Event

Tenth AMSec Workshop: Systems Security

Leave a comment

When: Mar 18, 2025, 13:00 – 15:45

Where: VU Campus, NU building, room NU-5A57

Directions to NU building: https://vusec.net/directions

This mini workshop features a strong line-up of leading systems security researchers from around the world. The event is freely accessible to everyone on a first come, first serve basis.

Speakers

Frank Piessens
KU Leuven
Tamara Rezk
INRIA
Stijn Volckaert
KU Leuven

Workshop program (Mar 18 at VU, NU-5A57)

13:00Coffee and tea
13:25Opening by Cristiano Giuffrida (AMSec)
13:30Speaker: Frank Piessens

Title: The Proteus ecosystem: Tool support for studying hardware/software co-designs for security

Abstract:
Several trends make it interesting, useful, and more realistic to investigate hardware modifications and hardware/software co-designs for system security. First, the past decade has seen a wide variety of micro-architectural attacks that exploit hardware implementation aspects, and defenses against some of these attacks benefit significantly from hardware support. Second, the rise of the open RISC-V Instruction Set Architecture and the growing availability of open-source hardware implementations have made it feasible to take existing hardware and modify it. Third, the evolution of our ICT infrastructure causes shifts in the requirements that system software imposes on hardware. An important example is the trend towards confidential computing, where the hardware mechanisms underlying the classic hierarchical protection models do no longer suffice. Unfortunately, research on hardware extensions and hardware/software co-designs for security is hard: attacks that matter in practice are often against closed-source hardware, performance costs and security benefits of proposed designs can depend strongly on the baseline hardware that one starts from, and rigorous security evaluation is less mature than it is for software-only defenses.

At KU Leuven, we are developing a collection of tools and benchmarks, constructed around the Proteus processor framework, for experimenting with hardware/software co-designs. In particular, our goal is to make research on hardware/software co-designs more reproducible and more comparable. In this talk, I want to discuss the current state of this work, as well as some example research prototypes we built with it already. An important objective is to get some feedback from the audience about what directions we could move forward in to make this work useful to a broader community.

Bio:
Frank Piessens is a full professor in the Department of Computer Science at the Katholieke Universiteit Leuven, Belgium. His research focuses on software and systems security, encompassing both attack techniques and defenses. On the defense side, he has made contributions to formal verification techniques for C-like languages, enforcement of information flow security, hardening against memory safety exploits, mitigating micro-architectural side-channels, and designing and implementing embedded security architectures. On the attack side, he has contributed to the development of novel attack techniques for transient execution attacks, memory safety attacks, and controlled channel attacks. Frank has served on the program committee of numerous prestigious security and software conferences including ACM CCS, Usenix Security, IEEE Security & Privacy, and ACM POPL. He acted as program chair for the International Conference on Principles of Security and Trust (POST 2016), for the IEEE European Symposium on Security & Privacy (Euro S&P 2018 & 2019), and for the IEEE Secure Development Conference (SecDev 2021 & 2022).
14:15Speaker: Tamara Rezk

Title: On Kernel's Safety in the Spectre Era

Abstract:
Address Space Layout Randomization (ASLR) is a widely adopted defense mechanism designed to mitigate memory corruption attacks by randomizing the memory locations of critical software components. Its theoretical effectiveness has been formally established in a shared-memory model by Abadi et al. (2010), relying on specific assumptions about victim programs. However, in practice, sophisticated attacks—such as Blindside (2020)—leverage speculative execution and side-channel techniques to bypass ASLR, undermining its protective capabilities and enabling memory corruption.

In this talk, I will examine these emerging threats, focusing on potential strategies and mitigation techniques aimed at reinforcing kernel security in the Spectre era. Finally, I will discuss which kernel transformations would lead in theory to recover kernel safety for an attacker model featuring speculative execution and side-channel capabilities.

Bio:
Tamara Rezk is a Research Director at Inria and a part-time lecturer at Université Côte d'Azur, Sophia Antipolis, France. Since 2023, she has also been a WASP Guest Professor at Chalmers University of Technology in Gothenburg, Sweden. At Inria, she leads the SPLiTS team, which focuses on developing security analyses and defenses. Her main research interests lie in system security. She has supervised several Ph.D. students on topics such as static and dynamic security analyses, web security, formal methods for security, and provable cryptography. Currently, her work emphasizes designing defenses and principled methods to address microarchitectural attacks and web application vulnerabilities. Rezk has served on numerous program committees, including those of the top-4 security conferences. She has also chaired several events, including IEEE CSF in 2023 and 2024, and is currently track chair for ACM CCS 2025.
15:00Speaker: Stijn Volckaert

Title: Data-Only Attacks and Defenses

Abstract:
For nearly two decades now, the vast majority of critical software vulnerabilities have been memory corruption bugs in C and C++ programs. Attackers often exploit these bugs using control-flow hijacking techniques to seize control over vulnerable programs. This allows them to execute arbitrary code, exfiltrate sensitive data, or escalate the programs' privileges. However, thanks to the successful rollout of mitigations such as control-flow integrity and shadow stacks, it is becoming increasingly harder to mount control-flow attacks.

Inevitably, attackers will have to shift towards other attack techniques such as data-oriented programming (DOP). DOP attacks can alter a program's behavior without causing it to diverge from its legal control-flow paths, and were shown to be potent, expressive, and highly automatable. Moreover, none of the widely deployed mitigations are effective at stopping DOP attacks, while many proposed mitigations incur prohibitively high overhead.

In this talk, we will discuss some of our recent and ongoing work on combating DOP attacks. Concretely, we will discuss our progress on eliminating practicality and compatibility issues in Multi-Variant eXecution (MVX) systems, thus bringing them one step closer to being a viable defense for most desktop and server programs. We will then shift to a completely different approach to the DOP problem by showcasing our ongoing work on efficient and practical full spatial memory safety enforcement.

Bio:
Stijn Volckaert is an associate professor within the DistriNet research group at KU Leuven where he leads a team of 6 PhD students. His research focuses on memory corruption attacks, exploit mitigations, multi-variant execution, software diversity, and sandboxing. Stijn is also the head of the electrical engineering and ICT program at KU Leuven's faculty of engineering technology on the Bruges and Ghent campuses. He joined KU Leuven in 2018 and was previously a postdoctoral scholar at UC Irvine and a PhD student at Ghent University.
15:45Closing remarks
Event

Ninth AMSec Workshop: Systems Security

Leave a comment

When: Feb 4, 2025, 09:00 – 12:30

Where: VU Campus, NU building, room NU-6A25

Directions to NU building: https://vusec.net/directions

Slides: Available here.

This mini workshop features a strong line-up of leading systems security researchers from around the world. The event is freely accessible to everyone on a first come, first serve basis.

Speakers

Mathias Payer
EPFL
Lejla Batina
RU
Yuval Yarom
RUB
Anders Fogh
Intel

Workshop program (Feb 4 at VU, NU-6A25)

09:00Coffee and tea
09:25Opening by Cristiano Giuffrida (AMSec)
09:30Speaker: Mathias Payer

Title: Advanced Android Archaeology: Battling Bloated Complexity

Abstract:
Android has become a ubiquitous platform for running mobile apps, granting different actors access to vast amounts of private data. The growing complexity of the Android ecosystem introduces significant security challenges. In this talk, we will explore multiple layers of Android security: examining the foundational virtualization layers, stress-testing trusted applications, and assessing the impact of recent user-space mitigations. Through the lens of system security, we uncover vulnerabilities even in the most trusted layers. Trusted applications are susceptible to type confusion, while regular apps may face risks such as heap corruption attacks. Join us on this journey to enhance mobile ecosystem security through fuzzing, improved standards, and safer defaults.

Bio:
Mathias Payer is an associate professor at EPFL, leading the HexHive group. His research centers on strengthening software and system security in the presence of vulnerabilities. His broader interests include fuzzing and sanitization to uncover and address flaws, developing effective mitigations to protect against the exploitation of unknown or unpatched bugs, and employing fault isolation to enforce privilege separation. Mathias joined EPFL in 2018 where he founded the Polygl0ts CTF team. Previously, he was an assistant professor at Purdue University, a PostDoc at UC Berkeley, and a PhD student at ETH Zurich.
10:15Speaker: Lejla Batina

Title: AI for hardware security: Friend or Foe

Abstract:
Side-channel analysis has changed the field of cryptography and security and it became the most common cause of real-world security applications failing today. In this talk we first make an overview of side-channel attacks on implementations of cryptography and countermeasures. We discuss the ways Machine learning and AI changed the side-channel analysis landscape and attackers’ capabilities in particular. We survey several examples of AI assisting physical attackers and discuss the impact of AI on the field of hardware security. We also describe the way side-channel analysis can assist the AI model stealing by reverse engineering commercial neural nets architectures. In the end, we identify some avenues for future research.

Bio:
Lejla Batina is a full professor in embedded systems security in Digital Security (DiS) group at Radboud University. She specializes in physical attacks and countermeasures and implementations of cryptography and has published over 170 refereed papers and book chapters in those areas. She got her PhD in 2005 from KU Leuven, Belgium and worked as a cryptographer for 3 years in industry at Pijnenburg Securealink (later SafeNet B.V.). She has served on the program committees of all top crypto and security conferences (USENIX Security, S&P, CCS, EUROCRYPT, CRYPTO). She was a program co-chair of ACNS 2024, ACM WiSec 2021 and CHES 2014 and a general co-chair of CHES2012, EUROCRYPT 2021 and RWC 2021. She received a VIDI grant (2014) and was the PI in several research projects with national and EU funding. She leads a group of 10+ researchers at Radboud University and 12 PhD students have so far graduated under her supervision.
11:00Speaker: Yuval Yarom

Title: On the computational complexity of cache attacks

Abstract:
Over the past two decades research has repeatedly demonstrated the risks that shared caches pose to information confidentiality. In a typical attack, the adversary first manipulates the cache to achieve a known state and then measures changes from the known state to detect victim’s activity leaking the information. Consequently, research on cache attacks typically concentrates on the known state of the cache. Adversarial works show how to achieve such known state and how to detect deviations from it, whereas defensive works propose ways for preventing the attacker from achieving a known state or from measuring deviations in the state. However, much less effort has been spent on understanding the nature of cache state and how it can be manipulated.
In this talk we shift the focus to examining the attacker’s ability to manipulate unknown cache state. We use the cache state of memory locations to represent Boolean variables and demonstrate operations that allow arbitrary computation on these variables. We first design logical gates that operate directly on cache state, allowing a program to control whether memory locations are cached or not depending on whether other locations are cached. We then show that these gates are composable enough to allow arbitrary computation on cache state. Finally, we demonstrate the security implication of universal computation in the cache.

Bio:
Yuval Yarom is a Professor for Computer Security at Ruhr University Bochum. His research focuses on the interface between the software and the hardware. In particular, He is interested in the discrepancy between the way that programmers think about software execution and the concrete execution in modern processors. He is a recipient of a 2020 ARC Discovery Early Career Award and the 2020 CORE Chris Wallace Award for Outstanding Research, a 2020 Young Tall Poppy. Previously, he has been an Associate Professor at the University of Adelaide, the Vice President of Research in Memco Software, and a co-founder and Chief Technology Officer of Girafa.com. Yuval earned his Ph.D. in Computer Science from the University of Adelaide in 2014, and an M.Sc. in Computer Science and a B.Sc. in Mathematics and Computer Science from the Hebrew University of Jerusalem in 1993 and 1990, respectively.
11:45Speaker: Anders Fogh

Title: Microarchitecture Vulnerabilities: Past, Present, and Future

Abstract:
In this talk, we will provide an overview of the past issues that we have seen in the area of microarchitectural attacks and defenses and contextualize them. With the industry perspective and the academic perspective, we will revisit the development before the discovery of Meltdown and Spectre. We will then discuss transient-execution attacks and mitigations from both perspectives.
In the main part of the talk, we will discuss more recent developments in software-based attacks on processors. We will discuss logic issues like Reptar as well as new data inference sources. We will discuss exploitation techniques common to attacks on processors and how they evolved over time. Finally, we will discuss how the current issues could be mitigated in the future. In the third part of the talk, we focus more on future attacks and defenses. Particularly interesting is that users interact with an increasing amount and variety of computation hardware such as GPUs and NPUs. Analyzing these systems early in the process is crucial to avoid running into the same pitfalls again.

Bio:
Anders Fogh works as an offensive security research as an Intel fellow. He is a reowned expert on microarchitecture and memory security. Before joining Intel he worked as a principal security researcher where he worked on incident response and malware analysis. He spend 15 years of his career going from junior software developer to company founder and lead engineer. His work on security has been published in both industry and academic conferences such as Black Hat USA and ACM CCS.
12:30Closing remarks
Event

Eighth AMSec Workshop: Systems Security

Leave a comment

When: Jan 31, 2025, 09:30 – 12:15

Where: VU Campus, NU building, room NU-5A47

Prelude: Jan 30, 2025, 11:30 – 12:15, room NU-4B43

Directions to NU building: https://vusec.net/directions

Slides: Available here.

This mini workshop features a strong line-up of leading systems security researchers from around the world. The event is freely accessible to everyone on a first come, first serve basis.

Note: The workshop is on Jan 31 in the morning, but we’ll feature a short prelude from Google security researchers on Jan 30.

Speakers

Alexandra Sandulescu Matteo Rizzo
Google Security Team
Shweta Shinde
ETH Zurich
Oleksii Oleksenko
MSR
Thorsten Holz
CISPA

Prelude (Jan 30 at VU, NU-4B43)

11:30Speakers: Alexandra Sandulescu, Matteo Rizzo (Google Security Team)

Title: Going beyond /etc/shadow

Abstract:
At Google, we were curious if we could “get root” by exploiting a CPU vulnerability. We successfully exploited multiple vulnerabilities and developed novel techniques to facilitate exploitation. In this presentation, we share some parts of our learning journey with the community and announce our upcoming program that will make it possible for others to join our quest.

Bio:
We are part of the Google Security Team. Our group focuses on practical exploitation of CPU vulnerabilities, mitigation, validation, and vulnerability research.
12:15Closing remarks

Workshop program (Jan 31 at VU, NU-5A47)

09:30Coffee and tea
09:55Opening by Cristiano Giuffrida (AMSec)
10:00Speaker: Shweta Shinde

Title: Ahoi Attacks: Breaking Confidential VMs with Malicious Interrupts

Abstract:
Hardware-based Trusted execution environments (TEEs) offer an isolation granularity of virtual machine abstraction. They provide confidential VMs (CVMs) that host security-sensitive code and data. AMD SEV-SNP and Intel TDX both enable CVMs and are now available on major cloud platforms. The untrusted hypervisor in these settings is in control of several resource management and configuration tasks, including interrupts. I will present Heckler and WeSee two new attacks wherein the hypervisor injects malicious interrupts to break the confidentiality and integrity of CVMs. Our insight is to invoke the interrupt handlers that have global effects, such that we can manipulate a CVM’s register states to change the data and control flow. We demonstrate our attacks with different case studies and show their rich primitives on user- and kernel-space code to gain root privileges on the victim CVMs. The talk will conclude on extension of these attacks to prior and future generation of TEEs such as Intel SGX and Arm CCA.

Bio:
Shweta Shinde is a tenure-track assistant professor at ETH Zurich, where she leads the Secure and Trustworthy Systems Group. Her research is broadly at the intersection of trusted computing, system security, and program analysis. Her group focuses on foundational aspects of confidential computing to protect phones, servers, and accelerators as well as practical aspects of building large systems.
10:45Speaker: Oleksii Oleksenko

Title: Revizor as a Platform for Side Channel Testing

Abstract:
Attacks such as Spectre and Meltdown use a combination of speculative execution and shared microarchitectural state to leak information across security domains. Defeating them without massive performance overheads requires careful co-design of software and hardware. This talk will present a principled approach for such co-design, based on hardware-software contracts for secure speculation, as well as a platform to test hardware and software using these contract.

Bio:
Oleksii is a senior researcher at Azure Research, Microsoft in Cambridge, UK. His main focus is on microarchitectural/side-channel vulnerabilities, such as Spectre and Meltdown. He develops specs to describe them, builds tools that detect them, and develops mitigations against these vulnerabilities, across multiple layers of the computing stack.
11:30Speaker: Thorsten Holz

Title: Efficient and Scalable Fuzzing of Complex Software Systems

Abstract:
In recent years, randomized testing, commonly known as “fuzzing”, has gained significant traction as an effective method for identifying bugs in a wide variety of systems. In this talk, I will present an overview of our recent progress in fuzzing and some of the methods we have developed over the past few years. Our work includes fuzzing web browsers, operating system kernels, hypervisors, and embedded systems. I will also introduce a new perspective on generating input for highly complex formats without relying on heavyweight program analysis techniques, coarse-grained grammar approximations, or human domain experts. Finally, I will conclude the talk with an outlook on open challenges and future research directions in the evolving landscape of software security and testing.

Bio:
Thorsten Holz is a faculty member at the CISPA Helmholtz Center for Information Security. Before joining CISPA in October 2021, he was a full professor at the Faculty of Electrical Engineering and Information Technology at Ruhr University Bochum, Germany. His research interests include technical aspects of secure systems, with a specific focus on systems security.
12:15Closing remarks
Uncategorized

Seventh AMSec Workshop (February 12) – The State of Cyber Security in Amsterdam

Leave a comment

Workshop for industry, university and government
Provisional Program in Collaboration with PCSI

Seventh AMSec Workshop – www.amsec.org 

Please register here

February 12, 2025

ABN Amro Bank, Gustav Mahlerlaan 10, Amsterdam

Auditorium 

From 13.00 – 16:30 + drinks afterwards

With contributions from amongst others:

* Marieke Koekkoek is a Dutch politician for Volt, and has been a Member of Parliament since 2021. 

* Martijn Dekker is Chief Information Security Officer at ABN AMRO Bank and visiting professor Information Security at the University of Amsterdam, conducting research in the field of information security governance, decision making, security automation and information theory.

* Rutger Leukfeldt is professor at Leiden University, lector at the Hague University of Applied Sciences and senior researcher at NSCR. His teaching and research focuses on the human factor in cybercrime.

Bert Hubert is an entrepreneur & software developer. He sometimes contributes to science and cares a lot about Europe, innovation, climate, biology & health. He is a former shareholder of Open-Xchange, the parent company of PowerDNS that he founded in 1999. 

The theme of the Seventh AMSec workshop: 

The Seventh AMSec Workshop: Beyond Regulation

Program

13.00 – Coffee and tea

13.30 – Opening by Martijn Dekker (ABN Amro) // Herbert Bos (AMSec) 

13:35 – Public brainstorm/ interactive opening 

13.45 – Keynote 1: Rutger Leukfeldt (NSCR/Leiden University) on about how children develop into young hackers

14.15 – Q&A

14.20 – Key contribution of Marieke Koekoek (Volt)

14.40 – Break

15.00 – Keynote 2: Bert Hubert – How to deal with permanent insecurity? “Everybody ignores the risks in security products”

15.45 – Keynote 3: Martijn Dekker – on ‘beyond regulation’ from the perspective of ABN AMRO (How can perform the right cybersecurity strategy in the spirit of legislation)

16.15 – Q&A and synthesis 

16.20 – Closing remarks with Herbert Bos en Martijn Dekker

16:30 – Drinks!

Uncategorized

AFFECT.NL Fuzzing Workshop (20.06.2024)

Leave a comment

Please join us for the second edition of the Affect.NL Workshop on

Automated Finding, Fixing or Exploiting of seCuriTy vulnerabilities

Organised by INTERSCT. WP2 ∩ WP4, in collaboration with AMSec and ACCSS.

This workshop is aimed at researchers and practioners from the Netherlands working on fuzzing or other automated – dynamic or static – techniques to find, fix or exploit security vulnerabilities in code. As the goal is to create some collaboration and synergy, there will plenty of time for discussion and informal chats over coffee, lunch and drinks.

Registration

Click here to register.

Logistics

Date: 20th of June 2024

Location: Room NU-5A57 in the NU building, De Boelelaan 1111, Amsterdam .

More information: AFFECT.NL Workshop page

Uncategorized

Sixth AMSec Workshop on State-sponsored Cyber Threats

Leave a comment

Defending Against State-Sponsored Cyber Threats

Provisional program in collaboration with:

Please register here

May 30, 2024
Evert van de Beekstraat 202, 1118 CP, Schiphol 
Auditorium
From 13.00 – 16:30 + drinks afterwards

With contributions from amongst others:

  • Paul Ducheine is brigadier-general and professor for Cyber Operations and Cyber Security at the Netherlands Defence Academy and a professor in the Law of Cyber Warfare at the University of Amsterdam. As a professor of cyber operations at the Netherlands Defense Academy, he knows all about ‘non-kinetic warfare’: where states attack each other using methods like malware or other cyber weapons.
  • Maarten Vughts is program manager within ASML security office, amongst others the  security alliances program and the insider risk program.
  • Piet Bel is manager external relations at the security office of ASML. He has extensive knowledge of the cyberinformation and knowledge war. He has also contributed to the development of the collaboration of business chains with the Dutch government to increase the cyber resilience of society.
  • Reinder Wolthuis is Program manager partnership for cyber security innovation (PCSI) at TNO and member of the ENISA ad-hoc working group SOC/CSIRT. 
  • Jair Santanna is assistant professor at University of Twente and principal researcher at Northwave. In his role, he explores and deploys cutting-edge technologies, such as ML, AI, Cloud Computing, and Quantum Computing to innovate and automate cybersecurity processes.
  • Hedzer Komduur is Director Safety & Environment & CISO of Schiphol.

The theme of the Sixth AMSec workshop: 

Defending Against State-Sponsored Cyber Threats

Join us for the Sixth AMSec workshop as we delve into the pressing issue of state-sponsored cyber threats. In an era where digital warfare is on the rise, understanding the tactics and motivations of state actors is essential for safeguarding our digital infrastructure. Through expert-led key notes and hands-on panels, you’ll gain invaluable insights into the evolving landscape of cybersecurity and learn practical strategies to defend against state-sponsored attacks. Don’t miss this opportunity to enhance your cyber defense capabilities and stay ahead of emerging threats. Register now for the AMSec workshop and secure your spot in the fight against cyber espionage and sabotage. 

Program

13.00 – Coffee and tea

13.30 – Opening

13:35 – Public brainstorm: you are going to engage in a public brainstorm where we will try to find the most important parts of defending against state sponsored cyber threats. What do you think is essential when developing a strategy against state sponsored cyber threats?

13.45 – Keynote 1: Maarten Vughts en Piet Bel (ASML): working together with government & academia to defend against state sponsored attacks

14.15 – Q&A

14:25 – Break

14:45 – Panel: You will have the opportunity to observe an interactive panel discussion discussing the role of government, industry and academia regarding state sponsored cyber threats from different perspectives . With amongst others Reinder Wolthuis (TNO), Jair Santanna (University of Twente)  and others (t.b.a.) 

15:45 – Keynote 2: The perspective of Paul Ducheine (UvA) on defending against state-sponsored cyber threats

16.15 – Q&A and synthesis 

16.20 – Announcements regarding AMSec and the cybersecurity community

16:30 – Closing remarks and drinks!

Uncategorized

NWO Gravitation: 21.5 million euros for ‘Challenges in Cyber Security’

Leave a comment

3 AMSec partners among the 5 co-PIs

‘Challenges in Cyber Security’ is one of seven research projects that received an NWO Gravitation grant this year. The project has the impressive sum of 21.5 million euros attached.

The ‘Challenges in Cyber Security’ project brings together top researchers from the hard sciences in the cyber security field. In the words of Minister Dijkgraaf (Education, Culture and Science), places the research among ‘the world’s scientific top’. Three of the 5 PIs and 12 additional researchers who are cooperating in this project are also in AMSec.

The project is one of seven research projects that received an NWO Gravitation grant this year. Under the rubric of this project, a team of more than thirty cyber security researchers is ready to rebuild cyber security on new solid foundations. Tanja Lange of TU/e is leading the project, in cooperation with Lejla Batina (RU), Herbert Bos (VU), Marten van Dijk (CWI & VU) and Christian Schaffner (UvA). 

AMSec PIs:

Herbert Bos (VU)

Marten van Dijk (CWI + VU)

Christian Schaffner (UvA)

Other PIs

Tanja Lange (TU/e) – Main PI

Lejla Batina (RU)

Uncategorized

Fifth AMSec Workshop: Security and AI

Leave a comment

How do we unite cybersecurity and artificial intelligence?

October 12, 2023
Science Park 125, 1098 XG, Amsterdam
Seminar room: Turing Room
From 13.30 – 16:30 + drinks afterward

Please register here

With contributions from amongst others:

Marten van Dijk is professor of Secure and Intelligent Computing at VU University and Group Lead Computer Security at CWI. As a computer security researcher, he investigates and develops new techniques targeting solutions of foundational security problems. He focuses on the intersection of security and machine learning and how machine learning can provide reliable and robust intelligence.

Stjepan Picek, associate professor in the Digital Security (DiS) group at Radboud University, studies the intersection of cybersecurity and artificial intelligence. Combining those fields, he specializes in implementation attacks (side-channel analysis, fault injection) and security of machine learning.

Walco Sibbel, major account manager at Palo Alto Networks, is involved in the latest developments of the industry regarding cybersecurity and AI and can connect industry demand with the latest technical developments.

The theme of the workshop:

How do we unite cybersecurity and artificial intelligence?

Kaitai Lang joined the Cybersecurity group at Delft University of Technology in 2020. Before joining TU Delft, he was an Assistant Professor in Secure Systems at the University of Surrey, UK, and an academic member of the Surrey Centre for Cyber Security. He received his PhD degree in computer science from Department of Computer Science at City University of Hong Kong. With over 11 years experiences on cybersecurity R&D, his main focus is on the design and implementation of cryptographic protocols to security.

Joep Gommers, founder & CEO at EclecticIQ (threat intelligence, hunting and response)

Paul Timmers Research Associate Oxford University & Ex European Commission

AI and Cybersecurity

How do AI and cybersecurity relate to each other? And what grant vision do we have for the application of AI on cybersecurity and the cybersecurity of AI? In this workshop we will explore the topic ‘AI and cybersecurity’ from a hardware, software and policy perspective. The workshop involves inspiring key notes and an interactive panel discussion. There will be a lively discussion and interaction with the audience with key representatives from both industry, academia and government.

Program

13.30: Opening

13:35 – Public brainstorm: you are going to engage in a public brainstorm where we will try to find a common definition of AI & Cybersecurity. What do you think is the essence of security by design?

13.45 – Keynote 1: Marten van Dijk.

Marten van Dijk. IEEE Fellow, professor of Secure and Intelligent Computing at VU University and Group Lead Computer Security at CWI.

14.15 – Q&A

14:25 – Break

14:45 – Panel: You will have the opportunity to observe an interactive panel discussion discussing the role of government, industry and academia regarding cybersecurity and artificial intelligence from different perspectives . With amongst others Stjepan Picek (Radboud University) , Walco Sibbel (Palo Alto Networks), Kaitai Lang (TU-Delft), and Paul Timmers (Oxford University).

15:45 – Keynote 2: Joep Gommers.

Joep Gommers. Founder & CEO at EclecticIQ (threat intelligence, hunting and response)

 

16.15 – Q&A and synthesis.

16:30 – Closing remarks and drinks!

Uncategorized

Fourth AMSEC Symposium: Security by Design

Leave a comment

How do we unite the many different perspectives on security by design?

Please register here

February 16, 2023 

Van der Boechorststraat 7, 1081 BT Amsterdam

Seminar room: MF-A415   

From 13.30 – 16:30 + drinks afterwards

With contributions from Bart Jacobs and Bart Preneel

Bart Jacobs, professor of Security, Privacy and Identity at Radboud University Nijmegen, tirelessly delves into matters that you sometimes would rather not hear, but need to know. He showed vulnerabilities in the public transport chip card, bank cards, voting computers, ‘smart’ meters and car keys, and in countless databases with private data. He also develops secure alternatives, such as the IRMA app that allows you to log in in a privacy-friendly manner.

Bart Preneel, professor at the Catholic University of Leuven, is a Belgian cryptographer and cryptanalyst. He co-invented the Miyaguchi-Preneel compression function, a robust structure used in hash functionsl. He is also one of the authors of the RIPEMD hash function and co-inventor of the MUGI and Trivium stream ciphers. Preneel contributed to the cryptanalysis of several cryptographic algorithms, including RC4 and SecurID.

Dr. Cristina Del-Real, assistant professor in Cyber Crisis at the Institute of Security and Global Affairs (ISGA) at Leiden University, is an expert on the multitude of definitions of security by design  Previously she worked as a postdoctoral researcher in cybersecurity governance at ISGA. She is part of the NWO-funded project ‘Cyber Security by Integrated Design’ (C-SIDe),:

Dr. Erik Poll, associate professor in the Digital Security (DiS) group Institute for Computing and Information Sciences Radboud University Nijmegen, is an expert on software security. He leads the security by design work package at the INTERSECT project. 

→ More contributors will be added soon!

Theme of the workshop:

How do we unite the many different perspectives on security by design? 

How do we define security by design? And what grant vision do we have? What is its practical feasibility? In this workshop we will explore the topic ‘security by design’ from a hardware, software and policy perspective. The workshop involves inspiring key notes and an interactive panel discussion. There will be a lively discussion and interaction with the audience with key representatives from both industry, academia and government. 

Provisional program:

13:30 – Public brainstorm: you are going to engage in a public brainstorm where we will try to find a common definition of security by design. What do you think is the essence of security by design? 

13.45 – Keynote 1: Bart Jacobs

14.15 – Q&A

14:25 – Break

14:45 – Panel: Cristina del Real, Erik Pol, Jasper Nagtegaal
You will have the opportunity to observe an Interactive panel discussion discussing the role of government, industry and academia regarding security by design from different perspectives (“hardware & infrastructure”; “software & application” and “economics & policy”).

15:45 – Keynote 2: Bart Preneel

16.15 – Q&A and brainstorm: There is an opportunity for a Q&A and there will be a second public brainstorm on the definition of security by design. We will investigate together in what way the input of the public differs what this us? The insights gained in this workshop will be used by policy makers, academics and the industry to further align the efforts to make secure hard & software by design. 

16:30 – Wrap up and drinks!

Uncategorized

Third AMSEc workshop: Systems Security

Leave a comment

Date: Friday 25th of October 2019

Time: 9:45 – 13:15

Location: VU Campus, main building, room HG-06A32

This mini workshop features a strong line-up of leading system security researchers from around the world. The event is freely accessible to everyone on a first come, first serve basis.

Speakers:

  • U. Michael Franz (UC Irvine)
This image has an empty alt attribute; its file name is 3ec2dcd0.jpg
  • Mathias Payer (EPFL)
Purdue University - Department of Computer Science ...
  • Stijn Volckaert (KU Leuven)
Afbeeldingsresultaat voor Stijn Volckaert leuven
  • Lucas Davi (U. Duisburg)
Afbeeldingsresultaat voor lucas davi
  • Stefan Brunthaler ( U. der Bundeswehr)
Afbeeldingsresultaat voor stefan brunthaler
  • Robert Buhren (TU Berlin)
Robert Buhren

Preliminary program

9:45 – 10:15

Speaker: Lucas Davi

Title: Risky Contracts: Breaking and Fixing Smart Contracts

Abstract: 

Smart contracts are computer programs that execute on the blockchain, receive and send transactions, and maintain a balance of cryptocurrency. In the recent past, we have witnessed a variety of attacks against smart contracts with cryptocurrency loses up to 50 million US Dollars. These attacks were possible due to errors in the smart contract logic. To tackle such attacks, a large number of mitigation technologies have been proposed. In this talk, we provide an overview of static and dynamic analysis techniques to tackle smart contract errors.

—————————————————————–

10:15 – 10:45

Speaker: Mathias Payer

Title: Fuzzing Low-level Code

Abstract:

In an eternal war in memory, state corruption plagues systems since the dawn of computing. Despite the rise of strong mitigations such as stack cookies, ASLR, DEP, or most recently Control-Flow Integrity, exploits are still prevalent as none of these defenses offers complete protection. This situation calls for program testing techniques that discover reachable vulnerabilities before the attacker. Finding and fixing bugs is the only way to protect against all exploitation. 

We develop fuzzing techniques that follow an adversarial approach, focusing on the exposed attack surface and exploring potentially reachable vulnerabilities. In this talk we will discuss two aspects of fuzzing hard to reach code: (i) learning what code is exposed to attacker-controlled input and (ii) testing drivers that interact with exposed peripherals.

First, we assess the threat surface by characterizing the potential computational power that a vulnerability gives. In a multi-step process we follow the flow of information an synthesize potential attacker payloads to learn how exposed certain code sequences are. Second, by

providing a custom-tailored emulation environment we create mock Trojan devices that allow fuzzing the peripheral/driver interface. In these projects we develop new techniques to test different kinds of hard to reach code and exposed large amounts of vulnerabilities.

—————————————————————–

10:45 – 11:15

Speaker: Stijn Volckaert

Title: Making Multi-Variant Execution Practical in the Real World

Abstract: 

Multi-Variant Execution Environments (MVEEs) have shown great promise as a mechanism to defend against exploitation of software vulnerabilities. Their core idea is to run multiple versions (or diversified variants) of the same program in tandem on top of a small and efficient hypervisor that distributes program inputs, compares outputs, and terminates the variants when their outputs diverge. With properly constructed variants, one can guarantee that any exploitation attempt will trigger a divergence and, hence, termination before the exploit succeeds.

Unfortunately, MVEEs have seen virtually no adoption outside of military settings. In this talk, I will give an overview of the biggest hurdles that stand in the way of greater adoption. I will also discuss some preliminary research towards overcoming these hurdles and suggest future research directions.

—————————————————————–

11:15 – 11:45

Break

—————————————————————–

11:45 – 12:15

Speaker: Stefan Brunthaler

Title: MAD: Memory Allocation Diversity

Abstract:

We present MAD, short for memory allocation diversity, a method to diversify memory management routines, which hitherto were highly predictable and deterministic. The need for such diversification arises from memory massaging techniques used, for example, in known RowHammer attacks.  By coercing or enumerating physical page frames, adversaries create vulnerable configurations required for row hammering.

MAD builds on the principles underlying software diversity and, therefore, offers similar benefits: simplicity, efficiency, portability, and versatility. Simplicity is evidenced by an implementation that

requires less than a thousand lines of code. Efficiency is indicated by a low performance impact on a variety of benchmarks, including SPEC CPU 2017, where we report an impact by a factor of 1.006x. Portability is supported by MAD’s independence of any specific hardware feature, architecture, or knowledge. Put differently, MAD is a software-only defense that is completely hardware-agnostic. Versatility is provided by the fact that MAD requires no OS internals and, therefore, can be used to diversify memory allocation in all kinds of system software, such as browsers and databases. 

In addition, MAD offers comprehensive security. Specifically, MAD follows a two-pronged strategy to mitigate memory massaging techniques. First, MAD thwarts enumeration of physical pages by using two novel diversification techniques. Second, MAD uses a randomized monitoring and detection technique to prevent brute-force exhaustive memory massaging techniques.

—————————————————————–

12:15 – 12:45

Speaker: Michael Franz

Title: PeriScope: An Effective Probing and Fuzzing Framework for the Hardware-OS Boundary

Abstract:

The OS kernel is an attractive target for remote attackers. If compromised, the kernel gives adversaries full system access, including the ability to install rootkits, extract sensitive information, and perform other malicious actions, all while evading detection. Most of the kernel’s attack surface is situated along the system call boundary. Ongoing kernel protection efforts have focused primarily on securing this boundary; several capable analysis and fuzzing frameworks have been developed for this purpose.

However, there are additional paths to kernel compromise that do not involve system calls, as demonstrated by several recent exploits. For example, by compromising the firmware of a peripheral device such as a Wi-Fi chipset and subsequently sending malicious inputs from the Wi-Fi chipset to the Wi-Fi driver, adversaries have been able to gain control over the kernel without invoking a single system call. Unfortunately, there are currently no practical probing and fuzzing frameworks that can help developers find and fix such vulnerabilities occurring along the hardware-OS boundary.

We present PeriScope, a Linux kernel based probing framework that enables fine-grained analysis of device-driver interactions. PeriScope hooks into the kernel’s page fault handling mechanism to either passively monitor and log traffic between device drivers and their corresponding hardware, or mutate the data stream on-the-fly using a fuzzing component, PeriFuzz, thus mimicking an active adversarial attack. PeriFuzz accurately models the capabilities of an attacker on peripheral devices, to expose different classes of bugs including, but not limited to, memory corruption bugs and double-fetch bugs. To demonstrate the risk that peripheral devices pose, as well as the value of our framework, we have evaluated PeriFuzz on the Wi-Fi drivers of two popular chipset vendors, where we discovered 15 unique vulnerabilities, 9 of which were previously unknown.

—————————————————————–

12:45 – 13:15

Speaker: Robert Buhren

Title: Insecure Until Proven Updated: Analyzing AMD SEV’s Remote Attestation

Abstract:

Customers of cloud services have to trust the cloud providers, as they control the building blocks that form the cloud. This includes the hypervisor enabling the sharing of a single hardware platform among multiple tenants. AMD Secure Encrypted Virtualization (SEV) claims a new level of protection in cloud scenarios. AMD SEV encrypts the main memory of virtual machines with VM-specific keys, thereby denying the higher-privileged hypervisor access to a guest’s memory. To enable the cloud customer to verify the correct deployment of his virtual machine, SEV additionally introduces a remote attestation protocol.This paper analyzes the firmware components that implement the SEV remote attestation protocol on the current AMD Epyc Naples CPU series. We demonstrate that it is possible to extract critical CPU-specific keys that are fundamental for the security of the remote attestation protocol.Building on the extracted keys, we propose attacks that allow a malicious cloud provider a complete circumvention of the SEV protection mechanisms. Although the underlying firmware issues were already fixed by AMD, we show that the current series of AMD Epyc CPUs, i.e., the Naples series, does not prevent the installation of previous firmware versions. We show that the severity of our proposed attacks is very high as no purely software-based mitigations are possible. This effectively renders the SEV technology on current AMD Epyc CPUs useless when confronted with an untrusted cloud provider. To overcome these issues, we also propose robust changes to the SEV design that allow future generations of the SEV technology to mitigate the proposed attacks.