Video Presentations

Nowdays, my students present the vast majority of our work at academic conferences. Links to these recordings can typically be found on the webpages of individual conferences.

Below, you can find the recordings of selected invited lectures and presentations of our work to different audiences, such as, CISOs, developers, etc.

Mitigating MITM Phishing Toolkit Attacks that Bypass MFA

Date June 2022
Topics phishing, network security, fingerprinting
Organizer Internet2
Based on: Catching Transparent Phish: Analyzing and Detecting MITM Phishing Toolkits, CCS 2021 (PDF)

Small and Different: Security and Privacy Risks of Mobile Browsers

Date February 2022
Topics mobile security, UI attacks, security mechanisms, proxies
Organizer UK Security and Privacy Seminar Series
Based on:
  • Meddling Middlemen: Empirical Analysis of the Risks of Data-Saving Mobile Browsers IEEE S&P 2020 (PDF)
  • Time Does Not Heal All Wounds: A Longitudinal Analysis of Security-Mechanism Support in Mobile Browsers, NDSS 2019 (PDF)

Good Bot, Bad Bot: Characterizing Automated Browsing Activity

Date September 2021
Topics bot detection, honeypots, fingerprinting, network security
Organizer OWASP
Based on: Good Bot, Bad Bot: Characterizing Automated Browsing Activity, IEEE S&P 2021 (PDF)

Everything You Always Wanted to Know About Fingerprinting Browser Extensions, But Were Afraid to Ask

Date September 2021
Topics browser fingerprinting, browser extensions, privacy
Organizer OWASP
Based on:
  • Fingerprinting in Style: Detecting Browser Extensions via Injected Style Sheets, USENIX Security 2021 (PDF)
  • Unnecessarily Identifiable: Quantifying the fingerprintability of browser extensions due to bloat, WWW 2019 (PDF)
  • XHOUND: Quantifying the Fingerprintability of Browser Extensions, IEEE S&P 2017 (PDF)

Dial One for Scam - A Large-Scale Analysis of Technical Support Scams

Date March 2017
Topics tech support scams, web security, large-scale detection, deception
Organizer CyLab, Carnegie Mellon University
Based on: Dial One for Scam: A Large-Scale Analysis of Technical Support Scams, NDSS 2017 (PDF)