Kemerlis, Vasilis

Vasilis Kemerlis

Associate Professor of Computer Science

Overview

Vasileios (Vasilis) Kemerlis is an Associate Professor of Computer Science at Brown University. His research interests are in the areas of systems and software security, with a focus on OS kernel protection, automated software hardening, fuzz testing, and hardware-assisted security.

Many of Vasilis' proposed systems and defensive techniques have been adopted by major vendors, like Intel, Microsoft, and Apple, or open source projects, such as the Linux kernel, Mozilla Firefox, and the Tor Browser. His work on kernel exploitation and defense has received recognition from both the industry and academia, featuring articles in ;login: (the technical journal of USENIX), multiple presentations at Black Hat (BHEU 2014, BHASIA 2017, and BHUSA 2017), as well as significant coverage in press and social media; in addition, it won the first prize in the Applied Research competition, at the Cyber Security Awareness Week (CSAW) 2014 conference, nominated for a Pwnie award in 2015, and was the runner-up for the IEEE LangSec "Bug of the Year" award in 2024. Lastly, Vasilis' work on fuzz testing ML/DL frameworks for memory errors has helped the TensorFlow and PyTorch developers identify and fix many 0-day vulnerabilities, and was awarded multiple CVEs. Vasilis has also contributed to the design and implementation of Microsoft's primary solution for automatically triaging crash dumps (RETracer), which is now part of the Windows Error Reporting (WER) Platform.

In the past, Vasilis was a member of the Solaris Core Kernel team at Oracle, where he worked on adding support for full Address Space Layout Randomization (ASLR) in the Solaris OS. Other professional accolades include the NSF CAREER Award, a Distinguished Paper Award in ACM ASIA CCS 2023, a Distinguished Artifact Award in ACM CCS 2025, and service awards from ACM CCS 2025, ACM CCS 2024, ACM CCS 2023, and DIMVA 2020 ("Top/Distinguished/Outstanding Reviewer"). Vasilis holds a PhD (2015), MPhil (2013), and MS (2010) in Computer Science from Columbia University, a BS (2006) in Computer Science from Athens University of Economics and Business, as well as a MA (2025, ad eundem) from Brown University.

Brown Affiliations

Computer Science

Research Areas

Computer Systems | Cybersecurity | Software engineering

On the Web

Website

Google Scholar

DBLP

ORCID

Publications Visualize it

Marius Momeu, Alexander J. Gaidis, Jasper von der Heidt, and Vasileios P. Kemerlis. "IUBIK: Isolating User Bytes in Commodity Operating System Kernels via Memory Tagging Extensions." 2025 IEEE Symposium on Security and Privacy (SP), 2025, pp. 867-885.

Full Text

Andreas D. Kellas, Neophytos Christou, Wenxin Jiang, Penghui Li, Laurent Simon, Yaniv David, Vasileios P. Kemerlis, James C. Davis, and Junfeng Yang. "PickleBall: Secure Deserialization of Pickle-based Machine Learning Models." Proceedings of the 2025 ACM SIGSAC Conference on Computer and Communications Security, 2025, pp. 3341-3355.

Full Text

Di Jin, Alexander J. Gaidis, and Vasileios P. Kemerlis. "BeeBox: Hardening BPF against Transient Execution Attacks." Proceedings of the 33rd USENIX Security Symposium (USENIX SEC), 2024, pp. 613-630.

Neophytos Christou, Alexander J. Gaidis, Vaggelis Atlidakis, and Vasileios P. Kemerlis. "Eclipse: Preventing Speculative Memory-error Abuse with Artificial Data Dependencies." Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security, 2024, pp. 3913-3927.

Full Text

Marius Momeu, Fabian Kilger, Christopher Roemheld, Simon Schnückel, Sergej Proskurin, Michalis Polychronakis, and Vasileios P. Kemerlis. "ISLAB: Immutable Memory Management Metadata for Commodity Operating System Kernels." Proceedings of the 19th ACM Asia Conference on Computer and Communications Security, 2024, pp. 1159-1172.

Full Text

Yaniv David, Neophytos Christou, Andreas D. Kellas, Vasileios P. Kemerlis, and Junfeng Yang. "QUACK: Hindering Deserialization Attacks via Static Duck Typing." Proceedings of the 31st Network and Distributed System Security (NDSS) Symposium, 2024.

Marius Momeu, Simon Schnückel, Kai Angnis, Michalis Polychronakis, and Vasileios P. Kemerlis. "SafeSlab: Mitigating Use-After-Free Vulnerabilities via Memory Protection Keys." Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security, 2024, pp. 1345-1359.

Full Text

George Christou, Grigoris Ntousakis, Eric Lahtinen, Sotiris Ioannidis, Vasileios P. Kemerlis, and Nikos Vasilakis. "BinWrap: Hybrid Protection against Native Node.js Add-ons." Proceedings of the ACM Asia Conference on Computer and Communications Security, 2023, pp. 429-442.

Full Text

Di Jin, Vaggelis Atlidakis, and Vasileios P. Kemerlis. "EPF: Evil Packet Filter." 2023 USENIX Annual Technical Conference (ATC), 2023, pp. 735-751.

Alexander J. Gaidis, Joao Moreira, Ke Sun, Alyssa Milburn, Vaggelis Atlidakis, and Vasileios P. Kemerlis. "FineIBT: Fine-grain Control-flow Enforcement with Indirect Branch Tracking." Proceedings of the 26th International Symposium on Research in Attacks, Intrusions and Defenses, 2023, pp. 527-546.

Full Text

Neophytos Christou, Di Jin, Vaggelis Atlidakis, Baishakhi Ray, and Vasileios P. Kemerlis. "IvySyn: Automated Vulnerability Discovery in Deep Learning Frameworks." Proceedings of the 32nd USENIX Security Symposium (USENIX SEC), 2023, pp. 2383-2400.

Alexander J. Gaidis, Vaggelis Atlidakis, and Vasileios P. Kemerlis. "SysXCHG: Refining Privilege with Adaptive System Call Filters." Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security, 2023, pp. 1964-1978.

Full Text

Mohamed Tarek Ibn Ziad, Miguel A. Arroyo, Evgeny Manzhosov, Vasileios P. Kemerlis, and Simha Sethumadhavan. "EPI: Efficient Pointer Integrity For Securing Embedded Systems." 2021 International Symposium on Secure and Private Execution Environment Design (SEED), 2021, pp. 163-175.

Full Text

Nick Roessler, Lucas Atayde, Imani Palmer, Derrick McKee, Jai Pandey, Vasileios P. Kemerlis, Mathias Payer, Adam Bates, André DeHon, Jonathan M. Smith, and Nathan Dautenhahn. "μSCOPE: A Methodology for Analyzing Least-Privilege Compartmentalization in Large Software Artifacts." 24th International Symposium on Research in Attacks, Intrusions and Defenses, 2021, pp. 296-311.

Full Text

David Williams-King, Hidenori Kobayashi, Kent Williams-King, Graham Patterson, Frank Spano, Yu Jian Wu, Junfeng Yang, and Vasileios P. Kemerlis. "Egalito: Layout-Agnostic Binary Recompilation." Proceedings of the Twenty-Fifth International Conference on Architectural Support for Programming Languages and Operating Systems, 2020, pp. 133-147.

Full Text

Ioannis Agadakos, Nicholas DeMarinis, Di Jin, Kent Williams-King, Jearson Alfajardo, Benjamin Shteinfeld, David Williams-King, Vasileios P. Kemerlis, and Georgios Portokalidis. "Large-scale Debloating of Binary Shared Libraries." Digital Threats: Research and Practice, vol. 1, no. 4, 2020, pp. 1-28.

Full Text

Nicholas DeMarinis, Kent Williams-King, Di Jin, Rodrigo Fonseca, and Vasileios P. Kemerlis. "sysfilter: Automated System Call Filtering for Commodity Software." Proceedings of the 23rd International Symposium on Research in Attacks, Intrusions and Defenses (RAID), 2020, pp. 459-474.

Sergej Proskurin, Marius Momeu, Seyedhamed Ghavamnia, Vasileios P. Kemerlis, and Michalis Polychronakis. "xMP: Selective Memory Protection for Kernel and User Space." 2020 IEEE Symposium on Security and Privacy (SP), 2020, pp. 563-577.

Full Text

Marios Pomonis, Theofilos Petsios, Angelos D. Keromytis, Michalis Polychronakis, and Vasileios P. Kemerlis. "Kernel Protection Against Just-In-Time Code Reuse." ACM Transactions on Privacy and Security, vol. 22, no. 1, 2019, pp. 1-28.

Full Text

Ioannis Agadakos, Di Jin, David Williams-King, Vasileios P. Kemerlis, and Georgios Portokalidis. "Nibbler: Debloating Binary Shared Libraries." Proceedings of the 35th Annual Computer Security Applications Conference, 2019, pp. 70-83.

Full Text

Nicholas DeMarinis, Stefanie Tellex, Vasileios P. Kemerlis, George Konidaris, and Rodrigo Fonseca. "Scanning the Internet for ROS: A View of Security in Robotics Research." 2019 International Conference on Robotics and Automation (ICRA), 2019, pp. 8514-8521.

Full Text

Hyungjoon Koo, Yaohui Chen, Long Lu, Vasileios P. Kemerlis, and Michalis Polychronakis. "Compiler-Assisted Code Randomization." 2018 IEEE Symposium on Security and Privacy (SP), 2018, pp. 461-477.

Full Text

Marios Pomonis, Theofilos Petsios, Angelos D. Keromytis, Michalis Polychronakis, and Vasileios P. Kemerlis. "kR^X: omprehensive Kernel Protection against Just-In-Time Code Reuse." Proceedings of the Twelfth European Conference on Computer Systems, 2017, pp. 420-436.

Full Text

Kanad Sinha, Vasileios P. Kemerlis, and Simha Sethumadhavan. "Reviving Instruction Set Randomization." 2017 IEEE International Symposium on Hardware Oriented Security and Trust (HOST), 2017, pp. 21-28.

Full Text

Elias Athanasopoulos, Vasileios P. Kemerlis, Georgios Portokalidis, and Angelos D. Keromytis. "NaClDroid: Native Code Isolation for Android Applications." Lecture Notes in Computer Science, 2016, pp. 422-439.

Full Text

Weidong Cui, Marcus Peinado, Sang Kil Cha, Yanick Fratantonio, and Vasileios P. Kemerlis. "RETracer: Triaging Crashes by Reverse Execution from Partial Memory Dumps." Proceedings of the 38th International Conference on Software Engineering, 2016, pp. 820-831.

Full Text

David Williams-King, Graham Gobieski, Kent Williams-King, James P. Blake, Xinhao Yuan, Patrick Colp, Michelle Zheng, Vasileios P. Kemerlis, Junfeng Yang, and William Aiello. "Shuffler: Fast and Deployable Continuous Code Re-Randomization." Proceedings of the 12th USENIX Symposium on Operating Systems Design and Implementation (OSDI), 2016, pp. 367-382.

Pawel Sarbinowski, Vasileios P. Kemerlis, Cristiano Giuffrida, and Elias Athanasopoulos. "VTPin: Practical VTable Hijacking Protection for Binaries." Proceedings of the 32nd Annual Conference on Computer Security Applications, 2016, pp. 448-459.

Full Text

Theofilos Petsios, Vasileios P. Kemerlis, Michalis Polychronakis, and Angelos D. Keromytis. "DynaGuard: Armoring Canary-based Protections against Brute-force Attacks." Proceedings of the 31st Annual Computer Security Applications Conference, 2015, pp. 351-360.

Full Text

Yossef Oren, Vasileios P. Kemerlis, Simha Sethumadhavan, and Angelos D. Keromytis. "The Spy in the Sandbox: Practical Cache Attacks in JavaScript and their Implications." Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, 2015, pp. 1406-1418.

Full Text

Background

Education and Training

Year	Degree	Institution
2015	PhD	Columbia University
2013	MPhil	Columbia University
2010	MS	Columbia University
2006	BS	Athens University of Economics and Business

Honors and Awards

Distinguished Artifact Award, ACM Conference on Computer and Communications Security (CCS) 2025
Top/Distinguished Reviewer, ACM Conference on Computer and Communications Security (CCS) 2025, 2024, 2023
Finalist (top 10), Applied Research Paper Award, Cyber Security Awareness Week (CSAW) Europe 2025, USA 2018
Runner-up, Weirdest Machine of the Year Award, IEEE Language-Theoretic Security Workshop (LangSec) 2024
Distinguished Paper Award, ACM Asia Conference on Computer and Communications Security (ASIACCS) 2023
CAREER Award, National Science Foundation (NSF) 2023
Finalist (top 5), Artifacts Competition and Impact Award, Annual Computer Security Applications Conference (ACSAC) 2023
Outstanding Reviewer, International Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA) 2020
Fellow, Greek Diaspora Fellowship Program (GDFP) 2020
Nominee, Most Innovative Research Award, Pwnie Awards 2015

Affiliations Visualize it

Collaborators

Name	Title
Konidaris, George	Associate Professor of Computer Science
Tellex, Stefanie	Professor of Computer Science, Associate Professor of Engineering
Vasilakis, Nikos	Assistant Professor of Computer Science

Researchers@Brown

Researchers@Brown

Vasilis Kemerlis

Associate Professor of Computer Science

Overview

Brown Affiliations

Research Areas

On the Web

Publications Visualize it

Background

Education and Training

Honors and Awards

Affiliations Visualize it

Collaborators

Teaching

Teaching