COMSYS @ NDSS’25

In the last week of February, COMSYS researcher Christian van Sloun took part in the 32nd edition of the Network and Distributed System Security (NDSS) Symposium in San Diego, USA. There, he presented the latest results of COMSYS' work on lower-overhead ransomware detection.

The conference, NDSS 2025, was a great opportunity to get in touch with researchers focusing on furthering security research across broad areas of the cybersecurity domain. Discussions evolved especially around maintaining security in a post-quantum world and making existing and future computer systems more resilient against attacks. Specifically, Christian gave a talk on how to detect ransomware despite the I/O overhead that is involved in monitoring ransomware behavior by employing a multi-staged approach that dynamically adjusts monitoring to minimize overhead while maintaining detection performance. In an extensive evaluation of the overhead caused by cybersecurity monitoring, COMSYS found that even monitoring relatively simple features causes significant overhead to modern systems that are equipped with SSDs. By intelligently adapting monitoring to the behavior of each process, we were able to reduce the overhead significantly.