Publications

KARONTE: Detecting Insecure Multi-binary Interactions in Embedded Firmware

To appear in Proceedings of the IEEE Symposium on Security & Privacy (S&P), 2020.

PDF

Victim-Aware Adaptive Covert Channels

Proceedings of the International Conference on Security and Privacy in Communication Networks (SecureComm), 2019.

PDF

Data sharing practices of medicines related apps and the mobile ecosystem: traffic, content, and network analysis

BMJ, 2019.

PDF Project

LeakDoctor: Toward Automatically Diagnosing Privacy Leaks in Mobile Applications

Proceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies, 2019.

There's a Hole in that Bucket! A Large-scale Analysis of Misconfigured S3 Buckets

Proceedings of the ACM Annual Computer Security Applications Conference (ACSAC), 2018.

PDF Code Project Slides

SysTaint: Assisting Reversing of Malicious Network Communications

Proceedings of the Software Security, Protection, and Reverse Engineering Workshop (SSPREW), 2018.

PDF Code

Toward Systematically Exploring Antivirus Engines (short paper)

Proceedings of the Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA), 2018.

PDF Code

Protection system and method for protecting a computer system against ransomware attacks

Patent US20180157834A1, 2018.

PDF Project

Security Evaluation of a Banking Fraud Analysis System

ACM Transactions on Privacy and Security (TOPS), 2018.

PDF

GroupDroid: Automatically Grouping Mobile Malware by Extracting Code Similarities

Proceedings of the Software Security, Protection, and Reverse Engineering Workshop (SSPREW), 2017.

PDF

Hiding Pin's Artifacts to Defeat Evasive Malware

Black Hat Europe, 2017.

Slides

ShieldFS: The Last Word In Ransomware Resilient Filesystems

Black Hat USA, 2017.

PDF Slides Video

Measuring and Defeating Anti-Instrumentation-Equipped Malware

Proceedings of the Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA), 2017.

PDF Code

Poster: Detecting webinjects through live memory inspection

IEEE Symposium on Security and Privacy (S&P), 2017.

PDF

Obfuscation-Resilient Privacy Leak Detection for Mobile Apps Through Differential Analysis

Proceedings of the ISOC Network and Distributed System Security Symposium (NDSS), 2017.

PDF Code Slides

Prometheus: Analyzing WebInject-based information stealers

Journal of Computer Security, 2017.

PDF

ShieldFS: A Self-healing, Ransomware-aware Filesystem

Proceedings of the Annual Computer Security Applications Conference (ACSAC), 2016.

PDF Project Slides

GASOLINE: a Cytoscape app for multiple local alignment of PPI networks

F1000Research, 2014.

PDF