E-mail senden E-Mail Adresse kopieren

E-Mail

Adresse

Kaiserstraße 21
66386 St. Ingbert (Germany)

Weitere Informationen

Kurzbiografie

Dr. Giancarlo Pellegrino ist Tenure-Track-Faculty am CISPA. Zuvor war er als Gastdozent an der Stanford Universität und Forschungsgruppenleiter am CISPA als Teil des CISPA-Stanford Centers für Cybersecurity. Giancarlo hat seinen PhD am Eurecom in Sophia-Antipolis (Frankreich) unter der Leitung von Davide Balzarotti erhalten. Bis August 2013 war er wissenschaftlicher Mitarbeiter in der Gruppe Security und Trust in den SAP Research Labs.

Veröffentlichungen von Giancarlo Pellegrino

Jahr 2023

Konferenz / Medium

SP
44th IEEE Symposium on Security and Privacy44th IEEE Symposium on Security and Privacy

Konferenz / Medium

SP
2023 IEEE Symposium on Security and Privacy (SP)44th IEEE Symposium on Security and Privacy

Jahr 2022

Konferenz / Medium

SP
43rd IEEE Symposium on Security and Privacy (S&P '22)

Jahr 2021

Konferenz / Medium

RAID
24th International Symposium on Research in Attacks, Intrusions and Defenses (RAID ’21)

Konferenz / Medium

USENIX-Security
USENIX Security Symposium30th USENIX Security Symposium (USENIX Security'21)

Konferenz / Medium

SP
proceedings of IEEE SSP 2021IEEE Symposium on Security and Privacy, Proceedings of SSP 2021

Jahr 2020

Konferenz / Medium

IEEE SPW
IEEE SPW 20203rd Deep Learning and Security Workshop (DLS 2020)

Lehre von Giancarlo Pellegrino

Winter 2021/22

Joint Advances in Web Security

For registration, please apply for this seminar through the central seminar assignment system.

 

In this seminar, students will learn to present, discuss, and summarize papers in different areas of Web security. The seminar is taught as a combination of a reading group with weekly meetings and a regular seminar, where you have to write a seminar paper. Specifically, each student will get a single topic assigned to them, consisting of two papers (a lead and follow-up paper).

For the weekly meetings, all students have to have read the lead paper and must state at least three questions before the meeting. In the meeting, the assigned student will present the follow-up paper (20 minute presentation + 10 minute Q/A). Afterward, the entire group will discuss both papers.

Moreover, each student will write a seminar paper on the topic assigned to them, for which the two papers on the topic serve as the starting point.

Important Dates

  • Kickoff: Monday, October 25, 10am, in person in CISPA 0.02
  • Regular seminar starts Monday, November 8, ends Monday, February 7
  • By Sunday night, 23:59, submit three questions (if you are not presenting the follow-up paper)
  • Mandatory feedback round/practice talk on Thursday before the presentation (arrange exact time with supervisor)
  • Attendance in all meetings and submission of three questions for each topic is mandatory. For exceptional cases, contact the teaching staff.

Seminar Paper Details

Each seminar paper is meant to provide a summary/categorization of research papers in the associated area. Depending on the topic, the paper should be structured in a logical fashion. For example, assume the topic of Service Workers. One might classify the seminar paper based on security considerations for Service Workers, attacks against Service Workers, and attacks enabled through Service Workers. Each section should demonstrate the state of the art in the area. Finally, the paper should, where possible, discuss limitations and open issues given the previously conducted work.

All seminar papers are due on February 11, 2022. Based on your submission, you will receive feedback within one week and have until March 4, 2022 to improve your paper. The paper grading will be on the final version. Note that the first submission must already be sufficient to pass. If you submit a half-baked version of the paper, you will flunk the course.

Each paper must use the provided template. It must not be longer than 8 pages, not counting references and appendices. Note that appendices are not meant to provide information that is absolutely necessary to understand the paper, but rather to provide auxiliary material. Papers can be shorter, but in general the provided page limit is a good indicator of how long a paper should be.

List of Topics and Papers

The list of topics, papers, and dates for the respective meetings can be found here.

Winter 2021/22

Perspectives of Cyber Security

In this lecture series, we give insights into the founders' activities in the vicinity of cybersecurity. We put a focus on marketable and innovative ideas and trends.

Please note that the goal of this course is to provide first-hand insights into how to create successful startups in cybersecurity. While it is aimed at the students of the Entrepreneurial Cybersecurity Masters Program for grading and achieving the CP, we invite everyone interested to attend the talks also when not participating to get CP!

Schedule

This lecture takes place every Thursday, 14:15 to 16:00 on Zoom. Instructions to access the lecture will be provided soon.

Note: To allow invited guests from the US to join POSER, we will use two exceptional slots at 18:15 - 20:00 (marked in yellow) 

Every event is composed of a new topic presented by an invited founder or VC who presents their story.

Date Time Presenter URL / Topic
Oct 21 14:15 – 14:45 Sven Bugiel and Giancarlo Pellegrino
  • Introduction and kick-off
Oct 28 14:15 – 15:00

Marc Schickhaus (CISPA)

  • The CISPA Incubator
  • How to give a pitch
Nov 04 14:15 – 16:00 TBA  
Nov 11 14:15 – 16:00

TBA

 

Nov 18 14:15 – 16:00

TBA

 

Nov 25 14:15 – 16:00 Lukas Bieringer (QuantPi)
Dec 02 14:15 – 16:00

TBA

 

Dec 09 14:15 – 16:00

Fabian Yamaguchi (ShiftLeft)

Dec 16 18:15 – 20:00

Pedram Amini (InQuest)

No presentations between Dec 23 and Jan 06
Jan 13 14:15 – 16:00 Christian Arndt (HTGF)
Jan 20 18:15 – 20:00

Zakir Durumeric (Stanford University and Censys)

Jan 27 14:15 – 16:00

Stefan Nürnberger (Elexir)

Feb 03 14:15 – 16:00

TBA (Bitahoy)

Modus Operandi

Weekly presentations and Q&A

Roughly every week will be a presentation by a founder of a security/privacy-related startup (or a company that sees an urgent need for a security/privacy product in its domain). This talk is followed by a Q&A (or interview) with the presenter. This should give you insights into the experiences of creating a startup.

The following only applies for participants that want to get CP.

Students task (mandatory): In preparation for the Q&A session, every student has to prepare by checking the startup and supplemental material (URLs are in the schedule) and submit via the CMS 2-3 questions they would ask in the Q&A. Questions could be related to the niche in the market that the company occupies, the target group they aim at, pitfalls and challenges etc.

 

Joint event

At the end of the semester (tentative date: TBA) we will have a joint 1-day event where every student/team pitches its own idea for a product in a short presentation with subsequent feedback/discussion. The idea of this event is to make students go once through the process of developing an idea, doing the necessary background research, and then pitching it in front of an audience. 

To this end, the CISPA faculty will provide a short list of recent research results with potential for tech transfer into a product, and students/teams should derive their product idea and pitch from this list. This avoids the need to reveal any real business idea that students already have in mind and at the same time this day also provides an opportunity to exchange ideas and thoughts with the CISPA faculty.

To prepare for this event, in the introduction, you'll get to know

  • General guidelines for entrepreneurial pitches
  • A typical pitch structure
  • How to motivate your topic

 

Grading and requirements for passing the course

The final grade is based on your pitch at the joint event. We base this grade on:

  1. 50% Content:
    • A 5-page report, showing the research for your product idea 
  2. 50% Form, of which 12.5% each:
    1. Structure/Thread
    2. Action Titles (covered in intro lecture)
    3. MECE (https://en.wikipedia.org/wiki/MECE_principle, covered in intro lecture)
    4. General presentation (e.g., rhetoric)

To pass the course, you need:

  1. Hand in the Q&A questions in preparation for each talk
  2. Attend the talks
  3. Achieve at least 50% in your pitch

LSF Registration

You have to register for the course in LSF until Nov 11 in order to receive a grade.

Summer 2020

Block Course: Secure Web Development

In this lecture you will learn: the architecture of modern web applications, basics on secure software engineering, the art of secure software assessment and code review techniques, how to build securely an HTTP message processing pipeline (web authentication, authorization, session, logic, data, and more), advanced threats, vulnerabilities, secure coding, and design patterns.

Summer 2020

Proseminar: Influential papers in Web Security

This proseminar is meant to provide students an overview over influential papers in the area of Web security. As a proseminar’s primary purpose is to learn presentation skills, the seminar will feature two presentations from each student.

More information

Winter 2019/20

Seminar: Joint Advances in Web Security

In this seminar, students will learn to present, discuss, and summarize papers in different areas of Web security.