About Me

I am a postdoctoral scholar — UCSD CSE fellow working with Nadia Heninger and Deian Stefan. I received my PhD in ECE and MSc in CS from WPI under the supervision of Berk Sunar and Thomas Eisenbarth. I work on computer security and privacy, microarchitectural security, side channels and cryptanalysis, and architectural security primitives. I have also interned at Cisco Talos working on fuzz testing for automated vulnerability discovery, and Qualcomm product security initiative (QPSI) working on system-level security of PCIe controllers.

Contact Information:
            


Publications

Refereed Papers
  1. S Narayan, C Disselkoen, D Moghimi, S Cauligi, E Johnson, Z Gang, A Vahldiek-Oberwagner, R Sahita, H Shacham, D Tullsen, D Stefan. Swivel: Hardening WebAssembly against Spectre  The 30th USENIX Security Symposium (SEC 2021).
     [arXiv]  [PDF]  [Cite]
  2. D Moghimi, J Van Bulck, N Heninger, F Piessens, B Sunar. Controlled Instruction-Level Attacks on Enclaves  The 29th USENIX Security Symposium (SEC 2020).
     [PDF]  [Cite]  [Slides]  [Video]
  3. D Moghimi, M Lipp, B Sunar, M Schwarz. Medusa: Microarchitectural Data Leakage via Automated Attack Synthesis The 29th USENIX Security Symposium (SEC 2020).
     [PDF]  [Cite]  [Slides]  [Video]
  4. Z Weissman, T Tiemann, D Moghimi, E Custodio, T Eisenbarth, B Sunar. JackHammer: Efficient Rowhammer on Heterogeneous FPGA-CPU Platforms  IACR Transactions on Cryptographic Hardware and Embedded Systems (TCHES 2020).
     [PDF]  [Cite]  [ZDNet]  [tom's Hardware]
  5. J Van Bulck, D Moghimi, M Schwarz, M Lipp, M Minkin, D Genkin, Y Yarom, B Sunar, D Gruss, F Piessens.LVI: Hijacking Transient Execution through Microarchitectural Load Value Injection The 41st IEEE Symposium on Security and Privacy (S&P 2020).
     [PDF]  [Cite]  [Dark Reading]  [The Register]  [ZDNet]  [tom's Hardware]
  6. D Moghimi, B Sunar, T Eisenbarth, N Heninger. TPM-Fail: TPM meets Timing and Lattice Attacks   The 29th USENIX Security Symposium (SEC 2020).
     [PDF]  [Cite]  [Slides]  [Video]  [Dark Reading]  [Hacker News]  [The Register]  [ZDNet]
  7. M Schwarz, M Lipp, D Moghimi, J Van Bulck, J Stecklina, T Prescher, D Gruss. ZombieLoad: Cross-Privilege-Boundary Data Sampling The 26th ACM Conference on Computer and Communications Security (CCS 2019).
     [PDF]  [Cite]  [Tech Target]  [Fox News]
  8. M Minkin , D Moghimi , M Lipp , M Schwarz , J Van Bulck , D Genkin , D Gruss , F Piessens, B Sunar, Y Yarom. Fallout: Reading Kernel Writes From User Space  arXiv preprint arXiv:1905.12701 merged with Store-to-Leak (arXiv:1905.05725), under Canella et al. Fallout: Leaking Data on Meltdown-resistant CPUs   The 26th ACM Conference on Computer and Communications Security (CCS 2019).
     [PDF]  [Cite]  [Wired News]
  9. S Islam, A Moghimi, I Bruhns, M Krebbel, B Gulmezoglu, T Eisenbarth, B Sunar. SPOILER: Speculative Load Hazards Boost Rowhammer and Cache Attacks The 28th USENIX Security Symposium (SEC 2019).
     [PDF]  [Cite]  [Slides]  [Video]  [The Register]  [ZDNet]  [Forbes Article]
  10. A Moghimi, J Wichelmann, T Eisenbarth, B Sunar. MemJam: A False Dependency Attack against Constant-Time Crypto Implementations (Extended Version) International Journal of Parallel Programming (IJPP 2019).
     [PDF]  [Cite]
  11. J Wichelmann, A Moghimi, T Eisenbarth, B Sunar. MicroWalk: A Framework for Finding Side Channels in Binaries   Annual Computer Security Applications Conference (ACSAC 2018).
     [PDF]  [Cite]
  12. F Dall, G De Micheli, T Eisenbarth, D Genkin, N Heninger, A Moghimi, Y Yarom. CacheQuote: Efficiently Recovering Long-term Secrets of SGX EPID via Cache Attacks  IACR Transactions on Cryptographic Hardware and Embedded Systems (TCHES 2018).
     [PDF]  [Cite]
  13. A Moghimi, T Eisenbarth, B Sunar. MemJam: A False Dependency Attack against Constant-Time Crypto Implementations in SGX  Cryptographers' Track at the RSA Conference (CT-RSA 2018).
     [PDF]  [Cite]
  14. A Moghimi, G Irazoqui, T Eisenbarth. CacheZoom: How SGX Amplifies The Power of Cache Attacks  International Conference on Cryptographic Hardware and Embedded Systems (CHES 2017).
     [PDF]  [Cite]
Preprints / Technical Reports
  1. S Cauligi, C Disselkoen, D Moghimi, G Barthe, D Stefan. SoK: Practical Foundations for Spectre Defenses arXiv preprint arXiv:1907.03651
  2. B Gulmezoglu, A Moghimi, T Eisenbarth, B Sunar. FortuneTeller: Predicting Microarchitectural Attacks via Unsupervised Deep Learning arXiv preprint arXiv:1907.03651
  3. D Moghimi. Data Sampling on MDS-resistant 10th Generation Intel Core (Ice Lake)
     [PDF]  [Cite]
Posters
  1. N Brown, N Patel, P Plenefisch, A Moghimi, T Eisenbarth, C Shue, and K Venkatasubramanian. Poster: Scream: Sensory Channel Remote Execution Attack Methods  Usenix Security (USENIX Security '16 Poster Session).
     [PDF]
  2. M Abi-Antoun, E Khalaj, Radu Vanciu, and A Moghimi. Poster: Abstract Runtime Structure for Reasoning about Security  Proceedings of the Symposium and Bootcamp on the Science of Security (HotSoS '16).
     [PDF]  [Cite]
Thesis / Dissertation
  1. D Moghimi. Revisiting Isolated and Trusted Execution via Microarchitectural Cryptanalysis  PhD Dissertation at Electrical and Computer Engineering of Worcester Polytechnic Institute (December 2020)
     [PDF]  [Slides]  [Video]
  2. D Moghimi. How SGX Amplifies the Power of Cache Attacks MS Thesis at Computer Science of Worcester Polytechnic Institute (May 2017)
     [PDF]  [Slides]

Talks

  1. D Moghimi, Thore Tiemann, Zane Weissman. JackHammer: Rowhammer and Cache Attacks on Heterogeneous FPGA-CPU Platforms Conference talk at hardwear.io Netherlands 2020 - October 2020
     [Slides]  [Video]
  2. D Moghimi. CopyCat: Controlled Instruction-Level Attacks on Enclaves Invited talk at Intel Labs "Online" - September 2020
     [Slides]
  3. D Moghimi. Remote Timing Attacks on TPMs, AKA TPM-Fail Conference talk at Black Hat USA 2020 "Online" - August 2020
     [Slides]  [Video]
  4. D Moghimi. Microarchitectural Data Leakage via Automated Attack Synthesis Invited talk at Intel Product Security Incedent Response Team "Online" - June 2020
     [Slides]
  5. D Gruss, D Moghimi, J Van Bulck. LVI: Hijacking Transient Execution with Load Value Injection Conference talk at Hardwear.io Virtual Con 2020 - April 2020
     [Slides]
  6. D Moghimi. Breaking Deployed Crypto: The Side Channel Analyst’s Way Conference talk at Hardwear.io Virtual Con 2020 - April 2020
     [Slides]  [Video]
  7. D Moghimi. Exploiting Microarchitectural Flaws in the Heart of the Memory Subsystem​ Invited talk at Columbia University, New York City, NY - February 2020
     [Slides]
  8. D Moghimi. TPM-Fail: TPM meets Timing and Lattice Attacks Conference talk at Real World Crypto 2020, New York City, NY - January 2020
     [Slides]  [Video]
  9. D Moghimi. ZombieLoad: Leaking Data on Intel CPUs Conference talk at ToorCon 21 (2019), San Diego, CA - November 2019
     [Slides]  [Video]
  10. D Moghimi. Microarchitectural Attacks and Cloud Accelerators Guest talk at Intel SCAP Conference 2019, Intel, Hillsboro, OR - June 2019
     [Slides]
  11. D Moghimi. Microarchitectural Attacks: Protecting Cloud Accelerators Guest talk at Intel SCAP Meeting 2019, University of Florida, Gainesville, FL - April 2019
     [Slides]
  12. D Moghimi. MemJam: A False Dependency Attack against Constant-Time Crypto Implementations  Conference talk at RSA Conference 2018 (CT-RSA 2018), San Francisco, CA - April 2018
     [Slides]
  13. D Moghimi. Side-channel Attacks on SGX Enclaves Conference talk at New England Security Day (NESD 2017), Northeastern, Boston, MA - September 2017

Professional Service


CVEs & Security Advisories

Intel
STMicroelectronics
WolfSSL
Ahnlab
Agnitum
Avira

I maintain a list of old blog posts on software and windows kernel exploitation at here.