I am a senior principal researcher in the Office of the CTO, Azure for Operators at Microsoft. My research focuses on building trusted and secure systems, but I am interested in all aspects of systems research.

I take great pride in my research when it has a practical impact. Over the years, together with my colleagues, I have been fortunate to:

  • influence the DRAM industry to start addressing the threat of Rowhammer attacks.
  • ship a cloud service used by 20+ million users.
  • build the reference implementation of the firmware TPM.
  • build one of the first face recognition-based payment systems, six years before Amazon Go was launched.

Prior to coming to Microsoft, I was a faculty member of the Computer Science Department at the University of Toronto. I received my Ph.D. from the Computer Science & Engineering department at the University of Washington. I am an ACM Distinguished Member.

The good folks at Microsoft Research recorded a podcast with me on Rowhammer and wrote a blog post on my work and background.

I also maintain a page with brief articles on various topics on Rowhammer.


Oct '23
In the cloud, per-VM hardware resources are strongly isolated from one another except for DRAM! Our SOSP 2023 paper shows how to accomplish per-VM DRAM isolation using DRAM subarrays, a DRAM-internal architectural block.
Sep '23
DRAMSec 2023 recordings are now available online for everyone to watch!
Jan '23
I asked ChatGPT to create a bio for myself. I found it very amusing. It lists several awards that I never received, but it falls short from going all out and claiming I won the Turing Award. :-) You can check it out here.
Dec '22
I was awarded JEDEC Chairman of the Board Award "in recognition of row hammer mitigation and standardization support in JC-42". While my name is on the award, this award should go to two groups: (1) to the many in JEDEC who have been working tirelessly on fixing Rowhammer, and (2) to all researchers who have been working on both attacks and defenses.

Recent Publications

Siloz: Leveraging DRAM Isolation Domains to Prevent Inter-VM Rowhammer
Kevin Loughlin, Jonah Rosenblum, Stefan Saroiu, Alec Wolman, Dimitrios Skarlatos, Baris Kasikci
SOSP 2023
“My face, my rules”: Enabling Personalized Protection against Unacceptable Face Editing
Zhujun Xiao, Jenna Cryan, Yuanshun Yao, Yi Hong Gordon Cheo, Yuanchao Shu, Stefan Saroiu, Ben Zhao, and Heather Zheng
PETS 2023
How to Configure Row-Sampling-Based Rowhammer Defenses
Stefan Saroiu and Alec Wolman
DRAMSec 2022
MOESI-prime: Preventing Coherence-Induced Hammering in Commodity Workloads
Kevin Loughlin, Stefan Saroiu, Alec Wolman, Yatin A. Manerkar, and Baris Kasikci
ISCA 2022

Recent Service