For this #ThrowbackThursday, we will look at #ACSAC2025's Virtualization and Cloud Security session. The links in this thread will lead you to the paper pdfs and the slide decks, so be sure to check them out! 1/6
| Website | https://www.acsac.org/ |
Annual Computer Security Applications Conference
- 26 Followers
- 0 Following
- 482 Posts
One of the longest-running computer security conferences.
This year‘s edition:
Annual Computer Security Applications Conference (ACSAC) ACSAC 2025 | December 8–12, 2025 | Waikiki, Hawaii, USA
The final paper in this session was Yadav et al.'s "Non-Bare-Metal User-Space Control-Flow Attestation" on secure low-overhead #CFA for user-space apps despite OS-level adversaries. (https://www.acsac.org/2025/program/final/s140.html) 6/6
#ControlFlowAttestation #TrustedExecution
#ControlFlowAttestation #TrustedExecution
Fourth in the session was Schulze et al.'s "TrustLeech: Privileged System Analysis using Nested Virtualization" introducing an on-demand nested analysis layer for robust VM introspection. (https://www.acsac.org/2025/program/final/s412.html) 5/6
#Virtualization #VirtualizationSecurity #ThreatDetection
#Virtualization #VirtualizationSecurity #ThreatDetection
The third presentation was Schweins et al.'s "VMIGen: Utilizing Virtual Machine Introspection for Fuzzing Complex Closed-Source Targets" on using VMI to capture real interactions and state for more effective fuzzing of closed-source Windows software. (https://www.acsac.org/2025/program/final/s324.html) 4/6
Next came Eisoldt et al.'s "A cloudy view on trust relationships of CVMs: How Confidential Virtual Machines are falling short in Public Cloud", showing providers still control key trust and attestation paths. (https://www.acsac.org/2025/program/final/s202.html) 3/6
#CloudSecurity #PublicCloud
#CloudSecurity #PublicCloud
Opening the session was Nasrullah et al.'s "SeTi: Securing Timing Services for Virtualized Systems" on trusted, low-overhead timekeeping despite hypervisor attacks. (https://www.acsac.org/2025/program/final/s91.html) 2/6
#SystemsSecurity #VirtualizationSecurity
#SystemsSecurity #VirtualizationSecurity
📣 Today is the day, folks! 📣 The DEADLINE for PAPERs and workshop submissions to #ACSAC2026 is TODAY! Good luck to everyone still polishing theirs! Once ready be sure to submit on time: https://www.acsac.org/2026/submissions/
Call for Submissions - IEEE Annual Computer Security Applications Conference (ACSAC)
The IEEE Annual Computer Security Applications Conference (ACSAC) brings together cutting-edge researchers, with a broad cross-section of security professionals drawn from academia, industry, and government, gathered to present and discuss the latest security results and topics. With peer reviewed technical papers, invited talks, panels, national interest discussions, and workshops, ACSAC continues its core mission of investigating practical solutions for computer and network security technology.
Concluding the session was Li et al.'s "Understanding the Security Impact of CHERI on the Operating System Kernel," showing CHERI can block many severe kernel flaws with modest effort. (https://www.acsac.org/2025/program/final/s464.html) 6/6
#KernelSecurity
#KernelSecurity
Fourth in the session was Kang et al.'s "ELK: Effective Lock-and-Key Technique for Temporal Memory Safety on Embedded Devices in ARMv8-M" introducing efficient pointer-embedded keys for temporal memory safety on ARMv8-M MCUs. (https://www.acsac.org/2025/program/final/s457.html) 5/6
#EmbeddedSystemsSecurity
#EmbeddedSystemsSecurity
The session continued with Park et al.'s "SMORE: Practical Redzone-Based Stack Memory Error Detection Mechanism for Embedded Systems," showcasing hardware-assisted redzones for low-overhead stack error detection. (https://www.acsac.org/2025/program/final/s455.html) 4/6
#EmbeddedSystemsSecurity
#EmbeddedSystemsSecurity
