About

Hi, my name is Sebastian Österlund. I currently work as an Offesive Security Researcher at Intel STORM/ SPEAR. Previously I was a PhD Candidate at the Systems and Network Security Group (VUsec) at the Vrije Universiteit in Amsterdam. My research was funded by Cisco. Before joining Intel STORM, I did an internship at Intel, working on Linux Kernel fuzzing for TDX guests.

Previously I have taught the university courses Project Application Development and Advanced Operating Systems.

Before joining the VUsec group I was a master’s student at the same university, studying Parallel and Distributed Computer Systems.

At the VU I also worked as a Teaching-Assistant in the Department of Computer Science. Some of the courses for which I have been a TA/ am currently teaching:

• Project Application Development
• Algorithm Engineering
• Computer Networks
• Compiler Construction
• Equational Programming
• Introduction to Programming (Java)
• Programming for Economists (Python)
• Datastructures and Algorithms
• Pervasive Computing
• Computer Systems
• Advanced Programming
• Web Technologies
• Databases

For more info you can have a look at my curriculum vitae.

After finishing high-school at Katedralskolan in Turku, Finland, I decided to start studying in the Netherlands. I completed my bachelor’s in Computer Science at the VU in 2015.

For my Bachelor thesis I developed a defense against Just-in-Time Return-Oriented-Programming (JIT-ROP) attacks using execute-only memory: Strengthening diversification defenses by means of a non-readable code segment.

For my Master’s thesis I developed a defense against kernel-level exploits: Detecting information leaks using kernel-level multi-variant execution . The ASPLOS 2019 paper on kMVX is titled kMVX: Detecting Kernel Information Leaks with Multi-variant Execution. Also available here: kMVX: Detecting Kernel Information Leaks with Multi-variant Execution.

I did some work on speculative execution-based side-channels: RIDL: Rogue In-flight Data Load (S&P 2019) that got some significant media attention (Wired, Ars Technica, Engadget, Red Hat, New York Times).

Fields of interest:

• Systems security
• Operating Systems
• Distributed Systems
• GPU Programming
• Binary analysis
• Compilers
• Fuzzing
• Side-channels

Here is a list of some of the programming languages and technologies that I have experience with:

• Rust
• C/ C++
• Python
• Java
• Go
• LLVM
• Haskell
• Docker, Kubernetes
• Hadoop, Spark

Publications

Talks:

• Linux Security Summit North America 2023, Virtual, MPK/PKS Linux Kernel Compartmentalization
• Intel DTTC 2022, Virtual, TDX Guest Kernel Fuzzing
• InfoSecurity.dk Keynote 2020, Copenhagen, RIDL: Rogue In-Flight Data Load
• NLUUG Najaarsconferentie 2019, Utrecht, RIDL: Rogue In-Flight Data Load
• InfoSecurity.nl Jaarbeurs, Utrecht, RIDL: Rogue In-Flight Data Load
• HITB CyberWeek 2019, Abu Dhabi, RIDL: Rogue In-Flight Data Load
• Offzone 2019, Moscow, RIDL: Rogue In-Flight Data Load
• CySep 2019, Stockholm, kMVX: Detecting Kernel Information Leaks with Multi-variant Execution
• Cisco internal talk, Knoxville, TN, kMVX: Detecting Kernel Information Leaks with Multi-variant Execution and RIDL: Rogue In-Flight Data Load

Other work

• I was featured in LiveOverflow’s video How The RIDL CPU Vulnerability Was Found
• I did a radio interview on Intel CPU vulnerabilites on Dutch radio (NPO1).
• Together with some colleagues we analysed the election software used in the Netherlands, and found it to be seriously vulnerable in multiple ways.

Awards

• 2022 Intel Security Leadership award for TDX Linux Guest kernel hardening and fuzzing
• 2021 ASPLOS Distinguished Paper Award for our paper Who’s Debugging the Debuggers? Exposing Debug Information Bugs in Optimized Binaries.
• 2020 Dutch Cybersecurity Research Award (DCSRP) for RIDL: Rogue In-flight Data Load.

You can find some of my public programming projects on my public GitHub repo.

Site proudly generated by Hakyll