The 18th Association for Computing Machinery Asia Conference on Computer and Communications Security was held from July 10 to July 14 in Melbourne, Australia. Bestowed annually, the ACM ASIACCS Distinguished Paper Award is given to outstanding papers presented at the conference. Brown CS faculty members Vasileios Kemerlis and Nikos Vasilakis and visiting research fellow Grigoris Ntousakis received the 2023 award for their paper, “BinWrap: Hybrid Protection Against Native Node.js Add-Ons”. Other collaborators include George Christou of FORTH-ICS (Foundation for Research and Technology – Institute of Computer Science) in Crete, Greece, Sotiris Ioannidis of the Technical University of Crete, Greece, and Eric Lahtinen of Aarno Labs in Cambridge, Massachusetts.
“Software supply-chain security has become a critical concern. Today’s software systems employ large and complex dependencies, which introduce serious security risks even in otherwise benign and high-quality software systems,” Nikos says. “BinWrap is part of a broader effort to address these concerns by building a threat-specific toolchain that eliminates software supply-chain risks mostly automatically – with little, if any, developer involvement.”
Nikos' research group operates in the areas of software systems, programming languages, and security. The group currently focuses on automatically enhancing systems with new capabilities — “automating in desired features and automating away inessential complexity”, as stated on his website. His supply-chain security efforts involve co-organizing ACM SCORED ‘23, a new workshop on software supply-chain security, and co-leading a new multi-institutional effort on securing continuous integration pipelines, such as GitHub Actions, against software supply-chain threats.
Vasileios is the director of the Brown Secure Systems Lab and is mainly interested in software, hardware, and systems security, with a focus on information flow tracking, software hardening, fuzz testing, and OS kernel protection. He also teaches classes that cover topics surrounding software security and exploitation.
Grigoris, a current Master’s student at the Technical University of Crete and Brown CS visiting research fellow, conducts research revolving around simplifying, improving, and securing the development process for developers through dynamic program analysis. He’s created a blog post detailing the research involved in the BinWrap publication, which can be found here.
For more information, click the link that follows to contact Brown CS Communications Manager Jesse C. Polhemus.