| Small World with High Risks: A Study of Security Threats in the npm Ecosystem M Zimmermann, CA Staicu, C Tenny, M Pradel USENIX Security Symposium, 2019 | 166 | 2019 |
| Synode: Understanding and automatically preventing injection attacks on Node.js CA Staicu, M Pradel, B Livshits Proceedings of Network & Distributed System Security Symposium (NDSS), 2018 | 108* | 2018 |
| Freezing the web: A study of ReDoS vulnerabilities in JavaScript-based web servers CA Staicu, M Pradel USENIX Security Symposium, 2018 | 106 | 2018 |
| A survey of dynamic analysis and test generation for JavaScript E Andreasen, L Gong, A Møller, M Pradel, M Selakovic, K Sen, CA Staicu ACM Computing Surveys (CSUR) 50 (5), 1-36, 2017 | 83 | 2017 |
| Nomen est omen: Exploring and exploiting similarities between argument and parameter names H Liu, Q Liu, CA Staicu, M Pradel, Y Luo Proceedings of the 38th International Conference on Software Engineering …, 2016 | 59 | 2016 |
| Anything to hide? Studying minified and obfuscated code in the web P Skolka, CA Staicu, M Pradel The world wide web conference, 1735-1746, 2019 | 56 | 2019 |
| An empirical study of information flows in real-world JavaScript CA Staicu, D Schoepe, M Balliu, M Pradel, A Sabelfeld Proceedings of the 14th ACM SIGSAC Workshop on Programming Languages and …, 2019 | 38* | 2019 |
| Extracting taint specifications for JavaScript libraries CA Staicu, MT Torp, M Schäfer, A Møller, M Pradel Proc. 42nd International Conference on Software Engineering (ICSE), 2020 | 32 | 2020 |
| Saying ‘hi!’ is not enough: Mining inputs for effective test generation L Della Toffola, CA Staicu, M Pradel Proceedings of the 32nd IEEE/ACM International Conference on Automated …, 2017 | 23 | 2017 |
| Leaky Images: Targeted Privacy Attacks in the Web. CA Staicu, M Pradel USENIX Security Symposium, 923-939, 2019 | 20 | 2019 |
| Preventing dynamic library compromise on Node.js via RWX-based privilege reduction N Vasilakis, CA Staicu, G Ntousakis, K Kallas, B Karel, A DeHon, ... Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications …, 2021 | 16* | 2021 |
| Search based clustering for protecting software with diversified updates M Ceccato, P Falcarin, A Cabutto, YW Frezghi, CA Staicu Search Based Software Engineering: 8th International Symposium, SSBSE 2016 …, 2016 | 9 | 2016 |
| Silent Spring: Prototype Pollution Leads to Remote Code Execution in Node.js M Shcherbakov, M Balliu, CA Staicu USENIX Security Symposium, 2023 | 5 | 2023 |
| Samplefix: learning to generate functionally diverse fixes H Hajipour, A Bhattacharyya, CA Staicu, M Fritz Machine Learning and Principles and Practice of Knowledge Discovery in …, 2022 | 5 | 2022 |
| Bilingual problems: Studying the security risks incurred by native extensions in scripting languages CA Staicu, S Rahaman, Á Kiss, M Backes USENIX Security Symposium, 2023 | 4 | 2023 |
| SimSCOOD: Systematic Analysis of Out-of-Distribution Behavior of Source Code Models H Hajipour, N Yu, CA Staicu, M Fritz arXiv preprint arXiv:2210.04802, 2022 | 2 | 2022 |
| SecBench.js: An Executable Security Benchmark Suite for Server-Side JavaScript M Bhuiyan, A Srinivas, N Vasilakis, M Pradel, CA Staicu | 2 | 2022 |
| SandDriller: A fully-automated approach for testing language-based JavaScript sandboxes A AlHamdan, CA Staicu USENIX Security Symposium 2023, 2023 | 1 | 2023 |
| A Tale of Frozen Clouds: Quantifying the Impact of Algorithmic Complexity Vulnerabilities in Popular Web Servers M Hasan Masud Bhuiyan, CA Staicu arXiv e-prints, arXiv: 2211.11357, 2022 | | 2022 |
| Enhancing the security and privacy of full-stack JavaScript web applications CA Staicu TU Darmstadt, 2020 | | 2020 |
Michael PradelProfessor of Computer Science, Head of Software Lab, University of StuttgartVerified email at iste.uni-stuttgart.de
