When: Mar 18, 2025, 13:00 – 15:45
Where: VU Campus, NU building, room NU-5A57
Directions to NU building: https://vusec.net/directions
This mini workshop features a strong line-up of leading systems security researchers from around the world. The event is freely accessible to everyone on a first come, first serve basis.
Speakers
Workshop program (Mar 18 at VU, NU-5A57)
| 13:00 | Coffee and tea |
| 13:25 | Opening by Cristiano Giuffrida (AMSec) |
| 13:30 | Speaker: Frank Piessens Title: The Proteus ecosystem: Tool support for studying hardware/software co-designs for security Abstract: Several trends make it interesting, useful, and more realistic to investigate hardware modifications and hardware/software co-designs for system security. First, the past decade has seen a wide variety of micro-architectural attacks that exploit hardware implementation aspects, and defenses against some of these attacks benefit significantly from hardware support. Second, the rise of the open RISC-V Instruction Set Architecture and the growing availability of open-source hardware implementations have made it feasible to take existing hardware and modify it. Third, the evolution of our ICT infrastructure causes shifts in the requirements that system software imposes on hardware. An important example is the trend towards confidential computing, where the hardware mechanisms underlying the classic hierarchical protection models do no longer suffice. Unfortunately, research on hardware extensions and hardware/software co-designs for security is hard: attacks that matter in practice are often against closed-source hardware, performance costs and security benefits of proposed designs can depend strongly on the baseline hardware that one starts from, and rigorous security evaluation is less mature than it is for software-only defenses. At KU Leuven, we are developing a collection of tools and benchmarks, constructed around the Proteus processor framework, for experimenting with hardware/software co-designs. In particular, our goal is to make research on hardware/software co-designs more reproducible and more comparable. In this talk, I want to discuss the current state of this work, as well as some example research prototypes we built with it already. An important objective is to get some feedback from the audience about what directions we could move forward in to make this work useful to a broader community. Bio: Frank Piessens is a full professor in the Department of Computer Science at the Katholieke Universiteit Leuven, Belgium. His research focuses on software and systems security, encompassing both attack techniques and defenses. On the defense side, he has made contributions to formal verification techniques for C-like languages, enforcement of information flow security, hardening against memory safety exploits, mitigating micro-architectural side-channels, and designing and implementing embedded security architectures. On the attack side, he has contributed to the development of novel attack techniques for transient execution attacks, memory safety attacks, and controlled channel attacks. Frank has served on the program committee of numerous prestigious security and software conferences including ACM CCS, Usenix Security, IEEE Security & Privacy, and ACM POPL. He acted as program chair for the International Conference on Principles of Security and Trust (POST 2016), for the IEEE European Symposium on Security & Privacy (Euro S&P 2018 & 2019), and for the IEEE Secure Development Conference (SecDev 2021 & 2022). |
| 14:15 | Speaker: Tamara Rezk Title: On Kernel's Safety in the Spectre Era Abstract: Address Space Layout Randomization (ASLR) is a widely adopted defense mechanism designed to mitigate memory corruption attacks by randomizing the memory locations of critical software components. Its theoretical effectiveness has been formally established in a shared-memory model by Abadi et al. (2010), relying on specific assumptions about victim programs. However, in practice, sophisticated attacks—such as Blindside (2020)—leverage speculative execution and side-channel techniques to bypass ASLR, undermining its protective capabilities and enabling memory corruption. In this talk, I will examine these emerging threats, focusing on potential strategies and mitigation techniques aimed at reinforcing kernel security in the Spectre era. Finally, I will discuss which kernel transformations would lead in theory to recover kernel safety for an attacker model featuring speculative execution and side-channel capabilities. Bio: Tamara Rezk is a Research Director at Inria and a part-time lecturer at Université Côte d'Azur, Sophia Antipolis, France. Since 2023, she has also been a WASP Guest Professor at Chalmers University of Technology in Gothenburg, Sweden. At Inria, she leads the SPLiTS team, which focuses on developing security analyses and defenses. Her main research interests lie in system security. She has supervised several Ph.D. students on topics such as static and dynamic security analyses, web security, formal methods for security, and provable cryptography. Currently, her work emphasizes designing defenses and principled methods to address microarchitectural attacks and web application vulnerabilities. Rezk has served on numerous program committees, including those of the top-4 security conferences. She has also chaired several events, including IEEE CSF in 2023 and 2024, and is currently track chair for ACM CCS 2025. |
| 15:00 | Speaker: Stijn Volckaert Title: Data-Only Attacks and Defenses Abstract: For nearly two decades now, the vast majority of critical software vulnerabilities have been memory corruption bugs in C and C++ programs. Attackers often exploit these bugs using control-flow hijacking techniques to seize control over vulnerable programs. This allows them to execute arbitrary code, exfiltrate sensitive data, or escalate the programs' privileges. However, thanks to the successful rollout of mitigations such as control-flow integrity and shadow stacks, it is becoming increasingly harder to mount control-flow attacks. Inevitably, attackers will have to shift towards other attack techniques such as data-oriented programming (DOP). DOP attacks can alter a program's behavior without causing it to diverge from its legal control-flow paths, and were shown to be potent, expressive, and highly automatable. Moreover, none of the widely deployed mitigations are effective at stopping DOP attacks, while many proposed mitigations incur prohibitively high overhead. In this talk, we will discuss some of our recent and ongoing work on combating DOP attacks. Concretely, we will discuss our progress on eliminating practicality and compatibility issues in Multi-Variant eXecution (MVX) systems, thus bringing them one step closer to being a viable defense for most desktop and server programs. We will then shift to a completely different approach to the DOP problem by showcasing our ongoing work on efficient and practical full spatial memory safety enforcement. Bio: Stijn Volckaert is an associate professor within the DistriNet research group at KU Leuven where he leads a team of 6 PhD students. His research focuses on memory corruption attacks, exploit mitigations, multi-variant execution, software diversity, and sandboxing. Stijn is also the head of the electrical engineering and ICT program at KU Leuven's faculty of engineering technology on the Bruges and Ghent campuses. He joined KU Leuven in 2018 and was previously a postdoctoral scholar at UC Irvine and a PhD student at Ghent University. |
| 15:45 | Closing remarks |