Riccardo Focardi

Proceedings of the Computer Security - ESORICS 2022, 2022

2021

FWS: Analyzing, maintaining and transcompiling firewalls.

[BibT_eX]

[DOI]

J. Comput. Secur., 2021

Firmware Extraction from Real IoT Devices through Power Analysis of AES.

[BibT_eX]

[DOI]

Proceedings of the Italian Conference on Cybersecurity, 2021

A Formally Verified Configuration for Hardware Security Modules in the Cloud.

[BibT_eX]

[DOI]

Proceedings of the CCS '21: 2021 ACM SIGSAC Conference on Computer and Communications Security, Virtual Event, Republic of Korea, November 15, 2021

Secure Key Management Policies in Strand Spaces.

[BibT_eX]

[DOI]

Proceedings of the Protocols, Strands, and Logic, 2021

2020

Machine Learning for Web Vulnerability Detection: The Case of Cross-Site Request Forgery.

[BibT_eX]

[DOI]

IEEE Secur. Priv., 2020

A Hard Lesson: Assessing the HTTPS Deployment of Italian University Websites.

[BibT_eX]

[DOI]

Proceedings of the Fourth Italian Conference on Cyber Security, 2020

Automated Analysis of PUF-based Protocols.

[BibT_eX]

[DOI]

Proceedings of the 33rd IEEE Computer Security Foundations Symposium, 2020

Language-Based Web Session Integrity.

[BibT_eX]

[DOI]

Proceedings of the 33rd IEEE Computer Security Foundations Symposium, 2020

2019

Gathering of robots in a ring with mobile faults.

[BibT_eX]

[DOI]

Theor. Comput. Sci., 2019

Shaping the Glitch: Optimizing Voltage Fault Injection Attacks.

[BibT_eX]

[DOI]

Claudio Bozzato

Francesco Palmarini

IACR Trans. Cryptogr. Hardw. Embed. Syst., 2019

Usable security for QR code.

[BibT_eX]

[DOI]

Heider A. M. Wahsheh

J. Inf. Secur. Appl., 2019

Postcards from the Post-HTTP World: Amplification of HTTPS Vulnerabilities in the Web Ecosystem.

[BibT_eX]

[DOI]

Proceedings of the 2019 IEEE Symposium on Security and Privacy, 2019

Mitch: A Machine Learning Approach to the Black-Box Detection of CSRF Vulnerabilities.

[BibT_eX]

[DOI]

Proceedings of the IEEE European Symposium on Security and Privacy, 2019

2018

WPSE: Fortifying Web Protocols via Browser-Side Security Monitoring.

[BibT_eX]

[DOI]

Proceedings of the 27th USENIX Security Symposium, 2018

Transcompiling Firewalls.

[BibT_eX]

[DOI]

Proceedings of the Principles of Security and Trust - 7th International Conference, 2018

Mind Your Keys? A Security Evaluation of Java Keystores.

[BibT_eX]

[DOI]

Proceedings of the 25th Annual Network and Distributed System Security Symposium, 2018

Firewall Management With FireWall Synthesizer.

[BibT_eX]

[DOI]

Proceedings of the Second Italian Conference on Cyber Security, Milan, Italy, February 6th - to, 2018

Neural Cryptanalysis of Classical Ciphers.

[BibT_eX]

[DOI]

Proceedings of the 19th Italian Conference on Theoretical Computer Science, 2018

Usable cryptographic QR codes.

[BibT_eX]

[DOI]

Heider A. M. Wahsheh

Proceedings of the IEEE International Conference on Industrial Technology, 2018

Language-Independent Synthesis of Firewall Policies.

[BibT_eX]

[DOI]

Proceedings of the 2018 IEEE European Symposium on Security and Privacy, 2018

Security Threats and Solutions for Two-Dimensional Barcodes: A Comparative Study.

[BibT_eX]

[DOI]

Heider A. M. Wahsheh

Proceedings of the Computer and Network Security Essentials., 2018

2017

Formal methods for web security.

[BibT_eX]

[DOI]

Stefano Calzavara

J. Log. Algebraic Methods Program., 2017

Surviving the Web: A Journey into Web Session Security.

[BibT_eX]

[DOI]

ACM Comput. Surv., 2017

Run-Time Attack Detection in Cryptographic APIs.

[BibT_eX]

[DOI]

Marco Squarcina

Proceedings of the 30th IEEE Computer Security Foundations Symposium, 2017

2016

APDU-Level Attacks in PKCS#11 Devices.

[BibT_eX]

[DOI]

Proceedings of the Research in Attacks, Intrusions, and Defenses, 2016

Gathering of Robots in a Ring with Mobile Faults.

[BibT_eX]

[DOI]

Proceedings of the 17th Italian Conference on Theoretical Computer Science, 2016

Micro-policies for Web Session Security.

[BibT_eX]

[DOI]

Proceedings of the IEEE 29th Computer Security Foundations Symposium, 2016

Localizing Firewall Security Policies.

[BibT_eX]

[DOI]

Proceedings of the IEEE 29th Computer Security Foundations Symposium, 2016

2015

CookiExt: Patching the browser against session hijacking attacks.

[BibT_eX]

[DOI]

J. Comput. Secur., 2015

Static Evidences for Attack Reconstruction.

[BibT_eX]

[DOI]

Chiara Bodei

Linda Brodo

Proceedings of the Programming Languages with Applications to Biology and Security, 2015

Getting to know your Card: Reverse-Engineering the Smart-Card Application Protocol Data Unit.

[BibT_eX]

[DOI]

Proceedings of the 31st Annual Computer Security Applications Conference, 2015

2014

Automatic and Robust Client-Side Protection for Cookie-Based Sessions.

[BibT_eX]

[DOI]

Proceedings of the Engineering Secure Software and Systems - 6th International Symposium, 2014

Provably Sound Browser-Based Enforcement of Web Session Integrity.

[BibT_eX]

[DOI]

Proceedings of the IEEE 27th Computer Security Foundations Symposium, 2014

Mignis: A Semantic Based Tool for Firewall Configuration.

[BibT_eX]

[DOI]

Proceedings of the IEEE 27th Computer Security Foundations Symposium, 2014

2013

Type-based analysis of key management in PKCS#11 cryptographic devices.

[BibT_eX]

[DOI]

J. Comput. Secur., 2013

Type-Based Analysis of Generic Key Management APIs (Long Version).

[BibT_eX]

[DOI]

Pedro Adão

IACR Cryptol. ePrint Arch., 2013

Type-Based Analysis of Generic Key Management APIs.

[BibT_eX]

[DOI]

Pedro Adão

Proceedings of the 2013 IEEE 26th Computer Security Foundations Symposium, 2013

2012

Guessing Bank PINs by Winning a Mastermind Game.

[BibT_eX]

[DOI]

Theory Comput. Syst., 2012

Efficient Padding Oracle Attacks on Cryptographic Hardware.

[BibT_eX]

[DOI]

IACR Cryptol. ePrint Arch., 2012

Analysis of Security APIs (Dagstuhl Seminar 12482).

[BibT_eX]

[DOI]

Dagstuhl Reports, 2012

Type-Based Analysis of PKCS#11 Key Management.

[BibT_eX]

[DOI]

Proceedings of the Principles of Security and Trust - First International Conference, 2012

Gran: Model Checking Grsecurity RBAC Policies.

[BibT_eX]

[DOI]

Proceedings of the 25th IEEE Computer Security Foundations Symposium, 2012

2011

Secure Recharge of Disposable RFID Tickets.

[BibT_eX]

[DOI]

Proceedings of the Formal Aspects of Security and Trust - 8th International Workshop, 2011

An Introduction to Security API Analysis.

[BibT_eX]

[DOI]

Graham Steel

Proceedings of the Foundations of Security Analysis and Design VI, 2011

Types for Security Protocols.

[BibT_eX]

[DOI]

Proceedings of the Formal Models and Techniques for Analyzing Security Protocols, 2011

2010

Channel abstractions for network security.

[BibT_eX]

[DOI]

Math. Struct. Comput. Sci., 2010

Editorial.

[BibT_eX]

[DOI]

J. Comput. Secur., 2010

Secure Upgrade of Hardware Security Modules in Bank Networks.

[BibT_eX]

[DOI]

Proceedings of the Automated Reasoning for Security Protocol Analysis and Issues in the Theory of Security, 2010

Formal Analysis of Key Integrity in PKCS#11.

[BibT_eX]

[DOI]

Andrea Falcone

Proceedings of the Automated Reasoning for Security Protocol Analysis and Issues in the Theory of Security, 2010

Match It or Die: Proving Integrity by Equality.

[BibT_eX]

[DOI]

Proceedings of the Automated Reasoning for Security Protocol Analysis and Issues in the Theory of Security, 2010

Cracking Bank PINs by Playing Mastermind.

[BibT_eX]

[DOI]

Proceedings of the Fun with Algorithms, 5th International Conference, 2010

Attacking and fixing PKCS#11 security tokens.

[BibT_eX]

[DOI]

Proceedings of the 17th ACM Conference on Computer and Communications Security, 2010

2009

Blunting Differential Attacks on PIN Processing APIs.

[BibT_eX]

[DOI]

Graham Steel

Proceedings of the Identity and Privacy in the Internet Age, 2009

Type-Based Analysis of PIN Processing APIs.

[BibT_eX]

[DOI]

Proceedings of the Computer Security, 2009

2008

Information flow security in Boundary Ambients.

[BibT_eX]

[DOI]

Inf. Comput., 2008

Security Abstractions and Intruder Models (Extended Abstract).

[BibT_eX]

[DOI]

Proceedings of the 15th Workshop on Expressiveness in Concurrency, 2008

Information flow security of multi-threaded distributed programs.

[BibT_eX]

[DOI]

Proceedings of the 2008 Workshop on Programming Languages and Analysis for Security, 2008

Language Based Secure Communication.

[BibT_eX]

[DOI]

Proceedings of the 21st IEEE Computer Security Foundations Symposium, 2008

2007

Dynamic types for authentication.

[BibT_eX]

[DOI]

J. Comput. Secur., 2007

A calculus of challenges and responses.

[BibT_eX]

[DOI]

Proceedings of the 2007 ACM workshop on Formal methods in security engineering, 2007

2006

Guest editor's introduction: Special issue on security issues in coordination models, languages, and systems.

[BibT_eX]

[DOI]

Gianluigi Zavattaro

Sci. Comput. Program., 2006

Secure shared data-space coordination languages: A process algebraic survey.

[BibT_eX]

[DOI]

Roberto Lucchi

Gianluigi Zavattaro

Sci. Comput. Program., 2006

Information flow security in dynamic contexts.

[BibT_eX]

[DOI]

Sabina Rossi

J. Comput. Secur., 2006

Preface.

[BibT_eX]

[DOI]

J. Comput. Secur., 2006

2005

Guest editor's preface.

[BibT_eX]

[DOI]

J. Comput. Secur., 2005

Authentication primitives for secure protocol specifications.

[BibT_eX]

[DOI]

Future Gener. Comput. Syst., 2005

Inferring authentication tags.

[BibT_eX]

[DOI]

Francesco Placella

Proceedings of the POPL 2005 Workshop on Issues in the Theory of Security, 2005

Bridging Language-Based and Process Calculi Security.

[BibT_eX]

[DOI]

Sabina Rossi

Andrei Sabelfeld

Proceedings of the Foundations of Software Science and Computational Structures, 2005

Analysis of Typed Analyses of Authentication Protocols.

[BibT_eX]

[DOI]

Proceedings of the 18th IEEE Computer Security Foundations Workshop, 2005

2004

Preface.

[BibT_eX]

[DOI]

Gianluigi Zavattaro

Proceedings of the 2nd International Workshop on Security Issues in Coordination Models, 2004

A modular approach to Sprouts.

[BibT_eX]

[DOI]

Discret. Appl. Math., 2004

Nesting analysis of mobile ambients.

[BibT_eX]

[DOI]

Comput. Lang. Syst. Struct., 2004

Verifying persistent security properties.

[BibT_eX]

[DOI]

Comput. Lang. Syst. Struct., 2004

Static Analysis of Authentication.

[BibT_eX]

[DOI]

Proceedings of the Foundations of Security Analysis and Design III, 2004

Compositional Analysis of Authentication Protocols.

[BibT_eX]

[DOI]

Proceedings of the Programming Languages and Systems, 2004

Authenticity by tagging and typing.

[BibT_eX]

[DOI]

Proceedings of the 2004 ACM Workshop on Formal Methods in Security Engineering, 2004

2003

A comparison of three authentication properties.

[BibT_eX]

[DOI]

Theor. Comput. Sci., 2003

Real-time information flow analysis.

[BibT_eX]

[DOI]

IEEE J. Sel. Areas Commun., 2003

The rho-spi Calculus at Work: Authentication Case Studies.

[BibT_eX]

[DOI]

Proceedings of the Formal Methods for Security and Time: Proceedings of the MEFISTO Project 2003, 2003

Behind BANANA: Design and Implementation of a Tool for Nesting Analysis of Mobile Ambients.

[BibT_eX]

[DOI]

Proceedings of the Formal Methods for Security and Time: Proceedings of the MEFISTO Project 2003, 2003

Information Leakage Detection in Boundary Ambients.

[BibT_eX]

[DOI]

Proceedings of the Computing: the Australasian Theory Symposiumm, 2003

Unwinding in Information Flow Security.

[BibT_eX]

[DOI]

Proceedings of the Formal Methods for Security and Time: Proceedings of the MEFISTO Project 2003, 2003

Complexity of Nesting Analysis in Mobile Ambients.

[BibT_eX]

[DOI]

Proceedings of the Verification, 2003

Bisimulation and Unwinding for Verifying Possibilistic Security Properties.

[BibT_eX]

[DOI]

Proceedings of the Verification, 2003

BANANA - A Tool for Boundary Ambients Nesting ANAlysis.

[BibT_eX]

[DOI]

Proceedings of the Tools and Algorithms for the Construction and Analysis of Systems, 2003

Refinement Operators and Information Flow Security.

[BibT_eX]

[DOI]

Proceedings of the 1st International Conference on Software Engineering and Formal Methods (SEFM 2003), 2003

Authentication Primitives for Protocol Specifications.

[BibT_eX]

[DOI]

Proceedings of the Parallel Computing Technologies, 2003

Principles for Entity Authentication.

[BibT_eX]

[DOI]

Proceedings of the Perspectives of Systems Informatics, 2003

2002

Primitives for authentication in process algebras.

[BibT_eX]

[DOI]

Theor. Comput. Sci., 2002

Computer languages and security.

[BibT_eX]

[DOI]

Comput. Lang. Syst. Struct., 2002

Security boundaries in mobile ambients.

[BibT_eX]

[DOI]

Comput. Lang. Syst. Struct., 2002

Proofs Methods for Bisimulation Based Information Flow Security.

[BibT_eX]

[DOI]

Carla Piazza

Sabina Rossi

Proceedings of the Verification, 2002

A Proof System for Information Flow Security.

[BibT_eX]

[DOI]

Proceedings of the Logic Based Program Synthesis and Tranformation, 2002

Boundary Inference for Enforcing Security Policies in Mobile Ambients.

[BibT_eX]

[DOI]

Proceedings of the Foundations of Information Technology in the Era of Networking and Mobile Computing, 2002

Classification of Security Properties - Part II: Network Security.

[BibT_eX]

[DOI]

Proceedings of the Foundations of Security Analysis and Design II, 2002

A Survey of Name-Passing Calculi and Crypto-Primitives.

[BibT_eX]

[DOI]

Proceedings of the Foundations of Security Analysis and Design II, 2002

Control Flow Analysis of Mobile Ambients with Security Boundaries.

[BibT_eX]

Proceedings of the Formal Methods for Open Object-Based Distributed Systems V, 2002

Transforming Processes to Check and Ensure Information Flow Security.

[BibT_eX]

[DOI]

Proceedings of the Algebraic Methodology and Software Technology, 2002

2001

Formal Models of Timing Attacks on Web Privacy.

[BibT_eX]

[DOI]

Andrea Maggiolo-Schettini

Ruggero Lanotte

Simone Tini

Enrico Tronci

Proceedings of the Theory of Concurrency, Higher Order Languages and Types, 2001

Information Flow Security in Mobile Ambients.

[BibT_eX]

[DOI]

Proceedings of the International Workshop on Concurrency and Coordination, 2001

Techniques for Security Checking: Non-Interference vs Control Flow Analysis.

[BibT_eX]

[DOI]

Proceedings of the Theory of Concurrency, Higher Order Languages and Types, 2001

CVS at Work: A Report on New Failures upon Some Cryptographic Protocols.

[BibT_eX]

[DOI]

Antonio Durante

Proceedings of the Information Assurance in Computer Networks: Methods, 2001

2000

A compiler for analyzing cryptographic protocols using noninterference.

[BibT_eX]

[DOI]

Antonio Durante

ACM Trans. Softw. Eng. Methodol., 2000

Feedback vertex set in hypercubes.

[BibT_eX]

[DOI]

David Peleg

Inf. Process. Lett., 2000

Non Interference for the Analysis of Cryptographic Protocols.

[BibT_eX]

[DOI]

Proceedings of the Automata, Languages and Programming, 27th International Colloquium, 2000

Classification of Security Properties (Part I: Information Flow).

[BibT_eX]

[DOI]

Proceedings of the Foundations of Security Analysis and Design, 2000

Information Flow Analysis in a Discrete-Time Process Algebra.

[BibT_eX]

[DOI]

Proceedings of the 13th IEEE Computer Security Foundations Workshop, 2000

Message Authentication through Non Interference.

[BibT_eX]

[DOI]

Proceedings of the Algebraic Methodology and Software Technology. 8th International Conference, 2000

1999

Secrecy in Security Protocols as Non Interference.

[BibT_eX]

[DOI]

Proceedings of the Workshop on Secure Architectures and Information Flow 1999, 1999

A Uniform Approach for the Definition of Security Properties.

[BibT_eX]

[DOI]

Proceedings of the FM'99 - Formal Methods, 1999

CVS: A Compiler for the Analysis of Cryptographic Protocols.

[BibT_eX]

[DOI]

Antonio Durante

Proceedings of the 12th IEEE Computer Security Foundations Workshop, 1999

Authentication via Localized Names.

[BibT_eX]

[DOI]

Proceedings of the 12th IEEE Computer Security Foundations Workshop, 1999

1998

Panel Introduction: Varieties of Authentication.

[BibT_eX]

[DOI]

Proceedings of the 11th IEEE Computer Security Foundations Workshop, 1998

1997

The Compositional Security Checker: A Tool for the Verification of Information Flow Security Properties.

[BibT_eX]

[DOI]

IEEE Trans. Software Eng., 1997

1996

Automatic Compositional Verification of Some Security Properties.

[BibT_eX]

[DOI]

Proceedings of the Tools and Algorithms for Construction and Analysis of Systems, 1996

Comparing Two Information Flow Security Properties.

[BibT_eX]

[DOI]

Proceedings of the Ninth IEEE Computer Security Foundations Workshop, March 10, 1996

1995

A Taxonomy of Security Properties for Process Algebras.

[BibT_eX]

[DOI]

J. Comput. Secur., 1995

The security checker: a semantics-based tool for the verification of security properties.

[BibT_eX]

[DOI]

V. Panini

Proceedings of the Eighth IEEE Computer Security Foundations Workshop (CSFW '95), 1995

1994

A Taxonomy of Security Properties for CCS.

[BibT_eX]

[DOI]