SSOScan: Automated testing of web applications for single sign-on vulnerabilities Y Zhou, D Evans 23rd USENIX Security Symposium (USENIX Security 14), San Diego, CA, 2014 | 130 | 2014 |
Explicating SDKs: Uncovering Assumptions Underlying Secure Authentication and Authorization Y Zhou, R Wang, S Chen, S Qadeer, D Evans, Y Gurevich Proceedings of the 22nd USENIX Security Symposium, 2013 | 128* | 2013 |
Why aren’t HTTP-only cookies more widely deployed Y Zhou, D Evans Proceedings of 4th Web 2.0 Security and Privacy Workshop, 2010 | 63 | 2010 |
Understanding and Monitoring Embedded Web Scripts Y Zhou, D Evans The 35th IEEE Symposium on Security and Privacy, 2015 | 36 | 2015 |
Betrayed by Your Dashboard: Discovering Malicious Campaigns via Web Analytics O Starov, Y Zhou, X Zhang, N Miramirkhani, N Nikiforakis WWW 2018, 2018 | 29 | 2018 |
Identifying implicit assumptions associated with a software product R Wang, Y Zhou, S Chen, S Qadeer, Y Gurevich US Patent 9,372,785, 2016 | 25 | 2016 |
Protecting private web content from embedded scripts Y Zhou, D Evans Computer Security–ESORICS 2011: 16th European Symposium on Research in …, 2011 | 24 | 2011 |
Unsupervised Clustering for Identification of Malicious Domain Campaigns M Weber, J Wang, Y Zhou The 1st Radical and Experiential Security Workshop (RESEC 2018), 2018 | 13 | 2018 |
Detecting malicious campaigns in obfuscated JavaScript with scalable behavioral analysis O Starov, Y Zhou, J Wang WTMC 2019 (IEEE S&P Workshop), 2019 | 7 | 2019 |
Malicious website discovery using web analytics identifiers O Starov, Y Zhou, X Zhang, F Liu US Patent 10,931,688, 2021 | 2 | 2021 |
Improved Fuzzy Set Information Retrieval Approach on Duplicate Webpage Detection Y Zhou, Z Liu, B Deng, L Xing Journal of Information and Computational Science 6 (2), 1033-1041, 2009 | 2 | 2009 |
RedactDOM: Preventing Sensitive Data Leaking through Embedded Scripts L Chen, Y Zhou, D Evans | | |