Cristian-Alexandru Staicu

Orcid: 0000-0002-6542-2226

Affiliations:

CISPA Helmholtz Center for Information Security, Saarbrücken, Germany
Darmstadt University of Technology, Germany (PhD 2020)

According to our database¹, Cristian-Alexandru Staicu authored at least 24 papers between 2016 and 2024.

Collaborative distances:

Dijkstra number² of four.
Erdős number³ of four.

Timeline

Legend:

Book

In proceedings

Article

PhD thesis

Dataset

Other

Bibliography

2024

SoK: A Literature and Engineering Review of Regular Expression Denial of Service.

[BibT_eX]

[DOI]

Masudul Hasan Masud Bhuiyan

Berk Çakar

Ethan H. Burmane

James C. Davis

Cristian-Alexandru Staicu

CoRR, 2024

SimSCOOD: Systematic Analysis of Out-of-Distribution Generalization in Fine-tuned Source Code Models.

[BibT_eX]

[DOI]

Hossein Hajipour

Ning Yu

Cristian-Alexandru Staicu

Mario Fritz

Proceedings of the Findings of the Association for Computational Linguistics: NAACL 2024, 2024

2023

Bilingual Problems: Studying the Security Risks Incurred by Native Extensions in Scripting Languages.

[BibT_eX]

[DOI]

Cristian-Alexandru Staicu

Sazzadur Rahaman

Ágnes Kiss

Michael Backes

Proceedings of the 32nd USENIX Security Symposium, 2023

Silent Spring: Prototype Pollution Leads to Remote Code Execution in Node.js.

[BibT_eX]

[DOI]

Mikhail Shcherbakov

Musard Balliu

Cristian-Alexandru Staicu

Proceedings of the 32nd USENIX Security Symposium, 2023

SandDriller: A Fully-Automated Approach for Testing Language-Based JavaScript Sandboxes.

[BibT_eX]

[DOI]

Abdullah AlHamdan

Cristian-Alexandru Staicu

Proceedings of the 32nd USENIX Security Symposium, 2023

SecBench.js: An Executable Security Benchmark Suite for Server-Side JavaScript.

[BibT_eX]

[DOI]

Masudul Hasan Masud Bhuiyan

Adithya Srinivas Parthasarathy

Nikos Vasilakis

Michael Pradel

Cristian-Alexandru Staicu

Proceedings of the 45th IEEE/ACM International Conference on Software Engineering, 2023

Jack-in-the-box: An Empirical Study of JavaScript Bundling on the Web and its Security Implications.

[BibT_eX]

[DOI]

Jeremy Rack

Cristian-Alexandru Staicu

Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security, 2023

2022

A Tale of Frozen Clouds: Quantifying the Impact of Algorithmic Complexity Vulnerabilities in Popular Web Servers.

[BibT_eX]

[DOI]

Masudul Hasan Masud Bhuiyan

Cristian-Alexandru Staicu

CoRR, 2022

SimSCOOD: Systematic Analysis of Out-of-Distribution Behavior of Source Code Models.

[BibT_eX]

[DOI]

Hossein Hajipour

Ning Yu

Cristian-Alexandru Staicu

Mario Fritz

CoRR, 2022

2021

SampleFix: Learning to Generate Functionally Diverse Fixes.

[BibT_eX]

[DOI]

Hossein Hajipour

Apratim Bhattacharyya

Cristian-Alexandru Staicu

Mario Fritz

Proceedings of the Machine Learning and Principles and Practice of Knowledge Discovery in Databases, 2021

Preventing Dynamic Library Compromise on Node.js via RWX-Based Privilege Reduction.

[BibT_eX]

[DOI]

Nikos Vasilakis

Cristian-Alexandru Staicu

Proceedings of the CCS '21: 2021 ACM SIGSAC Conference on Computer and Communications Security, Virtual Event, Republic of Korea, November 15, 2021

2020

Enhancing the Security and Privacy of Full-Stack JavaScript Web Applications.

[BibT_eX]

[DOI]

Cristian-Alexandru Staicu

PhD thesis, 2020

Mir: Automated Quantifiable Privilege Reduction Against Dynamic Library Compromise in JavaScript.

[BibT_eX]

[DOI]

Nikos Vasilakis

Cristian-Alexandru Staicu

CoRR, 2020

Extracting taint specifications for JavaScript libraries.

[BibT_eX]

[DOI]

Cristian-Alexandru Staicu

Proceedings of the ICSE '20: 42nd International Conference on Software Engineering, Seoul, South Korea, 27 June, 2020

2019

Anything to Hide? Studying Minified and Obfuscated Code in the Web.

[BibT_eX]

[DOI]

Philippe Skolka

Cristian-Alexandru Staicu

Michael Pradel

Proceedings of the World Wide Web Conference, 2019

Small World with High Risks: A Study of Security Threats in the npm Ecosystem.

[BibT_eX]

[DOI]

Markus Zimmermann

Cristian-Alexandru Staicu

Cam Tenny

Michael Pradel

Proceedings of the 28th USENIX Security Symposium, 2019

Leaky Images: Targeted Privacy Attacks in the Web.

[BibT_eX]

[DOI]

Cristian-Alexandru Staicu

Michael Pradel

Proceedings of the 28th USENIX Security Symposium, 2019

An Empirical Study of Information Flows in Real-World JavaScript.

[BibT_eX]

[DOI]

Cristian-Alexandru Staicu

Proceedings of the 14th ACM SIGSAC Workshop on Programming Languages and Analysis for Security, 2019

2018

Freezing the Web: A Study of ReDoS Vulnerabilities in JavaScript-based Web Servers.

[BibT_eX]

[DOI]

Cristian-Alexandru Staicu

Michael Pradel

Proceedings of the 27th USENIX Security Symposium, 2018

SYNODE: Understanding and Automatically Preventing Injection Attacks on NODE.JS.

[BibT_eX]

[DOI]

Cristian-Alexandru Staicu

Michael Pradel

Benjamin Livshits

Proceedings of the 25th Annual Network and Distributed System Security Symposium, 2018

2017

A Survey of Dynamic Analysis and Test Generation for JavaScript.

[BibT_eX]

[DOI]

Cristian-Alexandru Staicu

ACM Comput. Surv., 2017

Saying 'hi!' is not enough: mining inputs for effective test generation.

[BibT_eX]

[DOI]

Luca Della Toffola

Cristian-Alexandru Staicu

Michael Pradel

Proceedings of the 32nd IEEE/ACM International Conference on Automated Software Engineering, 2017

2016

Search Based Clustering for Protecting Software with Diversified Updates.

[BibT_eX]

[DOI]

Mariano Ceccato

Paolo Falcarin

Alessandro Cabutto

Yosief Weldezghi Frezghi

Cristian-Alexandru Staicu

Proceedings of the Search Based Software Engineering - 8th International Symposium, 2016

Nomen est omen: exploring and exploiting similarities between argument and parameter names.

[BibT_eX]

[DOI]

Hui Liu

Qiurong Liu

Cristian-Alexandru Staicu

Michael Pradel

Yue Luo

Proceedings of the 38th International Conference on Software Engineering, 2016

Cristian-Alexandru Staicu

Timeline

Legend:

Links

Online presence:

On csauthors.net:

Bibliography

Loading...