Mikhail Shcherbakov
Om mig
I am a Research Engineer in LangSec (Language-Based Security) group, the Theoretical Computer Science (TCS) division. My research interests include application security, web security, static and dynamic code analysis.
Publications:
- Mikhail Shcherbakov, Code-Reuse Attacks in Managed Programming Languages and Runtimes, Doctoral Thesis in Computer Science, KTH Royal Institute of Technologies, 2024.
- Eric Cornelissen, Mikhail Shcherbakov, and Musard Balliu, GHunter: Universal Prototype Pollution Gadgets in JavaScript Runtimes, USENIX Security, 2024.
- Mikhail Shcherbakov, Paul Moosbrugger, and Musard Balliu, Unveiling the Invisible: Detection and Evaluation of Prototype Pollution Gadgets with Dynamic Taint Analysis, WWW, 2024.
- Mikhail Shcherbakov, Musard Balliu, and Cristian-Alexandru Staicu, Silent Spring: Prototype Pollution Leads to Remote Code Execution in Node.js, USENIX Security, 2023.
- Mikhail Shcherbakov and Musard Balliu, SerialDetector: Principled and Practical Exploration of Object Injection Vulnerabilities for the Web, NDSS, 2021
- Musard Balliu, Massimo Merro, Michele Pasqua, and Mikhail Shcherbakov, Friendly fire: cross-app interactions in IoT platforms, ACM TOPS 24 (3), 2021
Awards:
- Third place at Security Applied Research Competition, CSAW'23 Europe in 2023.
- Microsoft Most Valuable Professional (MVP) in 2016, 2017 and 2018.
Kurser
Datasäkerhet (DD2395), assistent
Principer för programspråk (DD2481), assistent
Programutvecklingsteknikens grunder (DD2480), assistent
Programvarusäkerhet (DD2460), assistent
Projekt i cybersäkerhet (DD2394), assistent
Projektkurs i systemsäkerhet (DD2497), assistent
Språkbaserad datasäkerhet (DD2525), assistent