Recent publications
Selected publications
-
October 2017
Conference
Evaluation of deception-based web attacks detection
MTD 2017, 4th ACM Workshop on Moving Target Defense, In conjunction with the 24th ACM Conference on Computer and Communications Security (CCS), October 30-November 3, 2017, Dallas, Texas, USA
-
August 2017
Conference
Extension breakdown: Security analysis of browsers extension resources control policies
USENIX 2017, 26th USENIX Security Symposium, August 16-18, 2017, Vancouver, BC, Canada
-
July 2017
Conference
Using chatbots against voice spam: Analyzing Lenny's effectiveness
SOUPS 2017, 13th Symposium on Usable Privacy and Security, July 12-14, 2017, Santa Clara, USA
-
May 2017
Conference
A Lustrum of malware network communication: Evolution and insights
S&P 2017, 37th IEEE Symposium on Security and Privacy, May 23-25, 2017, San Jose, USA
-
April 2017
Conference
SoK: Fraud in telephony networks
EUROS&P 2017, 2nd IEEE European Symposium on Security and Privacy, April 26-28, 2017, Paris, France
-
April 2017
Conference
Attacks landscape in the dark side of the web
SAC 2017, 32nd Annual ACM SIGAPP Symposium on Applied Computing, April 4-6, 2017, Marrakech, Morocco
Best Paper Award
-
April 2017
Conference
The onions have eyes: A comprehensive structure and privacy analysis of tor hidden services
WWW 2017, 26th International World Wide Web Conférence, April 3-7, 2017, Perth, Australia
-
February 2017
Talk
A systemization of fraud in telephony networks, illustrated by a study of over-the-top bypass
SSL 2017, Security Seminar at Loria, 7 February 2017, Nancy, France
-
October 2016
Talk
Analyzing thousands of firmware images and a few physical devices. What?s next?
TRUSTED 2016, 6th International Workshop on Trustworthy Embedded Devices, Co-located with ACM SIGSAC 2016, October 28th, 2016, Vienna, Austria
-
October 2016
Conference
Over-the-top bypass: Study of a recent telephony fraud
CCS 2016, 23rd ACM conference on Computer and communications security, October 24-28, 2016, Vienna, Austria
-
October 2016
Conference
PhishEye: Live monitoring of sandboxed phishing kits
CCS 2016, 23rd ACM conference on Computer and communications security, October 24-28, 2016, Vienna, Austria
ACM Europe Student Best Paper Award
-
September 2016
Conference
Uses and abuses of server-side requests
RAID 2016, 19th International Symposium on Research in Attacks, Intrusions and Defenses, September 19-21, 2016, Evry, France / Also published in LNCS, Vol. 9854/2016
-
September 2016
Conference
Taming transactions: Towards hardware-assisted control flow integrity using transactional memory
RAID 2016, 19th International Symposium on Research in Attacks, Intrusions and Defenses, September 19-21, 2016, Evry, France / Also published in LNCS, Vol. 9854
-
August 2016
Conference
Micro-virtualization memory tracing to detect and prevent spraying attacks
USENIX 2016, 25th USENIX Security Symposium, August 10-12, 2016, Austin, TX, USA
-
July 2016
Conference
Subverting operating system properties through evolutionary DKOM attacks
DIMVA 2016, 13th Conference on Detection of Intrusions and Malware & Vulnerability Assessment, July 7-8, 2016, San Sebastian, Spain / Also published in LNCS, Vol. 9721/2016
-
July 2016
Conference
RAMBO: Run-time packer analysis with multiple branch observation
DIMVA 2016, 13th Conference on Detection of Intrusions and Malware & Vulnerability Assessment, July 7-8, 2016, San Sebastian, Spain / Also published in LNCS, Vol. 9721/2016
-
July 2016
Conference
Google dorks: analysis, creation, and new defenses
DIMVA 2016, 13th Conference on Detection of Intrusions and Malware & Vulnerability Assessment, July 7-8, 2016, San Sebastian, Spain / Also published in LNCS, Vol 9721/2016
-
June 2016
Conference
Measuring the role of greylisting and nolisting in fighting spam
DSN 2016, 46th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, June 28-July 1st, 2016, Toulouse, France
-
May 2016
Conference
ROPMEMU: A framework for the analysis of complex code-reuse attacks
ASIACCS 2016, 11th ACM Asia Conference on Computer and Communications Security, May 30-June 3, 2016, Xi'ian, China
-
May 2016
Report
MobileAppScrutinator: A simple yet efficient dynamic analysis approach for detecting privacy leaks across mobile OSs
Submitted on May 26, 2016
-
April 2016
Conference
Automatic extraction of indicators of compromise for web applications
WWW 2016, 25th International World Wide Web Conference, April 11-15, 2016, Montreal, Canada
-
March 2016
Invited paper in a conference
Trust, but verify: Why and how to establish trust in embedded devices
DATE 2016, Design, Automation and Test in Europe, March 14-18, 2016, Dresden, Germany