Third AMSEc workshop: Systems Security

Date: Friday 25th of October 2019

Time: 9:45 – 13:15

Location: VU Campus, main building, room HG-06A32

This mini workshop features a strong line-up of leading system security researchers from around the world. The event is freely accessible to everyone on a first come, first serve basis.


  • U. Michael Franz (UC Irvine)
This image has an empty alt attribute; its file name is 3ec2dcd0.jpg
  • Mathias Payer (EPFL)
Purdue University - Department of Computer Science ...
  • Stijn Volckaert (KU Leuven)
Afbeeldingsresultaat voor Stijn Volckaert leuven
  • Lucas Davi (U. Duisburg)
Afbeeldingsresultaat voor lucas davi
  • Stefan Brunthaler ( U. der Bundeswehr)
Afbeeldingsresultaat voor stefan brunthaler
  • Robert Buhren (TU Berlin)
Robert Buhren

Preliminary program

9:45 – 10:15

Speaker: Lucas Davi

Title: Risky Contracts: Breaking and Fixing Smart Contracts


Smart contracts are computer programs that execute on the blockchain, receive and send transactions, and maintain a balance of cryptocurrency. In the recent past, we have witnessed a variety of attacks against smart contracts with cryptocurrency loses up to 50 million US Dollars. These attacks were possible due to errors in the smart contract logic. To tackle such attacks, a large number of mitigation technologies have been proposed. In this talk, we provide an overview of static and dynamic analysis techniques to tackle smart contract errors.


10:15 – 10:45

Speaker: Mathias Payer

Title: Fuzzing Low-level Code


In an eternal war in memory, state corruption plagues systems since the dawn of computing. Despite the rise of strong mitigations such as stack cookies, ASLR, DEP, or most recently Control-Flow Integrity, exploits are still prevalent as none of these defenses offers complete protection. This situation calls for program testing techniques that discover reachable vulnerabilities before the attacker. Finding and fixing bugs is the only way to protect against all exploitation. 

We develop fuzzing techniques that follow an adversarial approach, focusing on the exposed attack surface and exploring potentially reachable vulnerabilities. In this talk we will discuss two aspects of fuzzing hard to reach code: (i) learning what code is exposed to attacker-controlled input and (ii) testing drivers that interact with exposed peripherals.

First, we assess the threat surface by characterizing the potential computational power that a vulnerability gives. In a multi-step process we follow the flow of information an synthesize potential attacker payloads to learn how exposed certain code sequences are. Second, by

providing a custom-tailored emulation environment we create mock Trojan devices that allow fuzzing the peripheral/driver interface. In these projects we develop new techniques to test different kinds of hard to reach code and exposed large amounts of vulnerabilities.


10:45 – 11:15

Speaker: Stijn Volckaert

Title: Making Multi-Variant Execution Practical in the Real World


Multi-Variant Execution Environments (MVEEs) have shown great promise as a mechanism to defend against exploitation of software vulnerabilities. Their core idea is to run multiple versions (or diversified variants) of the same program in tandem on top of a small and efficient hypervisor that distributes program inputs, compares outputs, and terminates the variants when their outputs diverge. With properly constructed variants, one can guarantee that any exploitation attempt will trigger a divergence and, hence, termination before the exploit succeeds.

Unfortunately, MVEEs have seen virtually no adoption outside of military settings. In this talk, I will give an overview of the biggest hurdles that stand in the way of greater adoption. I will also discuss some preliminary research towards overcoming these hurdles and suggest future research directions.


11:15 – 11:45



11:45 – 12:15

Speaker: Stefan Brunthaler

Title: MAD: Memory Allocation Diversity


We present MAD, short for memory allocation diversity, a method to diversify memory management routines, which hitherto were highly predictable and deterministic. The need for such diversification arises from memory massaging techniques used, for example, in known RowHammer attacks.  By coercing or enumerating physical page frames, adversaries create vulnerable configurations required for row hammering.

MAD builds on the principles underlying software diversity and, therefore, offers similar benefits: simplicity, efficiency, portability, and versatility. Simplicity is evidenced by an implementation that

requires less than a thousand lines of code. Efficiency is indicated by a low performance impact on a variety of benchmarks, including SPEC CPU 2017, where we report an impact by a factor of 1.006x. Portability is supported by MAD’s independence of any specific hardware feature, architecture, or knowledge. Put differently, MAD is a software-only defense that is completely hardware-agnostic. Versatility is provided by the fact that MAD requires no OS internals and, therefore, can be used to diversify memory allocation in all kinds of system software, such as browsers and databases. 

In addition, MAD offers comprehensive security. Specifically, MAD follows a two-pronged strategy to mitigate memory massaging techniques. First, MAD thwarts enumeration of physical pages by using two novel diversification techniques. Second, MAD uses a randomized monitoring and detection technique to prevent brute-force exhaustive memory massaging techniques.


12:15 – 12:45

Speaker: Michael Franz

Title: PeriScope: An Effective Probing and Fuzzing Framework for the Hardware-OS Boundary


The OS kernel is an attractive target for remote attackers. If compromised, the kernel gives adversaries full system access, including the ability to install rootkits, extract sensitive information, and perform other malicious actions, all while evading detection. Most of the kernel’s attack surface is situated along the system call boundary. Ongoing kernel protection efforts have focused primarily on securing this boundary; several capable analysis and fuzzing frameworks have been developed for this purpose.

However, there are additional paths to kernel compromise that do not involve system calls, as demonstrated by several recent exploits. For example, by compromising the firmware of a peripheral device such as a Wi-Fi chipset and subsequently sending malicious inputs from the Wi-Fi chipset to the Wi-Fi driver, adversaries have been able to gain control over the kernel without invoking a single system call. Unfortunately, there are currently no practical probing and fuzzing frameworks that can help developers find and fix such vulnerabilities occurring along the hardware-OS boundary.

We present PeriScope, a Linux kernel based probing framework that enables fine-grained analysis of device-driver interactions. PeriScope hooks into the kernel’s page fault handling mechanism to either passively monitor and log traffic between device drivers and their corresponding hardware, or mutate the data stream on-the-fly using a fuzzing component, PeriFuzz, thus mimicking an active adversarial attack. PeriFuzz accurately models the capabilities of an attacker on peripheral devices, to expose different classes of bugs including, but not limited to, memory corruption bugs and double-fetch bugs. To demonstrate the risk that peripheral devices pose, as well as the value of our framework, we have evaluated PeriFuzz on the Wi-Fi drivers of two popular chipset vendors, where we discovered 15 unique vulnerabilities, 9 of which were previously unknown.


12:45 – 13:15

Speaker: Robert Buhren

Title: Insecure Until Proven Updated: Analyzing AMD SEV’s Remote Attestation


Customers of cloud services have to trust the cloud providers, as they control the building blocks that form the cloud. This includes the hypervisor enabling the sharing of a single hardware platform among multiple tenants. AMD Secure Encrypted Virtualization (SEV) claims a new level of protection in cloud scenarios. AMD SEV encrypts the main memory of virtual machines with VM-specific keys, thereby denying the higher-privileged hypervisor access to a guest’s memory. To enable the cloud customer to verify the correct deployment of his virtual machine, SEV additionally introduces a remote attestation protocol.This paper analyzes the firmware components that implement the SEV remote attestation protocol on the current AMD Epyc Naples CPU series. We demonstrate that it is possible to extract critical CPU-specific keys that are fundamental for the security of the remote attestation protocol.Building on the extracted keys, we propose attacks that allow a malicious cloud provider a complete circumvention of the SEV protection mechanisms. Although the underlying firmware issues were already fixed by AMD, we show that the current series of AMD Epyc CPUs, i.e., the Naples series, does not prevent the installation of previous firmware versions. We show that the severity of our proposed attacks is very high as no purely software-based mitigations are possible. This effectively renders the SEV technology on current AMD Epyc CPUs useless when confronted with an untrusted cloud provider. To overcome these issues, we also propose robust changes to the SEV design that allow future generations of the SEV technology to mitigate the proposed attacks. 

Second AMSEC Workshop

Mark your calendars: the Second AMSEC Workshop will be on Wednesday October 9, 2019 in the afternoon. The venue will be CWI. A PDF version of the program is available here.

2nd AMSec Workshop

Date and Time

Wednesday October 9, 2019. 

The technical program starts as 13:00h (walk-in and coffee as of 12:30h). 


Euler Room

Amsterdam Science Park Congress Center

Science Park 125

1098 XG Amsterdam


13:00 – 13:30 : Marc Stevens (CWI): Real-world Cryptanalysis

13:30 – 14:00 : Yuri Demchenko (UvA): Cloud Security services and mechanisms: Can modern clouds provide secure and trusted environment for data and business applications?

14:00 – 14:30 : BREAK

14:30 – 15:15 : Keynote – Ronald de Wolf  (CWI, UvA, QuSoft): The potential impact of quantum computers on society

15:15 – 15:45 : Erik van der Kouwe (Leiden): Benchmarking Crimes in Systems Security

15:45 – 16:15 : BREAK

16:15 – 16:45 : Marleen Weulen Kranenbarg (VU, NSCR): Don’t shoot the messenger! A criminological and computer science perspective on coordinated vulnerability disclosure
[Slides] [Paper]

16:45 – 17:15 : Joeri Toet (VU): Move fast, but break (only) your own things?

17:15 – 18:00 : DRINKS


Yuri Demchenko

Senior researcher at the System and Network Engineering Research Group, University of Amsterdam

Erik van der Kouwe 

Assistant professor in security at the Computer Systems Group of the LIACS, Leiden University. 

Marc Stevens

Researcher in the Cryptology Group at CWI. 

Joeri Toet

Lecturer at the Faculty of Law, Internet Law, VU Amsterdam. 

Marleen Weulen Kranenbarg

Assistant professor at the Faculty of Law, Criminology, VU Amsterdam; author at NSCR, Nederlands Studiecentrum Criminaliteit en Rechtshandhaving. 

Ronald de Wolf

Researcher at the Algorithms and Complexity Group of CWI; part-time full professor at the ILLC, University of Amsterdam; member of QuSoft. 


Real-world Cryptanalysis  

– Marc Stevens (CWI)

In this talk, I will give an overview of cryptanalytic collision attacks on hash functions and how these impacted the real world. The talk will go from theory to practice, to large-scale computations and real-world threat demonstrations, including supermalware and counter-cryptanalysis, and show the demise of one of industry’s old de facto cryptographic standard to a cryptanalytic toy.   

Cloud Security services and mechanisms: Can modern clouds provide secure and trusted environment for data and business applications? 

– Yuri Demchenko (UvA)

The talk will provide a brief overview of the general cloud security model and security services and mechanisms, and next look at how they can be used to provide secure and trusted environment in few use cases of data centric applications. The talk will also introduce the proposed Virtual Infrastructure Trust Bootstrapping (VITBP) protocol that allows bootstrapping cloud virtual infrastructure and on-premises infrastructure.

The potential impact of quantum computers on society

– Ronald de Wolf (CWI, UvA, QuSoft)

This talk considers the potential impact that the nascent technology of quantum computing may have on society. It focuses on three areas: cryptography, optimization, and simulation of quantum systems. We will also discuss some ethical aspects of these developments, and ways to mitigate the risks.

Benchmarking Crimes in Systems Security 

– Erik van der Kouwe (Leiden University)

Properly benchmarking a system is a difficult and intricate task. Even a seemingly innocuous mistake can compromise the guarantees provided by a systems security defense and threaten reproducibility and comparability. Moreover, as many modern defenses trade security for performance, the damage caused by benchmarking mistakes is increasingly worrying. To analyze the magnitude of the phenomenon, we identify 22 benchmarking crimes that threaten the validity of systems security evaluations, and survey 50 defense papers published in top venues. We show that benchmarking crimes are widespread even in papers published at tier-1 venues; tier-1 papers contain an average of five benchmarking crimes and we find only a single paper in our sample without any benchmarking crimes. Moreover, the scale of the problem appears constant over time, suggesting that the community is not yet taking sufficient countermeasures. This threatens the scientific process, which relies on reproducibility and comparability to ensure that published research advances the state of the art. We hope to raise awareness and provide recommendations for improving benchmarking quality and safeguard the scientific process in our community. 

Don’t shoot the messenger! A criminological and computer science perspective on coordinated vulnerability disclosure

– Marleen Weulen Kranenbarg (VU, NSCR)

In the computer science field coordinated vulnerability disclosure is a well-known practice for finding flaws in IT-systems and patching them. In this practice, a white-hat hacker who finds a vulnerability in an IT-system reports that vulnerability to the system’s owner. The owner will then resolve the problem, after which the vulnerability will be disclosed publicly. This practice generally does not focus on potential offenders or black-hat hackers who would likely exploit the vulnerability instead of reporting it. In this paper, we take an interdisciplinary approach and review the current coordinated vulnerability disclosure practice from both a computer science and criminological perspective. We discuss current issues in this practice that could influence the decision to use coordinated vulnerability disclosure versus exploiting a vulnerability. Based on different motives, a rational choice or cost–benefit analyses of the possible reactions after finding a vulnerability will be discussed. Subsequently, implications for practice and future research suggestions are included. 

Move fast, but break (only) your own things? 

– Joeri Toet (VU)

This talk will discuss the conditions under which the legal system would allow for an adequate level of security.

First AMSEC Workshop: Security in Diversity

The First AMSEC workshop featured a keynote, research talks from all the participating organisations, much discussion and a lively panel.

Date : May 15, 2019

Time : 13:00-17:00

Place : HG-08A00 (VU Campus)

The first AMSec workshop on May 15, 2019 featured presentations from the various disciplines, accessible to a wide audience, as well as a keynote by Michel van Eeten, professor of Governance of Cybersecurity at TU Delft and member of Cyber Security Council for the Netherlands.

Workshop Program

13:00-13:15 Introduction to AMSec

13:15-14:00 Keynote: Michel van Eeten

<coffee break>

14:15-14:35 Drink from the fire hose: how your CPU shouts out your deepest secrets
Speaker Kaveh Razavi, VUSec, Vrije Universiteit Amsterdam

Abstract This talk will introduce the recently disclosed RIDL vulnerability in Intel processors in a manner that is understandable to everyone. RIDL allows attackers to leak sensitive data (such as files containing password information) across any security boundary.

14:35-14:55 Exploring the social dimension of cybercriminal networks.

Speaker Rutger Leukfeldt, NSCR

Abstract We analysed 40 cybercriminal networks that were involved in phishing, banking malware and hacking to see if they could be labelled loners, colleagues, peers, teams, or formal organizations. In contrast with prior research, the majority of our cases can be labelled a team or a formal organization.

14:55-15:15 Lattice-based cryptography: Standardization and security estimation

Speaker Leo Ducas, CWI

Abstract In this talk, I will present the status of the ongoing standardization process for quantum-safe cryptography, highlight some lattice base candidates, and discuss advances in their cryptanalysis.

<coffee break>

15:30-15:50 Law and cybersecurity

Speaker Anne de Hingh, VU-Centre for Law and Internet

Abstract Breaking security is both prohibited (e.g. hacking) and allowed (police, intelligence agencies). The law is still struggling with designing the right framework in the area of cybercrime, -security, -war. Some issues are enforcement and attribution.

15:50-16:10 SarNet: Autonomous Response Network

Speaker Ralph Koning, SNE, UvA

Abstract Self defending systems or networks can offload security teams and enable them to focus on new and pressing threats. This talk will cover such systems in the context of the SARNET (Secure Autonomous Response NETworks) project: the experimentation environment, a method for evaluating defense performance, and how we orchestrate defenses in single networks and in collaborations of multiple network domains.

<coffee break>

16:30-17:15 Panel

  • Jos Baeten (CWI)
  • Jaya Baloo (KPN)
  • Marc Witteman (Riscure)
  • Joshua Serrao (City of Amsterdam)

17:15-18:00 Drinks

Information about speakers and panellists

Keynote speaker

Michel van Eeten « HITBSecConf2018 – Amsterdam
Michel van Eeten is professor at Delft University of Technology. He studies the interplay between technological design and economic incentives in cybersecurity. His team analyses large-scale Internet measurement and incident data to identify how the markets for Internet services deal with security risks. He is also a member of the Cyber Security Council, an advisory body of the Dutch government.


Cyberinsecurity | NRC Live

Jaya Baloo is Chief Information Security Officer at KPN Telecom.

Afbeeldingsresultaat voor marc witteman riscure

Marc Witteman is CEO at Riscure

Afbeeldingsresultaat voor !g joshua serrao

Joshua Serrao is Innovation Officer & Smart City Liaison at Chief Technology Office, City of Amsterdam

Jos Baeten is General Director of CWI, Amsterdam

Research talks

Afbeeldingsresultaat voor kaveh razavi

Kaveh Razavi is assistant professor at VUSec (Vrije Universiteit Amsterdam)

dr. Rutger Leukfeldt, Author at NSCR

Rutger Leukfeldt is senior researcher Cybercrime at the NSCR and lector Cybersecurity and SMEs at The Hague University of Applied Sciences.

Leo Ducas is researcher in the Crypto group at  CWI

Anne de Hingh is researcher in the Internet Law group within the faculty of Law at Vrije Universiteit Amsterdam

Afbeeldingsresultaat voor ralph koning

Ralph Koning is PhD student in the System and Network Engineering research group of the University of Amsterdam

Amsterdam Cyber Security Center