TUM Logo

Paul Muntean

Dr. Paul Muntean

Alumni

E-Mail:
Swisscom, Cyber Security Solution Architect

PGP Key: public.asc

About

I am a Ph.D. candidate at the Chair for IT SecurityTechnical University of Munich (TUM) headed by Prof. Dr. Claudia Eckert. Previously, I received a M.Sc. degree in Computer Science from TUM, where I followed a study track focused on IT security. 

Research Interests

I am interested in static/dynamic source code and binary analysis in order to detect/harden/prevent advanced Code Reuse Attacks (CRAs) in applications developed in C/C++ and/or JavaScript. I am interested in preventing CRAs by using static code analysis. Previously, I did research in the area of integer and buffer overflow memory corruption detection and repair since these vulnerabilities (e.g., others: bad object casting, dangling pointers, object type confusion, etc.) are commonly (not always) the first step towards CRA. Finally, for more details about my research please see this.

Paper Citations

Teaching

Supervised Work

  • If you have a topic of mutual interest please contact me via E-Mail.

Completed Projects

 

Publications

2021 iTOP: Automating Counterfeit Object-Oriented Programming Attacks
2020 ρFEM: Efficient Backward-edge Protection Using Reversed Forward-edge Mappings
IntRepair: Informed Repairing of Integer Overflows
2019 Stack Overflow Considered Helpful! Deep Learning Security Nudges Towards Stronger Cryptography
Analyzing Control Flow Integrity with LLVM-CFI
IntRepair: Informed Repairing of Integer Overflows
2018 τCFI: Type-Assisted Control Flow Integrity for x86-64 Binaries.
CastSan: Efficient Detection of Polymorphic {C++} Object Type Confusions with {LLVM}
2016 POSTER: vTableShield: Precise Protecting of Virtual Function Dispatches in C++ Programs
2015 POSTER: Automated Generation of Buffer Overflow Quick Fixes using Symbolic Execution and SMT
Automated Generation of Buffer Overflows Quick Fixes using Symbolic Execution and SMT
Automated Detection of Information Flow Vulnerabilities in UML State Charts and C Code
POSTER: Automated Generation of Buffer Overflow Quick Fixes using Symbolic Execution and SMT
2014 Context-sensitive Detection of Information Exposure Bugs with Symbolic Execution
2013 Powwow: A Tool for Collaborative Software Jam Sessions
A Framework for the Creation of Mobile Educational Games for Dyslexic Children
2012 A Framework for Game Tuning
2010 Mobile Robot Navigation on Partially Known Maps using a Fast A* Algorithm Version