Luca Compagna

Orcid: 0009-0003-1072-4352

Affiliations:
  • University of Genoa, Italy


According to our database1, Luca Compagna authored at least 52 papers between 2001 and 2024.

Collaborative distances:

Timeline

Legend:

Book 
In proceedings 
Article 
PhD thesis 
Dataset
Other 

Links

Online presence:

On csauthors.net:

Bibliography

2024
FP-tracer: Fine-grained Browser Fingerprinting Detection via Taint-tracking and Entropy-based Thresholds.
Proc. Priv. Enhancing Technol., 2024

ModSec-Learn: Boosting ModSecurity with Machine Learning.
CoRR, 2024

CSRFing the SSO Waves: Security Testing of SSO-Based Account Linking Process.
Proceedings of the 9th IEEE European Symposium on Security and Privacy, 2024

2023
Adversarial ModSecurity: Countering Adversarial SQL Injections with Robust Machine Learning.
CoRR, 2023

WHIP: Improving Static Vulnerability Detection in Web Application by Forcing tools to Collaborate.
Proceedings of the 32nd USENIX Security Symposium, 2023

Raze to the Ground: Query-Efficient Adversarial HTML Attacks on Machine-Learning Phishing Webpage Detectors.
Proceedings of the 16th ACM Workshop on Artificial Intelligence and Security, 2023

2022
Testability Tarpits: the Impact of Code Patterns on the Security Testing of Web Applications.
Proceedings of the 29th Annual Network and Distributed System Security Symposium, 2022

The Convergence of Source Code and Binary Vulnerability Discovery - A Case Study.
Proceedings of the ASIA CCS '22: ACM Asia Conference on Computer and Communications Security, Nagasaki, Japan, 30 May 2022, 2022

2021
A preliminary study on the adoption and effectiveness of SameSite cookies as a CSRF defence.
Proceedings of the IEEE European Symposium on Security and Privacy Workshops, 2021

2020
Bulwark: Holistic and Verified Security Monitoring of Web Protocols.
Proceedings of the Computer Security - ESORICS 2020, 2020

2017
Automatically finding execution scenarios to deploy security-sensitive workflows.
J. Comput. Secur., 2017

Large-Scale Analysis & Detection of Authentication Cross-Site Request Forgeries.
Proceedings of the 2017 IEEE European Symposium on Security and Privacy, 2017

Aegis: Automatic Enforcement of Security Policies in Workflow-driven Web Applications.
Proceedings of the Seventh ACM Conference on Data and Application Security and Privacy, 2017

2016
SATMC: a SAT-based model checker for security protocols, business processes, and security APIs.
Int. J. Softw. Tools Technol. Transf., 2016

Cerberus: Automated Synthesis of Enforcement Mechanisms for Security-Sensitive Business Processes.
Proceedings of the Tools and Algorithms for the Construction and Analysis of Systems, 2016

Attack Patterns for Black-Box Security Testing of Multi-Party Web Applications.
Proceedings of the 23rd Annual Network and Distributed System Security Symposium, 2016

2015
Security Threat Identification and Testing.
Proceedings of the 8th IEEE International Conference on Software Testing, 2015

Assisting the Deployment of Security-Sensitive Workflows by Finding Execution Scenarios.
Proceedings of the Data and Applications Security and Privacy XXIX, 2015

2014
Compliance Validation of Secure Service Compositions.
Proceedings of the Secure and Trustworthy Service Composition - The Aniketos Approach, 2014

SATMC: A SAT-Based Model Checker for Security-Critical Systems.
Proceedings of the Tools and Algorithms for the Construction and Analysis of Systems, 2014

From Research Results to Strategy: A Mapping Exercise.
Proceedings of the ISSE 2014, 2014

2013
An authentication flaw in browser-based Single Sign-On protocols: Impact and remediations.
Comput. Secur., 2013

A Tool for Supporting Developers in Analyzing the Security of Web-Based Security Protocols.
Proceedings of the Testing Software and Systems, 2013

Business Process Compliance via Security Validation as a Service.
Proceedings of the Sixth IEEE International Conference on Software Testing, 2013

2012
The AVANTSSAR Platform for the Automated Validation of Trust and Security of Service-Oriented Architectures.
Proceedings of the Tools and Algorithms for the Construction and Analysis of Systems, 2012

2011
Multi-Attacker Protocol Validation.
J. Autom. Reason., 2011

From Multiple Credentials to Browser-Based Single Sign-On: Are We More Secure?
Proceedings of the Future Challenges in Security and Privacy for Academia and Industry, 2011

Security validation tool for business processes.
Proceedings of the 16th ACM Symposium on Access Control Models and Technologies, 2011

Security Validation of Business Processes via Model-Checking.
Proceedings of the Engineering Secure Software and Systems - Third International Symposium, 2011

2010
A Dynamic Security Framework for Ambient Intelligent Systems: A Smart-Home Based eHealth Application.
Trans. Comput. Sci., 2010

Model-Checking Driven Security Testing of Web-Based Applications.
Proceedings of the Third International Conference on Software Testing, 2010

2009
Verification of S&D Solutions for Network Communications and Devices.
Proceedings of the Security and Dependability for Ambient Intelligence, 2009

LTL model checking for security protocols.
J. Appl. Non Class. Logics, 2009

How to integrate legal requirements into a requirements engineering methodology for the development of security and privacy patterns.
Artif. Intell. Law, 2009

Attacking Each Other.
Proceedings of the Security Protocols XVII, 2009

Validating Security Protocols under the General Attacker.
Proceedings of the Foundations and Applications of Security Analysis, 2009

Towards Validating Security Protocol Deployment in the Wild.
Proceedings of the 33rd Annual IEEE International Computer Software and Applications Conference, 2009

2008
Towards Adaptive Security for Ubiquitous Computing Systems.
Proceedings of the Handbook of Research on Ubiquitous Computing Technology for Real Time Enterprises, 2008

SAT-based model-checking for security protocols analysis.
Int. J. Inf. Sec., 2008

Formal analysis of SAML 2.0 web browser single sign-on: breaking the SAML-based single sign-on for google apps.
Proceedings of the 6th ACM Workshop on Formal Methods in Security Engineering, 2008

2007
Preface.
Proceedings of the 3rd International Workshop on Security and Trust Management, 2007

How to capture, model, and verify the knowledge of legal, security, and privacy experts: a pattern-based approach.
Proceedings of the Eleventh International Conference on Artificial Intelligence and Law, 2007

2005
The AVISPA Tool for the Automated Validation of Internet Security Protocols and Applications.
Proceedings of the Computer Aided Verification, 17th International Conference, 2005

Rewriting and Decision Procedure Laboratory: Combining Rewriting, Satisfiability Checking, and Lemma Speculation.
Proceedings of the Mechanizing Mathematical Reasoning, 2005

2004
An Optimized Intruder Model for SAT-based Model-Checking of Security Protocols.
Proceedings of the Workshop on Automated Reasoning for Security Protocol Analysis, 2004

Automatic Compilation of Protocol Insecurity Problems into Logic Programming.
Proceedings of the Logics in Artificial Intelligence, 9th European Conference, 2004

SATMC: A SAT-Based Model Checker for Security Protocols.
Proceedings of the Logics in Artificial Intelligence, 9th European Conference, 2004

2003
Abstraction-Driven SAT-based Analysis of Security Protocols.
Proceedings of the Theory and Applications of Satisfiability Testing, 2003

SAT-Based Model-Checking of Security Protocols Using Planning Graph Analysis.
Proceedings of the FME 2003: Formal Methods, 2003

2002
Automatic SAT-Compilation of Protocol Insecurity Problems via Reduction to Planning.
Proceedings of the Formal Techniques for Networked and Distributed Systems, 2002

The AVISS Security Protocol Analysis Tool.
Proceedings of the Computer Aided Verification, 14th International Conference, 2002

2001
System Description: RDL : Rewrite and Decision Procedure Laboratory.
Proceedings of the Automated Reasoning, First International Joint Conference, 2001


  Loading...