Biography
Johannes Willbold is a doctoral student at the chair for systems security at the Ruhr University Bochum in Germany. In this doctoral thesis, he focuses on the security of space and satellite systems, with a particular emphasis on understanding real-world security issues by studying otherwise hard-to-access space software. His first paper on the security of onboard satellite software “Space Odyssey: An Experimental Software Security Analysis of Satellites” was recently accepted to the IEEE S&P 2023 conference. In 2022, Johannes visited the Cyber-Defence Campus in Switzerland for an extended research stay on satellite security, where he investigated the security of VSAT systems.
He is co-founder and co-chair of SpaceSec, the first academic workshop on space and satellite systems security, which is co-located with the top-tier security conference NDSS. He also participated in the Hack-A-Sat 2 finals, spoke at the CySat 2022 and 2023 on the software security of satellites, and was recently invited to ESA for a talk on onboard satellite firmware security.
News - Upcoming Talks
Interstellar Intruders: Hijacking Satellites through Firmware Vulnerabilities
TTI/Vanguard: Networks and Communications, 2023, Westminster, CO, USA
13-15 September, 2023, Johannes Willbold
Selected Publications
I only started publishing in IT-Security after starting my Ph.D. Before that, I worked as software engineer in an assisting researcher position and co-authored eight papers on Alzheimer diagnostics. Refer to my Google Scholar for a full list of publications.
2023
Space Odyssey: An Experimental Software Security Analysis of Satellites
Johannes Willbold, Moritz Schloegel, Manuel Vögele, Maximilian Gerhardt, Thorsten Holz, and Ali Abbasi
44th IEEE Symposium on Security and Privacy (S&P)
Distinguished Paper Award
2022
SGXFuzz: Efficiently Synthesizing Nested Structures for SGX Enclave Fuzzing
Tobias Cloosters, Johannes Willbold, Thorsten Holz, and Lucas Davi
31st USENIX Security Symposium (USENIX Security 22)
Talks
2023
Houston, We Have a Problem: Analyzing the Security of Low Earth Orbit Satellites
BlackHat USA, 2023, 10th Aug., Johannes Willbold, Las Vegas, USA
Zero Gravity Exploits: Reverse Engineering and Fuzzing Low-Earth Orbit Satellites
TyphoonCon 2023, 15th Jun, Johannes Willbold & Tobias Scharnowski, Seoul, South Korea
Cracking the Final Frontier: Reverse Engineering and Exploiting Low-Earth Orbit Satellites
REcon, 9th June 2023, Johannes Willbold, Montreal, Canada
IEEE S&P’23: Space Odyssey: An Experimental Security Analysis of Satellites
44th IEEE S&P, 22nd May 2023, Johannes Willbold, San Fransisco, CA, USA
- Distinguished Paper Award
- Teaser Video: MP4, Subtitles (SRT)
- Teaser Slides: PDF, HTML
- Slides: PDF, HTML
CYSAT’23: Space Invaders: An Experimental Security Analysis of LEO Satellites
CySat 2023, 26th April 2023, Johannes Willbold, Paris, France
SpaceSec’23: Highlights of the NDSS Co-located Events
Network and Distributed System Security (NDSS) Symposium, 2023, San Diego, California, US
2022
ESA Workshop: Small Satellite SW Image Vulnerability Analysis
ESA - ESTEC, 2022, Johannes Willbold & Ali Abbasi, Noordwijk, Netherlands
CYSAT ‘22 : Keynote “Academic projects related to on board security for smallsats”
CySat 2022, April 2022, Johannes Willbold, Paris, France
Before 2022
Analysis and Deobuscation of Google’s BotGuard
Google, 2018, Zurich, Switzerland
Professional Activities
- IEEE SA - P3349 - Space System Cybersecurity Working Group, Integration Layer, Subcommittee Chair
- 1st Workshop on the Security of Space and Satellite Systems (SpaceSec) @ NDSS 2023, Co-Chair
Media Coverage
- WIRED: Satellites Are Rife With Basic Security Flaws (EN)
- IEEE Spectrum: Satellite Signal Jamming Reaches New Lows (EN)
- CyberScoop: Hackers prepare to take on a satellite at DEF CON (EN)
- Dark Reading: How Hackers Can Hijack a Satellite (EN)
- Deutschlandfunk Nova: Satelliten-Security (DE)
- c’t - magazin für computertechnik: Scheunentore im Orbit (DE)
- Newszs.de: “Jeder Paradigmenwechsel bringt Sicherheitsprobleme mit sich”: Studie zur Sicherheit von Satelliten (DE)
- Homeland Security News Wire: Satellite Security Lags Decades Behind the State of the Art (EN)
- Intelligent CIO: Researchers find satellite security lags decades behind the state of the art (EN)
- VERVE Times: ScienceDaily: State-of-the-Art Satellite Security Outpaces Decades-old Standards (EN)
- HELP NET SECURITY: Satellites lack standard security mechanisms found in mobile phones and laptops (EN)
- The U.S. Sun: RED ALERT Urgent warning issued over ‘satellite hackers’ who could cause devastating ‘space crashes’ after flaws discovered (EN)
- Internewscast Journal: Flaws Discovered: Urgent Warning of ‘Satellite Hackers’ Capable of Catastrophic ‘Space Crashes’ (EN)
- Raumfahrer.net: RUB: Satelliten-Sicherheit hinkt Stand der Technik Jahrzehnte hinterher (DE)
- Softonic: Vulnerable in Space: How Satellites Are Attracting Cyber Attacks (EN)
Podcasts
- ITSPmagazine Podcast Network: Houston, We Have a Problem: Analyzing the Security of Low Earth Orbit Satellites w/Johannes Willbold (EN)
Theses
Master Thesis
Efficient Fuzzing of VM-Obfuscated Code
21 Oct 2020
Supervisors: Prof. Dr. Thorsten Holz, M.Sc. Moritz Contag
Bachelor Thesis
Analysis and Deobuscation of Google’s BotGuard
24 Sep 2018
Supervisor: Prof. Dr. Thorsten Holz, Dr. Tim Blazytko