Iasonas Polakis

Proceedings of the 33rd USENIX Security Symposium, 2024

Abandon All Hope Ye Who Enter Here: A Dynamic, Longitudinal Investigation of Android's Data Safety Section.

[BibT_eX]

[DOI]

Proceedings of the 33rd USENIX Security Symposium, 2024

Rise of Inspectron: Automated Black-box Auditing of Cross-platform Electron Apps.

[BibT_eX]

[DOI]

Mir Masood Ali

Proceedings of the 33rd USENIX Security Symposium, 2024

2023

Fashion Faux Pas: Implicit Stylistic Fingerprints for Bypassing Browsers' Anti-Fingerprinting Defenses.

[BibT_eX]

[DOI]

Proceedings of the 44th IEEE Symposium on Security and Privacy, 2023

ReScan: A Middleware Framework for Realistic and Robust Black-box Web Application Scanning.

[BibT_eX]

[DOI]

Kostas Drakonakis

Proceedings of the 30th Annual Network and Distributed System Security Symposium, 2023

Navigating Murky Waters: Automated Browser Feature Testing for Uncovering Tracking Vectors.

[BibT_eX]

[DOI]

Mir Masood Ali

Binoy Chitale

Nick Nikiforakis

Proceedings of the 30th Annual Network and Distributed System Security Symposium, 2023

Read Between the Lines: Detecting Tracking JavaScript with Bytecode Classification.

[BibT_eX]

[DOI]

Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security, 2023

When Push Comes to Shove: Empirical Analysis of Web Push Implementations in the Wild.

[BibT_eX]

[DOI]

Alberto Carboneri

Soroush Karami

Proceedings of the Annual Computer Security Applications Conference, 2023

2022

The Dangers of Human Touch: Fingerprinting Browser Extensions through User Actions.

[BibT_eX]

[DOI]

Proceedings of the 31st USENIX Security Symposium, 2022

Phish in Sheep's Clothing: Exploring the Authentication Pitfalls of Browser Fingerprinting.

[BibT_eX]

[DOI]

Proceedings of the 31st USENIX Security Symposium, 2022

Unleash the Simulacrum: Shifting Browser Realities for Robust Extension-Fingerprinting Prevention.

[BibT_eX]

[DOI]

Proceedings of the 31st USENIX Security Symposium, 2022

Towards Automated Auditing for Account and Session Management Flaws in Single Sign-On Deployments.

[BibT_eX]

[DOI]

Proceedings of the 43rd IEEE Symposium on Security and Privacy, 2022

Exploring the security and privacy risks of chatbots in messaging services.

[BibT_eX]

[DOI]

Guillermo Suarez-Tangil

Jose M. Such

Proceedings of the 22nd ACM Internet Measurement Conference, 2022

Escaping the Confines of Time: Continuous Browser Extension Fingerprinting Through Ephemeral Modifications.

[BibT_eX]

[DOI]

Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security, 2022

2021

Plight at the End of the Tunnel - Legacy IPv6 Transition Mechanisms in the Wild.

[BibT_eX]

[DOI]

John Kristoff

Proceedings of the Passive and Active Measurement - 22nd International Conference, 2021

Tales of Favicons and Caches: Persistent Tracking in Modern Browsers.

[BibT_eX]

[DOI]

Proceedings of the 28th Annual Network and Distributed System Security Symposium, 2021

Awakening the Web's Sleeper Agents: Misusing Service Workers for Privacy Leakage.

[BibT_eX]

[DOI]

Soroush Karami

Panagiotis Ilia

Proceedings of the 28th Annual Network and Distributed System Security Symposium, 2021

This Sneaky Piggy Went to the Android Ad Market: Misusing Mobile Sensors for Stealthy Data Exfiltration.

[BibT_eX]

[DOI]

Proceedings of the CCS '21: 2021 ACM SIGSAC Conference on Computer and Communications Security, Virtual Event, Republic of Korea, November 15, 2021

2020

The Seven Deadly Sins of the HTML5 WebAPI: A Large-scale Study on the Risks of Mobile Sensor-based Attacks.

[BibT_eX]

[DOI]

ACM Trans. Priv. Secur., 2020

A fine-grained social network recommender system.

[BibT_eX]

[DOI]

Dimitris Spiliotopoulos

Soc. Netw. Anal. Min., 2020

Meddling Middlemen: Empirical Analysis of the Risks of Data-Saving Mobile Browsers.

[BibT_eX]

[DOI]

Proceedings of the 2020 IEEE Symposium on Security and Privacy, 2020

Carnus: Exploring the Privacy Threats of Browser Extension Fingerprinting.

[BibT_eX]

[DOI]

Proceedings of the 27th Annual Network and Distributed System Security Symposium, 2020

Tech Pains: Characterizations of Lived Cybersecurity Experiences.

[BibT_eX]

[DOI]

Proceedings of the IEEE European Symposium on Security and Privacy Workshops, 2020

Chameleons' Oblivion: Complex-Valued Deep Neural Networks for Protocol-Agnostic RF Device Fingerprinting.

[BibT_eX]

[DOI]

Proceedings of the IEEE European Symposium on Security and Privacy, 2020

Fill in the Blanks: Empirical Analysis of the Privacy Threats of Browser Form Autofill.

[BibT_eX]

[DOI]

Xu Lin

Panagiotis Ilia

Proceedings of the CCS '20: 2020 ACM SIGSAC Conference on Computer and Communications Security, 2020

The Cookie Hunter: Automated Black-box Auditing for Web Authentication and Authorization Flaws.

[BibT_eX]

[DOI]

Kostas Drakonakis

Proceedings of the CCS '20: 2020 ACM SIGSAC Conference on Computer and Communications Security, 2020

2019

Deep Complex Networks for Protocol-Agnostic Radio Frequency Device Fingerprinting in the Wild.

[BibT_eX]

[DOI]

CoRR, 2019

A Large-scale Study on the Risks of the HTML5 WebAPI for Mobile Sensor-based Attacks.

[BibT_eX]

[DOI]

Proceedings of the World Wide Web Conference, 2019

Please Forget Where I Was Last Summer: The Privacy Risks of Public Location (Meta)Data.

[BibT_eX]

[DOI]

Proceedings of the 26th Annual Network and Distributed System Security Symposium, 2019

REAPER: Real-time App Analysis for Augmenting the Android Permission System.

[BibT_eX]

[DOI]

Michalis Diamantaris

Elias P. Papadopoulos

Proceedings of the Ninth ACM Conference on Data and Application Security and Privacy, 2019

2018

O Single Sign-Off, Where Art Thou? An Empirical Analysis of Single Sign-On Account Hijacking and Session Management on the Web.

[BibT_eX]

[DOI]

Proceedings of the 27th USENIX Security Symposium, 2018

2017

Evaluating the Privacy Guarantees of Location Proximity Services.

[BibT_eX]

[DOI]

ACM Trans. Priv. Secur., 2017

Techu: Open and Privacy-Preserving Crowdsourced GPS for the Masses.

[BibT_eX]

[DOI]

Ioannis Agadakos

Georgios Portokalidis

Proceedings of the 15th Annual International Conference on Mobile Systems, 2017

In (Cyber)Space Bots Can Hear You Speak: Breaking Audio CAPTCHAs Using OTS Speech Recognition.

[BibT_eX]

[DOI]

Proceedings of the 10th ACM Workshop on Artificial Intelligence and Security, 2017

Reveal: Fine-grained Recommendations in Online Social Networks.

[BibT_eX]

[DOI]

Markos Aivazoglou

Orestis Roussos

Dimitris Spiliotopoulos

Proceedings of the 2017 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining 2017, Sydney, Australia, July 31, 2017

2016

Exploiting abused trending topics to identify spam campaigns in Twitter.

[BibT_eX]

[DOI]

Paraskevi Fragopoulou

Soc. Netw. Anal. Min., 2016

That's the Way the Cookie Crumbles: Evaluating HTTPS Enforcing Mechanisms.

[BibT_eX]

[DOI]

Suphannee Sivakorn

Angelos D. Keromytis

Proceedings of the 2016 ACM on Workshop on Privacy in the Electronic Society, 2016

The Cracked Cookie Jar: HTTP Cookie Hijacking and the Exposure of Private Information.

[BibT_eX]

[DOI]

Suphannee Sivakorn

Angelos D. Keromytis

Proceedings of the IEEE Symposium on Security and Privacy, 2016

I am Robot: (Deep) Learning to Break Semantic Image CAPTCHAs.

[BibT_eX]

[DOI]

Suphannee Sivakorn

Angelos D. Keromytis

Proceedings of the IEEE European Symposium on Security and Privacy, 2016

2015

Powerslave: Analyzing the Energy Consumption of Mobile Antivirus Software.

[BibT_eX]

[DOI]

Proceedings of the Detection of Intrusions and Malware, and Vulnerability Assessment, 2015

Where's Wally?: Precise User Discovery Attacks in Location Proximity Services.

[BibT_eX]

[DOI]

Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, 2015

Face/Off: Preventing Privacy Leakage From Photos in Social Networks.

[BibT_eX]

[DOI]

Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, 2015

Social Forensics: Searching for Needles in Digital Haystacks.

[BibT_eX]

[DOI]

Paraskevi Fragopoulou

Proceedings of the 4th International Workshop on Building Analysis Datasets and Gathering Experience Returns for Security, 2015

2014

Online social networks from a malicious perspective: novel attack techniques and defense mechanisms

[BibT_eX]

[DOI]

PhD thesis, 2014

Think Before RT: An Experimental Study of Abusing Twitter Trends.

[BibT_eX]

[DOI]

Paraskevi Fragopoulou

Proceedings of the Social Informatics - SocInfo 2014 International Workshops, Barcelona, 2014

Faces in the Distorting Mirror: Revisiting Photo-based Social Authentication.

[BibT_eX]

[DOI]

Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, 2014

Security and Privacy Measurements in Social Networks: Experiences and Lessons Learned.

[BibT_eX]

[DOI]

Proceedings of the Third International Workshop on Building Analysis Datasets and Gathering Experience Returns for Security, 2014

2013

The man who <i>was</i> there: validating check-ins in location-based services.

[BibT_eX]

[DOI]

Stamatis Volanis

Elias Athanasopoulos

Proceedings of the Annual Computer Security Applications Conference, 2013

2012

All your face are belong to us: breaking Facebook's social authentication.

[BibT_eX]

[DOI]

Proceedings of the 28th Annual Computer Security Applications Conference, 2012

2011

we.b: the web of short urls.

[BibT_eX]

[DOI]

Thomas Karagiannis

Proceedings of the 20th International Conference on World Wide Web, 2011

Dynamic Monitoring of Dark IP Address Space (Poster).

[BibT_eX]

[DOI]

Proceedings of the Traffic Monitoring and Analysis - Third International Workshop, 2011

Detecting social network profile cloning.

[BibT_eX]

[DOI]

Proceedings of the Ninth Annual IEEE International Conference on Pervasive Computing and Communications, 2011

An empirical study on the security of cross-domain policies in rich internet applications.

[BibT_eX]

[DOI]

Demetres Antoniades

Proceedings of the Fourth European Workshop on System Security, 2011

dead.drop: URL-Based Stealthy Messaging.

[BibT_eX]

[DOI]

Michalis Polychronakis

Proceedings of the Seventh European Conference on Computer Network Defense, 2011

CAPTCHuring Automated (Smart) Phone Attacks.

[BibT_eX]

[DOI]

Proceedings of the First SysSec Workshop 2011, 2011

Outsourcing Malicious Infrastructure to the Cloud.

[BibT_eX]

[DOI]

Proceedings of the First SysSec Workshop 2011, 2011

2010

Using social networks to harvest email addresses.

[BibT_eX]

[DOI]

Proceedings of the 2010 ACM Workshop on Privacy in the Electronic Society, 2010

A Systematic Characterization of IM Threats using Honeypots.

[BibT_eX]

[DOI]

Thanasis Petsas

Spyros Antonatos

Proceedings of the Network and Distributed System Security Symposium, 2010

D(e|i)aling with VoIP: Robust Prevention of DIAL Attacks.

[BibT_eX]

[DOI]

Alexandros Kapravelos

Elias Athanasopoulos