TUM Logo

Marius Momeu

Marius Momeu

Wimi

Address:

Technische Universität München
Chair for IT Security (I20)
Boltzmannstraße 3
85748 Garching (near Munich)
Germany


Phone: +49 (0)89 289-18592
Fax: +49 (0)89 289-18579
E-Mail:
Room: 01.08.057


Bio

I am a PhD Candidate at the Chair of IT Security where I research methods for combating memory corruption vulnerabilities in systems software. In my approach I broadly focus on combining software/hardware engineering with automation to analyze, test, and harden large memory-unsafe codebases efficiently. I also do vulnerability research on real-world CVEs to demonstrate the effectiveness, or lack thereof, of existing defenses.

In my last two papers (Safeslab, ACM CCS'24 and ISLAB, ACM AsiaCCS'24) I repurposed two hardware extensions on Intel processors (MPK and SMAP) to design low-cost mitigations against memory corruption vulnerabilities in operating system kernels (Linux). In one of my previous papers (xMP, IEEE S&P'20) I worked on designing a memory isolation framework based on virtualization (Intel VT-x) for operating system kernels (Linux) and user-applications (Nginx, OpenSSL). Currently I am working on hardening low-level software using ARM MTE and PAuth and on unveiling novel vulnerabilities in state-of-the-art memory safety defenses. Recently I became interested and started working on automating vulnerability detection via fuzz testing and LLMs, on improving the precision and scalability of static analysis tools (LLVM) in loosely typed software, and on integrating Rust in operating system software (Rust for Linux) for reducing the risk of memory corruption vulnerabilities.

I enjoy attending conferences and exchanging ideas with other researchers in the field, as well as working with others on implementing complex and ambitious ideas. Throughout my PhD I involved several undergrad and grad students in my research projects by supervising theses and lab work. My current plan is to pursue a career in academia, and my next steps are to graduate and look for a postdoc position.


Student Work

My supervision capacity is currently full, please try out with my colleagues instead.


Teaching

WS 2023 and SS 2023

Semesterly Between WS 2020 and SS 2022

SS 2021


Publications

2024 Safeslab: Mitigating Use-After-Free Vulnerabilities via Memory Protection Keys
ISLAB: Immutable Memory Management Metadata for Commodity Operating System Kernels
2020 xMP: Selective Memory Protection for Kernel and User Space
2018 Hiding in the Shadows: Empowering ARM for Stealthy Virtual Machine Introspection