(2023). The More Things Change, the More They Stay the Same: Integrity of Modern JavaScript. In Proceedings of the ACM Web Conference 2023.


(2022). Uninvited Guests: Analyzing the Identity and Behavior of Certificate Transparency Bots. In Proceedings of the 31st USENIX Security Symposium 2022.

PDF Cite

(2021). Domains Do Change Their Spots: Quantifying Potential Abuse of Residual Trust. In Proceedings of the 2022 IEEE Symposium on Security and Privacy (S&P).

PDF Cite Teaser Talk

(2021). Click This, Not That: Extending Web Authentication with Deception. In ACM Asia Conference on Computer and Communications Security (AsiaCCS), 2021.

PDF Cite