Other articles

1. NDSS25: Exploring San Diego

   What a great time at the NDSS Symposium in San Diego. While it is always about meeting friends, catching up on projects, discussing new and exciting research and looking for potential collaborations, the HexHive lab also had the pleasure to present a total of four research papers at this conference …

   read more

2. Type++: A Type-Safe C++ Dialect

   The C++ language combines a massive potential for raw power with the massive risk of type and memory safety violations. The developer is inherently responsible for securing all executed code and to guarantee type safety and memory safety. We are particularly focused on type safety. In C++, developers can cast …

   read more

3. Dumpling: dumping fine-grained execution state

   JavaScript engines face a dilemma: on one end, they need to be extremely efficient as they are processing millions of lines of JavaScript code, dynamically translating complex programs into efficient code. On the other end, the code may be controlled by an attacker that is trying to exploit bugs in …

   read more

4. QMSan: discovering uninitialized memory errors in binaries

   Sanitizers serve as the primary bug detection Oracle during automated testing. They "crash" the program gracefully and tell the fuzzer when and where a bug was triggered. The most well-known sanitizer is ASan or AddressSanitizer which adds redzones around memory objects to detect whenever an access is out-of-bounds. MSan or …

   read more

5. Truman: discovering hypervisor bugs through virtual device models

   Hypervisors power not just the cloud but are becoming a commodity in mobile phones and desktops as well. They separate virtual machines from each other, enabling strong isolation and security guarantees. In cloud environments, hypervisors separate non-trusting virtual machines and an attacker may try to compromise and gain access to …

   read more

6. Positive reviewing in software security

   Yesterday we concluded the NDSS20 PC meeting. In total, 12% of papers were accepted, 6% now have a short fuse major revision opportunity, in line with other top tier conferences. The PC chairs handled the meeting well, striving for positivity and feedback for the authors. Overall, this was a great …

   read more

7. Raising the BAR at NDSS 2018

   Just like every year, this year's NDSS was mid February in sunny (but not too warm) San Diego. To help cure the minimal 3 hour jetlag, I enjoyed a couple of morning runs with some of my colleagues -- if you want to get a workout done at a security conference …

   read more