PUBLICATIONS

CONFERENCE PROCEEDINGS

Browser Polygraph: Efficient Deployment of Coarse-Grained Browser Fingerprints for Web-Scale Detection of Fraud Browsers

Faezeh Kalantari, Mernoosh Zaeifi, Yeganeh Safaei, Marzieh Bitbab, Adam Oest, Gianluca Stringhini, Yan Shoshitaishvili, Adam Doupe
Proceedings of the ACM SIGCOMM Internet Measurement Conference (IMC), 2024

PraxiPaaS: A Decomposable Machine Learning System for Efficient Container Package Discovery

Zongshun Zhang, Rohan Kumar, Jason Li, Lisa Korver, Anthony Byrne, Gianluca Stringhini, Ibrahim Matta, and Ayse Coskun
Proceedings of the IEEE International Conference on Cloud Engineering (IC2E), 2024

Unleashing Performance Insights with Online Probabilistic Tracing

Mert Toslali, Syed Qasim, Srinivasan Parthasarathy, Fabio Oliveira, Hai Huang, Gianluca Stringhini, Zaoxing Liu, and Ayse Coskun
Proceedings of the IEEE International Conference on Cloud Engineering (IC2E), 2024

EasyCSPeasy: A Server-side and Language-agnostic XSS Mitigation by Devising and Ensuring Compliance with CSP

Beliz Kaleli, Manuel Egele, and Gianluca Stringhini
Proceedings of the EAI International Conference on Security and Privacy in Communication Networks (SECURECOMM), 2024

"It Was Jerks on the Internet Being Jerks on the Internet": Understanting Zoombombing Through the Eyes of Its Victims

Chen Ling and Gianluca Stringhini
Proceedings of the European Symposium on Usable Security (EuroUSEC), 2024

Unraveling the Web of Disinformation: Exploring the Larger Context of State-Sponsored Influence Campaigns on Twitter

Mohammad Hammas Saeed, Shiza Ali, Pujan Paudel, Jeremy Blackburn, and Gianluca Stringhini
Proceedings of the International Symposium on Research in Attacks, Intrusions and Defenses (RAID), 2024

From Victims to Defenders: An Exploration of the Phishing Attack Reporting Ecosystem

Zhibo Sun, Faris Bugra Kokulu, Penghui Zhang, Adam Oest, Gianluca Stringhini, Tiffany Bao, Ruoyu Wang, Yan Shoshistaishvili, Adam Doupe, Gail-Joon Ahn
Proceedings of the International Symposium on Research in Attacks, Intrusions and Defenses (RAID), 2024

Enabling Contextual Soft Moderation on Social Media through Contrastive Textual Deviation

Pujan Paudel, Mohammad Hammas Saeed, Rebecca Auger, Chris Wells, and Gianluca Stringhini
Proceedings of the USENIX Security Symposium, 2024

PIXELMOD: Improving Soft Moderation of Visual Misleading Information on Twitter

Pujan Paudel, Chen Ling, Jeremy Blackburn, and Gianluca Stringhini
Proceedings of the USENIX Security Symposium, 2024

Pandawan: Quantifying Progress in Linux-based Firmware Rehosting

Ioannis Angelakopoulos, Gianluca Stringhini, and Manuel Egele
Proceedings of the USENIX Security Symposium, 2024

LLMs Cannot Reliably Identify and Reason About Security Vulnerabilities (Yet?): A Comprehensive Evaluation, Framework, and Benchmarks

Saad Ullah, Mingji Han, Saurabh Pujar, Hammond Pearce, Ayse Coskun, and Gianluca Stringhini
Proceedings of the IEEE Symposium on Security and Privacy, 2024

TUBERAIDER: Attributing Coordinated Hate Attacks on YouTube Videos to their Source Communities

Mohammad Hammas Saeed, Kostantinos Papadamou, Jeremy Blackburn, Emiliano De Cristofaro, and Gianluca Stringhini
Proceedings of the AAAI International Conference on Web and Social Media (ICWSM), 2024

Systemization of Knowledge (SoK): Creating a Research Agenda for Human-Centered Real-Time Risk Detection on Social Media Platforms

Ashwaq Alsoubai, Jinkyung Park, Sarvech Qadir, Gianluca Stringhini, Afsaneh Razi, and Pamela Wisniewski
ACM SIGCHI Conference on Human Factors in Computer Systems (CHI), 2024

Profiling the Offline and Online Risk Experiences of Youth to Develop Targeted Interventions for Online Safety

Ashwaq Alsoubai, Afsaneh Razi, Zainab Agha, Shiza Ali, Gianluca Stringhini, Munmun De Chouwdhury, and Pamela Wisniewski
ACM Conference on Collaborative Work and Social Computing (CSCW), 2024

Lambretta: Learning to Rank for Twitter Soft Moderation

Pujan Paudel, Jeremy Blackburn, Emiliano De Cristofaro, Savvas Zannettou, and Gianluca Stringhini
Proceedings of the IEEE Symposium on Security and Privacy, 2023

SoK: Content Moderation in Social Media, from Guidelines to Enforcement, and Research to Practice

Mohit Singhal, Chen Ling, Pujan Paudel, Poojitha Thota, Nihal Kumarswamy, Gianluca Stringhini, and Shirin Nilizadeh
Proceedings of the IEEE European Symposium on Security and Privacy, 2023

Understanding the Use of Images to Spread COVID-19 Misinformation on Twitter

Yuping Wang, Chen Ling, and Gianluca Stringhini
ACM Conference on Collaborative Work and Social Computing (CSCW), 2023

Getting Meta: A Multimodal Approach for Detecting Unsafe Conversations within Instagram Direct Messages of Youth

Shiza Ali, Afsaneh Razi, Seunghyun Kim, Ashwaq Alsoubai, Chen Ling, Munmun De Chowdhury, Pamela Wisniewski, and Gianluca Stringhini
ACM Conference on Collaborative Work and Social Computing (CSCW), 2023

Sliding into My DMs: Detecting Uncomfortable or Unsafe Sexual Risk Experiences within Instagram Direct Messages Grounded in the Perspective of Youth

Afsaneh Razi, Ashwaq Alsoubai, Seunghyun Kim, Shiza Ali, Gianluca Stringhini, Munmun De Chowdhury, and Pamela Wisniewski
ACM Conference on Collaborative Work and Social Computing (CSCW), 2023

FirmSolo: Enabling dynamic analysis of binary Linux-based IoT kernel modules

Ioannis Angelakopoulos, Gianluca Stringhini, and Manuel Egele
Proceedings of the USENIX Security Symposium, 2023

Non-Polar Opposites: Analyzing the Relationship Between Echo Chambers and Hostile Intergroup Interactions on Reddit

Alexandros Efstratiou, Jeremy Blackburn, Tristan Caulfield, Gianluca Stringhini, Savvas Zannettou, Emiliano De Cristofaro
Proceedings of the AAAI International Conference on Web and Social Media (ICWSM), 2023

CERBERUS: Exploring Federated Prediction of Security Events

Mohammad Naseri, Yufei Han, Enrico Mariconti, Yun Shen, Gianluca Stringhini, and Emiliano De Cristofaro
Proceedings of the ACM SIGSAC Conference on Computer and Communications Security (CCS), 2022

Why So Toxic? Measuring and Triggering Toxic Behavior in Open-Domain Chatbots

Wai Man Si, Michael Backes, Jeremy Blackburn, Emiliano De Cristofaro, Gianluca Stringhini, Savvas Zannettou, and Yang Zhang
Proceedings of the ACM SIGSAC Conference on Computer and Communications Security (CCS), 2022 - Honorable Mention
Finalist at the CSAW Europe Applied Research Award

Finding MNEMON: Reviving Memories of Node Embeddings

Yun Shen, Yufei Han, Zhikun Zhang, Min Chen, Ting Yu, Michael Backes, Yang Zhang, and Gianluca Stringhini
Proceedings of the ACM SIGSAC Conference on Computer and Communications Security (CCS), 2022

Slapping Cats, Bopping Heads, and Oreo Shakes: Understanding Indicators of Virality in TikTok Short Videos

Chen Ling, Jeremy Blackburn, Emiliano De Cristofaro, and Gianluca Stringhini
Proceedings of the ACM Web Science Conference (WebSci), 2022

Understanding the Digital Lives of Youth: Analyzing Media Shared within Safe Versus Unsafe Private Conversations

Shiza Ali, Afsaneh Razi, Kim Seunghyun, Ashwaq Alsoubai, Joshua Gracie, Munmun De Choudhury, Pamela Wisniewski, and Gianluca Stringhini
Proceedings of the ACM Conference on Human Factors in Computing Systems (CHI), 2022

TrollMagnifier: Detecting State-Sponsored Troll Accounts on Reddit

Mohammad Hammas Saeed, Shiza Ali, Jeremy Blackburn, Emiliano De Cristofaro, Savvas Zannettou, and Gianluca Stringhini
Proceedings of the IEEE Symposium on Security and Privacy (OAKLAND), 2022
Press Coverage: Wired

"It is just a flu": Assessing the Effect of Watch History on YouTube's Pseudoscientific Video Recommendations

Kostantinos Papadamou, Savvas Zannettou, Jeremy Blackburn, Emiliano De Cristofaro, Gianluca Stringhini, and Michael Sirivianos
Proceedings of the AAAI International Conference on Web and Social Media (ICWSM), 2022

A Large-scale Temporal Measurement of Android Malicious Apps: Persistence, Migration, and Lessons Learned

Yun Shen, Pierre-Antoine Vervier, and Gianluca Stringhini
USENIX Security Symposium, 2022
Press Coverage: New Scientist, BU News

A Multi-Platform Analysis of Political News Discussion and Sharing on Web Communities

Yuping Wang, Savvas Zannettou, Jeremy Blackburn, Barry Bradlyn, Emiliano De Cristofaro, and Gianluca Stringhini
IEEE International Conference on Big Data (BigData), 2021

A Human-Centered Systematic Literature Review of Cyberbullying Detection Algorithms

Seunghyun Kim, Afsaneh Razi, Gianluca Stringhini, Pamela Wisniewski, and Munmum De Chowdhury
ACM Conference on Computer Supported Cooperative Work and Social Computing (CSCW), 2021

A Human-Centered Systematic Literature Review of the Computational Approaches for Online Sexual Risk Detection

Afsaneh Razi, Seunghyun Kim, Ashwaq Alsoubai, Gianluca Stringhini, Thamar Solorio, Munmum De Chowdhury, and Pamela Wisniewski
ACM Conference on Computer Supported Cooperative Work and Social Computing (CSCW), 2021

“How over is it?” Understanding the Incel Community on YouTube

Kostantinos Papadamou, Savvas Zannettou, Jeremy Blackburn, Emiliano De Cristofaro, Gianluca Stringhini, and Michael Sirivianos
ACM Conference on Computer Supported Cooperative Work and Social Computing (CSCW), 2021

The Gospel According to Q: Understanding the QAnon Conspiracy from the Perspective of Canonical Information

Max Aliapoulios, Antonis Papasavva, Cameron Ballard, Emiliano De Cristofaro, Gianluca Stringhini, Savvas Zannettou, and Jeremy Blackburn
Proceedings of the AAAI International Conference on Web and Social Media (ICWSM), 2022

Marked for Disruption: Tracing the Evolution of Malware Delivery Operations Targeted for Takedown

Colin Ife, Yun Shen, Steven Murdoch, Gianluca Stringhini
International Symposium on Research in Attacks, Intrusions and Defenses (RAID), 2021

Understanding the Effect of Deplatforming on Social Networks

Shiza Ali, Mohammad Hammas Saeed, Esraa Aldreabi, Jeremy Blackburn, Emiliano De Cristofaro, Savvas Zannettou, Gianluca Stringhini
ACM Web Science Conference, 2021

You Don’t Know How I Feel: Insider-Outsider Perspective Gaps in Cyberbullying Risk Detection

Seunghyun Kim, Afsaneh Razi, Gianluca Stringhini, Pamela Wisniewski, Munmun De Chowdhury
AAAI International Conference On Web and Social Media (ICWSM), 2021

“I’m a Professor, which isn’t usually a dangerous job”: Internet-Facilitated Harassment and its Impact on Researchers

Periwinkle Doerfler, Andrea Forte, Emiliano De Cristofaro, Jeremy Blackburn, Gianluca Stringhini, Damon McCoy
ACM Conference on Computer Supported Cooperative Work and Social Computing (CSCW), 2021

Does Platform Migration Compromise Content Moderation? Evidence from r/The_Donald and r/Incels

Manoel Horta Ribeiro, Shagun Jhaver, Savvas Zannettou, Jeremy Blackburn, Emiliano De Cristofaro, Gianluca Stringhini, Robert West
ACM Conference on Computer Supported Cooperative Work and Social Computing (CSCW), 2021

APPJITSU: Investigating the Resiliency of Android Applications

Onur Zungur, Antonio Bianchi, Gianluca Stringhini, Manuel Egele
IEEE European Symposium on Security and Privacy, 2021

ANDRUSPEX : Leveraging Graph Representation Learning to Predict Harmful App Installations on Mobile Devices

Yun Shen and Gianluca Stringhini
IEEE European Symposium on Security and Privacy, 2021

SocialHEISTing: Understanding Stolen Facebook Accounts

Jeremiah Onaolapo, Nektarios Leontiadis, Despoina Magka, Gianluca Stringhini
USENIX Security Symposium, 2021

Dissecting the Meme Magic: Understanding Indicators of Virality in Image Memes

Chen Ling, Ihab AbuHilal, Jeremy Blackburn, Emiliano De Cristofaro, Savvas Zannettou, Gianluca Stringhini
ACM Conference on Computer-Supported Cooperative Work and Social Computing (CSCW), 2021

"Go eat a bat, Chang!": An Early Look on the Emergence of Sinophobic Behavior on Web Communities in the Face of COVID-19

Fatemeh Tahmasbi, Leonard Schild, Chen Ling, Jeremy Blackburn, Gianluca Stringhini, Yang Zhang, Savvas Zannettou
Proceedings of The Web Conference (WWW), 2021

"Is it a Qoincidence?": A First Step Towards Understanding and Characterizing the QAnon Movement on Voat.co

Antonis Papasavva, Jeremy Blackburn, Gianluca Stringhini, Savvas Zannettou, Emiliano De Cristofaro
Proceedings of The Web Conference (WWW), 2021

To Err.Is Human: Characterizing the Threat of Unintended URLs in Social Media

Beliz Kaleli, Brian Kondracki, Manuel Egele, Nick Nikiforakis, Gianluca Stringhini
Proceedings of the ISOC Network and Distributed Security Symposium (NDSS), 2021

A First Look at Zoombombing

Chen Ling, Utkukan Balci, Jeremy Blackburn, Gianluca Stringhini
Proceedings of the IEEE Symposium on Security and Privacy, 2021

Understanding the Use of Fauxtography on Social Media

Yuping Wang, Fatemeh Tahmasbi, Jeremy Blackburn, Barry Bradlyn, Emiliano De Cristofaro, David Magerman, Savvas Zannettou, and Gianluca Stringhini
Proceedings of the AAAI International Conference on Web and Social Media (ICWSM), 2021

SoK: Hate, Harassment, and the Changing Landscape of Online Abuse

Kurt Thomas, Devdatta Akhawe, Michael Bailey, Dan Boneh, Elie Bursztein, Sunny Consolvo, Nicola Dell, Zakir Durumeric, Patrick Gage Kelley, Deepak Kumar, Damon McCoy, Sarah Meiklejohn, Thomas Ristenpart, and Gianluca Stringhini
Proceedings of the IEEE Symposium on Security and Privacy, 2021

Understanding Worldwide Private Information Collection on Android

Yun Shen, Pierre-Antoine Vervier, Gianluca Stringhini
Proceedings of the ISOC Network and Distributed Security Symposium (NDSS), 2021

The Evolution of the Manosphere Across the Web

Manoel Horta Ribeiro, Jeremy Blackburn, Barry Bradlyn, Emiliano De Cristofaro, Gianluca Stringhini, Summer Long, Stephanie Greenberg, Savvas Zannettou
Proceedings of the AAAI International Conference on Web and Social Media (ICWSM), 2021

Measuring and Characterizing Hate Speech on News Websites

Savvas Zannettou, Mai El Sherief, Shirin Nilizadeh, Elizabeth Belding, and Gianluca Stringhini
Proceedings on the ACM Web Science Conference (WebSci), 2020
Online, June 2020

LIBSPECTOR: Context-Aware Large-Scale NetworkTraffic Analysis of Android Applications

Onur Zungur, Gianluca Stringhini, and Manuel Egele
Proceedings on the IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), 2020
Online, June 2020

Raiders of the Lost Kek: 3.5 Years of Augmented 4chan Posts from the Politically Incorrect Board

Antonis Papasavva, Savvas Zannettou, Emiliano De Cristofaro, Gianluca Stringhini, and Jeremy Blackburn
Proceedings on the AAAI International Conference on Web and Social Media (ICWSM), 2020
Atlanta, GA, June 2020

BOTection: Bot Detection by Building Markov Chain Models of Bots Network Behavior

Bushra Alahmadi, Enrico Mariconti, Riccardo Spolaor, Gianluca Stringhini, and Ivan Martinovic
Proceedings of the ACM ASIA Conference on Computer and Communications Security (ASIACCS), 2020
Taipei, Taiwan, June 1-5 2020

Characterizing the Use of Images by State-Sponsored Troll Accounts on Twitter

Savvas Zannettou, Barry Bradlyn, Emiliano De Cristofaro, Gianluca Stringhini, and Jeremy Blackburn
Proceedings on the AAAI International Conference on Web and Social Media (ICWSM), 2020
Atlanta, GA, June 2020
Press Coverage: Darkreading, The Conversation, Salon

Disturbed YouTube for Kids: Characterizing and Detecting Inappropriate Videos Targeting Young Children

Konstantinos Papadamou, Antonis Papasavva, Savvas Zannettou, Jeremy Blackburn, Nicolas Kourtellis, Ilias Leontiadis, Gianluca Stringhini, and Michael Sirivianos
Proceedings on the AAAI International Conference on Web and Social Media (ICWSM), 2020
Atlanta, GA, June 2020 - Honorable Mention
Press Coverage: The New York Times, Washington Post, New Scientist, Bleeping Computer

“You Know What to Do”: Proactive Detection of YouTube Videos Targeted by Coordinated Hate Attacks

Enrico Mariconti, Guillermo Suarez-Tangil, Jeremy Blackburn, Emiliano De Cristofaro, Nicolas Kourtellis, Ilias Leontiadis, Jordi Lugue Serrano, and Gianluca Stringhini
Proceedings of the ACM Conference on Computer-Supported Cooperative Work and Social Computing (CSCW), 2019
Austin, TX, November 9-13 2019
Press Coverage: TechRepublic

attack2vec: Leveraging Temporal Word Embeddings to Understand the Evolution of Cyberattacks

Yun Shen and Gianluca Stringhini
Proceedings of the USENIX Security Symposium, 2019
Santa Clara, CA, August 14-16 2019

Waves of Malice: A Longitudinal Measurement of the Malicious File Delivery Ecosystem on the Web

Colin Ife, Yun Shen, Steven Murdoch, and Gianluca Stringhini
Proceedings of the ACM ASIA Conference on Computer and Communications Security (ASIACCS), 2019
Auckland, New Zealand, July 7-12 2019

AndrEnsemble: Leveraging API Ensembles to Characterize Android Malware Families

Omid Mirzaei, Guillermo Suarez-Tangil, Juan Maria de Fuentes, Juan Tapiador, and Gianluca Stringhini
Proceedings of the ACM ASIA Conference on Computer and Communications Security (ASIACCS), 2019
Auckland, New Zealand, July 7-12 2019

On the Perils of Leaking Referrers in Online Collaboration Services

Beliz Kaleli, Manuel Egele, and Gianluca Stringhini
Proceedings of the Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), 2019
Goteborg, Sweden, June 19-20 2019 - Best Paper Award

BORDERPATROL: Securing BYOD using fine-grained contextual information

Onur Zungur, Guillermo Suarez-Tangil, Gianluca Stringhini, and Manuel Egele
Proceedings of the IEEE/IFIP International Conference on Dependable Systems and Networks, 2019
Portland, OR, June 24-27 2019

Who Let The Trolls Out? Towards Understanding State-Sponsored Trolls

Savvas Zannettou, Tristan Caulfield, Michael Sirivianos, Gianluca Stringhini, and Jeremy Blackburn
Proceedings of the ACM Web Science Conference (WebSci), 2019
Boston, MA, June 30 - July 3 2019
Press Coverage: TechXplore

Who Watches the Watchmen: Exploring Complaints on the Web

Damilola Ibosiola, Ignacio Castro, Gianluca Stringhini, Steve Uhlig, and Gareth Tyson
Proceedings of the Web Conference (WWW), 2019
San Francisco, CA, May 13-17 2019

Pythia: a Framework for the Automated Analysis of Web Hosting Environments

Srdjan Matic, Gareth Tyson, and Gianluca Stringhini
Proceedings of the Web Conference (WWW), 2019
San Francisco, CA, May 13-17 2019
Code

Fatal Attraction: Identifying Mobile Devices Through Electromagnetic Emissions

Beatrice Perez, Mirco Musolesi, and Gianluca Stringhini
Proceedings of the ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec), 2019
Miami, FL, May 15-17 2019

LOBO – Evaluation of Generalization Deficiencies in Twitter Bot Classifiers

Juan Echeverria, Emiliano De Cristofaro, Nicolas Kourtellis, Ilias Leontiadis, Gianluca Stringhini, and Shi Zhou
Proceedings of the Annual Computer Security Applications Conference (ACSAC), 2018
San Juan, PR, December 3-7 2018

Tiresias: Predicting Security Events Through Deep Learning

Yun Shen, Enrico Mariconti, Pierre-Antoine Vervier, and Gianluca Stringhini
Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security (CCS), 2018
Toronto, ON, October 15-19 2018 - Finalist at the CSAW Europe Applied Research Award

On the Origins of Memes by Means of Fringe Web Communities

Savvas Zannettou, Tristan Caulfield, Jeremy Blackburn, Emiliano De Cristofaro, Michael Sirivianos, Gianluca Stringhini, and Guillermo Suarez-Tangil
Proceedings of the 2018 ACM SIGCOMM Internet Measurement Conference (IMC), 2018
Boston, MA, October 31-November 2 2018 - Distinguished Paper Award
Code
Press Coverage: BBC Trending, BBC News, MIT Technology Review, CBS News, The Independent, VICE, Business Insider, The Daily Dot, Quartz, El Pais (in Spanish), MotherJones

A Family of Droids: Analyzing Behavioral Model based Android Malware Detection via Static and Dynamic Analysis

Lucky Onwuzurike, Mario Almeida, Enrico Mariconti, Jeremy Blackburn, Gianluca Stringhini, and Emiliano De Cristofaro
Proceedings of the 2018 Annual Conference on Privacy, Security and Trust (PST), 2018
Belfast, UK, August 28/30 2018

Large Scale Crowdsourcing and Characterization of Twitter Abusive Behavior

Antigoni-Maria Founta, Constantinos Djouvas, Despoina Chatzakou, Ilias Leontiadis, Jeremy Blackburn, Gianluca Stringhini, Athena Vakali, Michael Sirivianos, and Nicolas Kourtellis
Proceedings of the 2018 AAAI Conference on Web and Social Media (ICWSM)
Palo Alto, CA, June 25-28 2018
Dataset

Movie Pirates of the Caribbean: Exploring Illegal Streaming Cyberlockers

Damilola Ibosiola, Benjamin Steer, Alvaro Garcia-Recuero, Gianluca Stringhini, Steve Uhlig, and Gareth Tyson
Proceedings of the 2018 AAAI Conference on Web and Social Media (ICWSM)
Palo Alto, CA, June 25-28 2018
Press Coverage: Torrent Freak

You are your Metadata: Identification and Obfuscation of Social Media Users using Metadata Information

Beatrice Perez, Mirco Musolesi, and Gianluca Stringhini
Proceedings of the 2018 AAAI Conference on Web and Social Media (ICWSM)
Palo Alto, CA, June 25-28 2018
Press Coverage: Wired, Suddeutsche Zeitung (in German), Schneier on Security

Understanding Web Archiving Services and Their (Mis)Use on Social Media

Savvas Zannettou, Jeremy Blackburn, Emiliano De Cristofaro, Michael Sirivianos, and Gianluca Stringhini
Proceedings of the 2018 AAAI Conference on Web and Social Media (ICWSM)
Palo Alto, CA, June 25-28 2018

Ex-Ray: Detection of History-Leaking Browser Extensions

Michael Weissbacher, Enrico Mariconti, Guillermo Suarez-Tangil, Gianluca Stringhini, William Robertson, and Engin Kirda
Proceedings of the 2017 Annual Computer Security Applications Conference (ACSAC)
San Juan, Puerto Rico, 4-8 December 2017

Marmite: Spreading Malicious File Reputation Through Download Graphs

Gianluca Stringhini, Yun Shen, Yufei Han, and Xiangliang Zhang
Proceedings of the 2017 Annual Computer Security Applications Conference (ACSAC)
San Juan, Puerto Rico, 4-8 December 2017

POISED: Spotting Twitter Spam Off the Beaten Paths

Shirin Nilizadeh, Francois Labreche, Ali Zand, Alireza Sadighian, Jose Fernandez, Christopher Kruegel, Gianluca Stringhini, and Giovanni Vigna
Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security (CCS)
Dallas, TX, 30 October-3 November 2017
Dataset

The Web Centipede: Understanding How Web Communities Influence Each Other Through the Lens of Mainstream and Alternative News Sources

Savvas Zannettou, Tristan Caulfield, Emiliano De Cristofaro, Nicolas Kourtellis, Ilias Leontiadis, Michael Sirivianos, Gianuca Stringhini, and Jeremy Blackburn
Proceedings of hte 2017 ACM SIGCOMM Internet Measurement conference (IMC)
London, United Kingdom, 1-3 November 2017
Press Coverage: Nature, The Atlantic, Giornale Radio Rai (in Italian), La Repubblica (in Italian), Ansa (in Italian), Sky News, Hacker News, BoingBoing, Phys.org, Naked Security

Hate is not binary: Studying abusive behavior of #GamerGate on Twitter

Despoina Chatzakou, Nicolas Kourtellis, Jeremy Blackburn, Emiliano De Cristofaro, Gianluca Stringhini, and Athena Vakali
Proceedings of the 2017 ACM Conference on Hypertext and Social Media (HyperText)
Prague, Czech Republic, 4-7 July 2017

Mean Birds: Detecting Aggression and Bullying on Twitter

Despoina Chatzakou, Nicolas Kourtellis, Jeremy Blackburn, Emiliano De Cristofaro, Gianluca Stringhini, and Athena Vakali
Proceedings of the 2017 International ACM Web Science Conference (WebSci)
Troy, NY, 26-28 June 2017

All Your Cards Are Belong To Us: Understanding Online Carding Forums

Andreas Haslebacher, Jeremiah Onaolapo, and Gianluca Stringhini
Proceedings of the 2017 APWG eCrime Symposium
Scottsdale, AZ, 25-27 April 2017 - Best Paper Award

Kek, Cucks, and God Emperor Trump: A Measurement Study of 4chan's Politically Incorrect Forum and its Effects on the Web

Gabriel Emile Hine, Jeremiah Onaolapo, Emiliano De Cristofaro, Nicolas Kourtellis, Ilias Leontiadis, Riginos Samaras, Gianluca Stringhini, and Jeremy Blackburn
Proceedings of the 2017 International Conference on Web and Social Media (ICWSM)
Montreal, Canada, 16-18 May 2017 - Best Paper Nominee
Press coverage: Nature, Giornale Radio Rai (in Italian), La Repubblica (in Italian), L'Unita' (in Italian), Ansa (in Italian), Sky News, Motherboard, The Independent, The Conversation, MIT Technology Review, Motherboard, La Stampa (in Italian), La Repubblica (in Italian), BoingBoing, Pacific Standard, The New European, BoingBoing

PayBreak: Defense against cryptographic ransomware

Eugene Kolodenker, William Koch, Gianluca Stringhini, and Manuel Egele
Proceedings of the 2017 ACM Asia Conference on Computer and Communications Security (ASIACCS)
Abu Dhabi, UAE, 2-6 April 2017

What's in a Name? Understanding Profile Name Reuse on Twitter

Enrico Mariconti, Jeremiah Onaolapo, Syed Sharique Ahmad, Nicolas Nikiforou, Manuel Egele, Nick Nikiforakis, and Gianluca Stringhini
Proceedings of the 2017 International World Wide Web Conference (WWW)
Perth, Australia, 3-7 April 2017

Kissing Cuisines: Exploring Worldwide Culinary Habits on the Web

Sina Sajadmanesh, Sina Jafarzadeh, Seyed Ali Ossia, Hamid R. Rabiee, Hamed Haddadi, Yelena Mejova, Mirco Musolesi, Emiliano De Cristofaro, and Gianluca Stringhini
Proceedings of the 2017 International World Wide Web Conference (WWW), Web Science Track
Perth, Australia, 3-7 April 2017
Press coverage: MIT Technology Review, The Independent, Sciences et Avenir (in French)

MaMaDroid: Detecting Android Malware by Building Markov Chains of Behavioral Models

Enrico Mariconti, Lucky Onwuzurike, Panagiotis Andriotis, Emiliano De Cristofaro, Gordon Ross, and Gianluca Stringhini
Proceedings of the 2017 ISOC Network and Distributed Systems Security Symposium (NDSS)
San Diego, CA, February 26-March 1 2017 - 2nd Place at the CSAW Europe Applied Research Award
Code

What Happens After You Are Pwnd: Understanding The Use of Leaked Webmail Credentials In The Wild

Jeremiah Onaolapo, Enrico Mariconti, and Gianluca Stringhini
Proceedings of the 2016 ACM SIGCOMM Internet Measurement Conference (IMC)
Santa Monica, CA, November 14-16 2016 - >Finalist at the CSAW Europe Applied Research Award
Dataset, Code
Press coverage: BBC News, Huffington Post, The State of Security, Breachful

Are Payment Card Contracts Unfair?

Steven J. Murdoch, Ingolf Becker, Ruba Abu-Salma, Ross Anderson, Nicholas Bohm, Alice Hutchings, M. Angela Sasse, and Gianluca Stringhini
Proceedings of the 2016 Financial Cryptography and Data Security Conference
Barbados, February 22-26 2016
Dataset

Drops For Stuff: An Analysis Of Reshipping Mule Scams

Shuang Hao, Kevin Borgolte, Nick Nikiforakis, Gianluca Stringhini, Manuel Egele, Michael Eubanks, Brian Krebs, and Giovanni Vigna
Proceedings of the 2015 ACM Conference on Computer and Communications Security (CCS)
Denver, CO, October 12-16 2015
Press coverage: Krebs on Security, Schneier on Security

EvilCohort: Detecting Communities of Malicious Accounts on Online Services

Gianluca Stringhini, Pierre Mourlanne, Gregoire Jacob, Manuel Egele, Christopher Kruegel, and Giovanni Vigna
Proceedings of the 2015 USENIX Security Symposium
Washington, DC, 12-14 August 2015

That Ain't You: Blocking Spearphishing Through Behavioral Modelling

Gianluca Stringhini and Olivier Thonnard
Proceedings of the 2015 Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA)
Milan, Italy, 8-10 July 2015

Quit Playing Games With My Heart: Understanding Online Dating Scams

JingMin Huang, Gianluca Stringhini, and Peng Yong
Proceedings of the 2015 Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA)
Milan, Italy, 8-10 July 2015
Press coverage: Buzzfeed, Schneier on Security, The Young Turks

The Dark Alleys of Madison Avenue: Understanding Malicious Advertisements

Apostolis Zarras, Alexandros Kapravelos, Gianluca Stringhini, Thorsten Holz, Christopher Kruegel, and Giovanni Vigna
Proceedings of the 2014 Internet Measurement Conference (IMC)
Vancouver, BC, 5-7 November 2014
Press coverage: Infoworld

The Harvester, the Botmaster, and the Spammer: On the Relations Between the Different Actors in the Spam Landscape

Gianluca Stringhini, Oliver Hohlfeld, Christopher Kruegel, and Giovanni Vigna
Proceedings of the 2014 ACM Symposium on Information, Computer and Communications Security (ASIACCS)
Kyoto, Japan, 4-6 June 2014
Press coverage: Help Net Security, Slashdot,Threatpost, Deutschlandfunk (in German), Frankfurter Allgemeine Sonntagszeitung

Stranger Danger: Exploring the Ecosystem of Ad-based URL Shortening Services

Nick Nikiforakis, Federico Maggi, Gianluca Stringhini, M Zubair Rafique, Wouter Joosen, Christopher Kruegel, Frank Piessens, Giovanni Vigna, and Stefano Zanero
Proceedings of the 2014 International World Wide Web Conference (WWW)
Seoul, Korea, 7-11 April 2014
Press coverage: Brown Hat Security

Shady Paths: Leveraging Surfing Crowds to Detect Malicious Web Pages

Gianluca Stringhini, Christopher Kruegel, and Giovanni Vigna
Proceedings of the 2013 ACM Conference on Computer and Communication Security (CCS)
Berlin, Germany, 4-8 November 2013

Follow the Green: Growth and Dynamics in Twitter Followers Markets

Gianluca Stringhini, Gang Wang, Manuel Egele, Christopher Kruegel, Giovanni Vigna, Ben Y. Zhao, and Haitao Zheng
Proceedings of the 2013 Internet Measurement Conference (IMC)
Barcelona, Spain, 23-25 October 2013

Two Years of Short URLs Internet Measurement: Security Threats and Countermeasures

Federico Maggi, Alessandro Frossi, Gianluca Stringhini, Brett Stone-Gross, Christopher Kruegel, Giovanni Vigna, and Stefano Zanero
Proceedings of the 2013 International World Wide Web Conference (WWW)
Rio De Janeiro, Brazil, 13-17 May 2013

COMPA: Detecting Compromised Accounts on Social Networks

Manuel Egele, Gianluca Stringhini, Christopher Kruegel, and Giovanni Vigna
Proceedings of the 2013 ISOC Network and Distributed System Security Symposium (NDSS)
San Diego, CA, 24-27 February 2013
Press coverage: Threatpost, Coastlines - UCSB Alumni Association

B@bel: Leveraging Email Delivery for Spam Mitigation

Gianluca Stringhini, Manuel Egele, Apostolis Zarras, Thorsen Holz, Christopher Kruegel, and Giovanni Vigna
Proceedings of the 2012 USENIX Security Symposium
Bellevue, WA, 8-10 August 2012
MD5 checksums of the malware samples used for our experiments

Hit 'em Where it Hurts: A Live Security Exercise on Cyber Situational Awareness

Adam Doupe, Manuel Egele, Benjamin Caillat, Gianluca Stringhini, Gorkem Yakin, Ali Zand, Ludovico Cavedon, and Giovanni Vigna
Proceedings of the 2011 Annual Computer Security Applications Conference (ACSAC)
Orlando, FL, 5-9 December 2011

BotMagnifier: Locating Spambots on the Internet

Gianluca Stringhini, Thorsten Holz, Brett Stone-Gross, Christopher Kruegel, and Giovanni Vigna
Proceedings of the 2011 USENIX Security Symposium
San Francisco, CA, 8-12 August 2011

Detecting Spammers on Social Networks

Gianluca Stringhini, Christopher Kruegel, and Giovanni Vigna
Proceedings of the 2010 Annual Computer Security Applications Conference (ACSAC)
Austin, TX, 6-10 December 2010 - Best Student Paper Award
Press coverage: Darkreading

JOURNAL PAPERS

Eight Years of Rider Measurement in the Android Malware Ecosystem: Evolution and Lessons Learned

Guillermo Suarez-Tangil and Gianluca Stringhini
IEEE Transactions on Dependable and Secure Computing (TDSC)
Press Coverage: IEEE Spectrum

Detecting Cyberbullying and Cyberaggression in Social Media

Despoina Chatzakou, Nicolas Kourtellis, Jeremy Blackburn, Emiliano De Cristofaro, Gianluca Stringhini, and Athena Vakali
ACM Transactions on the Web (TWEB), 2019
Press coverage: BBC, The Register

Automatically Dismantling Online Dating Fraud

Guillermo Suarez-Tangil, Matthew Edwards, Claudia Peersman, Gianluca Stringhini, Awais Rashid, Monica Whitty
IEEE Transactions on Information Forensics and Security (TIFS), 2019

MaMaDroid: Detecting Android Malware by Building Markov Chains of Behavioral Models (Extended Version)

Enrico Mariconti, Lucky Onwuzurike, Panagiotis Andriotis, Emiliano De Cristofaro, Gordon Ross, and Gianluca Stringhini
ACM Transactions on Privacy and Security (TOPS), 2019
Code

Under and over the surface: a comparison of the use of leaked account credentials in the Dark and Surface Web

Adrian Bermudez Villalva, Jeremiah Onaolapo, Gianluca Stringhini, Mirco Musolesi
In Crime Science
2018

From risk factors to detection and intervention: a practical proposal for future work on cyberbullying

Andri Ioannou, Jeremy Blackburn, Gianluca Stringhini, Emiliano De Cristofaro, Nicolas Kourtellis, and Michael Sirivianos
In Behavious and Information Technology
2018

Studying Users’ Adaptation to Android’s Run-time Fine-grained Access Control System

Panagiotis Andriotis, Martina Angela Sasse, and Gianluca Stringhini
In Journal of Information Security and Applications
2018

International Comparison of Bank Fraud Reimbursement: Customer Perceptions and Contractual Terms

Ingolf Becker, Alice Hutchings, Ruba Abu-Salma, Ross Anderson, Nicholas Bohm, Steven J. Murdoch, M. Angela Sasse and Gianluca Stringhini
In Journal of Cybersecurity
2018

Towards Detecting Compromised Accounts on Social Networks

Manuel Egele, Gianluca Stringhini, Christopher Kruegel, and Giovanni Vigna
Transactions on Dependable and Secure Computing (TDSC)
2015

Poultry Markets: On the Underground Economy of Twitter Followers

Gianluca Stringhini, Manuel Egele, Christopher Kruegel, and Giovanni Vigna
ACM SIGCOMM Computer Communication Review - Volume 42 Issue 4
August 2012

WORKSHOP PROCEEDINGS

A Measurement Study on the Advertisements Displayed to Web Users Coming from the Regular Web and from Tor

Dario Adriano Bermudez Villalva, Mirco Musolesi, and Gianluca Stringhini
In Proceedings of the 2020 Workshop on Attackers and Cyber-Crime Operations (WACCO)
Online, 7 September 2020

Examining the Impact of Social Distance on the Reaction to a Tragedy: A Case Study on Sulli’s Death

Chen Ling and Gianluca Stringhini
In Proceedings of the 2020 International Workshop on Cyber Social Threats (CySoc)
Online, 8 June 2020

Studying the Privacy Issues of the Incorrect Use of the Feature Policy

Beliz Kaleli, Manuel Egele, and Gianluca Stringhini
In Proceedings of the 2020 Workshop on Measurements, Attacks, and Defenses for the Web (MADWeb)
San Diego, CA, 23 February 2020

A Qualitative Evaluation of Two Different Law Enforcement Approaches on Dark Net Markets

Cerys Bradley and Gianluca Stringhini
In Proceedings of the 2019 Workshop on Attackers and Cyber-Crime Operations (WACCO)
Stockholm, Sweden, 20 June 2019

Master of Sheets: A Tale of Compromised Cloud Documents

Jeremiah Onaolapo, Martin Lazarov, and Gianluca Stringhini
In Proceedings of the 2019 Workshop on Attackers and Cyber-Crime Operations (WACCO)
Stockholm, Sweden, 20 June 2019

Disinformation Warfare: Understanding State-Sponsored Trolls on Twitter and Their Influence on the Web

Savvas Zannettou, Tristan Caulfield, Emiliano De Cristofaro, Michael Sirivianos, Gianluca Stringhini, and Jeremy Blackburn
Proceedings of the Workshop on Computational Methods in Online Misbehavior (CYBERSAFETY)
San Francisco, CA, 13 May 2019 - Best paper award
Press Coverage: The Register, The Conversation, Formiche (in Italian)

The Geography of Online Dating Fraud

Matthew Edwards, Guillermo Suarez-Tangil, Claudia Peersman, Gianluca Stringhini, Awais Rashid, and Monica Whitty
In Proceedings of the 2018 Workshop on Technology and Consumer Protection (ConPro)
San Francisco, CA, 24 May 2018

What is Gab? A Bastion of Free Speech or an Alt-Right Echo Chamber?

Savvas Zannettou, Barry Bradlyn, Emiliano De Cristofaro, Michael Sirivianos, Gianluca Stringhini, Haewoon Kwak, and Jeremy Blackburn
In Proceedings of the 2018 Workshop on Computational Methods in CyberSafety, Online Harassment and Misinformation (CYBERSAFETY)
Lyon, France, 24 April 2018
Dataset
Press coverage: The Wall Street Journal, Wired, New Scientist, Vice

BABELTOWER: How Language Affects Criminal Activity in Stolen Webmail Accounts

Emeric Bernard-Jones, Jeremiah Onaolapo, and Gianluca Stringhini
In Proceedings of the 2018 Workshop on Computational Methods in CyberSafety, Online Harassment and Misinformation (CYBERSAFETY)
Lyon, France, 24 April 2018

The Cause of All Evils: Assessing Causality Between User Actions and Malware Activity

Enrico Mariconti, Jeremiah Onaolapo, Gordon Ross, and Gianluca Stringhini
Proceedings of the 2017 USENIX Workshop on Cyber Security Experimentation and Test (CSET)
Vancouver, BC, 14 August 2017

Class-based Prediction Errors to Categorize Text with Out-of-vocabulary Words

Joan Serra, Ilias Leontiadis, Dimitris Spathis, Gianluca Stringhini, Jeremy Blackburn, and Athena Vakali
Proceedings of the 2017 Workshop on Abusive Language (ALW)
Vancouver, BC, 4 August 2017

Flipping 419 Scams: Targeting the Weak and the Vulnerable

Gibson Mba, Jeremiah Onaolapo, Gianluca Stringhini, and Lorenzo Cavallaro
Proceedings of the 2017 International Workshop on Computational Methods for CyberSafety (CYBERSAFETY)
Perth, Australia, 3 April 2017

Measuring #GamerGate: A Tale of Hate, Sexism, and Bullying

Despoina Chatzakou, Nicolas Kourtellis, Jeremy Blackburn, Emiliano De Cristofaro, Gianluca Stringhini, and Athena Vakali
Proceedings of the 2017 International Workshop on Computational Methods for CyberSafety (CYBERSAFETY)
Perth, Australia, 3 April 2017
Press coverage: Wired

Ethical and Social Challenges with developing Automated Methods to Detect and Warn potential victims of Mass-marketing Fraud (MMF)

Monica whitty, Mike Edwards, Michael Levi, Claudia Peersman, Awais Rashid, Angela Sasse, Tom Sorell, and Gianluca Stringhini
Proceedings of the 2017 International Workshop on Computational Methods for CyberSafety (CYBERSAFETY)
Perth, Australia, 3 April 2017

Permissions Snapshots: Assessing Users' Adaptation to the Android Runtime Permission Model

Panagiotis Andriotis, M. Angela Sasse, and Gianluca Stringhini
Proceedings of the 2016 IEEE International Workshop on Information Forensics and Security (WIFS)
Abu Dhabi, UAE, 7-8 December 2016

Honey Sheets: What Happens to Leaked Google Spreadsheets?

Martin Lazarov, Jeremiah Onaolapo, and Gianluca Stringhini
Proceedings of the 2016 USENIX Workshop on Cyber Security Experimentation and Test (CSET)
Austin, TX, 8 August 2016
Dataset

What's your major threat? On the differences between the network behavior of targeted and commodity malware

Enrico Mariconti, Jeremiah Onaolapo, Gordon Ross, and Gianluca Stringhini
Proceedings of the 2016 International Workshop on Malware Analysis (WMA)
Salzburg, Austria, 3 September 2016

International Comparison of Bank Fraud Reimbursement: Customer Perceptions and Contractual Terms

Ingolf Becker, Alice Hutchings, Ruba Abu-Salma, Ross Anderson, Nicholas Bohm, Steven J. Murdoch, M. Angela Sasse and Gianluca Stringhini
Proceedings of the 2016 Workshop on the Economics of Information Security (WEIS)
Berkeley, CA, 13-14 June 2016

Why Allowing Profile Name Reuse Is A Bad Idea

Enrico Mariconti, Jeremiah Onaolapo, Syed Sharique Ahmad, Nicolas Nikiforou, Manuel Egele, Nick Nikiforakis, and Gianluca Stringhini
Proceedings of the 2016 European Workshop on System Security (EUROSEC)
London, UK, 18 April 2016

The Tricks of the Trade: What Makes Spam Campaigns Successful?

Jane Iedemska, Gianluca Stringhini, Richard Kemmerer, Christopher Kruegel, and Giovanni Vigna
Proceedings of the 2014 International Workshop on Cyber Crime (IWCC)
San Jose, CA, 18 May 2014
Press coverage: The Register

Poultry Markets: On the Underground Economy of Twitter Followers

Gianluca Stringhini, Manuel Egele, Christopher Kruegel, and Giovanni Vigna
Proceedings of the 2012 SIGCOMM Workshop on Online Social Networks (WOSN)
Helsinki, Finland, 16 August 2012

The Underground Economy of Spam: A Botmaster's Perspective of Coordinating Large-Scale Spam Campaigns

Brett Stone-Gross, Thorsten Holz, Gianluca Stringhini, and Giovanni Vigna
Proceedings of the 2011 USENIX Workshop on Large-Scale Exploits and Emerging Threats (LEET)
Boston, MA, 29 march 2011
Press coverage: Krebs on Security, CSO Online

DISSERTATION

Stepping Up the Cybersecurity Game: Protecting Online Services from Malicious Activity

Gianluca Stringhini
PhD Dissertation, University of California Santa Barbara
June 2014
Outstanding Dissertation Award, Department of Computer Science, UCSB

OTHERS AND UNREFEREED

What Happens After You Are Pwnd: Understanding The Use of Leaked Account Credentials In The Wild

Jeremiah Onaolapo, Enrico Mariconti, and Gianluca Stringhini
Technical Report, 2016

Master Of Puppets: Analyzing And Attacking A Botnet For Fun And Profit

Genki Saito and Gianluca Stringhini
Technical Report, 2015

On The Threats To Cloud-based Online Service Users

Gianluca Stringhini
Extended abstract, International Conference on High Performance Computing and Simulation (HPCS)
Amsterdam, Netherlands, 21 July 2015

Thinking Like They Do: An Inside Look at Cybercriminal Operations

Gianluca Stringhini
Presentation abstract, International Crime and Intelligence Analysis Conference
Manchester, UK, 26-27 February 2015

That Ain't You: Detecting Spearphishing Emails Before They Are Sent

Gianluca Stringhini and Olivier Thonnard
Technical Report, 2014