Zur Person:

Tobias Cloosters ist wissenschaftlicher Mitarbeiter am Lehrstuhl für Systemsicherheit an der Universität Duisburg-Essen.

Lebenslauf:

Ehrungen und Auszeichnungen:

• 3. Platz des 8. Deutschen IT-Sicherheitspreis 2020 (News)
• Finalist Cyber Security Awareness Week (CSAW) Europe 2020
• Ehrung für herausragende Abschlüsse für (Master-) Absolventen am Dies Academicus 2020

Publikationen:

• Draissi, Oussama; Cloosters, Tobias; Klein, David; Rodler, Michael; Musch, Marius; Johns, Martin; Davi, Lucas: Wemby’s Web: Hunting for Memory Corruption in WebAssembly. In: Proc. of 34th of Association for Computing and Machinery SIGSOFT International Symposium on Software Testing and Analysis (ISSTA) . Association for Computing Machinery (ACM), Trondheim, Norway, 2025. doi:10.1145/3728937Kurzfassung Details BIB Download

  WebAssembly enables fast execution of performance-critical in web applications utilizing native code. However, recent research has demonstrated the potential for memory corruption errors within WebAssembly modules to exploit web applications. In this work, we present the first systematic analysis of memory corruption in WebAssembly, unveiling the prevalence of a novel threat model
  where memory corruption enables code injection on a victim’s browser. Our large-scale analysis across 37797 domains reveals that an alarming 29411 (77.81\%) of those fully trust data coming from potentially attacker-controlled sources. As a result, an attacker can exploit memory errors to manipulate the WebAssembly memory, where the data is implicitly trusted and frequently passed
  into security-sensitive functions such as eval or directly into the DOM via innerHTML. Thus, an attacker can abuse this trust to gain JavaScript code execution, i.e., Cross-Site Scripting (XSS).

  To tackle this issue, we present Wemby, the first viable approach to efficiently analyze WebAssembly-powered websites holistically. We demonstrate that Wemby is proficient at detecting remotely exposed memory corruption errors in web applications through fuzzing. For this purpose, we implement binary-only WebAssembly instrumentation that provides fine-grained memory corruption
  oracles. We applied Wemby to different websites, uncovering several memory corruption bugs, including one on the Zoom platform. In terms of performance, our ablation study demonstrates that Wemby outperforms current WebAssembly fuzzers. Specifically, Wemby achieves an average speed improvement of 232 times and delivers 46\% greater code coverage compared to the state-of-the-art.
   

• Willbold, Johannes; Cloosters, Tobias; Wörner, Simon; Buchmann, Felix; Schloegel, Moritz; Davi, Lucas; Holz, Thorsten: Space RadSim: Binary-Agnostic Fault Injection to Evaluate Cosmic Radiation Impact on Exploit Mitigation Techniques in Space. In: Proc. of 2025 IEEE Symposium on Security and Privacy (S&P). Institute of Electrical and Electronics Engineers (IEEE), San Francisco, CA, USA , 2025. doi:10.1109/SP61157.2025.00139Kurzfassung Details BIB Download

  Over the past decade, the proliferation of Low Earth Orbit satellites, driven by lower launch costs, has revolutionized space applications, from communication to earth observation and weather forecasting. This trend also introduced a shift in hardware: Specialized radiation-resistant hardware was displaced by cheaper commercial off-the-shelf components. As a critical part of modern infrastructure, satellites attract cyber attacks and are subject to terrestrial and space-specific threats, necessitating effective security measures. However, cryptographic protections and exploit mitigations remain limited in productive satellite firmware. Academic research on satellite security only focuses on cryptographic protections, which raises the question if exploit mitigation strategies are suitable for satellites or impacted by space-specific factors, such as cosmic radiation. In this paper, we present the first systematic analysis of 381 small satellite designs, identifying the prevalence of commercial off-the-shelf hardware platforms in space projects and the availability of ready-to-use exploit mitigation strategies for satellite platforms. Since mitigations are seemingly available, we explore the effects of cosmic radiation on software-based exploit mitigations by implementing RADSIM, an automated tool for simulating single event errors (bitflips). Our study simulated over 21 billion faults in differently hardened satellite firmware binaries to assess the fault tolerance of exploit mitigation strategies in the presence of cosmic radiation. Our results reveal that some mitigations barely impact the fault tolerance, while others increase the error probability of hardened satellite firmware by up to 19%. These findings provide novel insights into the tradeoffs between exploit mitigation effectiveness and radiation resilience, offering guidance to satellite developers on optimizing security in space-based systems.

• Andreina, Sebastien; Cloosters, Tobias; Davi, Lucas; Giesen, Jens-Rene; Gutfleisch, Marco; Karame, Ghassan; Naiakshina, Alena; Naji, Houda: Defying the Odds: Solana’s Unexpected Resilience in Spite of the Security Challenges Faced by Developers. In: Proc. of 31th ACM SIGSAC Conference on Computer & Communications Security (CCS). Association for Computing Machinery (ACM), Salt Lake City, USA, 2024. doi:10.1145/3658644.3670333Kurzfassung Details BIB Download

  Solana gained considerable attention as one of the most popular blockchain platforms for deploying decentralized applications. Compared to Ethereum, however, we observe a lack of research on how Solana smart contract developers handle security, what challenges they encounter, and how this affects the overall security of the ecosystem.

  To address this, we conducted the first comprehensive study on the Solana platform. Our study shows, quite alarmingly, that none of the participants could detect all important security vulnerabilities in a code review task and that 83% of the participants are likely to release vulnerable smart contracts. Our study also sheds light on the root causes of developers' challenges with Solana smart contract development, suggesting the need for better security guidance and resources. In spite of these challenges, our automated analysis on currently deployed Solana smart contracts surprisingly suggests that the prevalence of vulnerabilities - especially those pointed out as the most challenging in our developer study - is below 0.3%. We explore the causes of this counter-intuitive resilience and show that frameworks, such as Anchor, are positively aiding Solana developers - even those unmindful of security - in deploying secure contracts.

• Cloosters, Tobias; Draissi, Oussama; Willbold, Johannes; Holz, Thorsten; Davi, Lucas: Memory Corruption at the Border of Trusted Execution - Proc. of 2024 IEEE Security & Privacy. In: Institute of Electrical and Electronics Engineers (IEEE) Security & Privacy, Jg.22 (2024), Nr. 4, S. 2-11. doi:10.1109/MSEC.2024.3381439Kurzfassung Details BIB Download

  Trusted execution environments provide strong security guarantees, like isolation and confidentiality, but are not immune from memory-safety violations. Our investigation of public trusted execution environment code based on symbolic execution and fuzzing reveals subtle memory safety issues.

• Cloosters, Tobias; Paaßen, David; Wang, Jianqiang; Draissi, Oussama; Jauernig, Patrick; Stapf, Emmanuel; Davi, Lucas; Sadeghi, Ahmad-Reza: RiscyROP: Automated Return-Oriented Programming Attacks on RISC-V and ARM64. In: Proc. of the 25th International Symposium on Research in Attacks, Intrusions and Defenses (RAID 2022). Association for Computing Machinery (ACM), Limassol, Cyprus, 2022. doi:10.1145/3545948.3545997KurzfassungPDF Details BIB Download

  Return-oriented programming (ROP) is a powerful run-time exploitation technique to attack vulnerable software. Modern RISC architectures like RISC-V and ARM64 pose new challenges for ROP execution due to the lack of a stack-based return instruction and strict instruction alignment. Further, the large number of caller-saved argument registers significantly reduces the gadget space available to the attacker. Consequently, existing ROP gadget tools for other processor architectures cannot be applied to these RISC architectures. Previous work on RISC-V provides only manual construction of ROP attacks against specially crafted programs, and no analysis of ROP attacks has been conducted for ARM64 yet.

  In this paper, we address these challenges and present RiscyROP, the first automated ROP gadget finding and chaining toolkit for RISC-V and ARM64. RiscyROP analyzes available gadgets utilizing symbolic execution, and automatically generates complex multi-stage chains to conduct arbitrary function calls. Our approach enables the first investigation of the gadget space on RISC-V and ARM64 real-world binaries. RiscyROP successfully builds ROP chains that enable an attacker to execute arbitrary function calls for the nginx web server as well as any binary that contains the libc library.

• Cloosters, Tobias; Surminski, Sebastian; Sangel, Gerrit; Davi, Lucas: SALSA: SGX Attestation for Live Streaming Applications. In: Proc. of 7th IEEE Secure Development Conference (SecDev). Institute of Electrical and Electronics Engineers (IEEE), Atlanta, GA, USA , 2022. doi:10.1109/SecDev53368.2022.00019Kurzfassung Details VolltextBIB Download

  Intel SGX is a security feature of processors that allows running software in enclaves, isolated from the operating system. Even an attacker with full control of the computer system cannot inspect these enclaves. This makes SGX enclaves an
  adequate solution to store and process highly sensitive data like encryption keys. However, these enclaves are still vulnerable to standard software attacks. While SGX allows static attestation, i.e., validating the integrity of the program code and data in the enclave, static attestation cannot detect run-time attacks.
  We present SALSA , the first solution to allow run-time attestation of SGX enclaves. To show its applicability, we use SALSA to implement a video streaming service that uses an SGX enclave to decode the video stream. When a compromise of the SGX enclave is detected, the streaming of the video instantaneously stops. This shows a practical use-case for runtime attestation of SGX enclaves. In the evaluation, we show that the performance of this setup is sufficient to attest a live video streaming service.

• Cloosters, Tobias; Willbold, Johannes; Holz, Thorsten; Davi, Lucas: SGXFuzz: Efficiently Synthesizing Nested Structures for SGX Enclave Fuzzing. In: Proc. of 31st USENIX Security Symposium. USENIX Association, Boston, MA, USA, 2022. KurzfassungPDF Details VolltextBIB Download

  Intel's Software Guard Extensions (SGX) provide a nonintrospectable trusted execution environment (TEE) to protect security-critical code from a potentially malicious OS. This protection can only be effective if the individual enclaves are secure, which is already challenging in regular software, and this becomes even more difficult for enclaves as the entire environment is potentially malicious. As such, many enclaves expose common vulnerabilities, e.g., memory corruption and SGXspecific vulnerabilities like null-pointer dereferences. While fuzzing is a popular technique to assess the security of software, dynamically analyzing enclaves is challenging as enclaves are meant to be non-introspectable. Further, they expect an allocated multi-pointer structure as input instead of a plain buffer.

  In this paper, we present SGXFUZZ, a coverage-guided fuzzer that introduces a novel binary input structure synthesis method to expose enclave vulnerabilities even without source-code access. To obtain code coverage feedback from enclaves, we show how to extract enclave code from distribution formats. We also present an enclave runner that allows execution of the extracted enclave code as a user-space application at native speed, while emulating all relevant environment interactions of the enclave. We use this setup to fuzz enclaves using a state-of-the-art snapshot fuzzing engine that deploys our novel structure synthesis stage. This stage synthesizes multi-layer pointer structures and size fields incrementally on-the-fly based on fault signals. Furthermore, it matches the expected input format of the enclave without any prior knowledge. We evaluate our approach on 30 open- and closed-source enclaves and found a total of 79 new bugs and vulnerabilities.

• Cloosters, Tobias; Rodler, Michael; Davi, Lucas: TeeRex: Discovery and Exploitation of Memory Corruption Vulnerabilities in SGX Enclaves. In: Proc. of 29th USENIX Security Symposium. USENIX Association, Boston, MA, USA, 2020. Kurzfassung Details VolltextBIB Download

  Intel's Software Guard Extensions (SGX) introduced new instructions to switch the processor to enclave mode which protects it from introspection. While the enclave mode strongly protects the memory and the state of the processor, it cannot withstand memory corruption errors inside the enclave code. In this paper, we show that the attack surface of SGX enclaves provides new challenges for enclave developers as exploitable memory corruption vulnerabilities are easily introduced into enclave code. We develop TeeRex to automatically analyze enclave binary code for vulnerabilities introduced at the host-to-enclave boundary by means of symbolic execution. Our evaluation on public enclave binaries reveal that many of them suffer from memory corruption errors allowing an attacker to corrupt function pointers or perform arbitrary memory writes. As we will show, TeeRex features a specifically tailored framework for SGX enclaves that allows simple proof-of-concept exploit construction to assess the discovered vulnerabilities. Our findings reveal vulnerabilities in multiple enclaves, including enclaves developed by Intel, Baidu, and WolfSSL, as well as biometric fingerprint software deployed on popular laptop brands.

  Full TextSlidesPresentation Video