Title: Web Vulnerability Discovery at an Intermediate Language Level
Speaker: Paulo, LASIGE – DI/FCUL
When: December 16, 14h00
Where: FCUL, room 6.3.27
Abstract: Web applications play a pivotal role in modern society. They have become a prime target for attackers, who exploit a variety of vulnerabilities to access private data and corrupt systems. This work aims to develop novel approaches to detect and remove vulnerabilities in PHP programs. Instead of processing PHP code directly and analyzing the full application at once, we leverage an intermediate language representation of the code and use a guided analysis to find bugs with increased precision. The guided analysis will avoid common approximations of traditional static analysis, resulting in a more accurate representation of program states.
Bio: Paulo graduated with an MSc in Informatics Engineering in 2018 where he studied vulnerability detection and automatic correction in web applications. For his Ph.D., Paulo is researching new ways to detect and correct vulnerabilities.