Home » R&I Project Hub » REACT » Events » How to reactively defend against advanced cyber threats

How to reactively defend against advanced cyber threats


How to reactively defend against advanced cyber threats

20 May , 13:00-17:00 - CEST

Thank you for joining us!

Speakers' slides are now available.

Download a copy:

Watch the webinar video:



Cybersecurity has played a critical role in the last year, especially because of the shift to an increased usage of digital products due to the COVID-19 pandemic. While we have seen an increase in the importance of cybersecurity within some organisations' strategy, most software systems currently used on a daily basis still contain vulnerabilities that can be easily exploited.

This is especially true in the case of zero-day attacks, which depend on the organization’s “window of exposure,” or the time between the discovery of a vulnerability and the release (and installation) of a patch that fixes it. Zero-day exploits are highly valued in legitimate bug bounty programmes, with one such exploit valued at US$2 million. They are also valuable in underground marketplaces, making them a boon for threat actors because most security defences are designed to handle known flaws.

Organisations the world over are asking:

  • can we protect a computer, or laptop, tablet or any other device before "day zero"?
  • can we protect them before we know about their vulnerability?

This workshop will answer these questions thanks to the work done in the context of the H2020 ReAct project. ReAct is proposing an holistic approach aiming to protect devices throughout their entire lives by automatically generating temporary real-time patch that neutralizes the vulnerability until an official patch is installed. In this way, ReAct closes the window of vulnerability and does not allow attackers to compromise the vulnerable computer.

Who is it for?

The workshop is addressing mainly:

ICT Operators, Internet Service Providers, Hardware Manufacturers and Researchers and it is open to stakeholders of all backgrounds that are interested in cybersecurity technological advancements.





Cyberwatching.eu Introduction and welcome note

Speaker: Nicholas Ferguson, Cyberwatching.eu Project Coordinator & Trust-IT Services


Overview of the REACT project

Speaker: Evangelos Markatos, FORTH


Why are systems (still) not updated after all these attacks?

Speaker: Leyla Bilge, NortonLifeLock


Panel Session Security updates in the modern world

Moderator: Elias Athanasopoulos

Panellists: Evangelos Markatos, Leyla Bilge, Periklis Akritidis, Asia Lowinska, Nicolas Kourtellis, Corrado Leitta


How to exploit a bit flip in order to own the cloud

Speaker: Kaveh Razavi, ETH Zurich


How CPU bugs work?

Speaker: Herbert Bos, Vrije Universiteit Amsterdam


Panel Session Next-generation attacks

Moderator: Cristiano Giuffrida

Panellists: Kaveh Razavi, Herbert Bos, Leyla Bilge, Periklis Akritidis, Asia Slowinska


Understanding the Cybersecurity research and Innovation landscape

Speaker: Nicholas Ferguson, Trust-IT Services & Cyberwatching.eu


Defending against Memory Corruption Vulnerability Exploitation

Speaker: Michalis Polychronakis, Stony Brook University


Panel Session Defending systems (20 years later)

Moderator: Thorsten Holz

Panellists: Michalis Polychronakis, Davide Balzarotti, Elias Athanasopoulos, Nicolas Kourtellis, Corrado Leita


Wrap up and closure








Speakers and Panellists

Evangelos Markatos

Evangelos Markatos (M) is a professor of Computer Science at the University of Crete. He  received his diploma in Computer Engineering from the University of Patras and the MSc and PhD in Computer Science from the University of Rochester. He is the founding head of the Distributed Computing Systems Lab at FORTH-ICS where he conducts research in the broader area of computer systems with a special emphasis in Network Security and Privacy. He is the coordinator of the (i) PROTASIS Marie Sklodowska-Curie project dealing with Security and Privacy for the IoT and (ii) REACT  project  that deals with secure software. He has been a member of the permanent stakeholders group of ENISA (European Network and Information Security Agency) and a member of the Academic Advisory Network of Europol’s EC3 (European Cybercrime Center). He has served (i) as the founding coordinator of  SysSec: The European  Network of Excellence in Threats and Vulnerabilities for the Future Internet, consisting of 8 partners and more than 70 associated partners funded in part by the European Commission, (ii) as the coordinator of the NoAH project which installed one of the largest academic Network of honeypots  in Europe, and (iii) as the founding member of SENTER: The European Network of the National Centers of Excellence in Cybercrime Research Training and Education. Prof. Markatos has co-authored more than 150  publications in top conferences and journals including  ACM SOSP, IEEE HPCA, ACM/IEEE ToN, IEEE JSAC, USENIX Security, INFOCOM, etc. According to Google Scholar his work has received more than 7,000 citations with an h-index of 42.


Leyla Bilge

Dr. Leyla Bilge is the director of the European research team of NortonLifeLock.
The topic of her PhD is network-based botnet detection. Her research interests embrace most computer security problems with special focus on DNS-based malware detection systems, malware analysis,  big data analysis for cyber security,
cyber risk predictive analytics and privacy.





Kaveh Razavi

Kaveh Razavi is an assistant professor in the Department of Information Technology and Electrical Engineering at ETH Zurich where he leads the computer security group. His research interests are in the area of systems security and more broadly, computer systems. More recently, he has been involved in the discovery and exploitation of many high-profile hardware vulnerabilities in commodity hardware components such as DRAM and CPU.






Herbert Bos

Herbert Bos is professor of Systems and Network Security at Vrije Universiteit Amsterdam where he co-leads the VUSec research group. He obtained his Ph.D. from Cambridge University Computer Laboratory (UK). Coming from a systems background, he drifted into security a few years ago and never left. His research interests covers all aspects of system-level security and reliability, including topics such as software hardening, exploitation, micro-architectural attacks, binary analysis, fuzzing, side channels, and reverse engineering. He is very proud of his (former) students who are much cleverer than he is.





Michalis Polychronakis

Michalis Polychronakis is an associate professor in the Computer Science Department at Stony Brook University. He received the BSc ('03), MSc ('05), and PhD ('09) degrees in Computer Science from the University of Crete, Greece, while working as a research assistant in the Distributed Computing Systems Lab at FORTH-ICS. Before joining Stony Brook, he was an associate research scientist at Columbia University. His research aims to improve the security of computer systems and networks, build defenses against malicious software and online threats, reinforce the privacy of our online interactions, and enhance our understanding of the internet and its darker sides. He has published more than 100 peer-reviewed papers, many of them in top venues such as IEEE S&P, USENIX Security, ACM CCS, ISOC NDSS, EuroSys, and USENIX ATC, and is the recipient of the DARPA Young Faculty Award (2018) and the NSF CAREER Award (2018).