publications
Publications in reversed chronological order.
2025
-
The Impact of Default Mobile SDK Usage on Privacy and Data ProtectionIn Privacy Enhancing Technologies Symposium (PETS) , 2025
2024
-
SSRF vs Developers: A Study of SSRF-Defenses in PHP ApplicationsIn USENIX Security Symposium , 2024
-
A Black-Box Privacy Analysis of Messaging Service Providers’ Chat Message ProcessingIn Privacy Enhancing Technologies Symposium (PETS) , 2024
-
The Fault in Our Stars: An Analysis of GitHub Stars as an Importance Metric for Web Source CodeIn Workshop on Measurements, Attacks, and Defenses for the Web (MADWeb) , 2024
2023
-
Poster: The Risk of Insufficient Isolation of Database Transactions in Web ApplicationsIn ACM SIGSAC Conference on Computer and Communications Security (CCS) , 2023
-
The OK is Not Enough: Large Scale Study of Consent Dialogs in Smartphone ApplicationsIn USENIX Security Symposium , 2023
-
FUZZILLI: Fuzzing for JavaScript JIT Compiler VulnerabilitiesIn Network and Distributed System Security (NDSS) Symposium , 2023
2022
-
Keeping Privacy Labels HonestIn Privacy Enhancing Technologies Symposium (PETS) , 2022
2020
-
Raccoon: Automated Verification of Guarded Race Conditions in Web ApplicationsIn ACM SIGAPP Symposium on Applied Computing (SAC) , 2020
2017
-
Deemon: Detecting CSRF with dynamic analysis and property graphsIn ACM SIGSAC Conference on Computer and Communications Security (CCS) , 2017
2015
-
Poster: In the net of the Spider: Measuring the Anonymity-Impact of Network-level Adversaries Against TorIn ACM SIGSAC Conference on Computer and Communications Security (CCS) , 2015