Vulnerability Detection in Real-world Fintech Systems
Project Description
In the red sea of financial industry, the software security of fintech systems has a direct impact on the financial security of investors. Even minor implementation errors can result in significant losses. How do these vulnerabilities manifest within specific systems? What characteristics of programming languages do they encompass? What barriers hinder developers from tinely detecting and fixing them? This project offers an opportunity to engage with real-world bugs, explore program behaviors, and conduct thorough evaluations.

Supervisor
ZHANG Charles Chuan
Quota
4
Course type
UROP3100
UROP4100
Applicant's Roles
Throughout this project, applicants will contribute to the development of a modern static analysis framework designed to protect real-world fintech systems from financial losses. Guided by both industry and academic mentors, participants will tackle a variety of challenges, including summarizing bug characteristics in actual programs, developing effective matching rules to identify these bugs, systematically testing the framework, and creating user-friendly interfaces for developers to investigate vulnerabilities.
Applicant's Learning Objectives
Fintech system security. Static analysis technologies. Technical communication. Scientific evaluation methods.
Complexity of the project
Challenging