Picture of me.

I am a Project Scientist working with Professor Michael Franz at the Donald Bren School of Information and Computer Science at UC Irvine.

Research Interests

Information Security

Software diversity. Exploits and Mitigations.

Compilers

Profiling, optimization, and rewriting.

Systems Software

Interpreters. Virtual Machines and hypervisors.

Publications

N. Burow, S. A. Carr, J. Nash, P. Larsen, M. Franz, S. Brunthaler, and M. Payer.

Control-Flow Integrity: Protection, Security, and Performance

To appear in ACM Computing Surveys (CSUR), 2018. pdf.

 

S. Volckaert, B. Coppens, B. De Sutter, K. De Bosschere, P. Larsen, and Michael Franz.

Taming Parallelism in a Multi-Variant Execution Environment

To appear in European Conference on Computer Systems (EuroSys), 2017.

 

R. Rudd, R. Skowyra, D. Bigelow, V. Dedhia, Th. Hobson, S. Crane, Ch. Liebchen, P. Larsen, L. Davi, M. Franz, A.-R. Sadeghi, and H. Okhravi

Address Oblivious Code Reuse: On the Effectiveness of Leakage Resilient Diversity

In 24th Annual Network & Distributed System Security Symposium (NDSS), 2017. pdf.

 

S. Crane, A. Homescu, and Per Larsen

Code Randomization: Haven't We Solved This Problem Yet?

In IEEE Cybersecurity Development (SecDev), 2016. pdf.

 

Jason Gionta, William Enck, and Per Larsen

Preventing Kernel Code-Reuse Attacks Through Disclosure Resistant Code Diversification

In IEEE Conference on Communications and Network Security (CNS), 2016. pdf

 

M. Conti, S. Crane, T. Frassetto, A. Homescu, G. Koppen, P. Larsen, Ch. Liebchen, M. Perry, and AR Sadeghi

Selfrando: Securing the Tor Browser against De-anonymization Exploits

In 16th Privacy Enhancing Technologies Symposium (PETS), 2016.

pdf, press release, Motherboard, Softpedia News, International Business Times, The Inquirer, The Register, zdnet.com, zdnet.de (in German), SecurityWeek, TripWire, Techrepublic, Phys.org, Gizmodo (Spanish), version2 (in Danish).

 

J. Lettner, B. Kollenda, A. Homescu, P. Larsen, F. Schuster, L. Davi, A.-R. Sadeghi, T. Holz, and M. Franz

Subversive-C: Abusing and Protecting Dynamic Message Dispatch

In USENIX Annual Technical Conference (ATC), 2016. pdf.

 

S. Volckaert, B. Coppens, A. Voulimeneas, A. Homescu, P. Larsen, B. De Sutter, and M. Franz

Secure and Efficient Application Monitoring and Replication

In USENIX Annual Technical Conference (ATC), 2016. pdf.

 

D. Sullivan, O. Arias, L. Davi, P. Larsen, AR Sadeghi, Y. Jin.

Strategy without tactics: policy-agnostic hardware-enhanced control-flow integrity

In 53rd Design Automation Conference (DAC), 2016. pdf.

 

K. Braden, S. Crane, L. Davi, M. Franz, P. Larsen, Ch. Liebchen, and AR Sadeghi.

Leakage-Resilient Layout Randomization for Mobile Devices

In 23rd Annual Network & Distributed System Security Symposium (NDSS), 2016. pdf.

 

P. Larsen, S. Brunthaler, L. Davi, AR Sadeghi, and M. Franz.

Automatic Software Diversity.

Synthesis Lectures on Information Security, Privacy, and Trust. Morgan & Claypool, December 2015. 10.2200/S00686ED1V01Y201512SPT014.

 

S. Crane, S. Volckaert, F. Schuster, Ch. Liebchen, P. Larsen, L. Davi, AR Sadeghi, T. Holz, B. De Sutter, and M. Franz.

It's a TRAP: Table Randomization and Protection against Function-Reuse Attacks

In 22nd ACM Conference on Computer and Communications Security, 2015, (CCS'15). pdf.

 

M. Conti, S. Crane, L. Davi, M. Franz, P. Larsen, C. Liebchen, M. Negro, M. Qunaibit, AR Sadeghi.

Losing Control: On the Effectiveness of Control-Flow Integrity under Stack Attacks

In 22nd ACM Conference on Computer and Communications Security, 2015, (CCS'15). pdf.

 

G. Savrun-Yeniceri, M. L. Van de Vanter, P. Larsen, S. Brunthaler, and M. Franz.

Efficient and Generic Event-based Profiler Framework for Dynamic Languages

In International Conference on Principles and Practices of Programming on the Java platform: Virtual machines, Languages, and Tools, 2015, (PPPJ'15). 10.1145/2807426.2807435.

 

C. Stancu, Ch. Wimmer, S. Brunthaler, P. Larsen, and M. Franz.

Safe and Efficient Hybrid Memory Management for Java

In 2015 ACM SIGPLAN International Symposium on Memory Management, 2015, (ISMM'15). 2754169.2754185.

 

S. Crane, Ch. Liebchen, A. Homescu, L. Davi, P. Larsen, AR Sadeghi, S. Brunthaler, and M. Franz.

Readactor: Practical Code Randomization Resilient to Memory Disclosure

In 36th IEEE Symposium on Security and Privacy, 2015, (S&P'15).
IEEE version, BlackHat 2015 extended version, Demo Video.

 

A. Homescu, T. Jackson, S. Crane, S. Brunthaler, P. Larsen, and M. Franz.

Large-scale Automated Software Diversity-Program Evolution Redux

In IEEE Transactions on Dependable and Secure Computing, 2015, (TDSC). 10.1109/TDSC.2015.2433252.

 

AR Sadeghi, L Davi, and P. Larsen.

Securing Legacy Software against Real-World Code-Reuse Exploits: Utopia, Alchemy, or Possible Future?

Keynote at 10th ACM Symposium on Information, Computer and Communications Security, 2015, (AsiaCCS). pdf.

 

V. Mohan, P. Larsen, S. Brunthaler, M. Franz, and K. Hamlen.

Opaque Control-Flow Integrity

In 22nd Annual Network & Distributed System Security Symposium (NDSS), 2015. pdf.

 

S. Crane, A. Homescu, S. Brunthaler, P. Larsen, and M. Franz.

Thwarting Cache Side-Channel Attacks Through Dynamic Software Diversity

In 22nd Annual Network & Distributed System Security Symposium (NDSS), 2015. pdf.

 

P. Larsen, S. Brunthaler, and M. Franz.

Automated Software Diversity

In IEEE S&P Magazine, vol. 13, no. 2, 2015. 10.1109/MSP.2015.23

 

M. Murphy, P. Larsen, S. Brunthaler, and M. Franz.

Software Profiling Options and Their Effects on Security Based Code Diversification

First ACM Workshop on Moving Target Defense, 2014, (MTD 2014). 10.1145/2663474.2663485

 

W. Zhang, P. Larsen, S. Brunthaler, and Michael Franz.

Accelerating Iterators in Optimizing AST Interpreters

ACM Research Conference on Object-Oriented Programming, 2014, (OOPSLA'14). 10.1145/2660193.2660223

 

C. Stancu, Ch. Wimmer, S. Brunthaler, P. Larsen, and M. Franz.

Comparing Points-to Static Analysis with Runtime Recorded Profiling

11th International Conference on the Principles and Practice of Programming in Java, 2014, (PPPJ'14). 10.1145/2647508.2647524

 

P. Larsen, A. Homescu, S. Brunthaler, and Michael Franz.

SoK: Automated Software Diversity

35th IEEE Symposium on Security and Privacy, 2014, (S&P'14). pdf. Expanded into a book on diversity.

 

G. Wagner, P. Larsen, S. Brunthaler, and M. Franz.

Thinking Inside the Box: Compartmentalized Garbage Collection

To appear in ACM Transactions on Programming Languages and Systems, 2013, (TOPLAS).

 

C. Kerchbaumer, E. Hennigan, P. Larsen, S. Brunthaler, and M. Franz.

Information flow tracking meets just-in-time compilation

In ACM Transactions on Architecture and Code Optimization, vol. 10, no. 4, 2013, (TACO). 10.1145/2541228.2555295

 

G. Savrun-Yeniceri, W. Zhang, H. Zhang, E. Seckler, C. Li, S. Brunthaler, P. Larsen, and M. Franz.

Efficient Hosted Interpreters on the JVM

In ACM Transactions on Architecture and Code Optimization , vol. 11, no. 9, 2014 (TACO). 10.1145/2532642.

 

C. Kerchbaumer, E. Hennigan, P. Larsen, S. Brunthaler, and M. Franz.

CrowdFlow: Efficient Information Flow Security

In Proceedings of the 16th Information Security Conference, Dallas, TX, USA 2013 (ISC'13). 10.1007/978-3-319-27659-5_23.

 

P. Larsen, S. Brunthaler, and M. Franz.

Security Through Diversity: Are We There Yet?

In IEEE S&P Magazine, vol. 12, no. 2, 2014. 10.1109/MSP.2013.129.

 

A. Homescu, S. Brunthaler, P. Larsen, and M. Franz.

librando: Transparent Code Randomization for Just-in-Time Compilers.

In Proceedings of the 20th ACM Conference on Computer and Communications Security, Berlin, Germany, 2013 (CCS'13). 10.1145/2508859.2516675

 

S. Crane, P. Larsen, S. Brunthaler, and M. Franz.

Booby Trapping Software.

In Proceedings of the 2013 New Security Paradigms Workshop, Banff, Canada, 2013 (NSPW'13). 10.1145/2535813.2535824

 

G. Savrun-Yeniceri, W. Zhang, H. Zhang, C. Li, S. Brunthaler, Per Larsen, and M. Franz.

Efficient Interpreter Optimizations for the JVM.

In Proceedings of the 2013 International Conference on Principles and Practices of Programming on the Java Platform, Stuttgart, Germany, 2013 (PPPJ'13). 10.1145/2500828.2500839.

 

C. Kerschbaumer, E. Hennigan, P. Larsen, S. Brunthaler, and M. Franz.

Towards Precise and Efficient Information Flow Control in Web Browsers.

In Proceedings of the 6th International Conference on Trust & Trustworthy Computing, London, United Kingdom, 2013 (TRUST'13). 10.1007/978-3-642-38908-5_12.

 

E. Hennigan, C. Kerschbaumer, S. Brunthaler, P. Larsen, and M. Franz.

First-Class Labels: Using Information Flow to Debug Security Holes.

In Proceedings of the 6th International Conference on Trust & Trustworthy Computing, London, United Kingdom, 2013 (TRUST'13). 10.1007/978-3-642-38908-5_12.

 

A. Homescu, S. Neisius, P. Larsen, S. Brunthaler, and Michael Franz.

Profile-guided Automated Software Diversity.

In Proceedings of the 2013 International Symposium on Code Generation and Optimization, Shenzhen, China, 2013 (CGO'13). 10.1109/CGO.2013.6494997.

 

P. Larsen, R. Ladelsky, J. Lidman, S. A. McKee, S. Karlsson and A. Zaks.

Parallelizing More Loops with Compiler Guided Refactoring.

In Proceedings of the 41th International Conference on Parallel Processing, Pittsburg, PA, September 10-13, 2012 (ICPP'12). 10.1109/ICPP.2012.48.

 

N. Jensen, P. Larsen, R. Ladelsky, A. Zaks, and S. Karlsson

Guiding Programmers to Higher Memory Performance.

In Proceedings of the 5th Workshop on Programmability Issues for Multi-Core Computers, Paris, France, January 23rd, 2012 (MULTIPROG'12). pdf.

 

T. Jackson, A. Homescu, S. Crane, P. Larsen, S. Brunthaler, and M. Franz

Diversifying the Software Stack using Randomized NOP Insertion.

In Jajodia, Sushil and Ghosh, Anup K. and Subrahmanian, V.S. and Swarup, Vipin and Wang, Cliff and Wang, X. Sean (Eds.) Moving Target Defense II: Applications of Game Theory and Adversarial Modeling, Springer Advances in Information Security, Vol. 100, ISBN 978-1-4614-5415-1, pp. 151-174, 2013. 10.1007/978-1-4614-5416-8_8.

 

A. Homescu, S. Neisius, P. Larsen, S. Brunthaler, and Michael Franz.

Microgadgets: Size Does Matter in Turing-Complete Return Oriented Programming.

In In Proceedings of the 6th USENIX Workshop on Offensive Technologies, Bellevue, WA, USA, 2012 (WOOT'12). pdf.

 

C. Wimmer, S. Brunthaler, P. Larsen, and Michael Franz.

Fine-Grained Modularity and Reuse of Virtual Machine Components.

In Proceedings of the 11th Annual International Conference on Aspect-Oriented Software Development, Potsdam, Germany, 2012 (AOSD'12). 10.1145/2162049.2162073.

 

P. Larsen, S. Karlsson, and Jan Madsen.

Expressing Coarse-Grain Dependencies Among Tasks in Shared Memory Programs.

Special Issue of IEEE Transactions on Industrial Informatics, Vol. 7, Issue 4. 2011. 10.1109/TII.2011.2166769..

 

P. Larsen.

Feedback Driven Annotation and Refactoring of Parallel Programs.

PhD. thesis. Series: IMM-PHD-2011. August 2011. pdf.

 

P. Larsen, Razya Ladelsky, Sven Karlsson, and Ayal Zaks.

Compiler Driven Code Comments and Refactoring.

In Proceedings of the 4th Workshop on Programmability Issues for Multi-Core Computers, Heraklion, Crete, 2011 (MULTIPROG'11). Awarded Best Paper. pdf.

 

P. Larsen, Sven Karlsson, and Jan Madsen.

Expressing Inter-task Dependencies between Parallel Stencil Operations.

In Proceedings of the 3rd Workshop on Programmability Issues for Multi-Core Computers, Pisa Italy, 2010 (MULTIPROG'10). pdf.

 

P. Larsen, Sven Karlsson, and Jan Madsen.

Identifying Inter-task Communication in Shared Memory Programming Models.

In Proceedings of the 5th International Workshop on OpenMP, Dresden, Germany, 2009 (IWOMP'09). 10.1007/978-3-642-02303-3

 

Work Experience

University of California, Irvine

Postdoctoral Scholar

2011-Present

I perform the day to day activities necessary to run the research lab and advice an average of 10 graduate students in cooperation with another post-doc and the professor. The most important task is the generation of cool, new research ideas. Other activities include grant proposal writing, attending conferences and performing independent research within the areas of compilation, optimization and cyber-security.

IBM Haifa Research Labs

Summer Intern

July 2010-October 2010

Worked as a part of the compiler team at the IBM Haifa Research labs. The internship was hosted by Ayal Zaks. Focus was on compiler driven suggestions for source code improvements. Such improvements allow auto-parallelization, auto-vectorization and locality enhancing transformations to succeed.

IHPostal A/S

Lead Software Engineer

2004-2005

Lead the planning and subsequent development of a major new revenue protection system for the Norwegian Postal Services. A later version of the system was also adopted by the Danish Postal Services. It is used in production today as the primary means of collecting fees for missing postage on business and private letters of parcels in both Norway and Denmark.

Corena Denmark

Software Engineer

2004-2005

Partook in the design and prototyping of an innovative information delivery system to be used in the cockpits of commercial airline companies as a replacement of prior paper-based solutions.

Aston Business Solutions (Mobilized Workforce from '02)

Software Engineer

2000-2004

Participated in the development of a web-based administration systems for a large and well known Danish pension fund, ATP. Solely designed and implemented an electronic self-service system for delivery of take-off data to regional and European airlines with Scandinavian Airline Services as the client.

Education

Doctor of Philosophy, Computer Science, 2007-2011

Technical University of Denmark - Lyngby, Denmark

My thesis is about communicating programmer insights about software being developed to the compiler. This leads to better use of compiler optimizations, particularly loop parallelization and vectorization. It also exposes areas for improvement to compiler developers.

Master of Science in Engineering Informatics, 1999-2005

Technical University of Denmark - Lyngby, Denmark

The thesis was co-authored by Dr. Peter Verner Bojsen Sørensen with Professor Jan Madsen as the advisor. We implemented, optimized, and tested a system modeling hardware design language–Gezel–on the Microsoft .NET platform.

Per Larsen — perl at uci dot edu — University of California, Irvine — 2011-2016