1 of 41

Security Research in Academia

An overview of domain roles in the security industry and the research we do in CISPA

Addison Crump | Texas A&M Cybersecurity Club | April 2025

2 of 41

Chapter 0:�Who I am

And why I am talking here

3 of 41

It’s me!

Formerly:

  • TAMU student (‘21)
  • TAMUctf developer
  • TAMUS SOC

Currently:

  • PhD candidate at CISPA
  • AFL++/LibAFL maintainer

Security Research in Academia | Texas A&M Cybersecurity Club | April 2025

3

4 of 41

A brief about me

At TAMU:

  • Bad at class attendance
  • Conference enjoyer
  • Spent more time on extracurriculars than actual coursework

After TAMU:

  • Briefly a teacher at Klein Oak
  • Had a chance opportunity to start my PhD at CISPA
  • Now researching software testing strategies (heavy focus on dynamic methods)

Security Research in Academia | Texas A&M Cybersecurity Club | April 2025

4

5 of 41

But we’ll come back to that

First, let’s talk about the world

6 of 41

Chapter 1:�What everyone does

And our corresponding incentives, goals, and ideologies

7 of 41

Caveat

This is going to be biased

8 of 41

The government domain

Security Research in Academia | Texas A&M Cybersecurity Club | April 2025

8

Military Applications

Public defense, foreign exploitation/espionage

One of the biggest funding sources of academic research in the US! Advances national interests locally and abroad.

Public Service

Provides general infra/governmental security

Every federal agency needs security, and some agencies specifically support public security goals beyond that of law enforcement (e.g., CISA, GSA)

9 of 41

The industrial domain

Security Research in Academia | Texas A&M Cybersecurity Club | April 2025

9

For-profit

Making products for consumers

They must maintain their own safety, but also the safety of their customers. Most of the time.

Non-profit

Supporting individuals and other groups

There are non-profits for all sorts. Pay a visit to your Repair Cafés, donate to EFF, and volunteer to help small businesses with their security!

10 of 41

The academic domain

Security Research in Academia | Texas A&M Cybersecurity Club | April 2025

10

Research

General-purpose discovery and exploration

Long-term benefits often require exploration beyond what is immediately obviously useful.

Education

Providing a baseline of ideals and understanding

You wouldn't be here without it! Educators are a critical part of conveying what we've learned to the next generation -- especially in security.

11 of 41

The hobbyist domain

Security Research in Academia | Texas A&M Cybersecurity Club | April 2025

11

Self-motivated

"I just want to know how it works!"

Reverse engineering is one hobbyist action, often illegal and done by individuals for the benefit of all.

Hacktivism

Political activism via hacking

Overlaps strongly with self-motivated, but critically different: they advocate for ideals rather than just technical advancements. Critical for early internet.

12 of 41

The overlap therein

Security Research in Academia | Texas A&M Cybersecurity Club | April 2025

12

13 of 41

The overlap therein

Security Research in Academia | Texas A&M Cybersecurity Club | April 2025

13

  • Educators and researchers are often the same people
  • Hobbyist discoveries often inform research goals
  • People use hobbies to learn more about their domain

14 of 41

The overlap therein

Security Research in Academia | Texas A&M Cybersecurity Club | April 2025

14

  • Academia is often funded by industry, military, and the public sector to research certain long-term goals
  • At the same time, academic findings are general (“dual-use”) and affect industry, military, and the public sector decision-making.

15 of 41

The overlap therein

Security Research in Academia | Texas A&M Cybersecurity Club | April 2025

15

  • Industry develops solutions for customers — including governmental customers!
  • The military and law enforcement protect industry and public sector
  • Public sector facilitates the interoperation of industry, military, and the public

16 of 41

The overlap therein

Security Research in Academia | Texas A&M Cybersecurity Club | April 2025

16

  • Hacktivists are often hobbyists
  • Hacktivism informs military, public sector, industrial, non-profit action
    • Sometimes not so nicely...
  • Non-profit often interfaces with public sector for public goals (e.g., safety, legal issues)

17 of 41

Why it matters:

Every domain has its role and affects/supports each other, ultimately for public good

18 of 41

Example: Industry vs. Academia

Security Research in Academia | Texas A&M Cybersecurity Club | April 2025

18

Industry

Makes products -- and has financial incentives to keep them around for as long as they are useful.

Can sustain one specific project long-term -- for however long it is financially viable.

Academia

Writes papers and proofs-of-concept -- and has a financial incentive to do so as much as possible.

Novelty, generality, and reproducibility -- many short-lived projects which discover new things.

19 of 41

Focusing on Academia

  • We receive funding for general public or industry goals
  • Provide (publicly!) the results of our findings
  • Explore solutions, sometimes w/o obvious direct benefit
  • Many findings are the results of simple curiosity
  • “New” often is not found through things we understand
  • Our incentives favor solving a variety of hard tasks that address future problems

Security Research in Academia | Texas A&M Cybersecurity Club | April 2025

19

20 of 41

Chapter 2:�What we do

What my institute does and what the group does

21 of 41

Example: CISPA

Not every academic institution is structured this way, but it’s a good demonstration

22 of 41

Scientific Structure at CISPA

Security Research in Academia | Texas A&M Cybersecurity Club | April 2025

22

23 of 41

Holz Group

The research group deals with various topics from the field of systems-related computer security research. This area is characterized by the fact that the security of concrete systems and the security effects of real phenomena are the main focus of our interest. Research topics of the group include, for example, software security, binary analysis, vulnerability assessment, machine learning security, privacy, and similar aspects of systems and network security.

  • From: https://cispa.de/en/research/groups/holz
  • Supervised by Prof Thorsten Holz
  • Focuses on Systems Security — in all of its forms
  • Low-level security research with a heavy focus on testing methodology

Security Research in Academia | Texas A&M Cybersecurity Club | April 2025

23

24 of 41

Strong diversity of topics

Security Research in Academia | Texas A&M Cybersecurity Club | April 2025

24

Low-level Software Testing Techniques

Testing Methodology

25 of 41

Strong diversity of topics

Security Research in Academia | Texas A&M Cybersecurity Club | April 2025

25

Dynamic Analysis Inference

Many papers soon to be released... :)

Academic Paper Evaluation

26 of 41

Strong diversity of topics

Security Research in Academia | Texas A&M Cybersecurity Club | April 2025

26

Machine Learning and Security

Online Safety

27 of 41

Not all groups are alike!

  • Our group is diverse in topic with a focus on testing
  • Addresses intersection of different topics
  • Can be difficult to collaborate while focusing on a topic
  • Other groups may focus entirely on one topic/problem
  • Deep investigation of a specific topic beyond exploratory
  • May fail to integrate ideas from other domains

Security Research in Academia | Texas A&M Cybersecurity Club | April 2025

27

28 of 41

Interaction with other groups is common!

Prof Andreas Zeller

Lives on my floor; common collaborator; heavy focus on SE

  • Research Immersion Labs
  • Cross-group collaborations
  • Idea sharing (e.g., over lunch)
  • Various community events

Security Research in Academia | Texas A&M Cybersecurity Club | April 2025

28

29 of 41

Chapter 3:�What I do

Coming full circle

30 of 41

Three primary associations

  • PhD at CISPA
  • Researching myriad testing topics
  • Maintainer of LibAFL
  • Principal developer for libafl_libfuzzer
  • secret.club member
  • Contributing opinion and blog posts

Security Research in Academia | Texas A&M Cybersecurity Club | April 2025

30

31 of 41

At CISPA

Outside of research:

  • Works Council
  • Movie night organisation
  • General PhD advocacy

Research topics:

  • Fuzz testing (of SW and HW)
  • Software testing w/ eBPF
  • Structured input generation

Security Research in Academia | Texas A&M Cybersecurity Club | April 2025

31

32 of 41

Brief aside: Fuzz Testing

  • Randomized testing method
  • Originally totally random input gen
  • Nowadays extremely broad domain
    • 1000s of papers per year
  • Very difficult to evaluate meaningfully

I focus on:

  • Improving/creating test “oracles”
  • Better fuzzer analysis/evaluation
  • Input generation in the presence of constraints

Security Research in Academia | Texas A&M Cybersecurity Club | April 2025

32

33 of 41

With LibAFL

My work therein: libafl_libfuzzer

  • Replacement for old standard
  • Used internally by Apple, Meta
  • Being integrated by Google, MS testing pipelines

About LibAFL:

  • Fuzz testing framework
  • Heavily optimised in Rust
  • Integrates most relevant algos

Security Research in Academia | Texas A&M Cybersecurity Club | April 2025

33

34 of 41

With secret.club

My work therein:

  • Several blog posts
  • Taking from academia to practical
  • Of note: Solana publications

About secret.club:

  • Hobbyist research community
  • Heavy RE and exploitation focus

Security Research in Academia | Texas A&M Cybersecurity Club | April 2025

34

35 of 41

Academia gives me time to work on all of this

I choose academia because of the freedom it affords

36 of 41

Chapter 4:�What you can do

I promise this isn’t a job pitch

37 of 41

If you’re interested in academia

  • Look into research opportunities early
  • You don’t need honours :D
  • Apply to internships at research institutes
  • Figure out what you want to learn more about
  • Learn more about it
  • See who else is interested in it
  • Go work with them

Security Research in Academia | Texas A&M Cybersecurity Club | April 2025

37

38 of 41

A word of warning

Academia has its tradeoffs

39 of 41

It’s not all sunshine and rainbows

  • Academic positions are often significantly less paid
  • In the US: there often is limited benefits or support
  • Funding is uncertain and depends on gov./ind. trends
  • Abuse exists in academia
  • Not all universities do due diligence in protecting grad.
  • Do extensive research on prospective advisors, institutes

Security Research in Academia | Texas A&M Cybersecurity Club | April 2025

39

40 of 41

An offer before we go

E-Mail: addison.crump@cispa.de

Signal: REDACTED

Matrix: @c01adcr:matrix.cispa.de

Website: https://addisoncrump.info

I will happily offer advice, recommendation letters, and look for available positions

All you have to do is ask :)

Please reach out!

Security Research in Academia | Texas A&M Cybersecurity Club | April 2025

40

41 of 41

Closing

Icons taken from https://civ6.fandom.com/ under CC BY-NC-SA. All other photos under the Unsplash license or otherwise used with permission of the licensor.

This presentation otherwise provided under CC BY-4.0. Feel free to share!

All done! Any questions?

Security Research in Academia | Texas A&M Cybersecurity Club | April 2025

41