Publications

Michele Grisafi, Carlo Ramponi, Silviu Vlasceanu, Mahmoud Ammar, Bruno Crispo (2026). TAGShield: Persistent Tagging for Robust Stack Memory Error Protection. AsiaCCS 2026.

PDF AsiaCCS 2026

Adriaan Jacobs, Carlo Ramponi, Jonas Roels, Bruno Crispo, Silviu Vlasceanu, Mahmoud Ammar, Stijn Volckaert (2026). N00B: Bounds Checking for the Masses. CCS 2026.

PDF CCS 2026

Carlo Ramponi, Adriaan Jacobs, Luigi Dell'Eva, Stijn Volckaert, Silviu Vlasceanu, Mahmoud Ammar, Bruno Crispo (2026). Mitigating Code Injection Attacks on Modern GPUs. CCS 2026.

CCS 2026

Tommaso Innocenti, Matteo Golinelli, Kaan Onarlioglu, Ali Mirheidari, Bruno Crispo, Engin Kirda (2023). OAuth 2.0 Redirect URI Validation Falls Short Literally. ACSAC 2023.

Matteo Golinelli, Francesco Bonomi, Bruno Crispo (2023). The Nonce-nce of Web Security: An Investigation of CSP Nonces Reuse. WASP @ ESORICS 2023.

Code

Matteo Golinelli, Elham Arshad, Dmytro Kashchuk, Bruno Crispo (2023). Mind the CORS. IEEE TPS 2023.

Seyed Ali Mirheidari, Matteo Golinelli, Kaan Onarlioglu, Engin Kirda, Bruno Crispo (2022). Web Cache Deception Escalates!. In USENIX.

PDF Cite Code Slides Video On USENIX

Michele Grisafi, Mahmoud Ammar, Marco Roveri, Bruno Crispo (2022). PISTIS: Trusted Computing Architecture for Low-end Embedded Systems. 31st USENIX Security Symposium (USENIX Security 22).

Cite URL

Luca Degani, Francesco Bergadano, Seyed Ali Mirheidari, Fabio Martinelli, Bruno Crispo (2022). Generative Adversarial Networks for Subdomain Enumeration. Proceedings of the 37th ACM/SIGAPP Symposium on Applied Computing.

Cite DOI URL

Majid Salehi, Luca Degani, Marco Roveri, Daniel Hughes, Bruno Crispo (2022). Discovery and Identification of Memory Corruption Vulnerabilities on Bare-metal Embedded Devices. IEEE Transactions on Dependable and Secure Computing.

Cite DOI