Send email Copy Email Address
Faculty

Giancarlo Pellegrino

Research Group
Empirical & Behavioral Security Security Testing Vulnerability Analysis Vulnerability Detection

Email

Address

Kaiserstraße 21
66386 St. Ingbert (Germany)

Awards (selection)

2017: Busy Beaver Award for "Cybersecurity I"

Further Information

Short Bio

Dr. Giancarlo Pellegrino is a tenured Faculty at CISPA Helmholtz Center for Information Security. Before that he was a visiting assistant professor at Stanford University and research group leader at CISPA as part of the CISPA-Stanford Center for Cybersecurity. He got his PhD at Eurecom in Sophia-Antipolis (France) under the supervision of Davide Balzarotti. Until August 2013, Giancarlo was a researcher associate in the Security and Trust group at the SAP research labs.

CV: Last stations

Since 2017
Faculty at CISPA Helmholtz Center for Information Security
Since 2017
Visiting Assistant Professor at Stanford University
2017 - 2018
Visiting Scholar at Stanford University
2015 - 2017
Postdoctoral Researcher at Saarland University

Publications by Giancarlo Pellegrino

Year 2024

2024-08

SSRF vs. Developers: A Study of SSRF-Defenses in PHP Applications

Conference / Medium

Usenix Security Symposium (USENIX-Security)

Tags
Empirical & Behavioral Security
Authors
Full Paper Visit Detail Page
2024-07-01

Uncovering the Role of Support Infrastructure in Clickbait PDF Campaigns

Conference / Medium

IEEE European Symposium on Security and Privacy (EuroS&P)

Tags
Empirical & Behavioral Security
Authors
Full Paper Visit Detail Page
2024-05-20

The Great Request Robbery: An Empirical Study of Client-side Request Hijacking Vulnerabilities on the Web

Conference / Medium

IEEE Symposium on Security and Privacy Workshops (SPW)

Tags
Empirical & Behavioral Security
Authors
Full Paper Visit Detail Page
2024-01-01

The Big Brother’s New Playground: Unmasking the Illusion of Privacy in Web Metaverses from a Malicious User’s Perspective

Conference / Medium

ACM Conference on Computer and Communications Security (CCS)

Tags
Empirical & Behavioral Security
Authors
Full Paper Visit Detail Page
2024-01-01

SoK: State of the Krawlers - Evaluating the Effectiveness of Crawling Algorithms for Web Security Measurements

Conference / Medium

Usenix Security Symposium (USENIX-Security)

Tags
Empirical & Behavioral Security
Authors
Full Paper Visit Detail Page

Year 2023

2023-11-27

From Attachments to SEO: Click Here to Learn More about Clickbait PDFs!

Conference / Medium

Annual Computer Security Applications Conference (ACSAC)

Tags
Trustworthy Information Processing
Authors
Full Paper Visit Detail Page
2023-05-25

The Leaky Web: Automated Discovery of Cross-Site Information Leaks in Browsers and the Web

Conference / Medium

IEEE Symposium on Security and Privacy (S&P)

Tags
Empirical & Behavioral Security
Authors
Full Paper Visit Detail Page
2023-05-22

It's (DOM) Clobbering Time: Attack Techniques, Prevalence, and Defenses

Conference / Medium

IEEE Symposium on Security and Privacy (S&P)

Tags
Empirical & Behavioral Security
Authors
Full Paper Visit Detail Page

Year 2022

2022-05-26

The State of the SameSite: Studying the Usage, Effectiveness, and Adequacy of SameSite Cookies

Conference / Medium

IEEE Symposium on Security and Privacy (S&P)

Tags
Empirical & Behavioral Security
Authors
Full Paper Visit Detail Page

Year 2021

2021-10-06

Where We Stand (or Fall): An Analysis of CSRF Defenses in Web Frameworks

Conference / Medium

International Symposium on Research in Attacks Intrusions and Defenses (RAID)

Tags
Empirical & Behavioral Security
Authors
Full Paper Visit Detail Page