Send email Copy Email Address
Research Group

Pellegrino

Application Security

Web application software is by far one of the most critical assets of our digital life. The Application Security (AppSec, in short) research group addresses the pressing challenges of identifying, studying, and solving vulnerabilities in modern web application software, at the application and platform levels. Our current interests include the analysis of new web vulnerabilities, program analysis (static, dynamic, and hybrid) that operates at scale, application of ML/AI to web application security, and the security and privacy of future application software systems, including immersive web applications.

Head of Group

Giancarlo Pellegrino

Email

Address

Kaiserstraße 21
66386 St. Ingbert (Germany)

Members

Soheil Khodayari

Giada Martina Stivala

Aleksei Stafeev

Gianluca De Stefano
Placeholder

Luy Seiwert
© Tobias Ebelshäuser

Andrea Mengascini
Placeholder

Tim Recktenwald
Placeholder

Raoul Scholtes
Placeholder

Jakob Graser
Placeholder

Ryan Aurelio
Placeholder

Prerak Mittal
Placeholder

Muhammad Sabeeh Rehman

Most Recent Publications

Year 2024

2024-07-01

Uncovering the Role of Support Infrastructure in Clickbait PDF Campaigns

Conference / Medium

IEEE European Symposium on Security and Privacy (EuroS&P)

Tags
Empirical & Behavioral Security
Authors
Full Paper Visit Detail Page
2024-05-20

The Great Request Robbery: An Empirical Study of Client-side Request Hijacking Vulnerabilities on the Web

Conference / Medium

IEEE Symposium on Security and Privacy Workshops (SPW)

Tags
Empirical & Behavioral Security
Authors
Full Paper Visit Detail Page
2024-03

Adversarial mimicry attacks against image splicing forensics: An approach for jointly hiding manipulations and creating false detections

Article

Pattern Recognition Letters

Tags
Empirical & Behavioral Security
Authors
Full Paper Visit Detail Page
2024-01-01

SoK: State of the Krawlers - Evaluating the Effectiveness of Crawling Algorithms for Web Security Measurements

Conference / Medium

Usenix Security Symposium (USENIX-Security)

Tags
Empirical & Behavioral Security
Authors
Full Paper Visit Detail Page

Year 2023

2023-11-27

From Attachments to SEO: Click Here to Learn More about Clickbait PDFs!

Conference / Medium

Annual Computer Security Applications Conference (ACSAC)

Tags
Trustworthy Information Processing
Authors
Full Paper Visit Detail Page