Aurore Fass

Aurore Fass

Tenure-Track Faculty at CISPA

Publications and Conference Talks

Typed and Confused: Studying the Unexpected Dangers of Gradual Typing
Dominic Troppmann, Aurore Fass, and Cristian-Alexandru Staicu
In IEEE/ACM International Conference on Automated Software Engineering (ASE), October 2024
Paper Code
Acceptance rate: 26% (155/587 full research papers)

When Adversarial Perturbations meet Concept Drift: an Exploratory Analysis on ML-NIDS
Giovanni Apruzzese, Aurore Fass, and Fabio Pierazzi
In ACM AISec (CCS Workshop on Artificial Intelligence and Security), October 2024
Paper Code
Acceptance rate: 25% (18/72 full research papers)

Peeking through the window: Fingerprinting Browser Extensions through Page-Visible Execution Traces and Interactions
Shubham Agarwal, Aurore Fass, and Ben Stock
In ACM CCS, October 2024
Paper Code
Acceptance rate: 18% (129/710 full research papers, Cycle A)

What is in the Chrome Web Store? Investigating Security-Noteworthy Browser Extensions
Sheryl Hsu, Manda Tran, and Aurore Fass
In ACM AsiaCCS, July 2024
Paper Media coverage
Acceptance rate: 22% (65/301 full research papers)

Cloud Watching: Understanding Attacks Against Cloud-Hosted Services
Liz Izhikevich, Manda Tran, Michalis Kallitsis, Aurore Fass, and Zakir Durumeric
In ACM Internet Measurement Conference (IMC), October 2023
Paper
Acceptance rate: 25% (52/208 full research papers)

A World Wide View of Browsing the World Wide Web
Kimberly Ruth, Aurore Fass, Jonathan Azose, Mark Pearson, Emma Thomas, Caitlin Sadowski, and Zakir Durumeric
In ACM Internet Measurement Conference (IMC), October 2022
Paper
Acceptance rate: 26% (56/212 full research papers)

DoubleX: Statically Detecting Vulnerable Data Flows in Browser Extensions at Scale
Aurore Fass, Doliere Francis Some, Michael Backes, and Ben Stock
In ACM CCS, November 2021
Paper Code Slides Teaser Recording Media coverage
Acceptance rate: 23% (131/564 full research papers, May cycle)

Statically Detecting JavaScript Obfuscation and Minification Techniques in the Wild
Marvin Moog, Markus Demmel, Michael Backes, and Aurore Fass
In Dependable Systems and Networks (DSN), June 2021
Paper Code Slides Recording
Acceptance rate: 16% (48/295 full research papers)

Studying JavaScript Security Through Static Analysis
Aurore Fass
In PhD Thesis, Saarland University, October 2020
Paper Summary Code

JStap: A Static Pre-Filter for Malicious JavaScript Detection
Aurore Fass, Michael Backes, and Ben Stock
In Annual Computer Security Applications Conference (ACSAC), December 2019
Paper Code Slides
Acceptance rate: 23% (60/266 full research papers)

HideNoSeek: Camouflaging Malicious JavaScript in Benign ASTs
Aurore Fass, Michael Backes, and Ben Stock
In ACM CCS, November 2019
Paper Code Slides Teaser Recording
Acceptance rate: 14% (32/225 full research papers, February cycle)

JaSt: Fully Syntactic Detection of Malicious (Obfuscated) JavaScript
Aurore Fass, Robert Krawczyk, Michael Backes, and Ben Stock
In Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA), June 2018
Paper Code
Acceptance rate: 32% (18/56 full research papers)

Additional Talks

Dos and Don’ts of Reviewing

Browser Extension (In)Security

DoubleX: Statically Detecting Vulnerable Data Flows in Browser Extensions at Scale

Studying JavaScript Security Through Static Analysis

Statically Analyzing Malicious JavaScript in the Wild

HideNoSeek: Camouflaging Malicious JavaScript in Benign ASTs

JaSt: Fully Syntactic Detection of Malicious (Obfuscated) JavaScript

Automated Clustering of File Samples for the Detection of Malware Contained in Obfuscated Script-Code

Non-Academic Talks