu2019undermining,
     title = {Undermining User Privacy on Mobile Devices Using AI},
     author = {Gulmezoglu, Berk and Zankl, Andreas and Tol, M. Caner and Islam, Saad and Eisenbarth, Thomas and Sunar, Berk},
     booktitle = {Proceedings of the 2019 ACM Asia Conference on Computer and Communications Security},
     pages = {214--227},
     year = {2019},
   }