2025-05-05

Title of thesis: Principles and Solutions for Improved Availability and Code Vulnerability Detection

Link to thesis in Lund University Research Portal

Defence:  Friday, May 16th, in E:1406 at 13:15.

Zoom link.
Zoom ID: 68034306533.

Describe your research in a popular science way

My research explored the following question: how do we ensure our system remains available when facing attacks or failures?
I focus on three areas. First, I've developed protocols for Internet of Things (IoT) devices, shielding these resource-limited devices from being overwhelmed by malicious traffic and help them recover after compromise.
Second, I've investigated security vulnerabilities in 5G networks, particularly in their AI-driven mobility prediction systems. I've shown that even a small number of fake devices can significantly reduce prediction accuracy and identified strategies to make these systems more resilient.
Finally, I've explored how artificial intelligence can automatically detect vulnerabilities in software before they become security problems. My research reveals that different programming languages and vulnerability types perform variably.

What made you want to pursue a PhD?

My path to doctoral studies emerged at a professional crossroads after experiencing both the startup and corporate worlds as an employee. This transition period gave me the opportunity to reflect on what truly mattered to me professionally.

What is the most fascinating or interesting with your thesis subject?

Most of the work here is based on real-world problems, and sometimes the most intuitive solution is not always the best one. One example would be that, intuitively, the larger the AI model is, the better the performance should be. But we show that smaller models can perform better (with less inference cost), at least in the vulnerability detection problem that we explored.

Do you believe some results from your research will be applied in practice eventually? And if so, how / how?

Yes! We have a product based on the last two papers of this dissertation. There is a company called VyPr AI, tackling software vulnerability detection using (some of) our results.