Publications

Tommaso Innocenti, Matteo Golinelli, Kaan Onarlioglu, Ali Mirheidari, Bruno Crispo, Engin Kirda (2023). OAuth 2.0 Redirect URI Validation Falls Short Literally. ACSAC 2023.

Matteo Golinelli, Francesco Bonomi, Bruno Crispo (2023). The Nonce-nce of Web Security: An Investigation of CSP Nonces Reuse. WASP @ ESORICS 2023.

Matteo Golinelli, Elham Arshad, Dmytro Kashchuk, Bruno Crispo (2023). Mind the CORS. IEEE TPS 2023.

Seyed Ali Mirheidari, Matteo Golinelli, Kaan Onarlioglu, Engin Kirda, Bruno Crispo (2022). Web Cache Deception Escalates!. In USENIX.

PDF Cite Code Slides Video On USENIX

Michele Grisafi, Mahmoud Ammar, Marco Roveri, Bruno Crispo (2022). PISTIS: Trusted Computing Architecture for Low-end Embedded Systems. 31st USENIX Security Symposium (USENIX Security 22).

Luca Degani, Francesco Bergadano, Seyed Ali Mirheidari, Fabio Martinelli, Bruno Crispo (2022). Generative Adversarial Networks for Subdomain Enumeration. Proceedings of the 37th ACM/SIGAPP Symposium on Applied Computing.

Majid Salehi, Luca Degani, Marco Roveri, Daniel Hughes, Bruno Crispo (2022). Discovery and Identification of Memory Corruption Vulnerabilities on Bare-metal Embedded Devices. IEEE Transactions on Dependable and Secure Computing.