We stand with Ukraine

We stand with Ukraine

Giancarlo Pellegrino

Orcid: 0009-0007-6223-8945

Affiliations:

CISPA Helmholtz Center for Information Security, Saarbrücken, Germany

According to our database¹, Giancarlo Pellegrino authored at least 47 papers between 2010 and 2024.

Collaborative distances:

Dijkstra number² of three.
Erdős number³ of four.

Timeline

Legend:

Book

In proceedings

Article

PhD thesis

Dataset

Other

Links

Online presence:

on orcid.org

On csauthors.net:

Bibliography

2024

Exploration of the Dynamics of Buy and Sale of Social Media Accounts.

[BibT_eX]

[DOI]

,

Bhupendra Acharya

,

Soheil Khodayari

,

,

Giancarlo Pellegrino

,

CoRR, 2024

Rag and Roll: An End-to-End Evaluation of Indirect Prompt Manipulations in LLM-based Application Frameworks.

[BibT_eX]

[DOI]

Gianluca De Stefano

,

,

Giancarlo Pellegrino

CoRR, 2024

SSRF vs. Developers: A Study of SSRF-Defenses in PHP Applications.

[BibT_eX]

[DOI]

,

,

Giancarlo Pellegrino

,

Proceedings of the 33rd USENIX Security Symposium, 2024

SoK: State of the Krawlers - Evaluating the Effectiveness of Crawling Algorithms for Web Security Measurements.

[BibT_eX]

[DOI]

Aleksei Stafeev

,

Giancarlo Pellegrino

Proceedings of the 33rd USENIX Security Symposium, 2024

The Great Request Robbery: An Empirical Study of Client-side Request Hijacking Vulnerabilities on the Web.

[BibT_eX]

[DOI]

Soheil Khodayari

,

,

Giancarlo Pellegrino

Proceedings of the IEEE Symposium on Security and Privacy, 2024

Uncovering the Role of Support Infrastructure in Clickbait PDF Campaigns.

[BibT_eX]

[DOI]

,

Gianluca De Stefano

,

Andrea Mengascini

,

Mariano Graziano

,

Giancarlo Pellegrino

Proceedings of the 9th IEEE European Symposium on Security and Privacy, 2024

The Big Brother's New Playground: Unmasking the Illusion of Privacy in Web Metaverses from a Malicious User's Perspective.

[BibT_eX]

[DOI]

Andrea Mengascini

,

,

Giancarlo Pellegrino

Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security, 2024

2023

A Large-Scale Study of Phishing PDF Documents.

[BibT_eX]

[DOI]

,

Sahar Abdelnabi

,

Andrea Mengascini

,

Mariano Graziano

,

,

Giancarlo Pellegrino

CoRR, 2023

The Leaky Web: Automated Discovery of Cross-Site Information Leaks in Browsers and the Web.

[BibT_eX]

[DOI]

Jannis Rautenstrauch

,

Giancarlo Pellegrino

,

Proceedings of the 44th IEEE Symposium on Security and Privacy, 2023

It's (DOM) Clobbering Time: Attack Techniques, Prevalence, and Defenses.

[BibT_eX]

[DOI]

Soheil Khodayari

,

Giancarlo Pellegrino

Proceedings of the 44th IEEE Symposium on Security and Privacy, 2023

From Attachments to SEO: Click Here to Learn More about Clickbait PDFs!

[BibT_eX]

[DOI]

,

Sahar Abdelnabi

,

Andrea Mengascini

,

Mariano Graziano

,

,

Giancarlo Pellegrino

Proceedings of the Annual Computer Security Applications Conference, 2023

2022

The State of the SameSite: Studying the Usage, Effectiveness, and Adequacy of SameSite Cookies.

[BibT_eX]

[DOI]

Soheil Khodayari

,

Giancarlo Pellegrino

Proceedings of the 43rd IEEE Symposium on Security and Privacy, 2022

2021

JAW: Studying Client-side CSRF with Hybrid Property Graphs and Declarative Traversals.

[BibT_eX]

[DOI]

Soheil Khodayari

,

Giancarlo Pellegrino

Proceedings of the 30th USENIX Security Symposium, 2021

Black Widow: Blackbox Data-driven Web Scanning.

[BibT_eX]

[DOI]

Benjamin Eriksson

,

Giancarlo Pellegrino

,

Andrei Sabelfeld

Proceedings of the 42nd IEEE Symposium on Security and Privacy, 2021

Where We Stand (or Fall): An Analysis of CSRF Defenses in Web Frameworks.

[BibT_eX]

[DOI]

,

Soheil Khodayari

,

Giancarlo Pellegrino

Proceedings of the RAID '21: 24th International Symposium on Research in Attacks, 2021

2020

Automatic Uncovering of Hidden Behaviors From Input Validation in Mobile Apps.

[BibT_eX]

[DOI]

,

,

Brendan Dolan-Gavitt

,

Giancarlo Pellegrino

,

Proceedings of the 2020 IEEE Symposium on Security and Privacy, 2020

SentiNet: Detecting Localized Universal Attacks Against Deep Learning Systems.

[BibT_eX]

[DOI]

,

Florian Tramèr

,

Giancarlo Pellegrino

Proceedings of the 2020 IEEE Security and Privacy Workshops, 2020

Raccoon: automated verification of guarded race conditions in web applications.

[BibT_eX]

[DOI]

,

,

,

Giancarlo Pellegrino

Proceedings of the SAC '20: The 35th ACM/SIGAPP Symposium on Applied Computing, online event, [Brno, Czech Republic], March 30, 2020

Deceptive Previews: A Study of the Link Preview Trustworthiness in Social Platforms.

[BibT_eX]

[DOI]

,

Giancarlo Pellegrino

Proceedings of the 27th Annual Network and Distributed System Security Symposium, 2020

2019

Fidelius: Protecting User Secrets from Compromised Browsers.

[BibT_eX]

[DOI]

Saba Eskandarian

,

,

Sawyer Birnbaum

,

Peh Chang Wei Brandon

,

,

,

Gaspar Garcia Jr.

,

,

,

Taresh K. Sethi

,

,

,

Giancarlo Pellegrino

,

Proceedings of the 2019 IEEE Symposium on Security and Privacy, 2019

Geo-locating Drivers: A Study of Sensitive Data Leakage in Ride-Hailing Services.

[BibT_eX]

[DOI]

,

,

Giancarlo Pellegrino

,

Proceedings of the 26th Annual Network and Distributed System Security Symposium, 2019

AdVersarial: Perceptual Ad Blocking meets Adversarial Machine Learning.

[BibT_eX]

[DOI]

Florian Tramèr

,

,

,

Giancarlo Pellegrino

,

Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, 2019

2018

SentiNet: Detecting Physical Attacks Against Deep Learning Systems.

[BibT_eX]

[DOI]

,

Florian Tramèr

,

Giancarlo Pellegrino

,

CoRR, 2018

Ad-versarial: Defeating Perceptual Ad-Blocking.

[BibT_eX]

[DOI]

Florian Tramèr

,

,

,

Giancarlo Pellegrino

,

CoRR, 2018

The Rise of the Citizen Developer: Assessing the Security Impact of Online App Generators.

[BibT_eX]

[DOI]

Marten Oltrogge

,

,

Christian Stransky

,

,

,

Christian Rossow

,

Giancarlo Pellegrino

,

,

Proceedings of the 2018 IEEE Symposium on Security and Privacy, 2018

Didn't You Hear Me? - Towards More Successful Web Vulnerability Notifications.

[BibT_eX]

[DOI]

,

Giancarlo Pellegrino

,

,

,

Christian Rossow

Proceedings of the 25th Annual Network and Distributed System Security Symposium, 2018

Formally Reasoning about the Cost and Efficacy of Securing the Email Infrastructure.

[BibT_eX]

[DOI]

Patrick Speicher

,

Marcel Steinmetz

,

Robert Künnemann

,

Milivoj Simeonovski

,

Giancarlo Pellegrino

,

,

Proceedings of the 2018 IEEE European Symposium on Security and Privacy, 2018

2017

Who Controls the Internet?: Analyzing Global Threats using Property Graph Traversals.

[BibT_eX]

[DOI]

Milivoj Simeonovski

,

Giancarlo Pellegrino

,

Christian Rossow

,

Proceedings of the 26th International Conference on World Wide Web, 2017

Deemon: Detecting CSRF with Dynamic Analysis and Property Graphs.

[BibT_eX]

[DOI]

Giancarlo Pellegrino

,

,

,

,

Christian Rossow

Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, 2017

2016

Hey, You Have a Problem: On the Feasibility of Large-Scale Web Vulnerability Notification.

[BibT_eX]

[DOI]

,

Giancarlo Pellegrino

,

Christian Rossow

,

,

Proceedings of the 25th USENIX Security Symposium, 2016

Uses and Abuses of Server-Side Requests.

[BibT_eX]

[DOI]

Giancarlo Pellegrino

,

,

Davide Balzarotti

,

Christian Rossow

Proceedings of the Research in Attacks, Intrusions, and Defenses, 2016

POSTER: Mapping the Landscape of Large-Scale Vulnerability Notifications.

[BibT_eX]

[DOI]

,

Giancarlo Pellegrino

,

Christian Rossow

,

,

Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, 2016

2015

Cashing Out the Great Cannon? On Browser-Based DDoS Attacks and Economics.

[BibT_eX]

[DOI]

Giancarlo Pellegrino

,

Christian Rossow

,

Fabrice J. Ryba

,

Thomas C. Schmidt

,

Matthias Wählisch

Proceedings of the 9th USENIX Workshop on Offensive Technologies, 2015

In the Compression Hornet's Nest: A Security Study of Data Compression in Network Services.

[BibT_eX]

[DOI]

Giancarlo Pellegrino

,

Davide Balzarotti

,

,

Proceedings of the 24th USENIX Security Symposium, 2015

jÄk: Using Dynamic Analysis to Crawl and Test Modern Web Applications.

[BibT_eX]

[DOI]

Giancarlo Pellegrino

,

Constantin Tschürtz

,

,

Christian Rossow

Proceedings of the Research in Attacks, Intrusions, and Defenses, 2015

Technical Implementation and Feasibility.

[BibT_eX]

[DOI]

Gert Læssøe Mikkelsen

,

Kasper Damgård

,

,

Jonas Lindstrøm Jensen

,

Jesus Luna Garcia

,

Janus Dam Nielsen

,

Pascal Paillier

,

Giancarlo Pellegrino

,

Michael Bladt Stausholm

,

,

Proceedings of the Attribute-based Credentials for Trust: Identity in the Information Society, 2015

2014

Towards a Framework for Assessing the Feasibility of Side-channel Attacks in Virtualized Environments.

[BibT_eX]

[DOI]

Tsvetoslava Vateva-Gurova

,

,

Giancarlo Pellegrino

,

Proceedings of the SECRYPT 2014, 2014

Toward Black-Box Detection of Logic Flaws in Web Applications.

[BibT_eX]

[DOI]

Giancarlo Pellegrino

,

Davide Balzarotti

Proceedings of the 21st Annual Network and Distributed System Security Symposium, 2014

On the Feasibility of Side-Channel Attacks in a Virtualized Environment.

[BibT_eX]

[DOI]

Tsvetoslava Vateva-Gurova

,

,

Giancarlo Pellegrino

,

Proceedings of the E-Business and Telecommunications - 11th International Joint Conference, 2014

2013

Detection of logic flaws in multi-party business applications via security testing. (Détection d'anomalies logiques dans les logiciels d'entreprise multi-partis à travers des tests de sécurité).

[BibT_eX]

[DOI]

Giancarlo Pellegrino

PhD thesis, 2013

An authentication flaw in browser-based Single Sign-On protocols: Impact and remediations.

[BibT_eX]

[DOI]

Alessandro Armando

,

Roberto Carbone

,

,

,

Giancarlo Pellegrino

,

Alessandro Sorniotti

Comput. Secur., 2013

A Tool for Supporting Developers in Analyzing the Security of Web-Based Security Protocols.

[BibT_eX]

[DOI]

Giancarlo Pellegrino

,

,

Thomas Morreggia

Proceedings of the Testing Software and Systems, 2013

2012

From Model-Checking to Automated Testing of Security Protocols: Bridging the Gap.

[BibT_eX]

[DOI]

Alessandro Armando

,

Giancarlo Pellegrino

,

Roberto Carbone

,

,

Davide Balzarotti

Proceedings of the Tests and Proofs - 6th International Conference, 2012

The AVANTSSAR Platform for the Automated Validation of Trust and Security of Service-Oriented Architectures.

[BibT_eX]

[DOI]

Proceedings of the Tools and Algorithms for the Construction and Analysis of Systems, 2012

2011

From Multiple Credentials to Browser-Based Single Sign-On: Are We More Secure?

[BibT_eX]

[DOI]

Alessandro Armando

,

Roberto Carbone

,

,

,

Giancarlo Pellegrino

,

Alessandro Sorniotti

Proceedings of the Future Challenges in Security and Privacy for Academia and Industry, 2011

Security Validation of Business Processes via Model-Checking.

[BibT_eX]

[DOI]

,

,

Giancarlo Pellegrino

,

Serena Elisa Ponta

Proceedings of the Engineering Secure Software and Systems - Third International Symposium, 2011

2010

Model-Checking Driven Security Testing of Web-Based Applications.

[BibT_eX]

[DOI]

Alessandro Armando

,

Roberto Carbone

,

,

,

Giancarlo Pellegrino

Proceedings of the Third International Conference on Software Testing, 2010

Loading...