Mikhail Shcherbakov
Research Engineer
Kungliga Tekniska Högskolanhttps://www.kth.se/profile/mshc
Details
Works for
Unit address
Lindstedtsvägen 5, plan 5
E-mail
Room
Researcher
Researcher ID
About me
I am a Research Engineer in LangSec (Language-Based Security) group, the Theoretical Computer Science (TCS) division. My research interests include application security, web security, static and dynamic code analysis.
Publications:
- Mikhail Shcherbakov, Code-Reuse Attacks in Managed Programming Languages and Runtimes, Doctoral Thesis in Computer Science, KTH Royal Institute of Technologies, 2024.
- Eric Cornelissen, Mikhail Shcherbakov, and Musard Balliu, GHunter: Universal Prototype Pollution Gadgets in JavaScript Runtimes, USENIX Security, 2024.
- Mikhail Shcherbakov, Paul Moosbrugger, and Musard Balliu, Unveiling the Invisible: Detection and Evaluation of Prototype Pollution Gadgets with Dynamic Taint Analysis, WWW, 2024.
- Mikhail Shcherbakov, Musard Balliu, and Cristian-Alexandru Staicu, Silent Spring: Prototype Pollution Leads to Remote Code Execution in Node.js, USENIX Security, 2023.
- Mikhail Shcherbakov and Musard Balliu, SerialDetector: Principled and Practical Exploration of Object Injection Vulnerabilities for the Web, NDSS, 2021
- Musard Balliu, Massimo Merro, Michele Pasqua, and Mikhail Shcherbakov, Friendly fire: cross-app interactions in IoT platforms, ACM TOPS 24 (3), 2021
Awards:
- Third place at Security Applied Research Competition, CSAW'23 Europe in 2023.
- Microsoft Most Valuable Professional (MVP) in 2016, 2017 and 2018.
Courses
Computer Security (DD2395), assistant
Cybersecurity Project (DD2394), assistant
Language-Based Security (DD2525), assistant
Principles of Programming Languages (DD2481), assistant
Project course in System Security (DD2497), assistant
Software Engineering Fundamentals (DD2480), assistant
Software Safety and Security (DD2460), assistant