OSVS'25 - Workshop on Operating Systems and Virtualization Security

Program

[09:30 - 11:00]	Session 1 Moderator: Luca Verderame, University of Genova
[09:30 - 09:55]	Welcome, introductions and opening remarks
[09:55 - 10:20]	Statistical Evaluation of Entropy Accumulation in Linux Alexandre Bouez, Joan Daemen and Bart Mennink
[10:20 - 10:35]	Work-in-Progress: Covert BLE Data Exfiltration via Apple's Find My Network: A Malware Prototype and Defense Strategies Hosam Alamleh and Alessandro Cantelli Forti.
[10:35 - 11:00]	Work-in-Progress: Optimizing Performance of User Revocation in Cryptographic Access Control with Trusted Execution Environments Ion Andy Ditu, Stefano Berlato, Matteo Busi, Roberto Carbone and Silvio Ranise.
[11:00 - 11:30]	Coffee break
[11:30 - 13:00]	Session 2 Moderator: TBD
[11:30 - 11:55]	From Edge to Cloud: Securing Distributed Containerized Applications Luca Verderame, Giorgia Bolognesi, Enrico Pezzano, Alberto Falcone, Giacomo Benedetti, Massimo Guarascio, Luca Caviglione, Roberto Carbone, Roberto Doriguzzi-Corin, Massimiliano Rak, Maurizio Giacobbe, Giovanni Merlino, Antonio Puliafito, Massimiliano Baldo, Marino Miculan, Vincenzo Riccio and Massimo Ficco.
[11:55 - 12:20]	Real-World Study of the Security of Educational Test Systems Stefan Gast, Sebastian Daniel Felix, Alexander Steinmaurer, Jonas Juffinger and Daniel Gruss.
[12:20 - 12:45]	The OWApp Benchmark: an OWASP-compliant Vulnerable Android App Dataset Luca Ferrari, Francesco Pagano, Luca Verderame and Alessio Merlo.
[12:45 - 13:00]	Closing remarks
[13:00]	Lunch

Copyright © 2025
The workshop is developed within the SEcurity and RIghts in the CyberSpace (SERICS) foundation framework (https://serics.eu/). The Foundation's main purpose is scientific and technological research and, in this perspective, it is established to be the implementing entity of the extended Partnership "SERICS - Security and Rights in CyberSpace" financed following the participation in the Public Notice "for the presentation of Proposals for the creation of "Partnerships extended to universities research centers, companies for the funding of basic research projects" - as part of the National Recovery and Resilience Plan, Mission 4 "Education and Research" - Component 2 "From Research to Enterprise" - Investment 1. 3, funded by the European Union - NextGenerationEU - Notice No. 341 of 15.3.2022.

Program

[09:30 - 11:00]

Session 1

Moderator: Luca Verderame, University of Genova

[09:30 - 09:55]

Welcome, introductions and opening remarks

[09:55 - 10:20]

Statistical Evaluation of Entropy Accumulation in Linux

Alexandre Bouez, Joan Daemen and Bart Mennink

[10:20 - 10:35]

Work-in-Progress: Covert BLE Data Exfiltration via Apple's Find My Network: A Malware Prototype and Defense Strategies

Hosam Alamleh and Alessandro Cantelli Forti.

[10:35 - 11:00]

Work-in-Progress: Optimizing Performance of User Revocation in Cryptographic Access Control with Trusted Execution Environments

Ion Andy Ditu, Stefano Berlato, Matteo Busi, Roberto Carbone and Silvio Ranise.

[11:00 - 11:30]

Coffee break

[11:30 - 13:00]

Session 2

Moderator: TBD

[11:30 - 11:55]

From Edge to Cloud: Securing Distributed Containerized Applications

[11:55 - 12:20]

Real-World Study of the Security of Educational Test Systems

Stefan Gast, Sebastian Daniel Felix, Alexander Steinmaurer, Jonas Juffinger and Daniel Gruss.

[12:20 - 12:45]

The OWApp Benchmark: an OWASP-compliant Vulnerable Android App Dataset

Luca Ferrari, Francesco Pagano, Luca Verderame and Alessio Merlo.

[12:45 - 13:00]

Closing remarks

[13:00]

Lunch