2024
Let Me Do It For You: On the Feasibility of Inter-Satellite Friendly Jamming Proceedings Article
In: 2024 Security for Space Systems (3S), pp. 1–6, IEEE 2024.
On the Feasibility of CubeSats Application Sandboxing for Space Missions Proceedings Article
In: 2nd Workshop on the Security of Space and Satellite Systems at NDSS, 2024.
SoK: Security of Programmable Logic Controllers Proceedings Article
In: 33rd USENIX Security Symposium (USENIX Security 24), pp. 7103–7122, 2024.
2023
Space odyssey: An experimental software security analysis of satellites Best Paper Proceedings Article
In: 2023 IEEE Symposium on Security and Privacy (S&P), pp. 1–19, IEEE 2023.
2022
Fuzzware: Using precise MMIO modeling for effective firmware fuzzing Proceedings Article
In: 31st USENIX Security Symposium (USENIX Security 22), pp. 1239–1256, 2022.
Nyx-net: network fuzzing with incremental snapshots Proceedings Article
In: Proceedings of the Seventeenth European Conference on Computer Systems, pp. 166–180, 2022.
Loki: Hardening code obfuscation against automated attacks Proceedings Article
In: 31st USENIX Security Symposium (USENIX Security 22), pp. 3055–3073, 2022.
2021
Technical Report: Hardening Code Obfuscation Against Automated Attacks Journal Article
In: arXiv preprint arXiv:2106.08913, 2021.
Nyx: Greybox hypervisor fuzzing using fast snapshots and affine types Proceedings Article
In: 30th USENIX Security Symposium (USENIX Security 21), pp. 2597–2614, 2021.
2020
AURORA: Statistical Crash Analysis for Automated Root Cause Explanation Proceedings Article
In: 29th USENIX Security Symposium, 2020.
IJON: Exploring Deep State Spaces via Fuzzing Proceedings Article
In: IEEE Symposium on Security and Privacy (Oakland), 2020.
HYPER-CUBE: High-Dimensional Hypervisor Fuzzing Proceedings Article
In: Network and Distributed System Security Symposium (NDSS), 2020.
2019
GRIMOIRE: Synthesizing Structure while Fuzzing Proceedings Article
In: 28th USENIX Security Symposium (USENIX Security 19), pp. 1985–2002, 2019.
Doors of Durin: the Veiled Gate to Siemens S7 Silicon Proceedings Article
In: Black Hat Europe, 2019.
ANTIFUZZ: impeding fuzzing audits of binary executables Proceedings Article
In: 28th USENIX Security Symposium (USENIX Security 19), pp. 1931–1947, 2019.
Challenges in designing exploit mitigations for deeply embedded systems Proceedings Article
In: 2019 IEEE European Symposium on Security and Privacy (EuroS&P), pp. 31–46, IEEE 2019.
2018
Race to the bottom: embedded control systems binary security: an industrial control system protection approach PhD Thesis
Eindhoven University of Technology, 2018.
Dissecting QNX Proceedings Article
In: Proc. Blackhat Briefings, pp. 1–22, 2018.
2017
On the significance of process comprehension for conducting targeted ICS attacks Proceedings Article
In: Proceedings of the 2017 Workshop on Cyber-Physical Systems Security and PrivaCy, pp. 57–67, 2017.
Ghost in the plc vs ghostbuster: on the feasibility of detecting pin control attack in programmable logic controllers Book Section
In: Ghost in the PLC vs GhostBuster: On the Feasibility of Detecting Pin Control Attack in Programmable Logic Controllers, 2017.
ECFI: Asynchronous control flow integrity for programmable logic controllers Proceedings Article
In: Proceedings of the 33rd Annual Computer Security Applications Conference, pp. 437–448, 2017.
Stealth low-level manipulation of programmable logic controllers i/o by pin control exploitation Proceedings Article
In: Critical Information Infrastructures Security: 11th International Conference, CRITIS 2016, Paris, France, October 10–12, 2016, Revised Selected Papers 11, pp. 1–12, Springer International Publishing 2017.
Shield: Configurable Code-Reuse Attacks Mitigation For Embedded Systems Proceedings Article
In: International Conference on Network and System Security, pp. 694–709, Springer International Publishing Cham 2017.
2016
Ghost in the PLC: Designing an Undetectable Programmable Logic Controller Rootkit via Pin Control Attack Journal Article
In: Black Hat Europe, pp. 1–35, 2016.
Ghost in the PLC: stealth on-the-fly manipulation of programmable logic controllers’ I/O Journal Article
In: 2016.
2014
APTs way: evading Your EBNIDS Proceedings Article
In: Black Hat Europe, pp. 1–87, Black Hat 2014.
On emulation-based network intrusion detection systems Proceedings Article
In: International Conference on Recent Advances in Intrusion Detection, pp. 384–404, Springer, Cham 2014.
2013
Project IRUS: multifaceted approach to attacking and defending ICS Proceedings Article
In: SCADA Security Scientific Symposium (S4), 2013.
2011
A gray-box DPDA-based intrusion detection technique using system-call monitoring Proceedings Article
In: Proceedings of the 8th Annual Collaboration, Electronic messaging, Anti-Abuse and Spam Conference, pp. 1–12, 2011.
0000
Research on HTML5 Security Journal Article
In: 0000.
SoK: Security of Programmable Logic Controllers Journal Article
In: 0000.
Race to the Bottom: Embedded Control Systems Binary Security Journal Article
In: 0000.