My CV is available here.
Contact me at jgalenson at gmail dot com.
I completed my Ph.D. from UC Berkeley in 2014.
I received a B.S. (with honors and distinction) from Stanford University in 2008.
Systems security, return-oriented programming, exploit development, exploit and malware detection
Compilers, program synthesis, static and dynamic program analysis, testing, language design
I am a software engineer at Google, where I am on the Android Platform Security team.
I proposed, co-designed, and implemented one of Android's premier (upcoming) privacy features.
I have made numerous optimizations to the upstream LLVM compiler to improve the performance of components such as its integer overflow sanitizer and undefined behavior sanitizer. This work was crucial in allowing us to enable these features on production devices.
I am one of the maintainers of Android's SELinux system, which uses mandatory access controls to improve the security of the system. I have worked on improving Android's core policy and on bringing up multiple new devices.
I researched behavioral mobile security solutions to protect against malware and exploits. I have spent much of my time developing attacks on Android, including building real exploits that bypass SELinux and target Chrome and the Stagefright and Dirtycow bugs. I have handwritten ARM assembly and built a simple shellcode and ROP compiler to ease payload development. I developed and gave our lab a tutorial on memory error attacks and defenses, including building a sequence of ROP attacks from simple to complex.
I worked on developing compilation techniques for programming special purpose accelerator architectures. Our compiler was based on LLVM, and I worked on the backend, including scheduling, software pipelining, optimizing individual instructions, co-designing new instructions, and numerous architecture-specific passes. I also worked on providing tools to understand and optimize the compiler output as well as improving our test infrastructure and tracking upstream development.
CodeHint: a dynamic program synthesis tool integrated into the IDE.
CodeHint received second place at LIVE 2013.
PBD: A programming by demonstration system that applies some of CodeHint's ideas to help synthesize data tructures or end-user tasks.
Research.js: Evaluating Research Tool Usability on the Web
Joel Galenson, Cindy Rubio-González, Sarah Chasins, and Liang Gong.
In Proceedings of the 5th Workshop on Evaluation and Usability of Programming Languages and Tools (PLATEAU), Portland, Oregon, USA, 2014.
Dynamic and Interactive Synthesis of Code Snippets
CodeHint: Dynamic and Interactive Synthesis of Code Snippets
Joel Galenson, Philip Reames, Rastislav Bodik, Bjoern Hartmann, and Koushik Sen.
In Proceedings of the 36th International Conference on Software Engineering (ICSE 2014), Hyderabad, India, 2014.
[pdf] [slides] [doi]
The Compiler Forest
Mihai Budiu, Joel Galenson, and Gordon D. Plotkin.
In Proceedings of the 22nd European conference on Programming Languages and Systems (ESOP 2013), Rome, Italy, 2013
[pdf] [slides] [doi]
Yada: Straightforward Parallel Programming
David Gay, Joel Galenson, Mayur Naik, and Kathy Yelick.
In Parallel Computing, Elsevier, 2011.
Programming with Angelic Nondeterminism
Rastislav Bodik, Satish Chandra, Joel Galenson, Doug Kimmelman, Nicholas Tung, Shaon Barman, and Casey Rodarmor.
In Proceedings of the 37th Symposium on Principles of Programming Languages (POPL 2010), Madrid, Spain, 2010.
An empirical analysis of return on investment maximization in sponsored search auctions
Jason Auerbach, Joel Galenson, and Mukund Sundararajan.
In Proceedings of the Second International Workshop on Data Mining and Audience Intelligence for Advertising (ADKDD 2008), Las Vegas, Nevada, USA, 2008.
CodeHint: Dynamic and Interactive Synthesis for Modern IDEs
Future Programming Workshop, SPLASH, 2014.