Vulnerabilities in JavaScript Runtime Systems / Deian Stefan
Deian Stefan primarily works on building secure systems by employing programming languages and program analysis techniques. Here is one of several projects Deian, his students, and his collaborators are working on.
We are working on analysis techniques to find vulnerabilities in JavaScript runtime systems. We are targeting bugs in the binding layer — the layer that connects C/C++ and JavaScript — of these runtime systems using system-specific static checkers and are devising hybrid (static and dynamic) techniques for generating exploits automatically for these bugs.