Paul Muntean

Dr. Paul Muntean

Alumni

E-Mail:	Paul Muntean
	Swisscom, Cyber Security Solution Architect

PGP Key: public.asc

About

I am a Ph.D. candidate at the Chair for IT Security, Technical University of Munich (TUM) headed by Prof. Dr. Claudia Eckert. Previously, I received a M.Sc. degree in Computer Science from TUM, where I followed a study track focused on IT security.

Research Interests

I am interested in static/dynamic source code and binary analysis in order to detect/harden/prevent advanced Code Reuse Attacks (CRAs) in applications developed in C/C++ and/or JavaScript. I am interested in preventing CRAs by using static code analysis. Previously, I did research in the area of integer and buffer overflow memory corruption detection and repair since these vulnerabilities (e.g., others: bad object casting, dangling pointers, object type confusion, etc.) are commonly (not always) the first step towards CRA. Finally, for more details about my research please see this.

Paper Citations

Google Scholar Profile

DBLP

Semantic Scholar

Teaching

Summer Semester 2018
- Seminar Control Flow Integrity based Security
- Seminar Common Security Flaws in JavaScript Based Applications
Winter Semester 2017 / 2018
- Seminar Control Flow Integrity based Security
- Seminar Common Security Flaws
Summer semester 2017
- Exercises for lecture Secure mobile Systems
- Guest lecturer Ausgewählte Themen aus dem Bereich IT-Sicherheit
- Seminar Code Reuse Attacks and Defenses
- Proseminar Common Security Flaws
Winter semester 2016 / 2017
- Exercises for lecture IT Security
- Assistance for lecture Grundlagen Betriebssysteme und Systemsoftware
- Guest lecturer Current Trends in IT Security
- Seminar Control Flow Integrity based Security
Summer semester 2016
- Guest lecturer Ausgewählte Themen aus dem Bereich IT-Sicherheit
- Seminar Common Security Flaws in JavaScript based Applications
- Seminar Control Flow Integrity based Security
Winter semester 2015 / 2016
- Assistance for lecture Grundlagen Betriebssysteme und Systemsoftware
- Seminar Security Bugs Fixing
Summer semester 2015
- Seminar Security Bugs Fixing
Winter semester 2012 / 2013
- Seminar Modern Assistive Devices
Summer semester 2012
- Seminar Modern Assistive Devices

Supervised Work

If you have a topic of mutual interest please contact me via E-Mail.

Completed Projects

SiBase (completed)

Publications

2021		iTOP: Automating Counterfeit Object-Oriented Programming Attacks
2020		ρFEM: Efficient Backward-edge Protection Using Reversed Forward-edge Mappings
		IntRepair: Informed Repairing of Integer Overflows
2019		Stack Overflow Considered Helpful! Deep Learning Security Nudges Towards Stronger Cryptography
		Analyzing Control Flow Integrity with LLVM-CFI
		IntRepair: Informed Repairing of Integer Overflows
2018		τCFI: Type-Assisted Control Flow Integrity for x86-64 Binaries.
		CastSan: Efficient Detection of Polymorphic {C++} Object Type Confusions with {LLVM}
2016		POSTER: vTableShield: Precise Protecting of Virtual Function Dispatches in C++ Programs
2015		POSTER: Automated Generation of Buffer Overflow Quick Fixes using Symbolic Execution and SMT
		Automated Generation of Buffer Overflows Quick Fixes using Symbolic Execution and SMT
		Automated Detection of Information Flow Vulnerabilities in UML State Charts and C Code
		POSTER: Automated Generation of Buffer Overflow Quick Fixes using Symbolic Execution and SMT
2014		Context-sensitive Detection of Information Exposure Bugs with Symbolic Execution
2013		Powwow: A Tool for Collaborative Software Jam Sessions
		A Framework for the Creation of Mobile Educational Games for Dyslexic Children
2012		A Framework for Game Tuning
2010		Mobile Robot Navigation on Partially Known Maps using a Fast A* Algorithm Version