default search action
Stefano Calzavara
Person information
- affiliation: Ca' Foscari University of Venice, Italy
Refine list
refinements active!
zoomed in on ?? of ?? records
view refined list in
export refined list as
2020 – today
- 2024
- [j17]Zubair Ahmad
, Stefano Calzavara, Samuele Casarin, Ben Stock:
Information flow control for comparative privacy analyses. Int. J. Inf. Sec. 23(5): 3199-3216 (2024) - [j16]Zubair Ahmad
An Empirical Analysis of Web Storage and Its Applications to Web Tracking. ACM Trans. Web 18(1): 7:1-7:28 (2024) - [c44]Pedro Bernardo, Lorenzo Veronese, Valentino Dalla Valle, Stefano Calzavara, Marco Squarcina, Pedro Adão, Matteo Maffei:
Web Platform Threats: Automated Detection of Web Security Issues With WPT. USENIX Security Symposium 2024 - [i15]Stefano Calzavara, Lorenzo Cazzaro, Claudio Lucchese, Giulio Ermanno Pibiri:
Verifiable Boosted Tree Ensembles. CoRR abs/2402.14988 (2024) - [i14]Stefano Calzavara, Lorenzo Cazzaro, Massimo Vettori:
Timber! Poisoning Decision Trees. CoRR abs/2410.00862 (2024) - [i13]Stefano Calzavara, Lorenzo Cazzaro, Donald Gera, Salvatore Orlando:
Watermarking Decision Tree Ensembles. CoRR abs/2410.04570 (2024) - 2023
- [j15]Stefano Calzavara, Pietro Ferrara
Certifying machine learning models against evasion attacks by program analysis. J. Comput. Secur. 31(1): 57-84 (2023) - [j14]Stefano Calzavara, David A. Naumann:
Special issue: 35th IEEE Computer Security Symposium - CSF 2022. J. Comput. Secur. 31(5): 419-420 (2023) - [c43]Stefano Calzavara
Verifiable Learning for Robust Tree Ensembles. CCS 2023: 1850-1864 - [c42]Florian Hantke
You Call This Archaeology? Evaluating Web Archives for Reproducible Web Security Measurements. CCS 2023: 3168-3182 - [c41]Stefano Calzavara, Lorenzo Cazzaro
Explainable Global Fairness Verification of Tree-Based Classifiers. SaTML 2023: 1-17 - [p1]Michele Bugliesi
Cryptographic Web Applications: from Security Engineering to Formal Analysis. Handb. Formal Anal. Verification Cryptogr. 2023: 275-318 - [i12]Stefano Calzavara, Lorenzo Cazzaro
Verifiable Learning for Robust Tree Ensembles. CoRR abs/2305.03626 (2023) - 2022
- [j13]Stefano Calzavara, Lorenzo Cazzaro
Beyond robustness: Resilience verification of tree-based classifiers. Comput. Secur. 121: 102843 (2022) - [c40]Sebastian Roth, Stefano Calzavara, Moritz Wilhelm, Alvise Rabitti, Ben Stock:
The Security Lottery: Measuring Client-Side Web Security Inconsistencies. USENIX Security Symposium 2022: 2047-2064 - [i11]Stefano Calzavara, Lorenzo Cazzaro
Explainable Global Fairness Verification of Tree-Based Classifiers. CoRR abs/2209.13179 (2022) - 2021
- [j12]Stefano Calzavara, Hugo Jonker
Measuring Web Session Security at Scale. Comput. Secur. 111: 102472 (2021) - [j11]Stefano Calzavara, Claudio Lucchese, Federico Marcuzzi
Feature partitioning for robust tree ensembles and their certification in adversarial scenarios. EURASIP J. Inf. Secur. 2021(1): 12 (2021) - [c39]Stefano Calzavara, Lorenzo Cazzaro
AMEBA: An Adaptive Approach to the Black-Box Evasion of Machine Learning Models. AsiaCCS 2021: 292-306 - [c38]Stefano Calzavara, Tobias Urban, Dennis Tatang, Marius Steffens, Ben Stock:
Reining in the Web's Inconsistencies with Site Policy. NDSS 2021 - [c37]Marco Squarcina, Stefano Calzavara, Matteo Maffei:
The Remote on the Local: Exacerbating Web Attacks Via Service Workers Caches. SP (Workshops) 2021: 432-443 - [c36]Marco Squarcina, Mauro Tempesta, Lorenzo Veronese, Stefano Calzavara, Matteo Maffei:
Can I Take Your Subdomain? Exploring Same-Site Attacks in the Modern Web. USENIX Security Symposium 2021: 2917-2934 - [i10]Lorenzo Veronese, Stefano Calzavara, Luca Compagna:
Bulwark: Holistic and Verified Security Monitoring of Web Protocols. CoRR abs/2101.06043 (2021) - [i9]Stefano Calzavara, Lorenzo Cazzaro, Claudio Lucchese, Federico Marcuzzi, Salvatore Orlando:
Beyond Robustness: Resilience Verification of Tree-Based Classifiers. CoRR abs/2112.02705 (2021) - 2020
- [j10]Stefano Calzavara
Treant: training evasion-aware decision trees. Data Min. Knowl. Discov. 34(5): 1390-1420 (2020) - [j9]Stefano Calzavara
Machine Learning for Web Vulnerability Detection: The Case of Cross-Site Request Forgery. IEEE Secur. Priv. 18(3): 8-16 (2020) - [c35]Stefano Calzavara
Language-Based Web Session Integrity. CSF 2020: 107-122 - [c34]Lorenzo Veronese, Stefano Calzavara
Bulwark: Holistic and Verified Security Monitoring of Web Protocols. ESORICS (1) 2020: 23-41 - [c33]Stefano Calzavara
Certifying Decision Trees Against Evasion Attacks by Program Analysis. ESORICS (2) 2020: 421-438 - [c32]Imane Fouad, Cristiana Santos, Feras Al Kassar, Nataliia Bielova
On Compliance of Cookie Purposes with the Purpose Specification Principle. EuroS&P Workshops 2020: 326-333 - [c31]Stefano Calzavara
SecWeb 2020 Preface. EuroS&P Workshops 2020: 645 - [c30]Stefano Calzavara, Riccardo Focardi, Alvise Rabitti, Lorenzo Soligo:
A Hard Lesson: Assessing the HTTPS Deployment of Italian University Websites. ITASEC 2020: 93-104 - [c29]Sebastian Roth, Timothy Barron, Stefano Calzavara, Nick Nikiforakis, Ben Stock:
Complex Security Policy? A Longitudinal Analysis of Deployed Content Security Policies. NDSS 2020 - [c28]Stefano Calzavara, Sebastian Roth, Alvise Rabitti, Michael Backes, Ben Stock:
A Tale of Two Headers: A Formal Analysis of Inconsistent Click-Jacking Protection on the Web. USENIX Security Symposium 2020: 683-697 - [i8]Stefano Calzavara, Riccardo Focardi, Niklas Grimm, Matteo Maffei, Mauro Tempesta:
Language-Based Web Session Integrity. CoRR abs/2001.10405 (2020) - [i7]Stefano Calzavara, Claudio Lucchese, Federico Marcuzzi, Salvatore Orlando:
Feature Partitioning for Robust Tree Ensembles and their Certification in Adversarial Scenarios. CoRR abs/2004.03295 (2020) - [i6]Stefano Calzavara, Pietro Ferrara, Claudio Lucchese:
Certifying Decision Trees Against Evasion Attacks by Program Analysis. CoRR abs/2007.02771 (2020) - [i5]Marco Squarcina, Mauro Tempesta, Lorenzo Veronese, Stefano Calzavara, Matteo Maffei:
Can I Take Your Subdomain? Exploring Related-Domain Attacks in the Modern Web. CoRR abs/2012.01946 (2020)
2010 – 2019
- 2019
- [j8]Stefano Calzavara
Sub-session hijacking on the web: Root causes and prevention. J. Comput. Secur. 27(2): 233-257 (2019) - [c27]Stefano Calzavara
Adversarial Training of Gradient-Boosted Decision Trees. CIKM 2019: 2429-2432 - [c26]Stefano Calzavara
Testing for Integrity Flaws in Web Sessions. ESORICS (2) 2019: 606-624 - [c25]Stefano Calzavara
Mitch: A Machine Learning Approach to the Black-Box Detection of CSRF Vulnerabilities. EuroS&P 2019: 528-543 - [c24]Stefano Calzavara
Semantically Sound Analysis of Content Security Policies. FORTE 2019: 293-297 - [c23]Stefano Calzavara
Postcards from the Post-HTTP World: Amplification of HTTPS Vulnerabilities in the Web Ecosystem. IEEE Symposium on Security and Privacy 2019: 281-298 - [i4]Stefano Calzavara, Claudio Lucchese, Gabriele Tolomei, Seyum Assefa Abebe, Salvatore Orlando:
Treant: Training Evasion-Aware Decision Trees. CoRR abs/1907.01197 (2019) - 2018
- [j7]Stefano Calzavara
Semantics-Based Analysis of Content Security Policy Deployment. ACM Trans. Web 12(2): 10:1-10:36 (2018) - [c22]Stefano Calzavara, Alvise Rabitti, Michele Bugliesi:
Dr Cookie and Mr Token - Web Session Implementations and How to Live with Them. ITASEC 2018 - [c21]Stefano Calzavara, Riccardo Focardi, Matteo Maffei, Clara Schneidewind, Marco Squarcina, Mauro Tempesta:
WPSE: Fortifying Web Protocols via Browser-Side Security Monitoring. USENIX Security Symposium 2018: 1493-1510 - [c20]Stefano Calzavara
Surviving the Web: A Journey into Web Session Security. WWW (Companion Volume) 2018: 451-455 - [i3]Stefano Calzavara, Riccardo Focardi, Matteo Maffei, Clara Schneidewind, Marco Squarcina, Mauro Tempesta:
WPSE: Fortifying Web Protocols via Browser-Side Security Monitoring. CoRR abs/1806.09111 (2018) - 2017
- [j6]Stefano Calzavara
Surviving the Web: A Journey into Web Session Security. ACM Comput. Surv. 50(1): 13:1-13:34 (2017) - [j5]Michele Bugliesi
Formal methods for web security. J. Log. Algebraic Methods Program. 87: 110-126 (2017) - [c19]Stefano Calzavara
A Sound Flow-Sensitive Heap Abstraction for the Static Analysis of Android Applications. CSF 2017: 22-36 - [c18]Stefano Calzavara, Alvise Rabitti, Michele Bugliesi:
CCSP: Controlled Relaxation of Content Security Policies by Runtime Policy Composition. USENIX Security Symposium 2017: 695-712 - [i2]Stefano Calzavara, Ilya Grishchenko, Adrien Koutsos, Matteo Maffei:
A Sound Flow-Sensitive Heap Abstraction for the Static Analysis of Android Applications. CoRR abs/1705.10482 (2017) - [i1]Stefano Calzavara, Ilya Grishchenko, Matteo Maffei:
HornDroid: Practical and Sound Static Analysis of Android Applications by SMT Solving. CoRR abs/1707.07866 (2017) - 2016
- [j4]Michele Bugliesi
Security protocol specification and verification with AnBx. J. Inf. Secur. Appl. 30: 46-63 (2016) - [c17]Stefano Calzavara
Content Security Problems?: Evaluating the Effectiveness of Content Security Policy in the Wild. CCS 2016: 1365-1375 - [c16]Stefano Calzavara
Micro-policies for Web Session Security. CSF 2016: 179-193 - [c15]Stefano Calzavara
Static Detection of Collusion Attacks in ARBAC-Based Workflow Systems. CSF 2016: 458-470 - [c14]Stefano Calzavara
HornDroid: Practical and Sound Static Analysis of Android Applications by SMT Solving. EuroS&P 2016: 47-62 - 2015
- [j3]Michele Bugliesi
CookiExt: Patching the browser against session hijacking attacks. J. Comput. Secur. 23(4): 509-537 (2015) - [j2]Michele Bugliesi
Affine Refinement Types for Secure Distributed Programming. ACM Trans. Program. Lang. Syst. 37(4): 11:1-11:66 (2015) - [j1]Stefano Calzavara
A Supervised Learning Approach to Protect Client Authentication on the Web. ACM Trans. Web 9(3): 15:1-15:30 (2015) - [c13]Stefano Calzavara
Compositional Typed Analysis of ARBAC Policies. CSF 2015: 33-45 - [c12]Stefano Calzavara
Fine-Grained Detection of Privilege Escalation Attacks on Browser Extensions. ESOP 2015: 510-534 - [c11]Stefano Calzavara
Formal Verification of Liferay RBAC. ESSoS 2015: 1-16 - 2014
- [c10]Michele Bugliesi
Provably Sound Browser-Based Enforcement of Web Session Integrity. CSF 2014: 366-380 - [c9]Michele Bugliesi
Automatic and Robust Client-Side Protection for Cookie-Based Sessions. ESSoS 2014: 161-178 - [c8]Wilayat Khan, Stefano Calzavara
Client Side Web Session Integrity as a Non-interference Property. ICISS 2014: 89-108 - [c7]Stefano Calzavara
Quite a mess in my cookie jar!: leveraging machine learning to protect web authentication. WWW 2014: 189-200 - 2013
- [b1]Stefano Calzavara:
Static verification and enforcement of authorization policies. Ca' Foscari University of Venice, Italy, 2013 - [c6]Michele Bugliesi
Lintent: Towards Security Type-Checking of Android Applications. FMOODS/FORTE 2013: 289-304 - [c5]Michele Bugliesi
Logical Foundations of Secure Resource Management in Protocol Implementations. POST 2013: 105-125 - 2012
- [c4]Michele Bugliesi
Gran: Model Checking Grsecurity RBAC Policies. CSF 2012: 126-138 - [c3]Michele Bugliesi
Affine Refinement Types for Authentication and Authorization. TGC 2012: 19-33 - 2011
- [c2]Michele Bugliesi
Resource-Aware Authorization Policies for Statically Typed Cryptographic Protocols. CSF 2011: 83-98 - 2010
- [c1]Michele Bugliesi
Secrecy and Authenticity Types for Secure Distributed Messaging. ARSPA-WITS 2010: 23-40
Coauthor Index
manage site settings
To protect your privacy, all features that rely on external API calls from your browser are turned off by default. You need to opt-in for them to become active. All settings here will be stored as cookies with your web browser. For more information see our F.A.Q.
Unpaywalled article links
Add open access links from to the list of external document links (if available).
Privacy notice: By enabling the option above, your browser will contact the API of unpaywall.org to load hyperlinks to open access articles. Although we do not have any reason to believe that your call will be tracked, we do not have any control over how the remote server uses your data. So please proceed with care and consider checking the Unpaywall privacy policy.
Archived links via Wayback Machine
For web page which are no longer available, try to retrieve content from the of the Internet Archive (if available).
Privacy notice: By enabling the option above, your browser will contact the API of archive.org to check for archived content of web pages that are no longer available. Although we do not have any reason to believe that your call will be tracked, we do not have any control over how the remote server uses your data. So please proceed with care and consider checking the Internet Archive privacy policy.
Reference lists
Add a list of references from ,
, and
to record detail pages.
load references from crossref.org and opencitations.net
Privacy notice: By enabling the option above, your browser will contact the APIs of crossref.org, opencitations.net, and semanticscholar.org to load article reference information. Although we do not have any reason to believe that your call will be tracked, we do not have any control over how the remote server uses your data. So please proceed with care and consider checking the Crossref privacy policy and the OpenCitations privacy policy, as well as the AI2 Privacy Policy covering Semantic Scholar.
Citation data
Add a list of citing articles from and
to record detail pages.
load citations from opencitations.net
Privacy notice: By enabling the option above, your browser will contact the API of opencitations.net and semanticscholar.org to load citation information. Although we do not have any reason to believe that your call will be tracked, we do not have any control over how the remote server uses your data. So please proceed with care and consider checking the OpenCitations privacy policy as well as the AI2 Privacy Policy covering Semantic Scholar.
OpenAlex data
Load additional information about publications from .
Privacy notice: By enabling the option above, your browser will contact the API of openalex.org to load additional information. Although we do not have any reason to believe that your call will be tracked, we do not have any control over how the remote server uses your data. So please proceed with care and consider checking the information given by OpenAlex.
last updated on 2024-11-14 00:49 CET by the dblp team
all metadata released as open data under CC0 1.0 license
see also: Terms of Use | Privacy Policy | Imprint
dblp was originally created in 1993 at:
since 2018, dblp has been operated and maintained by:
the dblp computer science bibliography is funded and supported by: