| Small World with High Risks: A Study of Security Threats in the npm Ecosystem M Zimmermann, CA Staicu, C Tenny, M Pradel USENIX Security Symposium, 2019 | 308 | 2019 |
| Synode: Understanding and automatically preventing injection attacks on Node.js CA Staicu, M Pradel, B Livshits Proceedings of Network & Distributed System Security Symposium (NDSS), 2018 | 143 | 2018 |
| Freezing the web: A study of ReDoS vulnerabilities in JavaScript-based web servers CA Staicu, M Pradel USENIX Security Symposium, 2018 | 139 | 2018 |
| A survey of dynamic analysis and test generation for JavaScript E Andreasen, L Gong, A Møller, M Pradel, M Selakovic, K Sen, CA Staicu ACM Computing Surveys (CSUR) 50 (5), 1-36, 2017 | 106 | 2017 |
| Anything to hide? Studying minified and obfuscated code in the web P Skolka, CA Staicu, M Pradel The World Wide Web Conference, 1735-1746, 2019 | 78 | 2019 |
| Nomen est omen: Exploring and exploiting similarities between argument and parameter names H Liu, Q Liu, CA Staicu, M Pradel, Y Luo Proceedings of the 38th International Conference on Software Engineering …, 2016 | 66 | 2016 |
| Extracting taint specifications for JavaScript libraries CA Staicu, MT Torp, M Schäfer, A Møller, M Pradel Proceedings of the 42nd International Conference on Software Engineering (ICSE), 2020 | 54 | 2020 |
| An empirical study of information flows in real-world JavaScript CA Staicu, D Schoepe, M Balliu, M Pradel, A Sabelfeld Proceedings of the 14th ACM SIGSAC Workshop on Programming Languages and …, 2019 | 52 | 2019 |
| Silent Spring: Prototype Pollution Leads to Remote Code Execution in Node.js M Shcherbakov, M Balliu, CA Staicu USENIX Security Symposium, 2023 | 42 | 2023 |
| Preventing dynamic library compromise on Node.js via RWX-based privilege reduction N Vasilakis, CA Staicu, G Ntousakis, K Kallas, B Karel, A DeHon, ... Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications …, 2021 | 41 | 2021 |
| Saying ‘hi!’ is not enough: Mining inputs for effective test generation L Della Toffola, CA Staicu, M Pradel Proceedings of the 32nd IEEE/ACM International Conference on Automated …, 2017 | 35 | 2017 |
| SampleFix: learning to correct programs by sampling diverse fixes H Hajipour, A Bhattacharyya, CA Staicu, M Fritz Joint European Conference on Machine Learning and Knowledge Discovery in …, 2021 | 34* | 2021 |
| Leaky images: Targeted privacy attacks in the web CA Staicu, M Pradel 28th USENIX Security Symposium (USENIX Security 19), 923-939, 2019 | 20 | 2019 |
| SecBench.js: An Executable Security Benchmark Suite for Server-Side JavaScript M Bhuiyan, A Srinivas, N Vasilakis, M Pradel, CA Staicu International Conference on Software Engineering (ICSE), 2023 | 18 | 2023 |
| Bilingual problems: Studying the security risks incurred by native extensions in scripting languages CA Staicu, S Rahaman, Á Kiss, M Backes USENIX Security Symposium, 2023 | 17 | 2023 |
| Search based clustering for protecting software with diversified updates M Ceccato, P Falcarin, A Cabutto, YW Frezghi, CA Staicu Search Based Software Engineering: 8th International Symposium, SSBSE 2016 …, 2016 | 11 | 2016 |
| Jack-in-the-box: An Empirical Study of JavaScript Bundling on the Web and its Security Implications J Rack, CA Staicu Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications …, 2023 | 10 | 2023 |
| SimSCOOD: Systematic Analysis of Out-of-Distribution Generalization in Fine-tuned Source Code Models H Hajipour, N Yu, CA Staicu, M Fritz Findings of the Association for Computational Linguistics: NAACL 2024, 1400-1416, 2024 | 8* | 2024 |
| SandDriller: A Fully-Automated Approach for Testing Language-Based JavaScript Sandboxes A Alhamdan, CA Staicu 32nd USENIX Security Symposium (USENIX Security 23), 3457-3474, 2023 | 8 | 2023 |
| Welcome to Jurassic Park: A Comprehensive Study of Security Risks in Deno and its Ecosystem A Alhamdan, CA Staicu CISPA, 2025 | | 2025 |
Michael PradelProfessor of Computer Science, Head of Software Lab, University of StuttgartGeverifieerd e-mailadres voor iste.uni-stuttgart.de