Send email Copy Email Address

Publications

Scientific publications are the most important measure of our academic excellence and impact. In the past years, CISPA researchers have published many papers at scientific top-tier conferences and in prestigious journals. Our publications are listed in our publications database, including a link to the original paper.

Filter

Year 2023

2023-08-09

Automated Analysis of Protocols that use Authenticated Encryption:

How Subtle AEAD Differences can impact Protocol Security

Conference / Medium

Usenix Security Symposium (USENIX-Security)
Automated Analysis of Protocols that use Authenticated Encryption: How Subtle AEAD Differences can impact Protocol Security

Tags
Reliable Security Guarantees
Authors
Full Paper Visit Detail Page
2023-08-09

Formal Analysis of Session-Handling in Secure Messaging:

Lifting Security from Sessions to Conversations

Conference / Medium

Usenix Security Symposium (USENIX-Security)

Tags
Reliable Security Guarantees
Authors
Full Paper Visit Detail Page
2023-08-09

Pushed by Accident:

A Mixed-Methods Study on Strategies of Handling Secret Information in Source Code Repositories.

Conference / Medium

Usenix Security Symposium (USENIX-Security)
Pushed by Accident: A Mixed-Methods Study on Strategies of Handling Secret Information in Source Code Repositories.

Tags
Empirical & Behavioral Security
Authors
Full Paper Visit Detail Page
2023-08-09

"I wouldn't want my unsafe code to run my pacemaker":

An Interview Study on the Use, Comprehension, and Perceived Risks of Unsafe Rust.

Conference / Medium

Usenix Security Symposium (USENIX-Security)
"I wouldn't want my unsafe code to run my pacemaker": An Interview Study on the Use, Comprehension, and Perceived Risks of Unsafe Rust.

Tags
Empirical & Behavioral Security
Authors
Full Paper Visit Detail Page
2023-08-09

To Cloud or not to Cloud:

A Qualitative Study on Self-Hosters’ Motivation, Operation, and Security Mindset

Conference / Medium

Usenix Security Symposium (USENIX-Security)
To Cloud or not to Cloud: A Qualitative Study on Self-Hosters’ Motivation, Operation, and Security Mindset

Tags
Empirical & Behavioral Security
Authors
Full Paper Visit Detail Page
2023-08-09

"Security is not my field, I'm a stats guy":

A Qualitative Root Cause Analysis of Barriers to Adversarial Machine Learning Defenses in Industry.

Conference / Medium

Usenix Security Symposium (USENIX-Security)

Tags
Empirical & Behavioral Security
Authors
Full Paper Visit Detail Page
2023-08-09

Silent Spring:

Prototype Pollution Leads to Remote Code Execution in Node.js

Conference / Medium

Usenix Security Symposium (USENIX-Security)
Silent Spring: Prototype Pollution Leads to Remote Code Execution in Node.js

Tags
Empirical & Behavioral Security
Authors
  • Mikhail Shcherbakov
  • Musard Balliu
  • Cristian-Alexandru Staicu
Full Paper Visit Detail Page
2023-08-09

Investigating Verification Behavior and Perceptions of Visual Digital Certificates

Conference / Medium

Usenix Security Symposium (USENIX-Security)

Tags
Empirical & Behavioral Security
Authors
Full Paper Visit Detail Page
2023-08-09

Hoedur:

Embedded Firmware Fuzzing using Multi-Stream Inputs.

Conference / Medium

Usenix Security Symposium (USENIX-Security)

Tags
Threat Detection and Defenses
Authors
Full Paper Visit Detail Page