Tom van Goethem

Proc. Priv. Enhancing Technol., October, 2023

A Bug's Life: Analyzing the Lifecycle and Mitigation Process of Content Security Policy Bugs.

[BibT_eX]

[DOI]

Proceedings of the 32nd USENIX Security Symposium, 2023

Scripted Henchmen: Leveraging XS-Leaks for Cross-Site Vulnerability Detection.

[BibT_eX]

[DOI]

Iskander Sánchez-Rola

Proceedings of the 2023 IEEE Security and Privacy Workshops (SPW), 2023

Time Will Tell: Exploiting Timing Leaks Using HTTP Response Headers.

[BibT_eX]

[DOI]

Vik Vanderlinden

Mathy Vanhoef

Proceedings of the Computer Security - ESORICS 2023, 2023

2022

Trace Oddity: Methodologies for Data-Driven Traffic Analysis on Tor.

[BibT_eX]

[DOI]

Vera Rimmer

Theodor Schnitzler

Abel Rodríguez Romero

Katharina Kohls

Proc. Priv. Enhancing Technol., 2022

An Audit of Facebook's Political Ad Policy Enforcement.

[BibT_eX]

[DOI]

Proceedings of the 31st USENIX Security Symposium, 2022

Helping hands: Measuring the impact of a large threat intelligence sharing community.

[BibT_eX]

[DOI]

Carlos Hernandez Gañán

Giovane C. M. Moura

Samaneh Tajalizadehkhoob

Michel van Eeten

Proceedings of the 31st USENIX Security Symposium, 2022

Towards Improving the Deprecation Process of Web Features through Progressive Web Security.

[BibT_eX]

[DOI]

Proceedings of the 43rd IEEE Security and Privacy, 2022

SoK: Exploring Current and Future Research Directions on XS-Leaks through an Extended Formal Model.

[BibT_eX]

[DOI]

Iskander Sánchez-Rola

David Dworken

Proceedings of the ASIA CCS '22: ACM Asia Conference on Computer and Communications Security, Nagasaki, Japan, 30 May 2022, 2022

2021

The CNAME of the Game: Large-scale Analysis of DNS-based Tracking Evasion.

[BibT_eX]

[DOI]

Proc. Priv. Enhancing Technol., 2021

Reading Between the Lines: An Extensive Evaluation of the Security and Privacy Implications of EPUB Reading Systems.

[BibT_eX]

[DOI]

Proceedings of the 42nd IEEE Symposium on Security and Privacy, 2021

2020

Timeless Timing Attacks: Exploiting Concurrency to Leak Secrets over Remote Connections.

[BibT_eX]

[DOI]

Proceedings of the 29th USENIX Security Symposium, 2020

A Practical Approach for Taking Down Avalanche Botnets Under Real-World Constraints.

[BibT_eX]

[DOI]

Proceedings of the 27th Annual Network and Distributed System Security Symposium, 2020

2019

Exposing Cookie Policy Flaws Through an Extensive Evaluation of Browsers and Their Extensions.

[BibT_eX]

[DOI]

IEEE Secur. Priv., 2019

Evaluating the Long-term Effects of Parameters on the Characteristics of the Tranco Top Sites Ranking.

[BibT_eX]

[DOI]

Proceedings of the 12th USENIX Workshop on Cyber Security Experimentation and Test, 2019

A Smörgåsbord of Typos: Exploring International Keyboard Layout Typosquatting.

[BibT_eX]

[DOI]

Proceedings of the 2019 IEEE Security and Privacy Workshops, 2019

Funny Accents: Exploring Genuine Interest in Internationalized Domain Names.

[BibT_eX]

[DOI]

Proceedings of the Passive and Active Measurement - 20th International Conference, 2019

Tranco: A Research-Oriented Top Sites Ranking Hardened Against Manipulation.

[BibT_eX]

[DOI]

Samaneh Tajalizadehkhoob

Maciej Korczynski

Proceedings of the 26th Annual Network and Distributed System Security Symposium, 2019

Mobile Friendly or Attacker Friendly?: A Large-scale Security Evaluation of Mobile-first Websites.

[BibT_eX]

[DOI]

Proceedings of the 2019 ACM Asia Conference on Computer and Communications Security, 2019

Purchased Fame: Exploring the Ecosystem of Private Blog Networks.

[BibT_eX]

[DOI]

Proceedings of the 2019 ACM Asia Conference on Computer and Communications Security, 2019

2018

Rigging Research Results by Manipulating Top Websites Rankings.

[BibT_eX]

[DOI]

CoRR, 2018

Who Left Open the Cookie Jar? A Comprehensive Evaluation of Third-Party Cookie Policies.

[BibT_eX]

[DOI]

Proceedings of the 27th USENIX Security Symposium, 2018

Automated Website Fingerprinting through Deep Learning.

[BibT_eX]

[DOI]

Proceedings of the 25th Annual Network and Distributed System Security Symposium, 2018

Idea: Visual Analytics for Web Security.

[BibT_eX]

[DOI]

Proceedings of the Engineering Secure Software and Systems - 10th International Symposium, 2018

2017

Automated Feature Extraction for Website Fingerprinting through Deep Learning.

[BibT_eX]

[DOI]

CoRR, 2017

One Side-Channel to Bring Them All and in the Darkness Bind Them: Associating Isolated Browsing Sessions.

[BibT_eX]

[DOI]

Proceedings of the 11th USENIX Workshop on Offensive Technologies, 2017

The Wolf of Name Street: Hijacking Domains Through Their Nameservers.

[BibT_eX]

[DOI]

Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, 2017

Herding Vulnerable Cats: A Statistical Approach to Disentangle Joint Responsibility for Web Security in Shared Hosting.

[BibT_eX]

[DOI]

Samaneh Tajalizadehkhoob

Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, 2017

2016

Request and Conquer: Exposing Cross-Origin Resource Size.

[BibT_eX]

[DOI]

Proceedings of the 25th USENIX Security Symposium, 2016

It's Free for a Reason: Exploring the Ecosystem of Free Live Streaming Services.

[BibT_eX]

[DOI]

Proceedings of the 23rd Annual Network and Distributed System Security Symposium, 2016

Accelerometer-Based Device Fingerprinting for Multi-factor Mobile Authentication.

[BibT_eX]

[DOI]

Proceedings of the Engineering Secure Software and Systems - 8th International Symposium, 2016

2015

Maneuvering Around Clouds: Bypassing Cloud-based Security Providers.

[BibT_eX]

[DOI]

Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, 2015

The Clock is Still Ticking: Timing Attacks in the Modern Web.

[BibT_eX]

[DOI]