AFFECT.NL: Automated Finding, Fixing or Exploiting of seCuriTy vulnerabilities

Organised by INTERSCT. WP2 ∩ WP4

June 20, 10:00-17:00, 2024 at the Vrije Universiteit, Amsterdam.

This workshop is aimed at researchers and practioners from the Netherlands working on fuzzing or other automated - dynamic or static - techniques to find, fix or exploit security vulnerabilities in code. As the goal is to create some collaboration and synergy, there will plenty of time for discussion and informal chats over coffee, lunch and drinks.

Presentations can

There will also be the opportunity for people to give short pitches to signal interests, problems, ideas or case studies to collaborate on.

This workshop is organised by the ACCSS working group on Software Security as part of the INTERSCT project, where it is of interest for research into quality assurance in WP2 and the study of attacks in WP4. Some of the researchers involved also participate in the AVR (Automated Vulnerability Research) project of dcypher.

Information (incl. slides) of the 2023 workshop are here.


Please register via this Google Form.


room NU-5A57 in the NU building, De Boelelaan 1111, Amsterdam .


   10:30 - 10:55 Welcome / coffee

      10:55 - 11:00 Opening

      11:00 - 11:30 A Dataset for Validating Firmware Testing Tools, Timon Heuwekemeijer and Sjors Van den Elzen (Secura)

      11:30 - 12:00 Fuzzing in CI/CD pipelines, Fatih Turkmen (RUG)

      12:00 - 12:30 How floating point additions can detect memory errors, Floris Gorter (VU)

   12:30 - 13:15 Lunch (on location)

      13:15 - 13:45 Pre-Silicon Hardware Fuzzing, Alvise de Faveri Tron (VU)

      13:45 - 14:15 Web application fuzzing: a survey, I Putu Arya Dharmaadi (RUG)

      14:15 - 14:45 MoreFixes: the largest CVE dataset with fixes, Jafar Akhoundali (UL)

   14:30 - 14:45 Coffee

      14:45 - 15:15 Non-invasive Characterization of Out-Of-Bounds Write Vulnerabilities, Jerre Starink (UT)

      15:15 - 15:45 Fast stateful fuzzing with libafl*, Timme Bethe (UT) and Cristian Daniele (RU)

      15:45 - 16:15 Using Large Language Models for Fuzzing Seed Generation, Raphael Isemann (VU)   

   16:15 - 17:00 Drinks