When: Mar 27, 2026, 09:30 – 11:30

Where: VU Campus, Main building, room HG-11A24

Directions to NU building: https://vusec.net/directions

This mini workshop series features a strong line-up of leading systems security researchers from around the world. The event is freely accessible to everyone on a first come, first serve basis.

Speakers

Workshop program (Mar 27 at VU, HG-11A24)

09:30	Coffee and tea
09:55	Opening by Cristiano Giuffrida (AMSec)
10:00	Speaker: Marius Muench Title: Game cheats, anticheats, and why we should care Abstract: All work and no play makes Jack a dull boy; all play and no work makes Jack a mere toy---So why can't we have both? This talk will discuss our recent research into the world of video games, their cheats, and anti-cheat solutions. By inspecting the state of the art of competitive online shooter games, we find a fascinating landscape, currently underexplored by academic research. We observe that strong adversary models generate some of the strongest software defenses, leading to a fast-paced cat-and-mouse game between attackers and defenders. We further find that cheats created a thriving gray market with a strong economy where technical sturdiness is a driving pricing factor. Throughout the talk, we will set our findings into the context of system security research and argue why your next research project should also be on video games. Bio: Marius Muench is an assistant professor at the University of Birmingham. His research interests cover (in-)security of embedded systems, binary & microarchitectural exploitation, and defenses. He obtained his PhD from Sorbonne University in cooperation with EURECOM and worked as a postdoctoral researcher at the Vrije Universiteit Amsterdam. He developed avatar2, a framework for analyzing embedded systems firmware, and FirmWire, an emulation and fuzzing platform for cellular basebands. Throughout his career, Marius publicly shared his findings and presented at venues such as Black Hat, DEFCON, Reverse.io, REcon, and Hardwear.io.
10:45	Speaker: Peter Schwabe Title: Cryptographic constant-time and beyond Abstract: The "constant-time" programming paradigm is widely accepted as a first-line defense against microarchitectural attacks. The idea is that programs avoid all data flow from secrets into branch conditions and memory addresses. Unfortunately, multiple recent works have shown that even code that is carefully written to follow this paradigm in C, Rust, or other high-level general-purpose programming languages, may compile to binaries that do not follow the property. Also, while the paradigm was originally believed to systematically protect against timing attacks, it has become clear that more advanced microarchitectural attacks are able to obtain software-visible leakage even from constant-time code. In my talk, I will show that we do not have to give up hope to systematically protect cryptographic software against microarchitectural attacks. However, such protections will require updating the tooling we use to write and compile such code. Bio: Peter Schwabe is a scientific director at MPI-SP and also a professor at the Institute for Computing and Information Sciences at Radboud University, Nijmegen, The Netherlands. His research is in the area of cryptography, specifically the design and secure implementation of cryptographic primitives. In recent years he is mainly working on post-quantum cryptography, i.e., cryptographic primitives that run on standard hardware, but remain secure even against attackers equipped with a large universal quantum computer. He was awarded an ERC Starting Grant for this work on engineering post-quantum cryptography.
11:30	Closing remarks

When: Oct 7, 2025, 13:00 – 15:00

Where: VU Campus, NU building, room NU-4A67

Directions to NU building: https://vusec.net/directions

This mini workshop series features a strong line-up of leading systems security researchers from around the world. The event is freely accessible to everyone on a first come, first serve basis.

Speakers

Workshop program (Oct 7 at VU, NU-4A67)

12:45	Coffee and tea
12:55	Opening by Maggie Zhang (AMSec)
13:00	Speaker: Lieven Desmet Title: Detecting and preventing DNS abuse in .eu Abstract: In this talk, I will report on several studies we performed to assess and quantify the landscape of abusive domain. In close collaboration with EURid, the registry of .eu domain names, we applied machine learning techniques to detect and prevent the registration of domain names related to DNS abuse activity (such as spam, phishing, botnets). In contrast to blocklists, which only offer protection after some harm has already been done, this system can prevent domain names from being used before they can pose any threats. In particular, I will report on our experiences of successfully deploying this system as part of EURid's registration infrastructure, and the evasion strategies we encountered while running live. Bio: Lieven Desmet is a professor on Security and Privacy within the DistriNet Research Group of KU Leuven (Belgium). His main interests are in (web) application and domain name security, the use of Machine Learning technology in security and privacy controls, and the security of ML-based systems. Lieven is also actively participating in dissemination, valorization and spin-off activities. Among his various commitments, he serves as a board member for the Belgium OWASP Chapter, is co-chair for the Focus Group on Application Security within the Cyber Security Coalition, and contributes to the Secure Application Development course SecAppDev.
13:40	Speaker: Lianying Zhao Title: Living with Packers to Enable Dynamic Analysis of Android Apps Abstract: Android apps have become a valuable target for app modifiers and imitators due to its popularity and being trusted with highly sensitive data. Packers, on the other hand, protect apps from tampering with various anti-analysis techniques embedded in the app. Meanwhile, packers also conceal certain behavior potentially against the interest of the users, aside from being abused by malware for stealth. Security practitioners typically try to capture undesired behavior at runtime with hooking (e.g., Frida) or debugging techniques, which are heavily affected by packers. Unpackers have been the community’s continuous effort to address this, but due to the emerging commercial packers (especially the Chinese ones), our study shows that none of the unpackers remain effective, and they are unfit for this purpose as unpacked apps can no longer run. In this talk, I will first present a large-scale prevalence analysis of Android packers we performed with a real-world dataset of more than 12K apps (the first of its kind), as well as a survey of packing/unpacking techniques. This was to find out what percentage of Android apps are actually packed and to what extent dynamic analysis is hindered. I then will introduce Purifire, an evasion engine to bypass packers’ anti-analysis techniques and enable dynamic analysis on packed apps without unpacking them. Purifire is based on eBPF, a low-level kernel feature, which provides observability and invisibility to user space apps to enforce defined evasion rules while staying low-profile. To allude to future research directions, I will also briefly enumerate several unique observations regarding the Android ecosystem. Bio: Lianying Zhao is currently an Associate Professor at Carleton University. Prior to his academic career, he worked for IBM on mainframes for 6 years. Zhao's primary research areas are systems/platform security and architectural/hardware security support which used to be known as "trusted computing", as well as authentication and data protection in general.
14:30	Speaker: Agathe Blaise Title: Supply-chain security in Kubernetes Abstract: In recent years, there has been an explosion of attacks directed at microservice-based platforms – a trend that follows closely the massive shift of the digital industries towards these environments. The management and operation of container-based microservices heavily rely on automation, leveraging on container orchestration engines such as Kubernetes. This talk will explore how supply-chain attacks can propagate from a single compromised container or endpoint to an entire Kubernetes cluster. We will begin by showcasing how vulnerabilities can be concealed within container images through malicious compliance of Software Bills of Materials (SBOM). Next, we will illustrate how attackers can exploit this foothold to infiltrate and compromise the broader Kubernetes cluster. We will then present advanced techniques for analyzing and strengthening the security posture of Kubernetes deployments. Key areas include securing the full supply chain, from container configurations to Kubernetes setups, detecting vulnerabilities and misconfigurations, monitoring the system for real-time threats and attacks, and implementing mitigation strategies to safeguard microservice ecosystems. Bio: Agathe Blaise is currently a research engineer at Thales (Gennevilliers, France). She received her engineering degree in computer science from ISEN (Lille, France) in 2017, and the Ph.D. degree in Computer Science from LIP6, Sorbonne University (Paris, France) in 2020. Her research interests focus on cloud computing security, data analysis for network security, and quantum networks.
15:10	Closing remarks

When: May 20, 2025, 10:00 – 12:00

Where: VU Campus, NU building, room NU-5A47

Directions to NU building: https://vusec.net/directions

This mini workshop features a strong line-up of leading systems security researchers from around the world. The event is freely accessible to everyone on a first come, first serve basis.

Speakers

Workshop program (May 20 at VU, NU-5A47)

10:00	Coffee and tea
10:25	Opening by Cristiano Giuffrida (AMSec)
10:30	Speaker: Marcel Böhme Title: Benchmarks are our measures of progress. Or are they? Abstract: How do we know how well our tool solves a problem, like bug finding, compared to other state-of-the-art tools? We run a benchmark. We choose a few representative instances of the problem, define a reasonable measure of success, and identify and mitigate various threats to validity. Finally, we implement (or reuse) a benchmarking framework, and compare the results for our tool with those for the state-of-the-art. For many important software engineering problems, we have seen new sparks of interest and serious progress made whenever a (substantially better) benchmark became available. Benchmarks are our measure of progress. Without them, we have no empirical support to our claims of effectiveness. Yet, time and again, we see practitioners disregard entire technologies as "paper-ware"---far from solving the problem they set out to solve. In this keynote, I will discuss our recent efforts to systematically study the degree to which our evaluation methodologies allow us to measure those capabilities that we aim to measure. We shed new light on a long-standing dispute about code coverage as a measure of testing effectiveness, explore the impact of the specific benchmark configuration on the evaluation outcome, and call into question the actual versus measured progress of an entire field (ML4VD) just as it gains substantial momentum and interest. Bio: Marcel Böhme is a faculty member at the Max Planck Institute for Security and Privacy (MPI-SP) in Germany where he leads the Software Security research group. His group has made foundational contributions to fuzzing which has become one of the most successful techniques for the automatic discovery of security flaws in practice. Marcel was awarded an 2024 ERC Consolidator grant for his project on in-vivo software security analysis at scale which will develop the empirical foundations of program analysis. To find out more about the research in his group, head over to https://mpi-softsec.github.io Marcel is a Guest Editor-in-Chief (Registered Papers) and Associate Editor for the ACM TOSEM, the flagship journal in software engineering, and a PC Chair for the upcoming instances of two major conferences, ASE'25 and ISSTA'26. Marcel received his PhD from the National University of Singapore where, 10 years later, he received an Outstanding Young Computing Alumni Award.
11:15	Speaker: Victor van der Veen Title: Real-World Problems Bio: Victor van der Veen is a security architect in Qualcomm. Before joining Qualcomm, he obtained his PhD in the VUSec group at Vrije Universiteit Amsterdam. He was among the first to publicly report Rowhammer bit flips in mobile devices. At Qualcomm, he continued his work on this fundamental issue in modern DRAM. In his ongoing attempts to bring academia and industry closer together, he helped some of our best next-generation scientists to publish their seminal Rowhammer research.
12:00	Closing remarks

When: May 16, 2025, 09:30 – 12:15

Where: VU Campus, NU building, room NU-4A25

Directions to NU building: https://vusec.net/directions

This mini workshop features a strong line-up of leading systems security researchers from around the world. The event is freely accessible to everyone on a first come, first serve basis.

Speakers

Workshop program (May 16 at VU, NU-4A25)

09:30	Coffee and tea
09:55	Opening by Cristiano Giuffrida (AMSec)
10:00	Speaker: Cristian Cadar Title: Program Analysis for Safe and Secure Software Evolution Abstract: Constant evolution is an inherent property of modern software systems. Software evolves to implement new features, adapt to new hardware and platforms, fix bugs and security vulnerabilities, or improve non-functional properties such as performance and energy consumption. While these changes have an overall positive impact, they are also responsible for a large number of critical bugs and security attacks. Program analysis techniques such as fuzzing and symbolic execution have shown great promise in terms of improving the reliability and security of software. However, program analysis techniques are typically designed to be applied to entire programs and can struggle to keep up with the high pace of modern software development. In this talk, I will discuss some of our research efforts directed toward making program analysis more agile, and reflect on remaining challenges and opportunities. Bio: Cristian Cadar is a Professor in the Department of Computing at Imperial College London, where he leads the Software Reliability Group (http://srg.doc.ic.ac.uk), working on automatic techniques for increasing the reliability and security of software systems. Cristian's research has been recognised by several prestigious awards, including the EuroSys Jochen Liedtke Award, HVC Award, BCS Roger Needham Award, IEEE TCSE New Directions Award, Humboldt Research Award, and two test of time awards. Many of the research techniques he co-authored have been open-sourced and used in both academia and industry. In particular, he is co-author and maintainer of the KLEE symbolic execution system, a popular system with a large user base. Cristian has a PhD in Computer Science from Stanford University, and undergraduate and Master's degrees from the Massachusetts Institute of Technology.
10:45	Speaker: Pramod Bhatotia Title: Trustworthy Heterogeonous Computing Abstract: As computing systems become increasingly complex and interconnected, ensuring their security and trustworthiness is becoming a major challenge. Heterogeneous computing, which combines different types of processors and accelerators, is particularly vulnerable to attacks and vulnerabilities. This talk will explore the current state of trustworthy heterogeneous computing and discuss the latest advances in security and privacy for these systems. We will also examine the challenges and opportunities in designing and implementing secure heterogeneous computing architectures, and discuss potential future research directions in this exciting and rapidly evolving field. Bio: Prof. Pramod Bhatotia is a Chair Professor at the Technical University of Munich, where he leads the Systems Research Group. More info: https://dse.in.tum.de/bhatotia/
11:30	Speaker: Marten van Dijk Title: Differential Privacy Abstract: A more in-depth explanation of differential privacy will be presented. Differential privacy is an elegant privacy framework which allows us to prove, for a given computation, whether the computation uses a certain data sample as one of its inputs or not. The proof technique for which differential privacy is designed assumes a rather impractically strong adversary. For this reason, if the computation executes stochastic gradient descent for training a machine learning model, too much utility (test accuracy) needs to be sacrificed in order to obtain a useful practical privacy guarantee. What next? Bio: Marten is group leader and founder of the Computer Security group at CWI, the Netherlands, with over 20 years of experience in both industry (Philips Research and RSA Laboratories) and academia (MIT, University of Connecticut, and currently Vrije Universiteit van Amsterdam). His work has been recognized by the IEEE CS Edward J. McCluskey Technical Achievement Award 2023, the A. Richard Newton Technical Impact Award in Electronic Design Automation 2015, and has received several best and test-of-time paper awards.
12:15	Closing remarks

When: May 13, 2025, 09:30 – 12:15

Where: VU Campus, Main building, room HG-10A20

Directions to Main building: https://vusec.net/directions

This mini workshop features a strong line-up of leading systems security researchers from around the world. The event is freely accessible to everyone on a first come, first serve basis.

Speakers

Workshop program (May 13 at VU, HG-10A20)

09:30	Coffee and tea
09:55	Opening by Cristiano Giuffrida (AMSec)
10:00	Speaker: Stefan Brunthaler Title: HOBBIT - Hashed OBject-Based Object InTegrity Abstract: C vulnerabilities usually hold verbatim for C++ programs. The counterfeit-object-oriented programming attack (COOP) demonstrated that this relation is asymmetric, i.e., it only applies to C++. The problem pinpointed by this COOP attack is that C++ does not validate the integrity of its objects. By injecting malicious objects with manipulated virtual function table pointers, attackers can hijack control-flow of programs. The software security community addressed the COOP-problem in the years following its discovery, but together with the emergence of transient-execution attacks, such as Spectre, researchers also shifted their attention. Based on joint work with PhD student Matthias Bernad, I will present HOBBIT, a software-only solution to prevent COOP attacks by validating object integrity for virtual function pointer tables. HOBBIT does not require any hardware specific features, scales to multi-million lines of C++ source code, and our LLVM-based implementation offers a configurable performance impact between 121.63% and 2.80% on compute-intensive SPEC CPU C++ benchmarks. HOBBIT’s security analysis indicates strong resistance to brute forcing attacks and demonstrates additional benefits of using execute-only memory. Bio: Since 2017 Stefan Brunthaler holds the Chair for Secure Software Engineering at the CODE National Research Institute for Cyber Defense at the University of the Bundeswehr Munich. There he directs the Munich Computer Systems Research Laboratory, μCSRL for short, which focuses on fundamental research in the intersection of programming languages and security, including among other topics large-scale automated software diversity, datacenter-scale fuzzing, trustworthy compilation and decompilation. At μCSRL we explore how these techniques can be applied to secure both traditional software systems and software supply chains. Stefan received a Dr.techn. degree from TU Wien, was a Postdoctoral Scholar at the University of California, Irvine, a tenured associate professor for compilers and programming languages at Paderborn University, and is a member of IFIP Working Group 2.4 "Software Implementation Technology". By way of adopting Stefan's interpreter optimization techniques for the Python programming language, his research is used by millions of people on a daily basis.
10:45	Speaker: Haiyu Mao Title: From Microarchitectures to Systems: Designing Holistic Data-Centric Architectures for Real Applications Abstract: As data-intensive applications, such as large language models that enhance convenience in daily life and bioinformatics applications that drive advancements in healthcare, become increasingly important, they require immense data processing capabilities. However, running these applications on current von Neumann architectures results in significant data movement between processors (CPU, GPU) and memory. This not only leads to high latency but also consumes a large amount of energy. Processing-in-memory (PIM) architectures offer a promising solution to this problem by either integrating processing units closer to memory (processing near memory) or enabling memory units to directly process data (processing using memory). Despite the potential of PIM, most research efforts have focused on accelerating memory-intensive operators within applications, leaving the challenge of supporting real-world applications with PIM architectures largely unaddressed. This talk explores how to efficiently leverage PIM for real applications by designing holistic data-centric architectures. The talk will begin with an overview of recent advancements in PIM and the challenges associated with its adoption for practical applications. It will then introduce two projects that propose innovative data-centric architecture and system designs: the first project focuses on in-memory acceleration of nanopore genome analysis by tightly integrating basecalling and read mapping, and the second explores exploiting dynamic parallelism in large language model decoding with a PIM-enabled computing system. Finally, the talk will conclude with a discussion of future research directions in adopting PIM for real applications. Bio: Dr. Haiyu Mao is an Assistant Professor in the Department of Engineering at King’s College London. Prior to this, she served as a postdoctoral researcher in the SAFARI Research Group at ETH Zurich, Switzerland, under the leadership of Prof. Onur Mutlu, beginning in September 2020. Dr. Mao earned her Ph.D. in Computer Science from Tsinghua University in July 2020, where she conducted research under the supervision of Prof. Jiwu Shu. Her research interests span a range of areas, including computer architecture, processing-in-memory/storage, machine learning acceleration, bioinformatics, non-volatile memory, and secure memory.
11:30	Speaker: Marius Muench Title: SIMurai: Slicing Through the Complexity of SIM Card Security Research Abstract: SIM cards: the root of trust in modern cellular networks. Phones, cars, trains, payment terminals, 5G routers, smart devices - chances are that they use a SIM to connect to the internet via mobile networks. In this talk, we will show that SIMs are more than passive storage devices containing secrets. We will discuss their inner workings and introduce SIMurai, our open-source software platform for security-focused SIM exploration and experimentation. Then, the talk will dive into the threats posed by hostile SIM cards, including deployment of Spyware or attacking a phone's baseband processor. We will also detail SIMurai's role in discovering high-impact vulnerabilities, affecting millions of devices. Last, the talk discusses how rogue carriers and attackers with physical access can trigger these vulnerabilities with ease, emphasizing the need to recognize hostile SIMs in cellular security threat models. Bio: Marius Muench is an assistant professor at the University of Birmingham. His research interests cover (in-)security of embedded systems, cellular security, and binary & microarchitectural exploitation. He obtained his PhD from Sorbonne University in cooperation with EURECOM and worked as a postdoctoral researcher at the Vrije Universiteit Amsterdam. He developed and maintains avatar2, a framework for analyzing embedded systems firmware, and FirmWire, an emulation and fuzzing platform for cellular basebands. Throughout his career, Marius publicly shared his findings and presented at venues such as Black Hat, REcon, and Hardwear.io.
12:15	Closing remarks

When: Mar 18, 2025, 13:00 – 15:45

Where: VU Campus, NU building, room NU-5A57

Directions to NU building: https://vusec.net/directions

This mini workshop features a strong line-up of leading systems security researchers from around the world. The event is freely accessible to everyone on a first come, first serve basis.

Speakers

Workshop program (Mar 18 at VU, NU-5A57)

13:00	Coffee and tea
13:25	Opening by Cristiano Giuffrida (AMSec)
13:30	Speaker: Frank Piessens Title: The Proteus ecosystem: Tool support for studying hardware/software co-designs for security Abstract: Several trends make it interesting, useful, and more realistic to investigate hardware modifications and hardware/software co-designs for system security. First, the past decade has seen a wide variety of micro-architectural attacks that exploit hardware implementation aspects, and defenses against some of these attacks benefit significantly from hardware support. Second, the rise of the open RISC-V Instruction Set Architecture and the growing availability of open-source hardware implementations have made it feasible to take existing hardware and modify it. Third, the evolution of our ICT infrastructure causes shifts in the requirements that system software imposes on hardware. An important example is the trend towards confidential computing, where the hardware mechanisms underlying the classic hierarchical protection models do no longer suffice. Unfortunately, research on hardware extensions and hardware/software co-designs for security is hard: attacks that matter in practice are often against closed-source hardware, performance costs and security benefits of proposed designs can depend strongly on the baseline hardware that one starts from, and rigorous security evaluation is less mature than it is for software-only defenses. At KU Leuven, we are developing a collection of tools and benchmarks, constructed around the Proteus processor framework, for experimenting with hardware/software co-designs. In particular, our goal is to make research on hardware/software co-designs more reproducible and more comparable. In this talk, I want to discuss the current state of this work, as well as some example research prototypes we built with it already. An important objective is to get some feedback from the audience about what directions we could move forward in to make this work useful to a broader community. Bio: Frank Piessens is a full professor in the Department of Computer Science at the Katholieke Universiteit Leuven, Belgium. His research focuses on software and systems security, encompassing both attack techniques and defenses. On the defense side, he has made contributions to formal verification techniques for C-like languages, enforcement of information flow security, hardening against memory safety exploits, mitigating micro-architectural side-channels, and designing and implementing embedded security architectures. On the attack side, he has contributed to the development of novel attack techniques for transient execution attacks, memory safety attacks, and controlled channel attacks. Frank has served on the program committee of numerous prestigious security and software conferences including ACM CCS, Usenix Security, IEEE Security & Privacy, and ACM POPL. He acted as program chair for the International Conference on Principles of Security and Trust (POST 2016), for the IEEE European Symposium on Security & Privacy (Euro S&P 2018 & 2019), and for the IEEE Secure Development Conference (SecDev 2021 & 2022).
14:15	Speaker: Tamara Rezk Title: On Kernel's Safety in the Spectre Era Abstract: Address Space Layout Randomization (ASLR) is a widely adopted defense mechanism designed to mitigate memory corruption attacks by randomizing the memory locations of critical software components. Its theoretical effectiveness has been formally established in a shared-memory model by Abadi et al. (2010), relying on specific assumptions about victim programs. However, in practice, sophisticated attacks—such as Blindside (2020)—leverage speculative execution and side-channel techniques to bypass ASLR, undermining its protective capabilities and enabling memory corruption. In this talk, I will examine these emerging threats, focusing on potential strategies and mitigation techniques aimed at reinforcing kernel security in the Spectre era. Finally, I will discuss which kernel transformations would lead in theory to recover kernel safety for an attacker model featuring speculative execution and side-channel capabilities. Bio: Tamara Rezk is a Research Director at Inria and a part-time lecturer at Université Côte d'Azur, Sophia Antipolis, France. Since 2023, she has also been a WASP Guest Professor at Chalmers University of Technology in Gothenburg, Sweden. At Inria, she leads the SPLiTS team, which focuses on developing security analyses and defenses. Her main research interests lie in system security. She has supervised several Ph.D. students on topics such as static and dynamic security analyses, web security, formal methods for security, and provable cryptography. Currently, her work emphasizes designing defenses and principled methods to address microarchitectural attacks and web application vulnerabilities. Rezk has served on numerous program committees, including those of the top-4 security conferences. She has also chaired several events, including IEEE CSF in 2023 and 2024, and is currently track chair for ACM CCS 2025.
15:00	Speaker: Stijn Volckaert Title: Data-Only Attacks and Defenses Abstract: For nearly two decades now, the vast majority of critical software vulnerabilities have been memory corruption bugs in C and C++ programs. Attackers often exploit these bugs using control-flow hijacking techniques to seize control over vulnerable programs. This allows them to execute arbitrary code, exfiltrate sensitive data, or escalate the programs' privileges. However, thanks to the successful rollout of mitigations such as control-flow integrity and shadow stacks, it is becoming increasingly harder to mount control-flow attacks. Inevitably, attackers will have to shift towards other attack techniques such as data-oriented programming (DOP). DOP attacks can alter a program's behavior without causing it to diverge from its legal control-flow paths, and were shown to be potent, expressive, and highly automatable. Moreover, none of the widely deployed mitigations are effective at stopping DOP attacks, while many proposed mitigations incur prohibitively high overhead. In this talk, we will discuss some of our recent and ongoing work on combating DOP attacks. Concretely, we will discuss our progress on eliminating practicality and compatibility issues in Multi-Variant eXecution (MVX) systems, thus bringing them one step closer to being a viable defense for most desktop and server programs. We will then shift to a completely different approach to the DOP problem by showcasing our ongoing work on efficient and practical full spatial memory safety enforcement. Bio: Stijn Volckaert is an associate professor within the DistriNet research group at KU Leuven where he leads a team of 6 PhD students. His research focuses on memory corruption attacks, exploit mitigations, multi-variant execution, software diversity, and sandboxing. Stijn is also the head of the electrical engineering and ICT program at KU Leuven's faculty of engineering technology on the Bruges and Ghent campuses. He joined KU Leuven in 2018 and was previously a postdoctoral scholar at UC Irvine and a PhD student at Ghent University.
15:45	Closing remarks

When: Feb 4, 2025, 09:00 – 12:30

Where: VU Campus, NU building, room NU-6A25

Directions to NU building: https://vusec.net/directions

Slides: Available here.

This mini workshop features a strong line-up of leading systems security researchers from around the world. The event is freely accessible to everyone on a first come, first serve basis.

Speakers

Workshop program (Feb 4 at VU, NU-6A25)

09:00	Coffee and tea
09:25	Opening by Cristiano Giuffrida (AMSec)
09:30	Speaker: Mathias Payer Title: Advanced Android Archaeology: Battling Bloated Complexity Abstract: Android has become a ubiquitous platform for running mobile apps, granting different actors access to vast amounts of private data. The growing complexity of the Android ecosystem introduces significant security challenges. In this talk, we will explore multiple layers of Android security: examining the foundational virtualization layers, stress-testing trusted applications, and assessing the impact of recent user-space mitigations. Through the lens of system security, we uncover vulnerabilities even in the most trusted layers. Trusted applications are susceptible to type confusion, while regular apps may face risks such as heap corruption attacks. Join us on this journey to enhance mobile ecosystem security through fuzzing, improved standards, and safer defaults. Bio: Mathias Payer is an associate professor at EPFL, leading the HexHive group. His research centers on strengthening software and system security in the presence of vulnerabilities. His broader interests include fuzzing and sanitization to uncover and address flaws, developing effective mitigations to protect against the exploitation of unknown or unpatched bugs, and employing fault isolation to enforce privilege separation. Mathias joined EPFL in 2018 where he founded the Polygl0ts CTF team. Previously, he was an assistant professor at Purdue University, a PostDoc at UC Berkeley, and a PhD student at ETH Zurich.
10:15	Speaker: Lejla Batina Title: AI for hardware security: Friend or Foe Abstract: Side-channel analysis has changed the field of cryptography and security and it became the most common cause of real-world security applications failing today. In this talk we first make an overview of side-channel attacks on implementations of cryptography and countermeasures. We discuss the ways Machine learning and AI changed the side-channel analysis landscape and attackers’ capabilities in particular. We survey several examples of AI assisting physical attackers and discuss the impact of AI on the field of hardware security. We also describe the way side-channel analysis can assist the AI model stealing by reverse engineering commercial neural nets architectures. In the end, we identify some avenues for future research. Bio: Lejla Batina is a full professor in embedded systems security in Digital Security (DiS) group at Radboud University. She specializes in physical attacks and countermeasures and implementations of cryptography and has published over 170 refereed papers and book chapters in those areas. She got her PhD in 2005 from KU Leuven, Belgium and worked as a cryptographer for 3 years in industry at Pijnenburg Securealink (later SafeNet B.V.). She has served on the program committees of all top crypto and security conferences (USENIX Security, S&P, CCS, EUROCRYPT, CRYPTO). She was a program co-chair of ACNS 2024, ACM WiSec 2021 and CHES 2014 and a general co-chair of CHES2012, EUROCRYPT 2021 and RWC 2021. She received a VIDI grant (2014) and was the PI in several research projects with national and EU funding. She leads a group of 10+ researchers at Radboud University and 12 PhD students have so far graduated under her supervision.
11:00	Speaker: Yuval Yarom Title: On the computational complexity of cache attacks Abstract: Over the past two decades research has repeatedly demonstrated the risks that shared caches pose to information confidentiality. In a typical attack, the adversary first manipulates the cache to achieve a known state and then measures changes from the known state to detect victim’s activity leaking the information. Consequently, research on cache attacks typically concentrates on the known state of the cache. Adversarial works show how to achieve such known state and how to detect deviations from it, whereas defensive works propose ways for preventing the attacker from achieving a known state or from measuring deviations in the state. However, much less effort has been spent on understanding the nature of cache state and how it can be manipulated. In this talk we shift the focus to examining the attacker’s ability to manipulate unknown cache state. We use the cache state of memory locations to represent Boolean variables and demonstrate operations that allow arbitrary computation on these variables. We first design logical gates that operate directly on cache state, allowing a program to control whether memory locations are cached or not depending on whether other locations are cached. We then show that these gates are composable enough to allow arbitrary computation on cache state. Finally, we demonstrate the security implication of universal computation in the cache. Bio: Yuval Yarom is a Professor for Computer Security at Ruhr University Bochum. His research focuses on the interface between the software and the hardware. In particular, He is interested in the discrepancy between the way that programmers think about software execution and the concrete execution in modern processors. He is a recipient of a 2020 ARC Discovery Early Career Award and the 2020 CORE Chris Wallace Award for Outstanding Research, a 2020 Young Tall Poppy. Previously, he has been an Associate Professor at the University of Adelaide, the Vice President of Research in Memco Software, and a co-founder and Chief Technology Officer of Girafa.com. Yuval earned his Ph.D. in Computer Science from the University of Adelaide in 2014, and an M.Sc. in Computer Science and a B.Sc. in Mathematics and Computer Science from the Hebrew University of Jerusalem in 1993 and 1990, respectively.
11:45	Speaker: Anders Fogh Title: Microarchitecture Vulnerabilities: Past, Present, and Future Abstract: In this talk, we will provide an overview of the past issues that we have seen in the area of microarchitectural attacks and defenses and contextualize them. With the industry perspective and the academic perspective, we will revisit the development before the discovery of Meltdown and Spectre. We will then discuss transient-execution attacks and mitigations from both perspectives. In the main part of the talk, we will discuss more recent developments in software-based attacks on processors. We will discuss logic issues like Reptar as well as new data inference sources. We will discuss exploitation techniques common to attacks on processors and how they evolved over time. Finally, we will discuss how the current issues could be mitigated in the future. In the third part of the talk, we focus more on future attacks and defenses. Particularly interesting is that users interact with an increasing amount and variety of computation hardware such as GPUs and NPUs. Analyzing these systems early in the process is crucial to avoid running into the same pitfalls again. Bio: Anders Fogh works as an offensive security research as an Intel fellow. He is a reowned expert on microarchitecture and memory security. Before joining Intel he worked as a principal security researcher where he worked on incident response and malware analysis. He spend 15 years of his career going from junior software developer to company founder and lead engineer. His work on security has been published in both industry and academic conferences such as Black Hat USA and ACM CCS.
12:30	Closing remarks

When: Jan 31, 2025, 09:30 – 12:15

Where: VU Campus, NU building, room NU-5A47

Prelude: Jan 30, 2025, 11:30 – 12:15, room NU-4B43

Directions to NU building: https://vusec.net/directions

Slides: Available here.

This mini workshop features a strong line-up of leading systems security researchers from around the world. The event is freely accessible to everyone on a first come, first serve basis.

Note: The workshop is on Jan 31 in the morning, but we’ll feature a short prelude from Google security researchers on Jan 30.

Speakers

Prelude (Jan 30 at VU, NU-4B43)

11:30

Speakers: Alexandra Sandulescu, Matteo Rizzo (Google Security Team) Title: Going beyond /etc/shadow Abstract: At Google, we were curious if we could “get root” by exploiting a CPU vulnerability. We successfully exploited multiple vulnerabilities and developed novel techniques to facilitate exploitation. In this presentation, we share some parts of our learning journey with the community and announce our upcoming program that will make it possible for others to join our quest. Bio: We are part of the Google Security Team. Our group focuses on practical exploitation of CPU vulnerabilities, mitigation, validation, and vulnerability research.

12:15

Closing remarks

Workshop program (Jan 31 at VU, NU-5A47)

09:30	Coffee and tea
09:55	Opening by Cristiano Giuffrida (AMSec)
10:00	Speaker: Shweta Shinde Title: Ahoi Attacks: Breaking Confidential VMs with Malicious Interrupts Abstract: Hardware-based Trusted execution environments (TEEs) offer an isolation granularity of virtual machine abstraction. They provide confidential VMs (CVMs) that host security-sensitive code and data. AMD SEV-SNP and Intel TDX both enable CVMs and are now available on major cloud platforms. The untrusted hypervisor in these settings is in control of several resource management and configuration tasks, including interrupts. I will present Heckler and WeSee two new attacks wherein the hypervisor injects malicious interrupts to break the confidentiality and integrity of CVMs. Our insight is to invoke the interrupt handlers that have global effects, such that we can manipulate a CVM’s register states to change the data and control flow. We demonstrate our attacks with different case studies and show their rich primitives on user- and kernel-space code to gain root privileges on the victim CVMs. The talk will conclude on extension of these attacks to prior and future generation of TEEs such as Intel SGX and Arm CCA. Bio: Shweta Shinde is a tenure-track assistant professor at ETH Zurich, where she leads the Secure and Trustworthy Systems Group. Her research is broadly at the intersection of trusted computing, system security, and program analysis. Her group focuses on foundational aspects of confidential computing to protect phones, servers, and accelerators as well as practical aspects of building large systems.
10:45	Speaker: Oleksii Oleksenko Title: Revizor as a Platform for Side Channel Testing Abstract: Attacks such as Spectre and Meltdown use a combination of speculative execution and shared microarchitectural state to leak information across security domains. Defeating them without massive performance overheads requires careful co-design of software and hardware. This talk will present a principled approach for such co-design, based on hardware-software contracts for secure speculation, as well as a platform to test hardware and software using these contract. Bio: Oleksii is a senior researcher at Azure Research, Microsoft in Cambridge, UK. His main focus is on microarchitectural/side-channel vulnerabilities, such as Spectre and Meltdown. He develops specs to describe them, builds tools that detect them, and develops mitigations against these vulnerabilities, across multiple layers of the computing stack.
11:30	Speaker: Thorsten Holz Title: Efficient and Scalable Fuzzing of Complex Software Systems Abstract: In recent years, randomized testing, commonly known as “fuzzing”, has gained significant traction as an effective method for identifying bugs in a wide variety of systems. In this talk, I will present an overview of our recent progress in fuzzing and some of the methods we have developed over the past few years. Our work includes fuzzing web browsers, operating system kernels, hypervisors, and embedded systems. I will also introduce a new perspective on generating input for highly complex formats without relying on heavyweight program analysis techniques, coarse-grained grammar approximations, or human domain experts. Finally, I will conclude the talk with an outlook on open challenges and future research directions in the evolving landscape of software security and testing. Bio: Thorsten Holz is a faculty member at the CISPA Helmholtz Center for Information Security. Before joining CISPA in October 2021, he was a full professor at the Faculty of Electrical Engineering and Information Technology at Ruhr University Bochum, Germany. His research interests include technical aspects of secure systems, with a specific focus on systems security.
12:15	Closing remarks

Mark your calendars: the Second AMSEC Workshop will be on Wednesday October 9, 2019 in the afternoon. The venue will be CWI. A PDF version of the program is available here.

2nd AMSec Workshop

Date and Time

Wednesday October 9, 2019. 

The technical program starts as 13:00h (walk-in and coffee as of 12:30h). 

Location

Euler Room

Amsterdam Science Park Congress Center

Science Park 125

1098 XG Amsterdam

Program

13:00 – 13:30 : Marc Stevens (CWI): Real-world Cryptanalysis
[Slides]

13:30 – 14:00 : Yuri Demchenko (UvA): Cloud Security services and mechanisms: Can modern clouds provide secure and trusted environment for data and business applications?
[Slides]

14:00 – 14:30 : BREAK

14:30 – 15:15 : Keynote – Ronald de Wolf  (CWI, UvA, QuSoft): The potential impact of quantum computers on society
[Slides]

15:15 – 15:45 : Erik van der Kouwe (Leiden): Benchmarking Crimes in Systems Security
[Slides]

15:45 – 16:15 : BREAK

16:15 – 16:45 : Marleen Weulen Kranenbarg (VU, NSCR): Don’t shoot the messenger! A criminological and computer science perspective on coordinated vulnerability disclosure
[Slides] [Paper]

16:45 – 17:15 : Joeri Toet (VU): Move fast, but break (only) your own things?

17:15 – 18:00 : DRINKS

Speakers

Yuri Demchenko

Senior researcher at the System and Network Engineering Research Group, University of Amsterdam

Erik van der Kouwe 

Assistant professor in security at the Computer Systems Group of the LIACS, Leiden University. 

Marc Stevens

Researcher in the Cryptology Group at CWI. 

Joeri Toet

Lecturer at the Faculty of Law, Internet Law, VU Amsterdam. 

Marleen Weulen Kranenbarg

Assistant professor at the Faculty of Law, Criminology, VU Amsterdam; author at NSCR, Nederlands Studiecentrum Criminaliteit en Rechtshandhaving. 

Ronald de Wolf

Researcher at the Algorithms and Complexity Group of CWI; part-time full professor at the ILLC, University of Amsterdam; member of QuSoft. 

Presentations

Real-world Cryptanalysis  

– Marc Stevens (CWI)

In this talk, I will give an overview of cryptanalytic collision attacks on hash functions and how these impacted the real world. The talk will go from theory to practice, to large-scale computations and real-world threat demonstrations, including supermalware and counter-cryptanalysis, and show the demise of one of industry’s old de facto cryptographic standard to a cryptanalytic toy.   

Cloud Security services and mechanisms: Can modern clouds provide secure and trusted environment for data and business applications? 

– Yuri Demchenko (UvA)

The talk will provide a brief overview of the general cloud security model and security services and mechanisms, and next look at how they can be used to provide secure and trusted environment in few use cases of data centric applications. The talk will also introduce the proposed Virtual Infrastructure Trust Bootstrapping (VITBP) protocol that allows bootstrapping cloud virtual infrastructure and on-premises infrastructure.

The potential impact of quantum computers on society

– Ronald de Wolf (CWI, UvA, QuSoft)

This talk considers the potential impact that the nascent technology of quantum computing may have on society. It focuses on three areas: cryptography, optimization, and simulation of quantum systems. We will also discuss some ethical aspects of these developments, and ways to mitigate the risks.

Benchmarking Crimes in Systems Security 

– Erik van der Kouwe (Leiden University)

Properly benchmarking a system is a difficult and intricate task. Even a seemingly innocuous mistake can compromise the guarantees provided by a systems security defense and threaten reproducibility and comparability. Moreover, as many modern defenses trade security for performance, the damage caused by benchmarking mistakes is increasingly worrying. To analyze the magnitude of the phenomenon, we identify 22 benchmarking crimes that threaten the validity of systems security evaluations, and survey 50 defense papers published in top venues. We show that benchmarking crimes are widespread even in papers published at tier-1 venues; tier-1 papers contain an average of five benchmarking crimes and we find only a single paper in our sample without any benchmarking crimes. Moreover, the scale of the problem appears constant over time, suggesting that the community is not yet taking sufficient countermeasures. This threatens the scientific process, which relies on reproducibility and comparability to ensure that published research advances the state of the art. We hope to raise awareness and provide recommendations for improving benchmarking quality and safeguard the scientific process in our community. 

Don’t shoot the messenger! A criminological and computer science perspective on coordinated vulnerability disclosure

– Marleen Weulen Kranenbarg (VU, NSCR)

In the computer science field coordinated vulnerability disclosure is a well-known practice for finding flaws in IT-systems and patching them. In this practice, a white-hat hacker who finds a vulnerability in an IT-system reports that vulnerability to the system’s owner. The owner will then resolve the problem, after which the vulnerability will be disclosed publicly. This practice generally does not focus on potential offenders or black-hat hackers who would likely exploit the vulnerability instead of reporting it. In this paper, we take an interdisciplinary approach and review the current coordinated vulnerability disclosure practice from both a computer science and criminological perspective. We discuss current issues in this practice that could influence the decision to use coordinated vulnerability disclosure versus exploiting a vulnerability. Based on different motives, a rational choice or cost–benefit analyses of the possible reactions after finding a vulnerability will be discussed. Subsequently, implications for practice and future research suggestions are included. 

Move fast, but break (only) your own things? 

– Joeri Toet (VU)

This talk will discuss the conditions under which the legal system would allow for an adequate level of security.

The First AMSEC workshop featured a keynote, research talks from all the participating organisations, much discussion and a lively panel.

Date : May 15, 2019

Time : 13:00-17:00

Place : HG-08A00 (VU Campus)

The first AMSec workshop on May 15, 2019 featured presentations from the various disciplines, accessible to a wide audience, as well as a keynote by Michel van Eeten, professor of Governance of Cybersecurity at TU Delft and member of Cyber Security Council for the Netherlands.

---

Workshop Program

---

13:00-13:15 Introduction to AMSec

13:15-14:00 Keynote: Michel van Eeten

---

<coffee break>

---

14:15-14:35 Drink from the fire hose: how your CPU shouts out your deepest secrets
Speaker Kaveh Razavi, VUSec, Vrije Universiteit Amsterdam

Abstract This talk will introduce the recently disclosed RIDL vulnerability in Intel processors in a manner that is understandable to everyone. RIDL allows attackers to leak sensitive data (such as files containing password information) across any security boundary.

14:35-14:55 Exploring the social dimension of cybercriminal networks.

Speaker Rutger Leukfeldt, NSCR

Abstract We analysed 40 cybercriminal networks that were involved in phishing, banking malware and hacking to see if they could be labelled loners, colleagues, peers, teams, or formal organizations. In contrast with prior research, the majority of our cases can be labelled a team or a formal organization.

14:55-15:15 Lattice-based cryptography: Standardization and security estimation

Speaker Leo Ducas, CWI

Abstract In this talk, I will present the status of the ongoing standardization process for quantum-safe cryptography, highlight some lattice base candidates, and discuss advances in their cryptanalysis.

---

<coffee break>

---

15:30-15:50 Law and cybersecurity

Speaker Anne de Hingh, VU-Centre for Law and Internet

Abstract Breaking security is both prohibited (e.g. hacking) and allowed (police, intelligence agencies). The law is still struggling with designing the right framework in the area of cybercrime, -security, -war. Some issues are enforcement and attribution.

15:50-16:10 SarNet: Autonomous Response Network

Speaker Ralph Koning, SNE, UvA

Abstract Self defending systems or networks can offload security teams and enable them to focus on new and pressing threats. This talk will cover such systems in the context of the SARNET (Secure Autonomous Response NETworks) project: the experimentation environment, a method for evaluating defense performance, and how we orchestrate defenses in single networks and in collaborations of multiple network domains.

---

<coffee break>

---

16:30-17:15 Panel

• Jos Baeten (CWI)
• Jaya Baloo (KPN)
• Marc Witteman (Riscure)
• Joshua Serrao (City of Amsterdam)

17:15-18:00 Drinks

---

Information about speakers and panellists

---

Keynote speaker

Michel van Eeten is professor at Delft University of Technology. He studies the interplay between technological design and economic incentives in cybersecurity. His team analyses large-scale Internet measurement and incident data to identify how the markets for Internet services deal with security risks. He is also a member of the Cyber Security Council, an advisory body of the Dutch government.

Panel

Jaya Baloo is Chief Information Security Officer at KPN Telecom.

---

Marc Witteman is CEO at Riscure

---

Joshua Serrao is Innovation Officer & Smart City Liaison at Chief Technology Office, City of Amsterdam

---

Jos Baeten is General Director of CWI, Amsterdam

---

Research talks

Kaveh Razavi is assistant professor at VUSec (Vrije Universiteit Amsterdam)

---

Rutger Leukfeldt is senior researcher Cybercrime at the NSCR and lector Cybersecurity and SMEs at The Hague University of Applied Sciences.

---

Leo Ducas is researcher in the Crypto group at  CWI

---

Anne de Hingh is researcher in the Internet Law group within the faculty of Law at Vrije Universiteit Amsterdam

---

Ralph Koning is PhD student in the System and Network Engineering research group of the University of Amsterdam

---