Send email Copy Email Address
Faculty

Giancarlo Pellegrino

Research Group
Threat Detection and Defenses Secure Mobile and Autonomous Systems Empirical & Behavioral Security Web Security Security Testing Vulnerability Analysis Vulnerability Detection

Email

Address

Stuhlsatzenhaus 5
66123 Saarbrücken (Germany)

Further Information

Short Bio

I am a tenure-track faculty at CISPA Helmholtz Center for Information Security. Before that I was a visiting assistant professor at Stanford University and research group leader at CISPA as part of the CISPA-Stanford Center for Cybersecurity. I got my PhD at Eurecom in Sophia-Antipolis (France) under the supervision of Davide Balzarotti. Until August 2013, I was a researcher associate in the Security and Trust group at the SAP research labs.

Publications by Giancarlo Pellegrino

Year 2020

2020-05

Automatic Uncovering of Hidden Behaviors from Input Validation in Mobile Apps

Conference / Medium

SandP
IEEE Symposium on Security and Privacy

Tags
Threat Detection and Defenses Empirical & Behavioral Security
Authors
Download Visit Detail Page
2020-03-30

Raccoon: Automated Verification of Guarded Race Conditions in Web Applications

Conference / Medium

The 35th ACM/SIGAPP Symposium On Applied Computing

Tags
Threat Detection and Defenses Empirical & Behavioral Security
Authors
Download Visit Detail Page
2020-02

Deceptive Previews: A Study of the Link Preview Trustworthiness in Social Platforms

Conference / Medium

NDSS
27th Annual Network and Distributed System Security symposium

Tags
Threat Detection and Defenses Empirical & Behavioral Security
Authors
Download Visit Detail Page

Year 2019

2019-11-11

AdVersarial: Perceptual Ad Blocking meets Adversarial Machine Learning

Conference / Medium

CCS
Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications SecurityCCS 19

Tags
Threat Detection and Defenses Empirical & Behavioral Security
Authors
Download Visit Detail Page
2019-05

Fidelius: Protecting User Secrets from Compromised Browsers

Conference / Medium

SandP
40th IEEE Symposium on Security and Privacy (SP '19)S&P 2019

Tags
Threat Detection and Defenses Empirical & Behavioral Security
Authors
  • Saba Eskandarian
  • Jonathan Cogan
  • Sawyer Birnbaum
  • Peh Chang Wei Brandon
  • Dillon Franke
  • Forest Fraser
  • Gaspar Garcia
  • Eric Gong
  • Hung T. Nguyen
  • Taresh K. Sethi
  • Vishal Subbiah
  • Michael Backes
  • Giancarlo Pellegrino
  • Dan Boneh
Download Visit Detail Page
2019-02

Geo-locating Drivers: A Study of Sensitive Data Leakage in Ride-Hailing Services.

Conference / Medium

NDSS
Annual Network and Distributed System Security symposium, February 2019 (NDSS 2019)NDSS Symposium 2019

Tags
Threat Detection and Defenses Empirical & Behavioral Security
Authors
Download Visit Detail Page

Year 2018

2018-02

Didn’t You Hear Me? — Towards More Successful Web Vulnerability Notifications

Conference / Medium

NDSS
Proceedings of the 25th Annual Symposium on Network and Distributed System Security (NDSS '18).

Tags
Empirical & Behavioral Security
Authors
Download Visit Detail Page
2018

Formally Reasoning about the Cost and Efficacy of Securing the Email Infrastructure

Conference / Medium

EuroSandP
2018 IEEE European Symposium on Security and Privacy, EuroS&P 2018, London, United Kingdom, April 24-26, 2018

Tags
Trustworthy Information Processing
Authors
Download Visit Detail Page
2018

Formally Reasoning about the Cost and Efficacy of Securing the Email Infrastructure (full version)

Article

Extended Version of EuroS&P 2018 Paper

Tags
Trustworthy Information Processing
Authors
Download Visit Detail Page
2018

The Rise of the Citizen Developer: Assessing the Security Impact of Online App Generators

Conference / Medium

SandP
39th IEEE Symposium on Security and Privacy (SP '18)

Tags
Secure Mobile and Autonomous Systems
Authors
Download Visit Detail Page

Teaching by Giancarlo Pellegrino

Summer 2020

Block Course: Secure Web Development

In this lecture you will learn: the architecture of modern web applications, basics on secure software engineering, the art of secure software assessment and code review techniques, how to build securely an HTTP message processing pipeline (web authentication, authorization, session, logic, data, and more), advanced threats, vulnerabilities, secure coding, and design patterns.

Summer 2020

Proseminar: Influential papers in Web Security

This proseminar is meant to provide students an overview over influential papers in the area of Web security. As a proseminar’s primary purpose is to learn presentation skills, the seminar will feature two presentations from each student.

More information

Winter 2019/20

Seminar: Joint Advances in Web Security

In this seminar, students will learn to present, discuss, and summarize papers in different areas of Web security.