I am a Sr. Security Engineer at BlueRock Security (previously known as Bedrock Systems).
I was previously a Security Architect at Sanctuary, a Technical University of Darmstadt spin-off. I have also been a Research Assistant in the System Security Lab at TU Darmstadt.
I completed my Ph.D. at TU Darmstadt and my B.Sc. and M.Sc. in Computer Science at the University of Padua, Italy.
Research Interests
- Run-time attacks and defenses
- Randomization
- Trusted Execution Environments
Publications
2023
- Tommaso Frassetto, Patrick Jauernig, David Koisser, David Kretzler, Benjamin Schlosser, Sebastian Faust and Ahmad-Reza Sadeghi.
POSE: Practical Off-chain Smart Contract Execution. [arXiv]
30th Annual Network & Distributed System Security Symposium (NDSS). 2023.
2022
-
Tommaso Frassetto.
Raising The Bar: Advancing Mitigations Against Memory-Corruption and Side-Channel Attacks [PDF]
Ph.D. Dissertation. TU Darmstadt. 2022. -
Tommaso Frassetto, Patrick Jauernig, David Koisser and Ahmad-Reza Sadeghi.
CFInsight: A Comprehensive Metric for CFI Policies [PDF]
29th Annual Network & Distributed System Security Symposium (NDSS). 2022.
2021
- Shaza Zeitouni, Jo Vliegen, Tommaso Frassetto, Dirk Koch, Ahmad-Reza Sadeghi and Nele Mentens.
Trusted Configuration in Cloud FPGAs.
The 29th IEEE International Symposium On Field-Programmable Custom Computing Machines. 2021.
2020
-
Ghada Dessouky, Tommaso Frassetto and Ahmad-Reza Sadeghi.
HybCache: Hybrid Side-Channel-Resilient Caches for Trusted Execution Environments [PDF] [arXiv]
29th USENIX Security Symposium. 2020. -
Zijo Kenjar, Tommaso Frassetto, David Gens, Michael Franz and Ahmad-Reza Sadeghi.
V0LTpwn: Attacking x86 Processor Integrity from Software [PDF] [arXiv] [Intel Security Advisory]
29th USENIX Security Symposium. 2020. -
Johannes Buchmann, Ghada Dessouky, Tommaso Frassetto, Ágnes Kiss, Ahmad-Reza Sadeghi, Thomas Schneider, Giulia Traverso and Shaza Zeitouni.
SAFE: A Secure and Efficient Long-Term Distributed Storage System.
8th International Workshop on Security in Blockchain and Cloud Computing (SBC’20). 2020. -
Sebastian P. Bayerl, Tommaso Frassetto, Patrick Jauernig, Korbinian Riedhammer, Ahmad-Reza Sadeghi, Thomas Schneider, Emmanuel Stapf and Christian Weinert.
Offline Model Guard: Secure and Private ML on Mobile Devices.
23rd Design, Automation and Test in Europe Conference (DATE ‘20). 2020.
2019
-
Ferdinand Brasser, Srdjan Capkun, Alexandra Dmitrienko, Tommaso Frassetto, Kari Kostiainen and Ahmad-Reza Sadeghi.
DR.SGX: Automated and Adjustable Side-Channel Protection for SGX using Data Location Randomization [PDF] [arXiv]
35th Annual Computer Security Applications Conference (ACSAC). 2019. -
Sebastian P Bayerl, Ferdinand Brasser, Christoph Busch, Tommaso Frassetto, Patrick Jauernig, Jascha Kolberg, Andreas Nautsch, Korbinian Riedhammer, Ahmad-Reza Sadeghi and Thomas Schneider.
Privacy-preserving speech processing via STPC and TEEs (Poster).
2nd Privacy Preserving Machine Learning (PPML) – CCS 2019 Workshop. 2019. -
Poulami Das, Lisa Eckey, Tommaso Frassetto, David Gens, Kristina Hostáková, Patrick Jauernig, Sebastian Faust and Ahmad-Reza Sadeghi.
FastKitten: Practical Smart Contracts on Bitcoin [PDF] [ePrint]
28th USENIX Security Symposium. 2019. -
Cornelius Aschermann, Tommaso Frassetto, Thorsten Holz, Patrick Jauernig, Ahmad-Reza Sadeghi and Daniel Teuchert.
Nautilus: Fishing for Deep Bugs with Grammars [PDF]
26th Annual Network & Distributed System Security Symposium (NDSS). 2019.
2018
-
Ferdinand Brasser, Lucas Davi, Abhijitt Dhavlle, Tommaso Frassetto, Sai Manoj Pudukotai Dinakarrao, Setareh Rafatirad, Ahmad-Reza Sadeghi, Avesta Sasan, Hossein Sayadi and Shaza Zeitouni.
Advances and throwbacks in hardware-assisted security: special session
Proceedings of the International Conference on Compilers, Architecture and Synthesis for Embedded Systems. 2018. -
Ferdinand Brasser, Tommaso Frassetto, Korbinian Riedhammer, Ahmad-Reza Sadeghi, Thomas Schneider and Christian Weinert.
VoiceGuard: Secure and Private Speech Processing [PDF]
INTERSPEECH 2018. 2018. -
Andrea Biondo, Mauro Conti, Lucas Davi, Tommaso Frassetto and Ahmad-Reza Sadeghi.
The Guard’s Dilemma: Efficient Code-Reuse Attacks Against Intel SGX [PDF]
27th USENIX Security Symposium. 2018. -
Tommaso Frassetto, Patrick Jauernig, Christopher Liebchen and Ahmad-Reza Sadeghi.
IMIX: In-Process Memory Isolation EXtension [PDF]
27th USENIX Security Symposium. 2018.
2017
-
Tommaso Frassetto, David Gens, Christopher Liebchen and Ahmad-Reza Sadeghi.
JITGuard: Hardening Just-in-time Compilers with SGX [PDF] [Video]
ACM SIGSAC Conference on Computer and Communications Security (CCS). 2017. -
Hossein Fereidooni, Tommaso Frassetto, Markus Miettinen, Ahmad-Reza Sadeghi and Mauro Conti.
Fitness trackers: fit for health but unfit for security and privacy
IEEE/ACM International Conference on Connected Health: Applications, Systems and Engineering Technologies (CHASE). 2017. -
Markus Miettinen, Samuel Marchal, Ibbad Hafeez, Tommaso Frassetto, N Asokan, Ahmad-Reza Sadeghi and Sasu Tarkoma.
IoT Sentinel Demo: Automated device-type identification for security enforcement in IoT
IEEE 37th International Conference on Distributed Computing Systems (ICDCS). 2017.
2016
- Mauro Conti, Stephen Crane, Tommaso Frassetto, Andrei Homescu, Georg Koppen, Per Larsen, Christopher Liebchen, Mike Perry and Ahmad-Reza Sadeghi.
Selfrando: Securing the Tor Browser against de-anonymization exploits [PDF] [GitHub] [Video]
Proceedings on Privacy Enhancing Technologies. 2016.
Awards
-
CROSSING Collaboration Award 2019.
Johannes Buchmann, Ghada Dessouky, Tommaso Frassetto, Ágnes Kiss, Ahmad-Reza Sadeghi, Thomas Schneider, Giulia Traverso and Shaza Zeitouni.
Safe: A Secure and Efficient Long-Term Distributed Storage System -
Best Poster Award, ICDCS 2017.
Markus Miettinen, Samuel Marchal, Ibbad Hafeez, Tommaso Frassetto, N. Asokan, Ahmad-Reza Sadeghi and Sasu Tarkoma.
IoT Sentinel Demo: Automated Device-Type Identification for Security Enforcement in IoT