Publications

(2024). The Unpatchables: Why Municipalities Persist in Running Vulnerable Hosts. USENIX Security.

PDF Cite Source

(2024). Charting the Path to SBOM Adoption: A Business Stakeholder-Centric Approach. ACM ASIACCS.

PDF Cite

(2024). Finding Harmony in the Noise: Blending Security Alerts for Attack Detection. SAC'24 (SEC).

PDF Cite

(2023). Tough Decisions? Supporting System Classification According to the AI Act. JURIX.

PDF Cite DOI Artifact

(2023). Peering into the Darkness: The Use of UTRS in Combating DDoS Attacks. ESORICS.

PDF Cite Slides APNIC Blog Post

(2023). Intercept and Inject: DNS Response Manipulation in the Wild. PAM.

PDF Cite DOI

(2020). Fine-grained Code Coverage Measurement in Automated Black-box Android Testing. ACM TOSEM.

PDF Cite Code Video DOI

(2020). Dissecting Android Cryptocurrency Miners. ACM CODASPY.

PDF Cite DOI arXiv

(2020). StaDART: Addressing the Problem of Dynamic Code Updates in the Security Analysis of Android Applications. Elsevier JSS.

PDF Cite DOI

(2019). Characterizing Bitcoin Donations to Open Source Software on GitHub. arXiv.

PDF Cite arXiv

(2019). Dissecting Android Cryptocurrency Miners. arXiv.

PDF Cite arXiv

(2018). Fine-grained Code Coverage Measurement in Automated Black-box Android Testing. arXiv.

PDF Cite Code arXiv

(2018). The Influence of Code Coverage Metrics on Automated Testing Efficiency in Android. ACM CCS.

PDF Cite Poster DOI

(2018). An Effective Android Code Coverage Tool. ACM CCS.

PDF Cite Code Poster Video DOI

(2018). A Survey on Malicious Domains Detection Through DNS Data Analysis. ACM CSUR.

PDF Cite DOI arXiv

(2017). Profiling DRDoS Attacks with Data Analytics Pipeline. ACM CIKM.

PDF Cite DOI

(2017). Please Hold On: Unobtrusive User Authentication Using Smartphone's Built-in Sensors. IEEE ISBA.

PDF Cite DOI

(2016). Visualization of Actionable Knowledge to Mitigate DRDoS Attacks. IEEE VizSec.

PDF Cite DOI

(2016). Evaluation of Resource-based App Repackaging Detection in Android. NordSec.

PDF Cite Code DOI

(2015). Towards Black Box Testing of Android Apps. ARES.

PDF Cite Code DOI

(2015). Security of the Android Operating System. CRiSIS.

PDF Cite Slides DOI

(2015). StaDynA: Addressing the Problem of Dynamic Code Updates in the Security Analysis of Android Applications. ACM CODASPY.

PDF Cite Code Slides DOI

(2014). FSquaDRA: Fast Detection of Repackaged Applications. DBSec.

PDF Cite Code Slides DOI

(2014). Security in the Firefox OS and Tizen Mobile Platforms. IEEE Computer.

PDF Cite Video DOI

(2014). TruStore: Implementing a Trusted Store for Android. Technical report.

PDF Cite Source Document

(2014). MOSES: Supporting and Enforcing Security Profiles on Smartphones. IEEE TDSC.

PDF Cite Video DOI

(2014). Android Security (and Not) Internals. Online.

PDF Cite

(2013). DEMO: Enabling Trusted Stores for Android. ACM CCS.

PDF Cite Poster DOI

(2012). Demonstrating the Effectiveness of MOSES for Separation of Execution Modes. ACM CCS.

PDF Cite Poster Video DOI

(2012). CRêPE: A System for Enforcing Fine-Grained Context-Related Policies on Android. IEEE TIFS.

PDF Cite DOI

(2011). YAASE: Yet Another Android Security Extension. IEEE PASSAT/SocialCom.

PDF Cite DOI