Yossi Oren

Twitter: @yossioren

Research Interests

Implementation Security

Publications

• Juliet-PUF: Enhancing the Security of IoT-Based SRAM-PUFs Using the Remanence Decay Effect (IEEE Internet of Things Journal, to appear)
• Characterization and Detection of Cross-Router Covert Channels (Elsevier Computers & Security, January 2023, 103125)
• HammerScope: Observing DRAM Power Consumption Using Rowhammer (29th ACM Conference on Computer and Communications Security (CCS), 2022)
• Port Contention Goes Portable: Port Contention Side Channels in Web Browsers (17th ACM ASIA Conference on Computer and Communications Security, AsiaCCS 2022)
• Toward Usable and Accessible Two-Factor Authentication Based on the Piezo-Gyro Channel (IEEE Access, Volume 10, 2022)
• Practical, Low-Cost Fault Injection Attacks on Personal Smart Devices (Applied Sciences, Volume 12 Issue 1, 2022)
• DRAWN APART : A Device Identification Technique based on Remote GPU Fingerprinting (29th Annual Network and Distributed System Security Symposium, NDSS 2022)
• Cache-based characterization: A low-infrastructure, distributed alternative to network-based traffic and application characterization (Elsevier Computer Networks Volume 200, December 2021)
• Website Fingerprinting Through the Cache Occupancy Channel and its Real World Practicality (IEEE Transactions on Dependable and Secure Computing Volume 18, Issue 5, September 2021)
• Prime+Probe 1, JavaScript 0: Overcoming Browser-based Side-Channel Defenses (30th USENIX Security Symposium, 2021)
• Sensor Defense In-Software (SDI): Practical Defenses Against Spoofing Attacks on Position Sensors (Engineering Applications of Artificial Intelligence Volume 95, 2020)
• Can the Operator of a Drone Be Located by Following the Drone’s Path? (4th International Symposium on Cyber Security Cryptography and Machine Learning, 2020)
• Cyber Security Threats in the Microbial Genomics Era: Implications for Public Health (Eurosurveillance Volume 25, Issue 6, 2020)
• Inner Conflict: How Smart Device Components Can Cause Harm (Elsevier Computers & Security, Volume 89, February 2020, 101665)
• Cross-Router Covert Channels (13th USENIX Workshop on Offensive Technologies (WOOT), 2019)
• Cyber Attack on SUUNTO Dive Computer (Technical Report)
• Robust Website Fingerprinting Through the Cache Occupancy Channel (28th USENIX Security Symposium, 2019)
• Reverse Engineering IoT Devices: Effective Techniques and Methods (IEEE Internet of Things Journal, Volume 5, Issue 6, 2019)
• Sensorless, Permissionless Information Exfiltration with Wi-Fi Micro-Jamming (12th USENIX Workshop on Offensive Technologies (WOOT), 2018)
• Brief Announcement: Deriving Context for Touch Events (Second International Symposium on Cyber Security Cryptography and Machine Learning (CSCML), 2018)
• Shattered Trust: When Replacement Smartphone Components Attack (11th USENIX Workshop on Offensive Technologies (WOOT), 2017)
• Opening Pandora's Box: Effective Techniques for Reverse Engineering IoT Devices (17th Smart Card Research and Advanced Application Conference (CARDIS), 2017)
• From Smashed Screens to Smashed Stacks: Attacking Mobile Phones Using Malicious Aftermarket Parts (Workshop on Security for Embedded and Mobile Systems (SEMS), 2017)
• The Curious Case of the Curious Case: Detecting touchscreen events using a smartphone protective case (Workshop on Security for Embedded and Mobile Systems (SEMS), 2017)
• How to Phone Home with Someone Else's Phone: Information Exfiltration Using Intentional Sound Noise on Gyroscopic Sensors (10th USENIX Workshop on Offensive Technologies (WOOT), 2016)

Dr. Yossi Oren is a Senior Lecturer in the Department of Software and Information Systems Engineering at Ben Gurion University of the Negev, and a member of BGU’s Cyber Security Research Center. Prior to joining BGU, Yossi was a Post-Doctoral Research Scientist in the Network Security Lab at Columbia University in the City of New York and a member of the security lab at Samsung Research Israel. He holds a Ph.D. in Electrical Engineering from Tel-Aviv University (thesis), and an M.Sc. in Computer Science from the Weizmann Institute of Science (thesis).

His research interests include implementation security (side-channel attacks, micro-architectural attacks, power analysis and other hardware attacks and countermeasures; low-resource cryptographic constructions for lightweight computers) and cryptography in the real world (consumer and voter privacy in the digital era; web application security). He has been recognized by The Register as a Top Boffin.

Personal homepage: https://iss.oy.ne.ro

Contact Information:

Building 96, Room 301

Department of Software and Information Systems Engineering

Faculty of Engineering Sciences

Ben-Gurion University of the Negev

P.O.B. 653

Beer-Sheva 8410501 Israel

Voice: +972 (74) 779-5122