Publications, talks, articles, etc.

Navigation

Publications

  1. Hardware-Assisted Fault Isolation: Going Beyond the Limits of Software-Based Sandboxing

    Shravan Narayan, Tal Garfinkel, Mohammadkazem Taram, Joey Rudek, Daniel Moghimi, Evan Johnson, Chris Fallin, Anjo Vahldiek-Oberwagner, Michael LeMay, Ravi Sahita, Dean Tullsen, Deian Stefan

    IEEE Micro Top Picks 2024 : [Preprint]

  2. Going Beyond the Limits of SFI: Flexible and Secure Hardware-Assisted In-Process Isolation with HFI

    Shravan Narayan, Tal Garfinkel, Mohammadkazem Taram, Joey Rudek, Daniel Moghimi, Evan Johnson, Chris Fallin, Anjo Vahldiek-Oberwagner, Michael LeMay, Ravi Sahita, Dean Tullsen, Deian Stefan

    Distinguished paper award

    ASPLOS 2023: [ Code, Conference Video, HFI Region simulator ]

  3. WaVe: a verifiably secure WebAssembly sandboxing runtime

    Evan Johnson, Evan Laufer, Zijie Zhao, Shravan Narayan, Stefan Savage, Deian Stefan, Fraser Brown

    Distinguished paper award

    IEEE S&P 2023

  4. Half&Half: Demystifying Intel’s Directional Branch Predictors for Fast, Secure Partitioned Execution

    Hosein Yavarzadeh, Mohammadkazem Taram, Shravan Narayan, Deian Stefan, Dean Tullsen

    IEEE S&P 2023

  5. Segue & ColorGuard: Optimizing SFI Performance and Scalability on Modern x86

    Shravan Narayan, Tal Garfinkel, Evan Johnson, David Thien, Joey Rudek, Michael LeMay, Anjo Vahldiek-Oberwagner, Dean Tullsen, Deian Stefan

    PLAS 2022

  6. Isolation without Taxation: Near-Zero-Cost Transitions for WebAssembly and SFI

    Matthew Kolosick, Shravan Narayan, Evan Johnson, Conrad Watt, Michael LeMay, Deepak Garg, Ranjit Jhala, Deian Stefan

    POPL 2022: [ Code, Conference video ]

  7. Tutorial: Using RLBox to sandbox unsafe C code

    Shravan Narayan, Craig Disselkoen, Deian Stefan

    IEEE SecDev 2021: [ Presentation ]

  8. Swivel: Hardening WebAssembly against Spectre

    Shravan Narayan, Craig Disselkoen, Daniel Moghimi, Sunjay Cauligi, Evan Johnson, Zhao Gang, Anjo Vahldiek-Oberwagner, Ravi Sahita, Hovav Shacham, Dean Tullsen, Deian Stefan

    USENIX Security 2021: [ Code, Conference video ]

  9. Довер ́яй, но провер ́яй: SFI safety for native-compiled Wasm

    Evan Johnson, Yousef Alhessi, David Thien, Shravan Narayan, Fraser Brown, Sorin Lerner, Tyler McMullen, Stefan Savage, Deian Stefan

    (The title prefix means trust but verify )

    NDSS 2021: [ Code, Conference video, How to cite this paper in Latex (handling cyrillic text) ]

  10. The Road to Less Trusted Code: Lowering the Barrier to In-Process Sandboxing

    Tal Garfinkel, Shravan Narayan, Craig Disselkoen, Hovav Shacham, Deian Stefan

    Article in USENIX ;login; newsletter Winter 2020

  11. RLBox: Retrofitting Fine Grain Isolation in the Firefox Renderer

    Shravan Narayan, Craig Disselkoen, Tal Garfinkel, Nathan Froyd, Eric Rahm, Sorin Lerner, Hovav Shacham, Deian Stefan

    Distinguished paper award

    USENIX Security 2020: [ Extended version, Code (from the paper), Conference video, Longer video ]

    RLBox production version: [ Code, Docs Initial Firefox rollout, Full Firefox rollout ]

  12. Towards verified programming of embedded devices

    Jean-Pierre Talpin, Jean-Joseph Marty, Shravan Narayan, Deian Stefan, Rajesh Gupta

    Invited paper, DATE 2019

  13. Browser history re:visited

    Michael Smith, Craig Disselkoen, Shravan Narayan, Fraser Brown, Deian Stefan

    USENIX WOOT 2018

  14. Finding and Preventing Bugs in JavaScript Bindings

    Fraser Brown, Shravan Narayan, Riad S. Wahby, Dawson Engler, Ranjit Jhala, Deian Stefan

    IEEE S&P 2017: [ Code ]

Others (talks, articles, posters, non-refereed)

  1. Don't Get Owned by Your Dependencies: How Firefox Uses In-process Sandboxing To Protect Itself From Exploitable Libraries

    Strange Loop Conference 2022

  2. Don't Get Owned by Your Dependencies: How Firefox Uses In-process Sandboxing To Protect Itself From Exploitable Libraries

    Black Hat USA Conference 2022

  3. Invited Poster - RLBox: Retrofitting Fine Grain Isolation in the Firefox Renderer

    Shravan Narayan, Craig Disselkoen, Tal Garfinkel, Sorin Lerner, Hovav Shacham, Deian Stefan

    IEEE S&P 2021

  4. Making Software Sandboxing Practical using Language-based Techniques

    Shravan Narayan, Deian Stefan

    Article in SIGPLAN PL Perspectives blog, Jul 2021

  5. Gobi: WebAssembly as a Practical Path to Library Sandboxing

    Shravan Narayan, Tal Garfinkel, Sorin Lerner, Hovav Shacham, Deian Stefan

    Unpublished short paper, originally written Jan 2019, updated Nov 2019