This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
publications [2021/09/03 10:41] ducly.vu@unitn.it [2021] Adds videos for APR and LastPyMile talks |
publications [2022/09/14 17:41] (current) matteo.golinelli@unitn.it Add "Web Cache Deception Escalates!" |
||
---|---|---|---|
Line 3: | Line 3: | ||
This page presents the publication of the [[start|Security Group]] in chronological order. You can find them also in the individual [[research_activities|research topics]] or in the pages of the individual [[security_group|members]]. | This page presents the publication of the [[start|Security Group]] in chronological order. You can find them also in the individual [[research_activities|research topics]] or in the pages of the individual [[security_group|members]]. | ||
+ | ===== 2022 ===== | ||
+ | * Seyed Ali Mirheidari, Matteo Golinelli, Kaan Onarlioglu, Engin Kirda, Bruno Crispo. ** Web Cache Deception Escalates!**, The 31st USENIX Security Symposium (USENIX Security '22), 2022. [[https://www.usenix.org/system/files/sec22-mirheidari.pdf|PDF]] [[https://www.usenix.org/conference/usenixsecurity22/presentation/mirheidari|Media]]\\ [[https://portswigger.net/research/top-10-web-hacking-techniques-of-2021-nominations-open|Nominated for Top Web Hacking Technique of 2021.]] | ||
+ | * Giorgio Di Tizio, Michele Armellini, Fabio Massacci, **Software Updates Strategies: a Quantitative Evaluation against Advanced Persistent Threats**. IEEE Transactions on Software Engineering (TSE), 2022 - [[https://ieeexplore.ieee.org/document/9780011|Publisher Version]] | ||
===== 2021 ===== | ===== 2021 ===== | ||
+ | * Giorgio Di Tizio, Fabio Massacci, **A Calculus of Tracking: Theory and Practice**. In Proceedings of the 21st Privacy Enhancing Technologies Symposium (PETS 2021), 2021 - {{:: research_activities:ditizio_pets2021.pdf|Author-accepted manuscript}}, [[https://www.youtube.com/watch?v=N1GufkHEjX8|Video]] | ||
* Duc-Ly Vu, Fabio Massacci, Ivan Pashchenko, Henrik Plate, and Antonino Sabetta. **LastPyMile: Identifying the Discrepancy between Sources and Packages**. In Proceedings of the 29th ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC/FSE), 2021 - {{::research_activities:experiments:esecfse2021.pdf |Author-accepted manuscript}}, [[https://doi.org/10.1145/3468264.3468592|Publisher Version]], [[https://www.youtube.com/watch?v=COoqbCwNqbY|Video]] | * Duc-Ly Vu, Fabio Massacci, Ivan Pashchenko, Henrik Plate, and Antonino Sabetta. **LastPyMile: Identifying the Discrepancy between Sources and Packages**. In Proceedings of the 29th ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC/FSE), 2021 - {{::research_activities:experiments:esecfse2021.pdf |Author-accepted manuscript}}, [[https://doi.org/10.1145/3468264.3468592|Publisher Version]], [[https://www.youtube.com/watch?v=COoqbCwNqbY|Video]] | ||
* Duc-Ly Vu, Ivan Pashchenko, and Fabio Massacci. **Please hold on: more time = more patches? Automated program repair as anytime algorithms**. In Proceedings of //ACM/IEEE International Conference on Software Engineering - Automated Program Repair (APR) workshop//, 2021 - {{ :research_activities:vulnerability-analysis:apr2021.pdf |Author-accepted manuscript}}, [[https://doi.org/10.1109/APR52552.2021.00009|Publisher Version]], [[https://www.youtube.com/watch?v=j8ln1qbh2cI|Video]] | * Duc-Ly Vu, Ivan Pashchenko, and Fabio Massacci. **Please hold on: more time = more patches? Automated program repair as anytime algorithms**. In Proceedings of //ACM/IEEE International Conference on Software Engineering - Automated Program Repair (APR) workshop//, 2021 - {{ :research_activities:vulnerability-analysis:apr2021.pdf |Author-accepted manuscript}}, [[https://doi.org/10.1109/APR52552.2021.00009|Publisher Version]], [[https://www.youtube.com/watch?v=j8ln1qbh2cI|Video]] |