Send email Copy Email Address
Faculty

Giancarlo Pellegrino

Research Group
Empirical & Behavioral Security Security Testing Vulnerability Analysis Vulnerability Detection

Email

Address

Kaiserstraße 21
66386 St. Ingbert (Germany)

Awards (selection)

2017: Busy Beaver Award for "Cybersecurity I"

Further Information

Short Bio

Dr. Giancarlo Pellegrino is a tenured Faculty at CISPA Helmholtz Center for Information Security. Before that he was a visiting assistant professor at Stanford University and research group leader at CISPA as part of the CISPA-Stanford Center for Cybersecurity. He got his PhD at Eurecom in Sophia-Antipolis (France) under the supervision of Davide Balzarotti. Until August 2013, Giancarlo was a researcher associate in the Security and Trust group at the SAP research labs.

CV: Last stations

Since 2017
Faculty at CISPA Helmholtz Center for Information Security
Since 2017
Visiting Assistant Professor at Stanford University
2017 - 2018
Visiting Scholar at Stanford University
2015 - 2017
Postdoctoral Researcher at Saarland University

Publications by Giancarlo Pellegrino

Year 2025

2025-04-28

Permission Rationales in the Web Ecosystem: An Exploration of Rationale Text and Design Patterns

Conference / Medium

International Conference on Human Factors in Computing Systems (CHI)

Tags
Empirical & Behavioral Security
Authors
Visit Detail Page
2025-02-24

Do (Not) Follow the White Rabbit: Challenging the Myth of Harmless Open Redirection

Conference / Medium

Network and Distributed System Security Symposium (NDSS)

Tags
Authors
Full Paper Visit Detail Page

Year 2024

2024-12-09

YuraScanner: Leveraging LLMs for Task-driven Web App Scanning

Conference / Medium

Network and Distributed System Security Symposium (NDSS)

Tags
Empirical & Behavioral Security
Authors
Full Paper Visit Detail Page
2024-08

SSRF vs. Developers: A Study of SSRF-Defenses in PHP Applications

Conference / Medium

Usenix Security Symposium (USENIX-Security)

Tags
Empirical & Behavioral Security
Authors
Full Paper Visit Detail Page
2024-07-01

Uncovering the Role of Support Infrastructure in Clickbait PDF Campaigns

Conference / Medium

IEEE European Symposium on Security and Privacy (EuroS&P)

Tags
Empirical & Behavioral Security
Authors
Full Paper Visit Detail Page
2024-05-20

The Great Request Robbery: An Empirical Study of Client-side Request Hijacking Vulnerabilities on the Web

Conference / Medium

IEEE Symposium on Security and Privacy Workshops (SPW)

Tags
Empirical & Behavioral Security
Authors
Full Paper Visit Detail Page
2024-01-01

SoK: State of the Krawlers - Evaluating the Effectiveness of Crawling Algorithms for Web Security Measurements

Conference / Medium

Usenix Security Symposium (USENIX-Security)

Tags
Empirical & Behavioral Security
Authors
Full Paper Visit Detail Page
2024-01-01

The Big Brother’s New Playground: Unmasking the Illusion of Privacy in Web Metaverses from a Malicious User’s Perspective

Conference / Medium

ACM Conference on Computer and Communications Security (CCS)

Tags
Empirical & Behavioral Security
Authors
Full Paper Visit Detail Page

Year 2023

2023-11-27

From Attachments to SEO: Click Here to Learn More about Clickbait PDFs!

Conference / Medium

Annual Computer Security Applications Conference (ACSAC)

Tags
Trustworthy Information Processing
Authors
Full Paper Visit Detail Page
2023-05-25

The Leaky Web: Automated Discovery of Cross-Site Information Leaks in Browsers and the Web

Conference / Medium

IEEE Symposium on Security and Privacy (S&P)

Tags
Empirical & Behavioral Security
Authors
Full Paper Visit Detail Page