Publikationer av Musard Balliu
Refereegranskade
Artiklar
[1]
M. Balliu et al., "Challenges of Producing Software Bill of Materials for Java," IEEE Security and Privacy, vol. 21, no. 6, s. 12-23, 2023.
[2]
M. Balliu et al., "Friendly Fire : Cross-App Interactions in IoT Platforms," ACM Transactions on Privacy and Security (TOPS), vol. 24, no. 3, s. 1-40, 2021.
[3]
M. Balliu, I. Bastys och A. Sabelfeld, "Securing IoT Apps," IEEE Security and Privacy, vol. 17, no. 5, s. 22-29, 2019.
[4]
M. Balliu och I. Mastroeni, "A Weakest Precondition Approach to Robustness," Lecture Notes in Computer Science, vol. 6340, no. PART 1, s. 261-297, 2010.
Konferensbidrag
[5]
M. Aghvamipanah et al., "Activity Recognition Protection for IoT Trigger-Action Platforms," i Proceedings - 9th IEEE European Symposium on Security and Privacy, Euro S and P 2024, 2024, s. 600-616.
[6]
A. M. Ahmadian, M. Soloviev och M. Balliu, "Disjunctive Policies for Database-Backed Programs," i 2024 IEEE 37TH Computer Security Foundations Symposium, CSF 2024, 2024, s. 388-402.
[7]
M. Soloviev, M. Balliu och R. Guanciale, "Security Properties through the Lens of Modal Logic," i 2024 IEEE 37th computer security foundations symposium, CSF 2024, 2024, s. 340-355.
[8]
M. Shcherbakov, P. Moosbrugger och M. Balliu, "Unveiling the Invisible: Detection and Evaluation of Prototype Pollution Gadgets with Dynamic Taint Analysis," i WWW 2024 - Proceedings of the ACM Web Conference, 2024, s. 1800-1811.
[9]
M. Shcherbakov, M. Balliu och C.-A. Staicu, "Silent Spring : Prototype Pollution Leads to Remote Code Execution in Node.js," i Proceedings Of The 32Nd Usenix Security Symposium, 2023, s. 5521-5538.
[10]
M. Balliu et al., "Software Bill of Materials in Java," i SCORED 2023 - Proceedings of the 2023 Workshop on Software Supply Chain Offensive Research and Ecosystem Defenses, 2023, s. 75-76.
[11]
A. M. Ahmadian och M. Balliu, "Dynamic Policies Revisited," i Proceedings - 7th IEEE European Symposium on Security and Privacy, Euro S and P 2022, 2022, s. 448-466.
[12]
A. Oak et al., "Enclave-Based Secure Programming with JE," i 2021 IEEE SECURE DEVELOPMENT CONFERENCE (SECDEV 2021), 2021.
[13]
A. Oak et al., "Language Support for Secure Software Development with Enclaves," i IEEE Computer Security Foundations Symposium (CSF 2021), 2021.
[14]
M. M. Ahmadpanah et al., "SandTrap : Securing JavaScript-driven Trigger-Action Platforms," i Proceedings Of The 30Th USENIX Security Symposium, 2021, s. 2899-2916.
[15]
M. M. Ahmadpanah et al., "SandTrap: Securing JavaScript-driven Trigger-Action Platforms," i USENIX Security Symposium (USENIX Security 2021), 2021.
[16]
M. M. Ahmadpanah et al., "Securing Node-RED Applications," i Protocols, Strands, and LogicEssays Dedicated to Joshua Guttman on the Occasion of his 66.66th Birthday, 2021, s. 1-21.
[17]
M. Birgersson, C. Artho och M. Balliu, "Security-Aware Multi-User Architecture for IoT," i 2021 IEEE 21ST INTERNATIONAL CONFERENCE ON SOFTWARE QUALITY, RELIABILITY AND SECURITY (QRS 2021), 2021, s. 102-113.
[18]
M. Shcherbakov och M. Balliu, "SerialDetector: Principled and Practical Exploration of Object Injection Vulnerabilities for the Web," i Proceedings of the Network and Distributed System Security Symposium (NDSS 2021), 2021.
[19]
R. M. Tsoupidi, M. Balliu och B. Baudry, "Vivienne : Relational Verification of Cryptographic Implementations in WebAssembly," i Proceedings - 2021 IEEE Secure Development Conference, SecDev 2021, 2021, s. 94-102.
[20]
I. Bastys et al., "Clockwork : Tracking Remote Timing Attacks," i Proceedings IEEE Computer Security Foundations Symposium, CSF 2020, 2020.
[21]
M. Balliu, M. Merro och M. Pasqua, "Friendly Fire: Cross-App Interactions in IoT Platforms," i https://www.cambridge.org/core/what-we-publish/textbooks#, 2020.
[22]
R. Guanciale, M. Balliu och M. Dam, "InSpectre : Breaking and Fixing Microarchitectural Vulnerabilities by Formal Analysis," i CCS '20: Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications, 2020.
[23]
C.-A. Staicu et al., "An Empirical Study of Information Flows in Real-World JavaScript," i Proceedings of the 14th ACM SIGSAC Workshop on Programming Languages and Analysis for Security, 2019, s. 45-59.
[24]
K. Tuma, M. Balliu och R. Scandariato, "Flaws in Flows : Unveiling Design Flaws via Information Flow Analysis," i Proceedings - 2019 IEEE International Conference on Software Architecture, ICSA 2019, 2019, s. 191-200.
[25]
M. Guarnieri et al., "Information-Flow Control for Database-backed Applications," i IEEE European Symposium on Security and Privacy (EuroS&P 2019), Stockholm, Sweden, 17-19 June 2019, 2019, s. 79-94.
[26]
M. Balliu, M. Merro och M. Pasqua, "Securing Cross-App Interactions in IoT Platforms," i 2019 IEEE 32nd Computer Security Foundations Symposium (CSF), 2019, s. 319-334.
[27]
I. Bastys, M. Balliu och A. Sabelfeld, "If This Then What? Controlling Flows in IoT Apps," i ACM Conference on Computer and Communications Security (CCS’18), 2018.
[28]
M. Balliu, M. Dam och R. Guanciale, "Automating Information Flow Analysis of Low Level Code," i Proceedings of CCS’14, November 3–7, 2014, Scottsdale, Arizona, USA, 2014.
[29]
M. Balliu, "A Logic for Information Flow Analysis of Distributed Programs," i Secure IT Systems : 18th Nordic Conference, NordSec 2013 Ilulissat, Greenland, October 2013 Proceedings, 2013, s. 84-99.
[30]
M. Balliu, M. Dam och G. Le Guernic, "ENCOVER : Symbolic Exploration for Information Flow Security," i 2012 IEEE 25th Computer Security Foundations Symposium (CSF), 2012, s. 30-44.
[31]
M. Balliu, M. Dam och G. Le Guernic, "Epistemic Temporal Logic for Information Flow Security," i In proc. of th 4e ACM SIGPLAN workshop on Programming Languages and Analysis for Security, 2011.
[32]
M. Balliu och I. Mastroeni, "A weakest precondition approach to active attacks analysis," i PLAS'09 : Proceedings of the ACM SIGPLAN 4th Workshop on Programming Languages and Analysis for Security, 2009, s. 59-71.
Icke refereegranskade
Avhandlingar
[33]
M. Balliu, "Logics for Information Flow Security:From Specification to Verification," Doktorsavhandling Stockholm : KTH Royal Institute of Technology, TRITA-CSC-A, 2014:13, 2014.
Rapporter
[34]
M. Balliu, "A Logic for Information Flow Analysis of Distributed Programs : (Extended Abstract)," KTH Royal Institute of Technology, 2013.
Senaste synkning med DiVA:
2024-11-19 00:22:12