Sergej Schumilo

Hi there!
I am a security researcher and PhD student at Ruhr University Bochum. My current research field is hypervisor-assisted fuzzing, which enables not only fuzzing of code running on any privilege level, but also provides a huge performance boost in specific scenarios. Other than that, I am interested in low-level security, OS internals and optimizing performance-critical code.

I am also one of the main authors of several open-source projects, such as vUSBf, libxdc, kAFL (Intel’s Fork of kAFL), Redqueen, Nyx, Nyx-Net and the recently released Nyx-Framework. So, if you are interested in fast snapshot fuzzing on x86-64 systems, you should definitely check it out. You can find more information on the Nyx-Framework here. Furthermore, I have also contributed to other fuzzing projects such as GRIMOIRE, IJON and Nautilus.

Feel free to contact me via email or reach out to me on Twitter.
You can also find me on Github.

Talks (Selection):

Publications (Selection):

  • Nyx-Net: Network Fuzzing with Incremental Snapshots - Arxiv - Cite
    Sergej Schumilo, Cornelius Aschermann, Andrea Jemmett, Ali Abbasi, Thorsten Holz
    Paper Code
  • Nyx: Greybox Hypervisor Fuzzing using Fast Snapshots and Affine Types
    30th USENIX Security Symposium (USENIX Security 21) - Cite

    Sergej Schumilo, Ali Abbasi, Simon Wör­ner, and Thorsten Holz
    Paper Slides Code
  • IJON: Exploring Deep State Spaces via Fuzzing
    IEEE Sym­po­si­um on Se­cu­ri­ty and Pri­va­cy (“Oak­land”) - Cite

    Cor­ne­li­us Ascher­mann, Ser­gej Schu­mi­lo, Ali Ab­ba­si, Thors­ten Holz
    Paper Slides Code
  • Hy­per-Cu­be: High-Di­men­sio­nal Hy­per­vi­sor Fuz­zing
    Net­work and Di­stri­bu­ted Sys­tem Se­cu­ri­ty Sym­po­si­um (NDSS 2020) - Cite

    Cor­ne­li­us Ascher­mann, Ser­gej Schu­mi­lo, Ali Ab­ba­si, Thors­ten Holz
    Paper Slides Code
  • GRI­MOIRE: Syn­the­si­zing Struc­tu­re while Fuz­zing
    IEEE Sym­po­si­um on Se­cu­ri­ty and Pri­va­cy (“Oak­land”) - Cite

    Tim Bla­zyt­ko, Cor­ne­li­us Ascher­mann, Mo­ritz Schlö­gel, Ali Ab­ba­si, Ser­gej Schu­mi­lo, Simon Wör­ner, Thors­ten Holz
    Paper Slides Code
  • REDQUEEN: Fuzzing with Input-to-State Correspondence
    Net­work and Di­stri­bu­ted Sys­tem Se­cu­ri­ty Sym­po­si­um (NDSS 2019) - Cite

    Cor­ne­li­us Ascher­mann, Ser­gej Schu­mi­lo, Tim Blazytko, Robert Gawlik, Thors­ten Holz
    Paper Slides Code
  • kAFL: Hardware-Assisted Feedback Fuzzing for OS Kernels
    26th USENIX Security Symposium (USENIX Security 17) - Cite

    Ser­gej Schu­mi­lo, Cor­ne­li­us Ascher­mann, Robert Gawlik, Sebastian Schinzel, Thors­ten Holz
    Paper Slides Code