Nikos Vasilakis

Recent News

Jun. 2023: We are organizing ACM SCORED'23, a workshop on software supply-chain security!

Jun. 2023: BinWrap is about to receive the distinguished-paper award at AsiaCCS'23!

May 2023: hs, the out-of-order, speculative-execution PaSh extensions made it HotOS'23!

Aprl 2023: Grigoris Ntousakis joins the group for a nine-month internship on supply-chain security!

Mar.2023: BinWrap, a language-binary protection hybrid for native add-ons made it to AsiaCCS'23!

Jan.2023: DiSh, the dynamic shell-script distribution extensions to PaSh, made it to NSDI'23!

Dec.2022: SecBench.js, a security benchmark suite for JavaScript, made it to ICSE'23!

Nov.2022: Pitchfork, an application-level privilege separation system, made it to ACSAC'22!

Oct.2022: Georgios Liargkovas joins the group for a six-month internship on PaSh!

Jun.2022: MIT News covered our work on PaSh: Faster computing results without fear of errors!

Current Projects

I enjoy work that is highly collaborative, serves everyday developers, and has real-world impact!

Automating Protections Against Software Supply-Chain Threats: Modern software incorporates thousands of dependencies as a means of accelerating its development and reducing its cost—at a significant risk to safety and security for both developers and end-users. We have built a series of systems targeting the JavaScript dependency ecosystem—the largest such ecosystem out there—automating the analysis, transformation, and synthesis of JavaScript dependencies across a variety of threat models.

Automating Shell Script Parallelization/Distribution: Shell scripting is used pervasively, partly due to its simplicity in combining components (commands) written in multiple languages. Unfortunately, this language-agnostic composition hinders automated parallelization and distribution, often forcing developers to manually rewrite shell programs (and their components) in other languages that support these features. We have built a system, PaSh, and several extensions and sibling projects that offer automated parallelization (and, soon, distribution) of Unix/Linux shell scripts—along with serious correctness and compatibility guarantees.

Automated Transformation Towards Secure Scalable Computing Paradigms: Recent trends are pushing developers towards new paradigms of secure and scalable computing—e.g., confidential computing, microservices, serverless computing, and edge computing. Transforming a conventional program to leverage these paradigms is a laborious manual process that can lead to suboptimal performance and in many cases even break the program. We are developing systems supporting this kind of decomposition and leveraging special hardware capabilities when these are available in the network.

Some Recent Publications

Practically Correct, Just-in-Time Shell Script Parallelization

Konstantinos Kallas, Tammam Mustafa, Jan Bielak, Dimitris Karnikis, Thurston H.Y. Dang, Michael Greenberg, and Nikos Vasilakis. 16th USENIX Symposium on Operating Systems Design and Implementation (OSDI22)
USENIX | PDF | code | bibtex

Preventing Dynamic Library Compromise on Node.js via RWX-Based Privilege Reduction

Nikos Vasilakis, Cristian-Alexandru Staicu, Grigoris Ntousakis, Konstantinos Kallas, Ben Karel, André DeHon, Michael Pradel. ACM Conference on Computer and Communications Security (ACM CCS21)
ACM DL | PDF | code | arxiv:2011.00253 | bibtex

Efficient Module-Level Dynamic Analysis for Dynamic Languages with Module Recontextualization

Nikos Vasilakis, Grigoris Ntousakis, Veit Heller, Martin C. Rinard. ACM Joint European Software Engineering Conference & Symposium on the Foundations of Software Engineering (ESEC/FSE 2021)
Received Distinguished Paper Award
ACM DL | PDF | code | bibtex

PaSh: Light-touch Data-Parallel Shell Processing

Nikos Vasilakis*, Konstantinos Kallas*, Konstantinos Mamouras, Achilles Benetopoulos, Lazar Cvetković. ACM European Conference on Computer Systems (EuroSys'21)
Received Best Paper Award
ACM DL | PDF | code | bibtex

Full list of publications.