Model checking invariant security properties in OpenFlow S Son, S Shin, V Yegneswaran, P Porras, G Gu 2013 IEEE international conference on communications (ICC), 1974-1979, 2013 | 231 | 2013 |
The hitchhiker’s guide to DNS cache poisoning S Son, V Shmatikov Security and Privacy in Communication Networks: 6th Iternational ICST …, 2010 | 170 | 2010 |
What Mobile Ads Know About Mobile Users. S Son, D Kim, V Shmatikov NDSS, 2016 | 117 | 2016 |
Cybercriminal Minds: An investigative study of cryptocurrency abuses in the Dark Web SS Seunghyeon Lee, Changhoon Yoon, Heedo Kang, Yeonkeun Kim, Yongdae Kim ... Network & Distributed System Security Symposium 2019, 2019 | 108* | 2019 |
Rolecast: finding missing security checks when you do not know what checks are S Son, KS McKinley, V Shmatikov Proceedings of the 2011 ACM international conference on Object oriented …, 2011 | 106 | 2011 |
Fix Me Up: Repairing Access-Control Bugs in Web Applications. S Son, KS McKinley, V Shmatikov NDSS, 2013 | 105 | 2013 |
The Postman Always Rings Twice: Attacking and Defending postMessage in HTML5 Websites. S Son, V Shmatikov NDSS, 2013 | 103 | 2013 |
Montage: A neural network language {Model-Guided}{JavaScript} engine fuzzer S Lee, HS Han, SK Cha, S Son 29th USENIX Security Symposium (USENIX Security 20), 2613-2630, 2020 | 95 | 2020 |
Diglossia: detecting code injection attacks with precision and efficiency S Son, KS McKinley, V Shmatikov Proceedings of the 2013 ACM SIGSAC conference on computer & communications …, 2013 | 95 | 2013 |
SAFERPHP: Finding semantic vulnerabilities in PHP applications S Son, V Shmatikov Proceedings of the ACM SIGPLAN 6th Workshop on Programming Languages and …, 2011 | 83 | 2011 |
Pride and Prejudice in Progressive Web Apps: Abusing Native App-like Features in Web Applications J Lee, H Kim, J Park, I Shin, S Son Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications …, 2018 | 52 | 2018 |
Revisiting binary code similarity analysis using interpretable feature engineering and lessons learned D Kim, E Kim, SK Cha, S Son, Y Kim IEEE Transactions on Software Engineering 49 (4), 1661-1682, 2022 | 37 | 2022 |
Doppelgängers on the Dark Web: A Large-scale Assessment on Phishing Hidden Web Services SS C Yoon, K Kim, Y Kim, S Shin The World Wide Web Conference, 2225--2235, 2019 | 25 | 2019 |
Who Spent My {EOS}? On the ({In) Security} of Resource Management of {EOS. IO} S Lee, D Kim, D Kim, S Son, Y Kim 13th USENIX workshop on offensive technologies (WOOT 19), 2019 | 25 | 2019 |
{FUGIO}: Automatic Exploit Generation for {PHP} Object Injection Vulnerabilities S Park, D Kim, S Jana, S Son 31st USENIX Security Symposium (USENIX Security 22), 197-214, 2022 | 20 | 2022 |
Link: Black-box detection of cross-site scripting vulnerabilities using reinforcement learning S Lee, S Wi, S Son Proceedings of the ACM Web Conference 2022, 743-754, 2022 | 17 | 2022 |
{AdCube}:{WebVR} Ad Fraud and Practical Confinement of {Third-Party} Ads H Lee, J Lee, D Kim, S Jana, I Shin, S Son 30th USENIX Security Symposium (USENIX Security 21), 2543-2560, 2021 | 17 | 2021 |
FUSE: Finding File Upload Bugs via Penetration Testing. T Lee, S Wi, S Lee, S Son NDSS, 2020 | 17 | 2020 |
Security analysis on practices of certificate authorities in the HTTPS phishing ecosystem D Kim, H Cho, Y Kwon, A Doupé, S Son, GJ Ahn, T Dumitras Proceedings of the 2021 ACM Asia Conference on Computer and Communications …, 2021 | 11 | 2021 |
Evaluating the robustness of trigger set-based watermarks embedded in deep neural networks S Lee, W Song, S Jana, M Cha, S Son IEEE Transactions on Dependable and Secure Computing, 2022 | 10 | 2022 |