Découvrez les finalistes des compétitions CSAW !

Découvrez les finalistes des 4 compétitions CSAW'23 !


Applied Research

In the Applied Research Competition, student researchers are invited to compete for the CSAW Best Paper Award. Eligible submissions include papers published between September 1, 2021 and August 31, 2022, on any topic related to the application of security technology, or the implementation of security systems

  • Matthew Rossi, Università degli studi di Bergamo, Italy
    NatiSand: Native Code Sandboxing for JavaScript Runtimes

  • Ladisa Piergorgio, SAP Security Research & Université de Rennes 1, France,
    SoK: Taxonomy of Attacks on Open-Source Software Supply Chains

  • Christian Niesler & Jan Thomas, University of Duisburg-Essen & Ruhr University Bochum, Germany,
    ClepsydraCache -- Preventing Cache Attacks with Time-Based Evictions

  • Andrea Floraldi, Eurecom, France;
    LibAFL: A Framework to Build Modular and Reusable Fuzzers

  • Soheil Khodayari, CISPA Helmholtz Center for Information Security,  Germany, 
    It's (DOM) Clobbering Time: Attack Techniques, Prevalence, and Defenses

  • Lukas Gerlach, CISPA Helmholtz Center for Information Security, Germany,
    A Security RISC: Microarchitectural Attacks on Hardware RISC-V CPUs

  • Tobias Cloosters, University of Duisburg-Essen, Germany,
    RiscyROP: Automated Return-Oriented Programming Attacks on RISC-V and ARM64

  • Mikhail Shcherbakov, KTH Royal Institute of Technology, Sweden, 
    Silent Spring: Prototype Pollution Leads to Remote Code Execution in Node.js

  • Rognar Marton, KU Leuven, Belgium, 
    ShowTime: Amplifying Arbitrary CPU Timing Side Channels

  • Wai Man Si, CISPA Helmholtz Center for Information Security,Germany,
    Why So Toxic? Measuring and Triggering Toxic Behavior in Open-Domain Chatbot

Capture The Flag

Students tackle problems in a series of real-world scenarios modeling various computer security problems.
To succeed, teams must demonstrate a profound understanding of the roles and ramifications of cyber security in these situations. Because the challenges are designed to teach, CTF requires contestants to integrate concepts, develop skills, and learn to hack as they go.

  • Scooby-NTUA : ECE National Technical University of Athens, Greece, :
    Thanasis Konstantopoulos, Apostolos Chatzianagnostou, Spyridon Michail Evangelou, Chronis Sapountzakis

  • Srdnlen : Università degli Studi di Cagliari, Italy,
    Riccardo Sulis, Simone Sulis,Lorenzo Siriu, Massimo Sanna

  • Rubi di cubrik : University of Milano-Bicocca, Universita degli studi di Padova, University of Camerino Italy
    Stefano Pavesi, Alessandro Zanier, Michele Perini, Vincenzo Petrillo

  • STT :  Instituto Superior Tecnico Lisboa, Portugal
    Nuno Sabino Afonso Santos Bruno Mendes André Mendes

  • Radboud Institute of Pwining : Radboud University, Netherland
    WardTheunisse, BarisAstik, HarmRoukema, Rick de Jager

  • CyberHero : University of Nis (Faculty of Electronic Engineering), Faculty of Computing, Union university School of Electrical Engineering, University of Belgrade Serbia, Faculty of Technical Sciences, University of Novi Sad
    Lazar Mancic, Mihajlo Krsmanovic Aleksa Vuckovic Marko Gordic

  • /mnt /ain : EPFL, ETH Zurich, HSLU
    Philippe Dourassov, Aaron Hodel Yoric Züger Luc Fisch

  • Phreaks 2600 : Ecole 2600, France
    Mohammed Benhelli, Dimitri Carlier, Esteban Tonglet, Lucas Valentin

  • TRX : Sapienza university of Rome, Italy
    Dario Petrillo, Christian Contignola, Tommaso de Nicola, Leandro Antonio Pagano

  • R0073RS : Coventry University, UK
    Alexander Smith, Hedvig Mareng, Haydon Smith, Arsen Chilingaryan

  • BelRedDaemons : Howest, Ecole 2600, KU Leuven, France, Belgium
    Arsen Chilingaryan, Brahim El Fikhi Thomas Vandeputte

  • Polyflag : EPFL, Karlsruhe Institute of Technology, ETH Zurich, Sweden
    Liam Wachter, Joshua Bernimoulin, Léo Larigauderie, Adam Amanbaev

  • DragonSec SI : University of Ljubljana, Slovenia,
    Aljaž Medič Jure Mihelčič Žnidaršič Miha Frangež Jure Pustoslemšek

  • LosFuzzys : Graz University of Technology, Austria
    Yuma Buchrieser, Hannes Weissteiner, Sebastian Daniel Felix, Marcell Matthias Haritopoulos

  • CheriPI, University of Cambridge, England
    Zhongqi Zhao, Yi Chen Chai, Harry Chen, Zeyu Zhang

Embedded Security Challenge

ESC is an educational, research-oriented tournament aimed at hacking into the hardware of embedded systems. First run in 2008, it is the oldest hardware security competition in the world, 2023 represents ESC's 16-year anniversary.This year's ESC focuses on side channel attacks (SCA) on cyber-physical systems (CPS). Cyber-physical systems are used by hundreds of industries and in many critical infrastructure systems. If these CPSs are not properly setup they can leak information even if they are using cryptographically secure software. This year, teams will investigate a range of SCAs on an Arduino Uno based CPS running several firmware that expose various side channels.
  • Hackcess, IUT de Roanne, France                                                                                                                 Boye Mouhamed, Foulie Aymeric, Malosse Tom ; Dufour Theo
  • BitsFromBZH : Université Bretagne Sud, France :                                                                                         Adam Henault, Florian Lecocq, Axel Gouriou, Philippe Tanguy
  • Towpath Inspectors UNLTD, University of Birmighan, UK :                                                                       Matthew Bowden Martin Thompson Jacqueline Henes Jesse Spielman
  • Breiz’Hell : ENSIBS, France :                                                                                                                             Théo Riviere,  Léo Chaigneau, Oken Keten, Rémi Bouillet
  • BloCAj, IUT GEII Saint Etienne, France,                                                                                                           Amine Alia, Charlie Durand, Jules Fellouse, Jean Loup Jouve
  • Th30s University of Piraeus : University of Piraeus, Greece,                                                                     Spyridon Konstantinos Mokos, Fiotakis Ilias, Mamidakis Georgios, Meletios Michail
  • TheRomanXpl0it, Sapienza Università di Roma, Italy :                                                                            Leonardo Danella, Tiziano, Caruana, Krisjan Tarantelli, Francesco Bianchi

Red Team Competition

The Red Team Competition is developed for high school students, with the aim of encouraging young people to choose cybersecurity careers. This competition is open to all high school students in metropolitan France, whether they are beginners or have some experience with cybersecurity issues. This year, the Red Team competition is co-created by Grenoble INP – Esisar, UGA in partnership with Root-Me, a platform for learning computer security and hacking. Teams of 1 to 3 students from the same school are invited to participate in online qualification challenges

  • S3cur3D : Notre Dame les Oiseaux Verneuil Sur Seine

  • Ret C2lhu : Jean Macé Rennes

  • Neptune.sh : Lycée sud Medoc, Saint Medard en Jalles

  • St-Barth’s 2 valence : Saint Barthélémy, Nice

  • Libs<2.27 for the win : Lycée Charlemagne, Paris

  • Frobnitz : Lycée Louis Pergaud, Besançon

  • Joshua et Ethan : Lycée Gustave Eifel, Bordeaux

  • Hardware : Lycée Gustave Eifel, Bordeaux

  • Hunter : The matrix REBOOT : Lycée général et technologique les trois soucrces, Bourg les valence

  • #bin/bash : Saint Denis, Annonay

PUF-enabled Security Challenge

PSC gives students the opportunity to present innovative PUF-based security solutions to a panel of security experts.
The PUF-based security feature to be presented can address any threats of a modern IoT system from low level hardware attacks to system level attacks (hardware attacks detection, key distribution, support to secure computing ….)
The contest is organized in two steps with a qualification phasis and an on-site final during CSAW 2023.

  • The Agents of P.U.F, University of Sheffield, UK
    Realising Symbiotic Security through Software/Firmware/PUF Co-Design

  • IMSE-CNM, University of Seville, Spain
    The use of Physical Unclonable Functions (PUFs) for the purpose of linking physical assets with Non-Fungible Tokens (NFTs)

  • ArcadesLab, Università degli Studi di Napoli Federico II, Italy
    A group-key management protocol based on PUF

  • GDE, University of Zaragoza
    A new PUF based on sensors for the identification of IoT smart mobile devices

  • Comelec, Institut Mines Télécom - Telecom Paris
    Security Of Physically Unclonable Functions Against Modeling Attacks,

  • ByteDefenders : Grenoble INP - Esisar, UGA France