📄 Paper accepted to EuroSys 2026, a top conference in systems research!

A paper led by Reima Ishii (1st-year Ph.D. student) has been accepted to the 2026 European Conference on Computer Systems (EuroSys 2026), which will be held in Edinburgh in April 2026.

The paper proposes NecoFuzz, a fuzzing framework that efficiently tests hardware-assisted virtualization emulation code to uncover bugs and vulnerabilities in nested virtualization implementations.

To address challenges such as the vast virtual machine state space, the complexity of virtualization initialization, and the diversity of virtual CPU configurations, the study constructs a minimal bootable virtual machine as a fuzzing harness. By generating a large number of virtual machine states near the valid–invalid boundary defined by hardware-assisted virtualization specifications, NecoFuzz enables efficient testing of nested virtualization emulation code in virtual machine monitors.

The authors implemented their fuzzing framework for Intel VT-x and AMD-V, discovering multiple bugs and vulnerabilities in real-world hypervisors including KVM, Xen, and VirtualBox. Two of these vulnerabilities have been assigned CVE identifiers: CVE-2023-30456 and CVE-2024-21106.

This research is a collaboration with Takaaki Fukai from the National Institute of Advanced Industrial Science and Technology (AIST).

EuroSys is recognized as one of the top three international conferences in systems research, alongside SOSP and OSDI. To the best of our knowledge, this is the second paper from Japan ever accepted to EuroSys. The paper acceptance rate for the EuroSys 2026 Spring deadline was 16.9% (79/404).

EuroSys Data

• Google Scholar Metrics: H5-index: 48
• CORE Rank: A (CORE 2023)
• ACM Digital Library:
  • Proceedings
  • Papers from Japan