Send email Copy Email Address
Faculty

Giancarlo Pellegrino

Research Group
Threat Detection and Defenses Secure Mobile and Autonomous Systems Empirical & Behavioral Security Web Security Security Testing Vulnerability Analysis Vulnerability Detection

Email

Address

Stuhlsatzenhaus 5
66123 Saarbrücken (Germany)

Further Information

Short Bio

I am a tenure-track faculty at CISPA Helmholtz Center for Information Security. Before that I was a visiting assistant professor at Stanford University and research group leader at CISPA as part of the CISPA-Stanford Center for Cybersecurity. I got my PhD at Eurecom in Sophia-Antipolis (France) under the supervision of Davide Balzarotti. Until August 2013, I was a researcher associate in the Security and Trust group at the SAP research labs.

Publications by Giancarlo Pellegrino

Year 2021

2021-08

JAW: Studying Client-side CSRF with Hybrid Property Graphs and Declarative Traversals

Conference / Medium

USENIX-Security
USENIX Security Symposium30th USENIX Security Symposium (USENIX Security'21)

Tags
Empirical & Behavioral Security
Authors
Download Visit Detail Page
2021-05

Black Widow: Blackbox Data-driven Web Scanning

Conference / Medium

SP
proceedings of IEEE SSP 2021IEEE Symposium on Security and Privacy, Proceedings of SSP 2021

Tags
Empirical & Behavioral Security
Authors
Download Visit Detail Page

Year 2020

2020-05-21

SentiNet: Detecting Localized Universal Attack Against Deep Learning Systems

Conference / Medium

IEEE SPW
IEEE SPW 20203rd Deep Learning and Security Workshop (DLS 2020)

Tags
Trustworthy Information Processing Threat Detection and Defenses
Authors
Download Visit Detail Page
2020-05

Automatic Uncovering of Hidden Behaviors from Input Validation in Mobile Apps

Conference / Medium

SP
IEEE Symposium on Security and Privacy

Tags
Threat Detection and Defenses Empirical & Behavioral Security
Authors
Download Visit Detail Page
2020-03-30

Raccoon: Automated Verification of Guarded Race Conditions in Web Applications

Conference / Medium

SAC
The 35th ACM/SIGAPP Symposium On Applied Computing

Tags
Threat Detection and Defenses Empirical & Behavioral Security
Authors
Download Visit Detail Page
2020-02

Deceptive Previews: A Study of the Link Preview Trustworthiness in Social Platforms

Conference / Medium

NDSS
27th Annual Network and Distributed System Security symposium

Tags
Threat Detection and Defenses Empirical & Behavioral Security
Authors
Download Visit Detail Page

Year 2019

2019-11-11

AdVersarial: Perceptual Ad Blocking meets Adversarial Machine Learning

Conference / Medium

CCS
Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications SecurityCCS 19

Tags
Threat Detection and Defenses Empirical & Behavioral Security
Authors
Download Visit Detail Page
2019-05

Fidelius: Protecting User Secrets from Compromised Browsers

Conference / Medium

SP
40th IEEE Symposium on Security and Privacy (SP '19)S&P 2019

Tags
Threat Detection and Defenses Empirical & Behavioral Security
Authors
  • Saba Eskandarian
  • Jonathan Cogan
  • Sawyer Birnbaum
  • Peh Chang Wei Brandon
  • Dillon Franke
  • Forest Fraser
  • Gaspar Garcia
  • Eric Gong
  • Hung T. Nguyen
  • Taresh K. Sethi
  • Vishal Subbiah
  • Michael Backes
  • Giancarlo Pellegrino
  • Dan Boneh
Download Visit Detail Page
2019-02

Geo-locating Drivers: A Study of Sensitive Data Leakage in Ride-Hailing Services.

Conference / Medium

NDSS
Annual Network and Distributed System Security symposium, February 2019 (NDSS 2019)NDSS Symposium 2019

Tags
Threat Detection and Defenses Empirical & Behavioral Security
Authors
Download Visit Detail Page

Year 2018

2018-02

Didn’t You Hear Me? — Towards More Successful Web Vulnerability Notifications

Conference / Medium

NDSS
Proceedings of the 25th Annual Symposium on Network and Distributed System Security (NDSS '18).

Tags
Empirical & Behavioral Security
Authors
Download Visit Detail Page

Teaching by Giancarlo Pellegrino

Summer 2020

Block Course: Secure Web Development

In this lecture you will learn: the architecture of modern web applications, basics on secure software engineering, the art of secure software assessment and code review techniques, how to build securely an HTTP message processing pipeline (web authentication, authorization, session, logic, data, and more), advanced threats, vulnerabilities, secure coding, and design patterns.

Summer 2020

Proseminar: Influential papers in Web Security

This proseminar is meant to provide students an overview over influential papers in the area of Web security. As a proseminar’s primary purpose is to learn presentation skills, the seminar will feature two presentations from each student.

More information

Winter 2019/20

Seminar: Joint Advances in Web Security

In this seminar, students will learn to present, discuss, and summarize papers in different areas of Web security.