Tom van Goethem

Simon Fernandez

Proceedings of the 8th Network Traffic Measurement and Analysis Conference, 2024

2023

Everybody's Looking for SSOmething: A large-scale evaluation on the privacy of OAuth authentication on the web.

[BibT_eX]

[DOI]

Yana Dimova

Proc. Priv. Enhancing Technol., October, 2023

A Bug's Life: Analyzing the Lifecycle and Mitigation Process of Content Security Policy Bugs.

[BibT_eX]

[DOI]

Proceedings of the 32nd USENIX Security Symposium, 2023

Scripted Henchmen: Leveraging XS-Leaks for Cross-Site Vulnerability Detection.

[BibT_eX]

[DOI]

Iskander Sánchez-Rola

Proceedings of the 2023 IEEE Security and Privacy Workshops (SPW), 2023

Time Will Tell: Exploiting Timing Leaks Using HTTP Response Headers.

[BibT_eX]

[DOI]

Vik Vanderlinden

Mathy Vanhoef

Proceedings of the Computer Security - ESORICS 2023, 2023

2022

Trace Oddity: Methodologies for Data-Driven Traffic Analysis on Tor.

[BibT_eX]

[DOI]

Vera Rimmer

Theodor Schnitzler

Abel Rodríguez Romero

Katharina Kohls

Proc. Priv. Enhancing Technol., 2022

An Audit of Facebook's Political Ad Policy Enforcement.

[BibT_eX]

[DOI]

Proceedings of the 31st USENIX Security Symposium, 2022

Helping hands: Measuring the impact of a large threat intelligence sharing community.

[BibT_eX]

[DOI]

Carlos Hernandez Gañán

Giovane C. M. Moura

Michel van Eeten

Proceedings of the 31st USENIX Security Symposium, 2022

Towards Improving the Deprecation Process of Web Features through Progressive Web Security.

[BibT_eX]

[DOI]

Proceedings of the 43rd IEEE Security and Privacy, 2022

SoK: Exploring Current and Future Research Directions on XS-Leaks through an Extended Formal Model.

[BibT_eX]

[DOI]

Iskander Sánchez-Rola

David Dworken

Proceedings of the ASIA CCS '22: ACM Asia Conference on Computer and Communications Security, Nagasaki, Japan, 30 May 2022, 2022

2021

The CNAME of the Game: Large-scale Analysis of DNS-based Tracking Evasion.

[BibT_eX]

[DOI]

Proc. Priv. Enhancing Technol., 2021

Reading Between the Lines: An Extensive Evaluation of the Security and Privacy Implications of EPUB Reading Systems.

[BibT_eX]

[DOI]

Proceedings of the 42nd IEEE Symposium on Security and Privacy, 2021

2020

Timeless Timing Attacks: Exploiting Concurrency to Leak Secrets over Remote Connections.

[BibT_eX]

[DOI]

Proceedings of the 29th USENIX Security Symposium, 2020

A Practical Approach for Taking Down Avalanche Botnets Under Real-World Constraints.

[BibT_eX]

[DOI]

Proceedings of the 27th Annual Network and Distributed System Security Symposium, 2020

2019

Exposing Cookie Policy Flaws Through an Extensive Evaluation of Browsers and Their Extensions.

[BibT_eX]

[DOI]

IEEE Secur. Priv., 2019

Evaluating the Long-term Effects of Parameters on the Characteristics of the Tranco Top Sites Ranking.

[BibT_eX]

[DOI]

Proceedings of the 12th USENIX Workshop on Cyber Security Experimentation and Test, 2019

A Smörgåsbord of Typos: Exploring International Keyboard Layout Typosquatting.

[BibT_eX]

[DOI]

Proceedings of the 2019 IEEE Security and Privacy Workshops, 2019

Funny Accents: Exploring Genuine Interest in Internationalized Domain Names.

[BibT_eX]

[DOI]

Proceedings of the Passive and Active Measurement - 20th International Conference, 2019

Tranco: A Research-Oriented Top Sites Ranking Hardened Against Manipulation.

[BibT_eX]

[DOI]

Maciej Korczynski

Proceedings of the 26th Annual Network and Distributed System Security Symposium, 2019

Mobile Friendly or Attacker Friendly?: A Large-scale Security Evaluation of Mobile-first Websites.

[BibT_eX]

[DOI]

Proceedings of the 2019 ACM Asia Conference on Computer and Communications Security, 2019

Purchased Fame: Exploring the Ecosystem of Private Blog Networks.

[BibT_eX]

[DOI]

Proceedings of the 2019 ACM Asia Conference on Computer and Communications Security, 2019

2018

Rigging Research Results by Manipulating Top Websites Rankings.

[BibT_eX]

[DOI]

CoRR, 2018

Who Left Open the Cookie Jar? A Comprehensive Evaluation of Third-Party Cookie Policies.

[BibT_eX]

[DOI]

Proceedings of the 27th USENIX Security Symposium, 2018

Automated Website Fingerprinting through Deep Learning.

[BibT_eX]

[DOI]

Proceedings of the 25th Annual Network and Distributed System Security Symposium, 2018

Idea: Visual Analytics for Web Security.

[BibT_eX]

[DOI]

Proceedings of the Engineering Secure Software and Systems - 10th International Symposium, 2018

2017

Automated Feature Extraction for Website Fingerprinting through Deep Learning.

[BibT_eX]

[DOI]

CoRR, 2017

One Side-Channel to Bring Them All and in the Darkness Bind Them: Associating Isolated Browsing Sessions.

[BibT_eX]

[DOI]

Proceedings of the 11th USENIX Workshop on Offensive Technologies, 2017

The Wolf of Name Street: Hijacking Domains Through Their Nameservers.

[BibT_eX]

[DOI]

Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, 2017

Herding Vulnerable Cats: A Statistical Approach to Disentangle Joint Responsibility for Web Security in Shared Hosting.

[BibT_eX]

[DOI]

Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, 2017

2016

Request and Conquer: Exposing Cross-Origin Resource Size.

[BibT_eX]

[DOI]

Proceedings of the 25th USENIX Security Symposium, 2016

It's Free for a Reason: Exploring the Ecosystem of Free Live Streaming Services.

[BibT_eX]

[DOI]

Proceedings of the 23rd Annual Network and Distributed System Security Symposium, 2016

Accelerometer-Based Device Fingerprinting for Multi-factor Mobile Authentication.

[BibT_eX]

[DOI]

Proceedings of the Engineering Secure Software and Systems - 8th International Symposium, 2016

2015

Maneuvering Around Clouds: Bypassing Cloud-based Security Providers.

[BibT_eX]

[DOI]

Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, 2015

The Clock is Still Ticking: Timing Attacks in the Modern Web.

[BibT_eX]

[DOI]