AmSec workshop on system security

Date : Friday 25th of October 2019

Time : 9:45 – 13:15

Location : VU Campus, main building, room HG-06A32

This mini workshop features a strong line-up of leading system security researchers from around the world. The event is freely accessible to everyone on a first come, first serve basis.


  • Michael Franz (UC Irvine)
  • Mathias Payer (EPFL)
Purdue University - Department of Computer Science ...
  • Stijn Volckaert (KU Leuven)
Afbeeldingsresultaat voor Stijn Volckaert leuven
  • Lucas Davi (U. Duisburg)
Afbeeldingsresultaat voor lucas davi
  • Stefan Brunthaler ( U. der Bundeswehr)
Afbeeldingsresultaat voor stefan brunthaler
  • Robert Buhren (TU Berlin)
Robert Buhren

Preliminary Program

9:45 – 10:15

Speaker: Lucas Davi


Title: Risky Contracts: Breaking and Fixing Smart Contracts

Smart contracts are computer programs that execute on the blockchain, receive and send transactions, and maintain a balance of cryptocurrency. In the recent past, we have witnessed a variety of attacks against smart contracts with cryptocurrency loses up to 50 million US Dollars. These attacks were possible due to errors in the smart contract logic. To tackle such attacks, a large number of mitigation technologies have been proposed. In this talk, we provide an overview of static and dynamic analysis techniques to tackle smart contract errors.


10:15 – 10:45

Speaker: Mathias Payer

Title: Fuzzing Low-level Code


In an eternal war in memory, state corruption plagues systems since the dawn of computing. Despite the rise of strong mitigations such as stack cookies, ASLR, DEP, or most recently Control-Flow Integrity, exploits are still prevalent as none of these defenses offers complete protection. This situation calls for program testing techniques that discover reachable vulnerabilities before the attacker. Finding and fixing bugs is the only way to protect against all exploitation. 

We develop fuzzing techniques that follow an adversarial approach, focusing on the exposed attack surface and exploring potentially reachable vulnerabilities. In this talk we will discuss two aspects of fuzzing hard to reach code: (i) learning what code is exposed to attacker-controlled input and (ii) testing drivers that interact with exposed peripherals.

First, we assess the threat surface by characterizing the potential computational power that a vulnerability gives. In a multi-step process we follow the flow of information an synthesize potential attacker payloads to learn how exposed certain code sequences are. Second, by

providing a custom-tailored emulation environment we create mock Trojan devices that allow fuzzing the peripheral/driver interface. In these projects we develop new techniques to test different kinds of hard to reach code and exposed large amounts of vulnerabilities.


10:45 – 11:15

Speaker: Stijn Volckaert

Title: TBD

Abstract: TBD


11:15 – 11:45



11:45 – 12:15

Speaker: Stefan Brunthaler

Title: MAD: Memory Allocation Diversity


We present MAD, short for memory allocation diversity, a method to diversify memory management routines, which hitherto were highly predictable and deterministic. The need for such diversification arises from memory massaging techniques used, for example, in known RowHammer attacks.  By coercing or enumerating physical page frames, adversaries create vulnerable configurations required for row hammering.

MAD builds on the principles underlying software diversity and, therefore, offers similar benefits: simplicity, efficiency, portability, and versatility. Simplicity is evidenced by an implementation that

requires less than a thousand lines of code. Efficiency is indicated by a low performance impact on a variety of benchmarks, including SPEC CPU 2017, where we report an impact by a factor of 1.006x. Portability is supported by MAD’s independence of any specific hardware feature, architecture, or knowledge. Put differently, MAD is a software-only defense that is completely hardware-agnostic. Versatility is provided by the fact that MAD requires no OS internals and, therefore, can be used to diversify memory allocation in all kinds of system software, such as browsers and databases. 

In addition, MAD offers comprehensive security. Specifically, MAD follows a two-pronged strategy to mitigate memory massaging techniques. First, MAD thwarts enumeration of physical pages by using two novel diversification techniques. Second, MAD uses a randomized monitoring and detection technique to prevent brute-force exhaustive memory massaging techniques.


12:15 – 12:45

Speaker: Michael Franz

Title: TBD

Abstract: TBD


12:45 – 13:15

Speaker: Robert Buhren

Title: Insecure Until Proven Updated: Analyzing AMD SEV’s Remote Attestation


Customers of cloud services have to trust the cloud providers, as they control the building blocks that form the cloud. This includes the hypervisor enabling the sharing of a single hardware platform among multiple tenants. AMD Secure Encrypted Virtualization (SEV) claims a new level of protection in cloud scenarios. AMD SEV encrypts the main memory of virtual machines with VM-specific keys, thereby denying the higher-privileged hypervisor access to a guest’s memory. To enable the cloud customer to verify the correct deployment of his virtual machine, SEV additionally introduces a remote attestation protocol.This paper analyzes the firmware components that implement the SEV remote attestation protocol on the current AMD Epyc Naples CPU series. We demonstrate that it is possible to extract critical CPU-specific keys that are fundamental for the security of the remote attestation protocol.Building on the extracted keys, we propose attacks that allow a malicious cloud provider a complete circumvention of the SEV protection mechanisms. Although the underlying firmware issues were already fixed by AMD, we show that the current series of AMD Epyc CPUs, i.e., the Naples series, does not prevent the installation of previous firmware versions. We show that the severity of our proposed attacks is very high as no purely software-based mitigations are possible. This effectively renders the SEV technology on current AMD Epyc CPUs useless when confronted with an untrusted cloud provider. To overcome these issues, we also propose robust changes to the SEV design that allow future generations of the SEV technology to mitigate the proposed attacks.