阿姆斯特丹自由大学

Secure and High-Performance Dynamic Program Analysis for WebAssembly

项目介绍

Your function

Are you interested in building the next-generation of secure and high-performance software systems based on WebAssembly? Are you passionate about software performance and want to work on cutting-edge JIT compilation techniques? Are you excited about software security and runtime mitigation techniques? Do you like to build real software systems? Do you want to work with ambitious colleagues at the intersection of WebAssembly runtimes and software security in the exciting city of Amsterdam? Then we are eager to get to know you. Please apply for a Ph.D. position at Vrije Universiteit Amsterdam.

WebAssembly (Wasm) is reshaping web and cloud applications by enabling near-native performance and sandboxed execution. WebAssembly offers a promising platform for executing code safely in untrusted environments, but achieving both high performance and strong security in Wasm continues to be a challenging endeavor. This Ph.D. project will investigate dynamic program analysis techniques to analyze, optimize, and secure WebAssembly runtimes, focusing on runtime profiling, dynamic instrumentation, and security vulnerability detection.

Research Focus:
The successful candidate will conduct research at the intersection of performance optimization, security, and dynamic program analysis within WebAssembly runtimes. Key aspects of the research include:

  • Dynamic Program Analysis for Performance: The project will investigate how dynamic program analysis techniques, such as profiling, tracing, and runtime instrumentation, can be used to monitor the behavior of WebAssembly code as it executes. This includes the development of tools to gather runtime performance data, such as memory usage, execution time, and instruction throughput, and the use of such data to identify performance bottlenecks. By integrating dynamic analysis with existing Wasm runtimes, the candidate will work on innovative optimization strategies to enhance the performance of WebAssembly execution engines such as V8 or Wasmer. Areas of interest will include JIT compilation, Ahead-of-time (AOT) compilation, and memory management.
  • Dynamic Instrumentation for Security: Dynamic program analysis can also be applied to improve the security of Wasm runtimes. This includes using dynamic instrumentation to detect vulnerabilities, such as buffer overflows, memory leaks, or unintended data flows during runtime (taint tracking). The Ph.D. candidate will explore how to dynamically instrument Wasm code to track sensitive data, enforce security policies, and identify potential attack vectors, such as side-channel attacks or sandbox escapes, as they arise during execution. Developing dynamic monitoring tools that can continuously assess and enforce security properties at runtime will be a key component of the project. Areas of interest will include the analysis of large-scale real-world WebAssembly applications in domains such as edge devices, cloud environments, and internet-of-things applications to identify and prevent software vulnerabilities under different workloads and security constraints.

Your profile

We are looking for a highly motivated and independent candidate with the following qualifications: 

  • A Master’s degree (or equivalent) in Computer Science or related areas, with excellent grades. 
  • Strong background in systems programming and performance optimizations. 
  • Proficiency in programming languages such as C/C++, Rust, and/or Java. 
  • Strong background in computer security. Knowledge of vulnerabilities and security flaws would be a plus. 
  • Ideally, previous experience with compiler technologies (e.g., LLVM, CraneLift, or JIT compilation in language VMs such as the JVM or JavaScript engines). 
  • Familiarity with WebAssembly and Wasm runtimes (e.g., Wasmer, Wasmtime, V8, etc.) is desirable, but not essential. 
  • Experience in analyzing and optimizing runtime performance or detecting security vulnerabilities in code is a plus. 
  • A passion for tackling fundamental challenges in computer security and performance engineering. 
  • Strong analytical and problem-solving skills, as well as the ability to work both independently and as part of a collaborative research team. 
  • Good communication skills, with a strong command of English (both written and spoken). 

The Ph.D. will be jointly supervised by Assistant Professors Dr. Daniele Bonetta (Language Runtimes) and  Dr. Mengyuan Zhang (Software Security). The project will be carried out in collaboration with experts from academia and industry in domains such as language runtimes, dynamic program analysis, and software security. 

As a university, we strive for equal opportunities for all, recognising that diversity takes many forms. We believe that diversity in all its complexity is invaluable for the quality of our teaching, research and service. We are always looking for talent with diverse backgrounds and experiences. This also means that we are committed to creating an inclusive community so that we can use diversity as an asset.

We realise that each individual brings a unique set of skills, expertise and mindset. Therefore we are happy to invite anyone who recognises themselves in the profile to apply, even if you do not meet all the requirements.

项目概览

wave-1-bottom
访问项目链接 招生网站
欧洲, 荷兰 所在地点
带薪岗位制 项目类别
截止日期 2025-03-14
阿姆斯特丹自由大学

院校简介

阿姆斯特丹自由大学现已成为一个学术导向的综合性教学研究大学,
查看院校介绍

相关项目推荐

KD博士实时收录全球顶尖院校的博士项目,总有一个项目等着你!