Category Archives: Event

Event

Eighth AMSec Workshop: Systems Security

Leave a comment

When: Jan 31, 2025, 09:30 – 12:15

Where: VU Campus, NU building, room NU-5A47

Prelude: Jan 30, 2025, 11:30 – 12:15, room NU-4B43

Directions to NU building: https://vusec.net/directions

This mini workshop features a strong line-up of leading systems security researchers from around the world. The event is freely accessible to everyone on a first come, first serve basis.

Note: The workshop is on Jan 31 in the morning, but we’ll feature a short prelude from Google security researchers on Jan 30.

Speakers

Alexandra Sandulescu, Matteo Rizzo
(Google Security Team)

Shweta Shinde (ETH Zurich)

Oleksii Oleksenko (MSR)

Thorsten Holz (CISPA)

Prelude (Jan 30 at VU, NU-4B43)

11:30Speakers: Alexandra Sandulescu, Matteo Rizzo (Google Security Team)

Title: Going beyond /etc/shadow

Abstract:
At Google, we were curious if we could “get root” by exploiting a CPU vulnerability. We successfully exploited multiple vulnerabilities and developed novel techniques to facilitate exploitation. In this presentation, we share some parts of our learning journey with the community and announce our upcoming program that will make it possible for others to join our quest.

Bio:
We are part of the Google Security Team. Our group focuses on practical exploitation of CPU vulnerabilities, mitigation, validation, and vulnerability research.
12:15Closing remarks

Workshop program (Jan 31 at VU, NU-5A47)

09:30Coffee and tea
09:55Opening by Cristiano Giuffrida (AMSec)
10:00Speaker: Shweta Shinde

Title: Ahoi Attacks: Breaking Confidential VMs with Malicious Interrupts

Abstract:
Hardware-based Trusted execution environments (TEEs) offer an isolation granularity of virtual machine abstraction. They provide confidential VMs (CVMs) that host security-sensitive code and data. AMD SEV-SNP and Intel TDX both enable CVMs and are now available on major cloud platforms. The untrusted hypervisor in these settings is in control of several resource management and configuration tasks, including interrupts. I will present Heckler and WeSee two new attacks wherein the hypervisor injects malicious interrupts to break the confidentiality and integrity of CVMs. Our insight is to invoke the interrupt handlers that have global effects, such that we can manipulate a CVM’s register states to change the data and control flow. We demonstrate our attacks with different case studies and show their rich primitives on user- and kernel-space code to gain root privileges on the victim CVMs. The talk will conclude on extension of these attacks to prior and future generation of TEEs such as Intel SGX and Arm CCA.

Bio:
Shweta Shinde is a tenure-track assistant professor at ETH Zurich, where she leads the Secure and Trustworthy Systems Group. Her research is broadly at the intersection of trusted computing, system security, and program analysis. Her group focuses on foundational aspects of confidential computing to protect phones, servers, and accelerators as well as practical aspects of building large systems.
10:45Speaker: Oleksii Oleksenko

Title: Revizor as a Platform for Side Channel Testing

Abstract:
Attacks such as Spectre and Meltdown use a combination of speculative execution and shared microarchitectural state to leak information across security domains. Defeating them without massive performance overheads requires careful co-design of software and hardware. This talk will present a principled approach for such co-design, based on hardware-software contracts for secure speculation, as well as a platform to test hardware and software using these contract.

Bio:
Oleksii is a senior researcher at Azure Research, Microsoft in Cambridge, UK. His main focus is on microarchitectural/side-channel vulnerabilities, such as Spectre and Meltdown. He develops specs to describe them, builds tools that detect them, and develops mitigations against these vulnerabilities, across multiple layers of the computing stack.
11:30Speaker: Thorsten Holz

Title: Efficient and Scalable Fuzzing of Complex Software Systems

Abstract:
In recent years, randomized testing, commonly known as “fuzzing”, has gained significant traction as an effective method for identifying bugs in a wide variety of systems. In this talk, I will present an overview of our recent progress in fuzzing and some of the methods we have developed over the past few years. Our work includes fuzzing web browsers, operating system kernels, hypervisors, and embedded systems. I will also introduce a new perspective on generating input for highly complex formats without relying on heavyweight program analysis techniques, coarse-grained grammar approximations, or human domain experts. Finally, I will conclude the talk with an outlook on open challenges and future research directions in the evolving landscape of software security and testing.

Bio:
Thorsten Holz is a faculty member at the CISPA Helmholtz Center for Information Security. Before joining CISPA in October 2021, he was a full professor at the Faculty of Electrical Engineering and Information Technology at Ruhr University Bochum, Germany. His research interests include technical aspects of secure systems, with a specific focus on systems security.
12:15Closing remarks
Event

Second AMSEC Workshop

Mark your calendars: the Second AMSEC Workshop will be on Wednesday October 9, 2019 in the afternoon. The venue will be CWI. A PDF version of the program is available here.

2nd AMSec Workshop

Date and Time

Wednesday October 9, 2019. 

The technical program starts as 13:00h (walk-in and coffee as of 12:30h). 

Location

Euler Room

Amsterdam Science Park Congress Center

Science Park 125

1098 XG Amsterdam

Program

13:00 – 13:30 : Marc Stevens (CWI): Real-world Cryptanalysis
[Slides]

13:30 – 14:00 : Yuri Demchenko (UvA): Cloud Security services and mechanisms: Can modern clouds provide secure and trusted environment for data and business applications?
[Slides]

14:00 – 14:30 : BREAK

14:30 – 15:15 : Keynote – Ronald de Wolf  (CWI, UvA, QuSoft): The potential impact of quantum computers on society
[Slides]

15:15 – 15:45 : Erik van der Kouwe (Leiden): Benchmarking Crimes in Systems Security
[Slides]

15:45 – 16:15 : BREAK

16:15 – 16:45 : Marleen Weulen Kranenbarg (VU, NSCR): Don’t shoot the messenger! A criminological and computer science perspective on coordinated vulnerability disclosure
[Slides] [Paper]

16:45 – 17:15 : Joeri Toet (VU): Move fast, but break (only) your own things?

17:15 – 18:00 : DRINKS

Speakers

Yuri Demchenko

Senior researcher at the System and Network Engineering Research Group, University of Amsterdam

Erik van der Kouwe 

Assistant professor in security at the Computer Systems Group of the LIACS, Leiden University. 

Marc Stevens

Researcher in the Cryptology Group at CWI. 

Joeri Toet

Lecturer at the Faculty of Law, Internet Law, VU Amsterdam. 

Marleen Weulen Kranenbarg

Assistant professor at the Faculty of Law, Criminology, VU Amsterdam; author at NSCR, Nederlands Studiecentrum Criminaliteit en Rechtshandhaving. 

Ronald de Wolf

Researcher at the Algorithms and Complexity Group of CWI; part-time full professor at the ILLC, University of Amsterdam; member of QuSoft. 


Presentations

Real-world Cryptanalysis  

– Marc Stevens (CWI)

In this talk, I will give an overview of cryptanalytic collision attacks on hash functions and how these impacted the real world. The talk will go from theory to practice, to large-scale computations and real-world threat demonstrations, including supermalware and counter-cryptanalysis, and show the demise of one of industry’s old de facto cryptographic standard to a cryptanalytic toy.   

Cloud Security services and mechanisms: Can modern clouds provide secure and trusted environment for data and business applications? 

– Yuri Demchenko (UvA)

The talk will provide a brief overview of the general cloud security model and security services and mechanisms, and next look at how they can be used to provide secure and trusted environment in few use cases of data centric applications. The talk will also introduce the proposed Virtual Infrastructure Trust Bootstrapping (VITBP) protocol that allows bootstrapping cloud virtual infrastructure and on-premises infrastructure.

The potential impact of quantum computers on society

– Ronald de Wolf (CWI, UvA, QuSoft)

This talk considers the potential impact that the nascent technology of quantum computing may have on society. It focuses on three areas: cryptography, optimization, and simulation of quantum systems. We will also discuss some ethical aspects of these developments, and ways to mitigate the risks.

Benchmarking Crimes in Systems Security 

– Erik van der Kouwe (Leiden University)

Properly benchmarking a system is a difficult and intricate task. Even a seemingly innocuous mistake can compromise the guarantees provided by a systems security defense and threaten reproducibility and comparability. Moreover, as many modern defenses trade security for performance, the damage caused by benchmarking mistakes is increasingly worrying. To analyze the magnitude of the phenomenon, we identify 22 benchmarking crimes that threaten the validity of systems security evaluations, and survey 50 defense papers published in top venues. We show that benchmarking crimes are widespread even in papers published at tier-1 venues; tier-1 papers contain an average of five benchmarking crimes and we find only a single paper in our sample without any benchmarking crimes. Moreover, the scale of the problem appears constant over time, suggesting that the community is not yet taking sufficient countermeasures. This threatens the scientific process, which relies on reproducibility and comparability to ensure that published research advances the state of the art. We hope to raise awareness and provide recommendations for improving benchmarking quality and safeguard the scientific process in our community. 

Don’t shoot the messenger! A criminological and computer science perspective on coordinated vulnerability disclosure

– Marleen Weulen Kranenbarg (VU, NSCR)

In the computer science field coordinated vulnerability disclosure is a well-known practice for finding flaws in IT-systems and patching them. In this practice, a white-hat hacker who finds a vulnerability in an IT-system reports that vulnerability to the system’s owner. The owner will then resolve the problem, after which the vulnerability will be disclosed publicly. This practice generally does not focus on potential offenders or black-hat hackers who would likely exploit the vulnerability instead of reporting it. In this paper, we take an interdisciplinary approach and review the current coordinated vulnerability disclosure practice from both a computer science and criminological perspective. We discuss current issues in this practice that could influence the decision to use coordinated vulnerability disclosure versus exploiting a vulnerability. Based on different motives, a rational choice or cost–benefit analyses of the possible reactions after finding a vulnerability will be discussed. Subsequently, implications for practice and future research suggestions are included. 

Move fast, but break (only) your own things? 

– Joeri Toet (VU)

This talk will discuss the conditions under which the legal system would allow for an adequate level of security.

Event

First AMSEC Workshop: Security in Diversity

The First AMSEC workshop featured a keynote, research talks from all the participating organisations, much discussion and a lively panel.

Date : May 15, 2019

Time : 13:00-17:00

Place : HG-08A00 (VU Campus)

The first AMSec workshop on May 15, 2019 featured presentations from the various disciplines, accessible to a wide audience, as well as a keynote by Michel van Eeten, professor of Governance of Cybersecurity at TU Delft and member of Cyber Security Council for the Netherlands.

Workshop Program

13:00-13:15 Introduction to AMSec

13:15-14:00 Keynote: Michel van Eeten

<coffee break>

14:15-14:35 Drink from the fire hose: how your CPU shouts out your deepest secrets
Speaker Kaveh Razavi, VUSec, Vrije Universiteit Amsterdam

Abstract This talk will introduce the recently disclosed RIDL vulnerability in Intel processors in a manner that is understandable to everyone. RIDL allows attackers to leak sensitive data (such as files containing password information) across any security boundary.

14:35-14:55 Exploring the social dimension of cybercriminal networks.

Speaker Rutger Leukfeldt, NSCR

Abstract We analysed 40 cybercriminal networks that were involved in phishing, banking malware and hacking to see if they could be labelled loners, colleagues, peers, teams, or formal organizations. In contrast with prior research, the majority of our cases can be labelled a team or a formal organization.

14:55-15:15 Lattice-based cryptography: Standardization and security estimation

Speaker Leo Ducas, CWI

Abstract In this talk, I will present the status of the ongoing standardization process for quantum-safe cryptography, highlight some lattice base candidates, and discuss advances in their cryptanalysis.

<coffee break>

15:30-15:50 Law and cybersecurity

Speaker Anne de Hingh, VU-Centre for Law and Internet

Abstract Breaking security is both prohibited (e.g. hacking) and allowed (police, intelligence agencies). The law is still struggling with designing the right framework in the area of cybercrime, -security, -war. Some issues are enforcement and attribution.

15:50-16:10 SarNet: Autonomous Response Network

Speaker Ralph Koning, SNE, UvA

Abstract Self defending systems or networks can offload security teams and enable them to focus on new and pressing threats. This talk will cover such systems in the context of the SARNET (Secure Autonomous Response NETworks) project: the experimentation environment, a method for evaluating defense performance, and how we orchestrate defenses in single networks and in collaborations of multiple network domains.

<coffee break>

16:30-17:15 Panel

  • Jos Baeten (CWI)
  • Jaya Baloo (KPN)
  • Marc Witteman (Riscure)
  • Joshua Serrao (City of Amsterdam)

17:15-18:00 Drinks


Information about speakers and panellists

Keynote speaker

Michel van Eeten « HITBSecConf2018 – Amsterdam
Michel van Eeten is professor at Delft University of Technology. He studies the interplay between technological design and economic incentives in cybersecurity. His team analyses large-scale Internet measurement and incident data to identify how the markets for Internet services deal with security risks. He is also a member of the Cyber Security Council, an advisory body of the Dutch government.

Panel

Cyberinsecurity | NRC Live

Jaya Baloo is Chief Information Security Officer at KPN Telecom.

Afbeeldingsresultaat voor marc witteman riscure

Marc Witteman is CEO at Riscure

Afbeeldingsresultaat voor !g joshua serrao

Joshua Serrao is Innovation Officer & Smart City Liaison at Chief Technology Office, City of Amsterdam

Jos Baeten is General Director of CWI, Amsterdam

Research talks

Afbeeldingsresultaat voor kaveh razavi

Kaveh Razavi is assistant professor at VUSec (Vrije Universiteit Amsterdam)

dr. Rutger Leukfeldt, Author at NSCR

Rutger Leukfeldt is senior researcher Cybercrime at the NSCR and lector Cybersecurity and SMEs at The Hague University of Applied Sciences.

Leo Ducas is researcher in the Crypto group at  CWI

Anne de Hingh is researcher in the Internet Law group within the faculty of Law at Vrije Universiteit Amsterdam

Afbeeldingsresultaat voor ralph koning

Ralph Koning is PhD student in the System and Network Engineering research group of the University of Amsterdam