Photo of Sebastian

Hi, my name is Sebastian Österlund. I currently work as an Offesive Security Researcher at Intel STORM/ SPEAR. Previously I was a PhD Candidate at the Systems and Network Security Group (VUsec) at the Vrije Universiteit in Amsterdam. My research was funded by Cisco. Before joining Intel STORM, I did an internship at Intel, working on Linux Kernel fuzzing for TDX guests.

Previously I have taught the university courses Project Application Development and Advanced Operating Systems.

Before joining the VUsec group I was a master’s student at the same university, studying Parallel and Distributed Computer Systems.

At the VU I also worked as a Teaching-Assistant in the Department of Computer Science. Some of the courses for which I have been a TA/ am currently teaching:

For more info you can have a look at my curriculum vitae.

After finishing high-school at Katedralskolan in Turku, Finland, I decided to start studying in the Netherlands. I completed my bachelor’s in Computer Science at the VU in 2015.

For my Bachelor thesis I developed a defense against Just-in-Time Return-Oriented-Programming (JIT-ROP) attacks using execute-only memory: Strengthening diversification defenses by means of a non-readable code segment.

For my Master’s thesis I developed a defense against kernel-level exploits: Detecting information leaks using kernel-level multi-variant execution . The ASPLOS 2019 paper on kMVX is titled kMVX: Detecting Kernel Information Leaks with Multi-variant Execution. Also available here: kMVX: Detecting Kernel Information Leaks with Multi-variant Execution.

I did some work on speculative execution-based side-channels: RIDL: Rogue In-flight Data Load (S&P 2019) that got some significant media attention (Wired, Ars Technica, Engadget, Red Hat, New York Times).

Fields of interest:

Here is a list of some of the programming languages and technologies that I have experience with:



Other work


You can find some of my public programming projects on my public GitHub repo.