Items where Author is "Pellegrino, Giancarlo"

Up a level
Export as [feed] Atom [feed] RSS 1.0 [feed] RSS 2.0
Group by: Item Type | No Grouping
Number of items: 27.

Conference or Workshop Item (A Paper)

Khodayari, Soheil and Barber, Thomas and Pellegrino, Giancarlo
(2024) The Great Request Robbery: An Empirical Study of Client-side Request Hijacking Vulnerabilities on the Web.
In: 45th IEEE Symposium on Security and Privacy, SAN FRANCISCO, CA.
Conference: SP IEEE Symposium on Security and Privacy

Stivala, Giada and Abdelnabi, Sahar and Mengascini, Andrea and Graziano, Mariano and Fritz, Mario and Pellegrino, Giancarlo
(2023) From Attachments to SEO: Click Here to Learn More about Clickbait PDFs!
In: ACSAC '23: Proceedings of the 38th Annual Computer Security Applications Conference, 4-8 December 2023, Austin, TX.
Conference: ACSAC Annual Computer Security Applications Conference
(In Press)

Khodayari, Soheil and Pellegrino, Giancarlo
(2023) It's (DOM) Clobbering Time: Attack Techniques, Prevalence, and Defenses.
In: 44th IEEE Symposium on Security and Privacy.
Conference: SP IEEE Symposium on Security and Privacy
(Submitted)

Rautenstrauch, Jannis and Pellegrino, Giancarlo and Stock, Ben
(2023) The Leaky Web: Automated Discovery of Cross-Site Information Leaks in Browsers and the Web.
In: 44th IEEE Symposium on Security and Privacy.
Conference: SP IEEE Symposium on Security and Privacy

Khodayari, Soheil and Pellegrino, Giancarlo
(2022) The State of the SameSite: Studying the Usage, Effectiveness, and Adequacy of SameSite Cookies.
In: 43rd IEEE Symposium on Security and Privacy (S&P '22).
Conference: SP IEEE Symposium on Security and Privacy

Likaj, Xhelal and Khodayari, Soheil and Pellegrino, Giancarlo
(2021) Where We Stand (or Fall): An Analysis of CSRF Defenses in Web Frameworks.
In: 24th International Symposium on Research in Attacks, Intrusions and Defenses (RAID ’21).
Conference: RAID The International Symposium on Research in Attacks, Intrusions and Defenses (was International Symposium on Recent Advances in Intrusion Detection)

Khodayari, Soheil and Pellegrino, Giancarlo
(2021) JAW: Studying Client-side CSRF with Hybrid Property Graphs and Declarative Traversals.
In: 30th USENIX Security Symposium (USENIX Security'21).
Conference: USENIX-Security Usenix Security Symposium

Eriksson, Benjamin and Pellegrino, Giancarlo and Sabelfeld, Andrei
(2021) Black Widow: Blackbox Data-driven Web Scanning.
In: IEEE Symposium on Security and Privacy, Proceedings of SSP 2021.
Conference: SP IEEE Symposium on Security and Privacy

Chou, Edward and Tramer, Florian and Pellegrino, Giancarlo
(2020) SentiNet: Detecting Localized Universal Attack Against Deep Learning Systems.
In: 3rd Deep Learning and Security Workshop (DLS 2020), May 21, 2020, All-digital.
Conference: IEEE SPW IEEE Symposium on Security and Privacy Workshops

Zhao, Qingchuan and Zuo, Chaoshun and Brendan, Dolan-Gavitt and Pellegrino, Giancarlo and Lin, Zhiqiang
(2020) Automatic Uncovering of Hidden Behaviors from Input Validation in Mobile Apps.
In: IEEE Symposium on Security and Privacy.
Conference: SP IEEE Symposium on Security and Privacy

Koch, Simon and Sauer, Tim and Johns, Martin and Pellegrino, Giancarlo
(2020) Raccoon: Automated Verification of Guarded Race Conditions in Web Applications.
In: The 35th ACM/SIGAPP Symposium On Applied Computing, March 30-April 3, 2020, Brno, Czech Republic.
Conference: SAC ACM Symposium on Applied Computing

Stivala, Giada and Pellegrino, Giancarlo
(2020) Deceptive Previews: A Study of the Link Preview Trustworthiness in Social Platforms.
In: 27th Annual Network and Distributed System Security symposium, February 2020, San Diego.
Conference: NDSS Network and Distributed System Security Symposium

Tramèr, Florian and Dupré, Pascal and Gili, Rusak and Pellegrino, Giancarlo and Boneh, Dan
(2019) AdVersarial: Perceptual Ad Blocking meets Adversarial Machine Learning.
In: CCS 19.
Conference: CCS ACM Conference on Computer and Communications Security

Eskandarian, Saba and Cogan, Jonathan and Birnbaum, Sawyer and Brandon, Peh Chang Wei and Franke, Dillon and Fraser, Forest and Garcia, Gaspar and Gong, Eric and Nguyen, Hung T. and Sethi, Taresh K. and Subbiah, Vishal and Backes, Michael and Pellegrino, Giancarlo and Boneh, Dan
(2019) Fidelius: Protecting User Secrets from Compromised Browsers.
In: S&P 2019.
Conference: SP IEEE Symposium on Security and Privacy

Zhao, Qingchuan and Zuo, Chaoshun and Pellegrino, Giancarlo and Zhiqiang, Li
(2019) Geo-locating Drivers: A Study of Sensitive Data Leakage in Ride-Hailing Services.
In: NDSS Symposium 2019.
Conference: NDSS Network and Distributed System Security Symposium

Stock, Ben and Pellegrino, Giancarlo and Li, Frank and Backes, Michael and Rossow, Christian
(2018) Didn’t You Hear Me? — Towards More Successful Web Vulnerability Notifications.
In: Proceedings of the 25th Annual Symposium on Network and Distributed System Security (NDSS '18)..
Conference: NDSS Network and Distributed System Security Symposium

Speicher, Patrick and Steinmetz, Marcel and Künnemann, Robert and Simeonovski, Milivoj and Pellegrino, Giancarlo and Hoffmann, Jörg and Backes, Michael
(2018) Formally Reasoning about the Cost and Efficacy of Securing the Email Infrastructure.
In: 2018 IEEE European Symposium on Security and Privacy, EuroS&P 2018, London, United Kingdom, April 24-26, 2018.
Conference: EuroS&P IEEE European Symposium on Security and Privacy

Oltrogge, Marten and Derr, Erik and Stransky, Christian and Acar, Yasemin and Fahl, Sascha and Rossow, Christian and Pellegrino, Giancarlo and Bugiel, Sven and Backes, Michael
(2018) The Rise of the Citizen Developer: Assessing the Security Impact of Online App Generators.
In: 39th IEEE Symposium on Security and Privacy (SP '18).
Conference: SP IEEE Symposium on Security and Privacy

Simeonovski, Milivoj and Pellegrino, Giancarlo and Rossow, Christian and Backes, Michael
(2017) Who Controls the Internet? Analyzing Global Threats using Property Graph Traversals.
In: Proc. of the 26rd International Conference on World Wide Web (WWW 2017).
Conference: WWW The Web Conference (Formerly: International World Wide Web Conference)

Pellegrino, Giancarlo and Johns, Martin and Koch, Simon and Backes, Michael and Rossow, Christian
(2017) Deemon: Detecting CSRF with Dynamic Analysis and Property Graphs.
In: Proceedings of the 24th ACM Conference on Computer and Communication Security (CCS'17).
Conference: CCS ACM Conference on Computer and Communications Security

Stock, Ben and Pellegrino, Giancarlo and Rossow, Christian and Johns, Martin and Backes, Michael
(2016) Hey, You Have a Problem: On the Feasibility of Large-Scale Web Vulnerability Notification.
In: Proceedings of the 25th USENIX Security Symposium (USENIX Security '16).
Conference: USENIX-Security Usenix Security Symposium

Pellegrino, Giancarlo and Catakoglu, Onur and Balzarotti, Davide and Rossow, Christian
(2016) Uses and Abuses of Server-Side Requests.
In: Research in Attacks, Intrusions, and Defenses - 18th International Symposium, RAID 2016.
Conference: RAID The International Symposium on Research in Attacks, Intrusions and Defenses (was International Symposium on Recent Advances in Intrusion Detection)

Stock, Ben and Pellegrino, Giancarlo and Rossow, Christian and Johns, Martin and Backes, Michael
(2016) POSTER: Mapping the Landscape of Large-Scale Vulnerability Notifications.
In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, Vienna, Austria, October 24-28, 2016.
Conference: CCS ACM Conference on Computer and Communications Security

Pellegrino, Giancarlo and Balzarotti, Davide and Winter, Stefan and Suri, Neeraj
(2015) In the Compression Hornet's Nest: A Security Study of Data Compression in Network Services.
In: Proceedings of the 24th USENIX Security Symposium (USENIX '15).
Conference: USENIX-Security Usenix Security Symposium

Pellegrino, Giancarlo and Rossow, Christian and Ryba, Fabrice J. and Schmidt, Thomas C. and Wählisch, Matthias
(2015) Cashing Out the Great Cannon? On Browser-Based DDoS Attacks and Economics.
In: 9th USENIX Workshop on Offensive Technologies (WOOT 15).

Pellegrino, Giancarlo and Tschürtz, Constantin and Bodden, Eric and Rossow, Christian
(2015) jÄk: Using Dynamic Analysis to Crawl and Test Modern Web Applications.
In: Research in Attacks, Intrusions, and Defenses - 18th International Symposium, RAID 2015, Kyoto, Japan, November 2-4, 2015, Proceedings.
Conference: RAID The International Symposium on Research in Attacks, Intrusions and Defenses (was International Symposium on Recent Advances in Intrusion Detection)

Other

Speicher, Patrick and Steinmetz, Marcel and Künnemann, Robert and Simeonovski, Milivoj and Pellegrino, Giancarlo and Hoffmann, Jörg and Backes, Michael
(2018) Formally Reasoning about the Cost and Efficacy of Securing the Email Infrastructure (full version).
CISPA
.

This list was generated on Thu Nov 21 11:44:39 2024 CET.