Stefan Saroiu

Introduction

I am a senior principal researcher with Microsoft Research, specializing in the creation of trusted and secure systems. My interests span all aspects of systems and networking research.

My research is driven by its practical impact. Throughout my career, I have, along with my colleagues, managed to:

Influence the DRAM industry to address the threat of Rowhammer attacks.
Develop and launch a cloud service used by 20+ million users.
Create the reference implementation of the firmware TPM.
Build one of the first face recognition-based payment systems, six years before Amazon Go was launched.

Prior to joining Microsoft, I served as a faculty member in the Computer Science Department at the University of Toronto. I earned my Ph.D. from the Computer Science & Engineering department at the University of Washington, and I am an ACM Fellow.

Microsoft Research has featured me in a podcast on Rowhammer and published a blog post detailing my background and research. I also maintain a page with brief articles on various topics related to Rowhammer.

News

June '24

I am back at Microsoft Research after spending close to four years in Azure for Operators. I am excited to be back in the lab and to continue my work on systems security.

April '24

Hugely exciting development -- the new DDR5 spec introduces PRAC, a new mechanism to prevent Rowhammer attacks. While PRAC has the potential to eliminate Rowhammer attacks once and for all, implementing it effectively is challenging. I have detailed these issues in a brief article. For more background, check out Panopticon (or watch its presentation), our earlier research paper that influenced PRAC's development.

Jan '24

Very humbled to be named an ACM fellow. As always, this award is the result of the work of many of my brilliant colleagues and students.

Jan '24

Managing servers in the hybrid cloud is incredibly challenging. Our HotMobile 2024 paper presents two-person control -- one way to address this challenge.

Oct '23

In the cloud, per-VM hardware resources are strongly isolated from one another except for DRAM! Our SOSP 2023 paper shows how to accomplish per-VM DRAM isolation using DRAM subarrays, a DRAM-internal architectural block.

Recent Publications

Towards Multi-Stakeholder Clouds

Bohdan Borysei, Stefan Saroiu, Eyal de Lara

HotMobile 2024

Siloz: Leveraging DRAM Isolation Domains to Prevent Inter-VM Rowhammer

Kevin Loughlin, Jonah Rosenblum, Stefan Saroiu, Alec Wolman, Dimitrios Skarlatos, Baris Kasikci

SOSP 2023

show all

Recent Service

ASPLOS 2025: Program Committee member.
DRAMSec 2024: Program Committee member.