DI Doctoral Seminars | Paulo Antunes

Title: Discovering Web Vulnerabilities at an Intermediate Language Level
Speaker: Paulo Antunes, LASIGE/DI-FCUL
When: June 27, 2024, 12h
Where: Sala 6.3.27

Abstract: Web applications are a prime target for malicious actors to obtain private user information, such as credit card numbers and other sensitive details. Over the years, the number of vulnerabilities and attacks has increased, demonstrating that current solutions have shortcomings. For example, they can be prone to error or require too much resources/time from developers (or security analysts) to deliver results. In this seminar we will discuss a new approach to detect vulnerabilities in web applications written in PHP by analyzing their representation in an Intermediate Language (IL) and simulating the execution through a new data structure.