Stefan Saroiu

Introduction

I’m a Senior Principal Researcher at Microsoft Research, where I work on designing secure and trustworthy systems. My broader research interests span all aspects of systems and networking research.

My research is driven by practical impact. Throughout the years, my colleagues and I:

designed Panopticon, a Rowhammer defense adopted by the DRAM industry;
designed, deployed, and operated Microsoft Embedded Social, a cloud service aimed at user engagement in mobile apps, which had 20 million users;
created the reference implementation of a firmware-based Trusted Platform Module (fTPM) used in hundreds of millions of smartphones and tablets;
designed and operated Zero-Effort Payments (ZEP), one of the first face recognition-based payment systems in the world.

Prior to joining Microsoft, I served as a faculty member in the Computer Science Department at the University of Toronto. I earned my Ph.D. from the Computer Science & Engineering department at the University of Washington, and I am an ACM Fellow.

Microsoft Research has featured me in a podcast on Rowhammer and published a blog post detailing my background and research. I also maintain a page with brief articles on various topics related to Rowhammer.

News

June '24

I am back at Microsoft Research after spending close to four years in Azure for Operators. I am excited to be back in the lab and to continue my work on systems security.

April '24

Hugely exciting development -- the new DDR5 spec introduces PRAC, a new mechanism to prevent Rowhammer attacks. While PRAC has the potential to eliminate Rowhammer attacks once and for all, implementing it effectively is challenging. I have detailed these issues in a brief article. For more background, check out Panopticon (or watch its presentation), our earlier research paper that influenced PRAC's development.

Jan '24

Very humbled to be named an ACM fellow. This award is the result of the work of many of my brilliant colleagues and students.

Jan '24

Managing servers in the hybrid cloud is incredibly challenging. Our HotMobile 2024 paper presents two-person control -- one way to address this challenge.

Oct '23

In the cloud, per-VM hardware resources are strongly isolated from one another except for DRAM! Our SOSP 2023 paper shows how to accomplish per-VM DRAM isolation using DRAM subarrays, a DRAM-internal architectural block.

Recent Publications

Towards Multi-Stakeholder Clouds

Bohdan Borysei, Stefan Saroiu, Eyal de Lara

HotMobile 2024

Siloz: Leveraging DRAM Isolation Domains to Prevent Inter-VM Rowhammer

Kevin Loughlin, Jonah Rosenblum, Stefan Saroiu, Alec Wolman, Dimitrios Skarlatos, Baris Kasikci

SOSP 2023

show all

Recent Service

NSDI 2026: Program Committee member.
DRAMSec 2025: Program Committee member.
ASPLOS 2025: Program Committee member.