Vasileios KemerlisJan 9, 2025

As we welcome 2025, I'd like to take a moment to reflect on what an extraordinary year 2024 has been for Brown CS Secure Systems Lab (https://gitlab.com/brown-ssl/). It has been a year of innovation, creativity, and growth—both for the lab and for me personally as its director. Witnessing the passion, dedication, and brilliance of our team—Neophytos Christou, Alexander Gaidis, Marius Momeu, @dijin, and Vaggelis Atlidakis—has been truly fulfilling and inspiring!

In 2024, we tackled complex challenges and made significant strides in advancing our research on software hardening and OS kernel protection. Here are some highlights from this remarkable year:

✳️ Marius Momeu presented #SafeSlab at @acm_ccs #CCS2024. Safeslab hardens the Linux SLUB allocator against exploits that abuse use-after-free (#UaF) vulnerabilities, using #Intel #MPK. (Joint work with Technical University of Munich and @mikepo.)
📄 https://cs.brown.edu/~vpk/papers/safeslab.ccs24.pdf
💾 https://github.com/tum-itsec/safeslab

✳️ Neophytos Christou presented #Eclipse at @acm_ccs #CCS2024. Eclipse is a compiler-assisted framework that propagates artificial data dependencies onto sensitive data, preventing the CPU from using attacker-controlled input during speculative execution.
📄 https://cs.brown.edu/~vpk/papers/eclipse.ccs24.pdf
💾 https://gitlab.com/brown-ssl/eclipse

✳️ Di Jin presented #BeeBox at the @usenixassociation Security Symposium 2024. BeeBox hardens #Linux BPF/eBPF against transient execution attacks. #usesec24
📄 https://cs.brown.edu/~vpk/papers/beebox.sec24.pdf
💾 https://gitlab.com/brown-ssl/beebox

✳️ Yaniv David presented #Quack at the NDSS Symposium 2024. Quack hardens PHP code against deserialization attacks using a novel (static) duck typing-based approach. (Joint work with Andreas D Kellas and Junfeng Yang.) #NDSSsymposium2024
📄 https://cs.brown.edu/~vpk/papers/quack.ndss24.pdf
💾 https://github.com/columbia/quack

✳️ Marius Momeu presented #ISLAB at @ACM #ASIACCS24. ISLAB hardens SLAB-based (kernel) allocators, against memory errors, via SMAP-assisted isolation. (Joint work with Technical University of Munich and @mikepo.) #asiaccs
📄 https://cs.brown.edu/~vpk/papers/islab.asiaccs24.pdf
💾 https://github.com/tum-itsec/islab

🏆 #EPF (presented by Di Jin at @usenixassociation #ATC 2023) was the runner-up for the "Bug of the Year" award ("Weirdest Machine" category) at IEEE Symposium on Security and Privacy LangSec (Language-Theoretic Security) workshop 2024! #atc23 #LangSec
⌨️ https://langsec.org/spw24/bugs-of-the-year-awards.html
📄 https://cs.brown.edu/~vpk/papers/epf.atc23.pdf
💾 https://gitlab.com/brown-ssl/epf

🏅 I am honored and delighted to have received the "Distinguished Reviewer Award" at @acm_ccs #CCS2024!

🏅Alexander Gaidis has been awarded the "Distinguished Artifact Reviewer" award at the @usenixassociation Security Symposium 2024!
https://cs.brown.edu/news/2024/09/20/brown-cs-phd-student-alexander-j-gaidis-has-been-named-a-usenix-security-2024-distinguished-artifact-reviewer/
#usesec24 #proudadvisor

📢 I had the great pleasure of discussing some of these works recently at the Computer Systems Seminar at Boston University!
📽️ https://www.bu.edu/rhcollab/events/bu-systems-bu%E2%99%BAs-seminar/

#brownssl #browncs 🚀

Brown Secure Systems Lab · GitLab

https://brown-ssl.slack.com

GitLab
Show threadISEC @ TU GrazAug 23, 2024
Lukas Lamster presented his paper “Voodoo: Memory Tagging, Authenticated Encryption, and Error Correction through MAGIC”.
Find out more: https://www.usenix.org/system/files/usenixsecurity24-lamster.pdf
#usesec24 #USENIX2024
ISEC @ TU GrazAug 23, 2024
Earlier this month @notbobbytables and @lavados travelled through North America giving talks at Blackhat, Intel and lately USENIX, where they were joined by fellow researchers Lukas Maar and Lukas Lamster!
#BHUSA #usesec24 #USENIX2024
Jan van AckenAug 14, 2024

Random toot mentioning USENIX Security 2024, because nobody else seems to drop anything about it?
#usesec24

(And I thought the output during #soups2024 was low... )

mustachioAug 14, 2024

My student, Fangfei Yang will be presenting our work on the Endokernel, secure in process-monitor at @USENIXSecurity '24 today (Aug. 14, 11:15pm Track 3)! #usesec24

Work with: Anjo, Bumjin Im, Weijie Huang, Kelly Kaoudis, Chia-Che Tsai

https://www.usenix.org/conference/usenixsecurity24/presentation/yang-fangfei

https://github.com/endokernel/endokernel-paper-ver

Endokernel: A Thread Safe Monitor for Lightweight Subprocess Isolation | USENIX

Vasileios KemerlisAug 13, 2024
📢 @dijin will be presenting our work on hardening #Linux (e)BPF against transient execution attacks at @usenixsecurity '24 tomorrow (Aug. 14, 1:45pm Track 2 -- "Side Channel I: Transient Execution")! Joint work with Alexander J. Gaidis. Paper: https://cs.brown.edu/~vpk/papers/beebox.sec24.pdf | Artifact: https://gitlab.com/brown-ssl/beebox | #brownssl #beebox #ebpf #bpf #usesec24
Show threadMartin HenzeAug 13, 2024
Also, don't miss out our awesome talks on an extensive and collaboratively growing survey of intrusion detection datasets at #cset on Tuesday (https://arxiv.org/abs/2408.02521) and how to evade and detect evasions of SIEM rules at #usesec24 on Friday (https://arxiv.org/abs/2311.10197).
2/2
Introducing a Comprehensive, Continuous, and Collaborative Survey of Intrusion Detection Datasets

Researchers in the highly active field of intrusion detection largely rely on public datasets for their experimental evaluations. However, the large number of existing datasets, the discovery of previously unknown flaws therein, and the frequent publication of new datasets make it hard to select suitable options and sufficiently understand their respective limitations. Hence, there is a great risk of drawing invalid conclusions from experimental results with respect to detection performance of novel methods in the real world. While there exist various surveys on intrusion detection datasets, they have deficiencies in providing researchers with a profound decision basis since they lack comprehensiveness, actionable details, and up-to-dateness. In this paper, we present COMIDDS, an ongoing effort to comprehensively survey intrusion detection datasets with an unprecedented level of detail, implemented as a website backed by a public GitHub repository. COMIDDS allows researchers to quickly identify suitable datasets depending on their requirements and provides structured and critical information on each dataset, including actual data samples and links to relevant publications. COMIDDS is freely accessible, regularly updated, and open to contributions.

arXiv.org
Martin HenzeAug 13, 2024
Arrived in wonderful Philly to attend #usesec24 and #cset. If you are around come by and discuss any cool topics related to security of industrial networks / cyber-physical systems / IoT and/or intrusion detection (or simply to say hi to Spicy, our group mascot).
1/2
TechDailyCFPJun 6, 2023

USENIX Security (https://www.usenix.org/conference/usenixsecurity23):

Today is the day! Papers for the USENIX Security '24 Summer deadline are due today, Tuesday, June 6. View the CFP and send in your submission now: https://t.co/oNrC6sA8Ql #usesec24 https://t.co/y0OwYVybra

USENIX Security '23

USENIX Security brings together researchers, practitioners, system administrators, system programmers, and others to share and explore the latest advances in the security and privacy of computer systems and networks.

USENIX
TechDailyCFPJun 5, 2023

USENIX Security (https://www.usenix.org/conference/usenixsecurity23):

Tomorrow--Tuesday, June 6--is the Summer deadline for papers for USENIX Security '24! View the CFP and send in your submission now: https://t.co/oNrC6sA8Ql #usesec24 https://t.co/ZqSo6N275f

USENIX Security '23

USENIX Security brings together researchers, practitioners, system administrators, system programmers, and others to share and explore the latest advances in the security and privacy of computer systems and networks.

USENIX