Cristian-Alexandru Staicu
Cristian-Alexandru Staicu
CISPA Helmholtz Center for Information Security
Verified email at - Homepage
Cited by
Cited by
Small World with High Risks: A Study of Security Threats in the npm Ecosystem
M Zimmermann, CA Staicu, C Tenny, M Pradel
USENIX Security Symposium, 2019
Synode: Understanding and automatically preventing injection attacks on Node.js
CA Staicu, M Pradel, B Livshits
Proceedings of Network & Distributed System Security Symposium (NDSS), 2018
Freezing the web: A study of ReDoS vulnerabilities in JavaScript-based web servers
CA Staicu, M Pradel
USENIX Security Symposium, 2018
A survey of dynamic analysis and test generation for JavaScript
E Andreasen, L Gong, A Møller, M Pradel, M Selakovic, K Sen, CA Staicu
ACM Computing Surveys (CSUR) 50 (5), 1-36, 2017
Anything to hide? Studying minified and obfuscated code in the web
P Skolka, CA Staicu, M Pradel
The world wide web conference, 1735-1746, 2019
Nomen est omen: Exploring and exploiting similarities between argument and parameter names
H Liu, Q Liu, CA Staicu, M Pradel, Y Luo
Proceedings of the 38th International Conference on Software Engineering …, 2016
Extracting taint specifications for JavaScript libraries
CA Staicu, MT Torp, M Schäfer, A Møller, M Pradel
Proc. 42nd International Conference on Software Engineering (ICSE), 2020
An empirical study of information flows in real-world JavaScript
CA Staicu, D Schoepe, M Balliu, M Pradel, A Sabelfeld
Proceedings of the 14th ACM SIGSAC Workshop on Programming Languages and …, 2019
Saying ‘hi!’ is not enough: Mining inputs for effective test generation
L Della Toffola, CA Staicu, M Pradel
Proceedings of the 32nd IEEE/ACM International Conference on Automated …, 2017
Preventing dynamic library compromise on Node.js via RWX-based privilege reduction
N Vasilakis, CA Staicu, G Ntousakis, K Kallas, B Karel, A DeHon, ...
Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications …, 2021
SampleFix: learning to correct programs by sampling diverse fixes
H Hajipour, A Bhattacharyya, CA Staicu, M Fritz
Joint European Conference on Machine Learning and Knowledge Discovery in …, 2021
Silent Spring: Prototype Pollution Leads to Remote Code Execution in Node.js
M Shcherbakov, M Balliu, CA Staicu
USENIX Security Symposium, 2023
Leaky images: Targeted privacy attacks in the web
CA Staicu, M Pradel
28th USENIX Security Symposium (USENIX Security 19), 923-939, 2019
SecBench.js: An Executable Security Benchmark Suite for Server-Side JavaScript
M Bhuiyan, A Srinivas, N Vasilakis, M Pradel, CA Staicu
International Conference on Software Engineering (ICSE), 2023
Bilingual problems: Studying the security risks incurred by native extensions in scripting languages
CA Staicu, S Rahaman, Á Kiss, M Backes
USENIX Security Symposium, 2023
Search based clustering for protecting software with diversified updates
M Ceccato, P Falcarin, A Cabutto, YW Frezghi, CA Staicu
Search Based Software Engineering: 8th International Symposium, SSBSE 2016 …, 2016
Jack-in-the-box: An Empirical Study of JavaScript Bundling on the Web and its Security Implications
J Rack, CA Staicu
Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications …, 2023
SandDriller: A Fully-Automated Approach for Testing Language-Based JavaScript Sandboxes
A Alhamdan, CA Staicu
32nd USENIX Security Symposium (USENIX Security 23), 3457-3474, 2023
SimSCOOD: Systematic analysis of out-of-distribution behavior of source code models
H Hajipour, N Yu, CA Staicu, M Fritz
arXiv preprint arXiv:2210.04802, 2022
SoK: A Literature and Engineering Review of Regular Expression Denial of Service
MHM Bhuiyan, B Çakar, EH Burmane, JC Davis, CA Staicu
arXiv preprint arXiv:2406.11618, 2024
The system can't perform the operation now. Try again later.
Articles 1–20