PUBLICATIONS

CONFERENCE PROCEEDINGS

Ex-Ray: Detection of History-Leaking Browser Extensions

Michael Weissbacher, Enrico Mariconti, Guillermo Suarez-Tangil, Gianluca Stringhini, William Robertson, and Engin Kirda
Proceedings of the 2017 Annual Computer Security Applications Conference (ACSAC)
San Juan, Puerto Rico, 4-8 December 2017

Marmite: Spreading Malicious File Reputation Through Download Graphs

Gianluca Stringhini, Yun Shen, Yufei Han, Xiangliang Zhang
Proceedings of the 2017 Annual Computer Security Applications Conference (ACSAC)
San Juan, Puerto Rico, 4-8 December 2017

POISED: Spotting Twitter Spam Off the Beaten Paths

Shirin Nilizadeh, Francois Labreche, Alireza Sadighian, Jose Fernandez, Christopher Kruegel, Gianluca Stringhini, and Giovanni Vigna
Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security (CCS)
Dallas, TX, 30 October-3 November 2017

The Web Centipede: Understanding How Web Communities Influence Each Other Through the Lens of Mainstream and Alternative News Sources

Savvas Zannettou, Tristan Caulfield, Emiliano De Cristofaro, Nicolas Kourtellis, Ilias Leontiadis, Michael Sirivianos, Gianuca Stringhini, and Jeremy Blackburn
Proceedings of hte 2017 ACM SIGCOMM Internet Measurement conference (IMC)
London, United Kingdom, 1-3 November 2017
Press Coverage: Nature, The Atlantic, La Repubblica (in Italian), Ansa (in Italian), Sky News, Hacker News, BoingBoing, Phys.org, Naked Security

Hate is not binary: Studying abusive behavior of #GamerGate on Twitter

Despoina Chatzakou, Nicolas Kourtellis, Jeremy Blackburn, Emiliano De Cristofaro, Gianluca Stringhini, and Athena Vakali
Proceedings of the 2017 ACM Conference on Hypertext and Social Media (HyperText)
Prague, Czech Republic, 4-7 July 2017

Mean Birds: Detecting Aggression and Bullying on Twitter

Despoina Chatzakou, Nicolas Kourtellis, Jeremy Blackburn, Emiliano De Cristofaro, Gianluca Stringhini, and Athena Vakali
Proceedings of the 2017 International ACM Web Science Conference (WebSci)
Troy, NY, 26-28 June 2017

All Your Cards Are Belong To Us: Understanding Online Carding Forums

Andreas Haslebacher, Jeremiah Onaolapo, and Gianluca Stringhini
Proceedings of the 2017 APWG eCrime Symposium
Scottsdale, AZ, 25-27 April 2017 - Best Paper Award

Kek, Cucks, and God Emperor Trump: A Measurement Study of 4chan's Politically Incorrect Forum and its Effects on the Web

Gabriel Emile Hine, Jeremiah Onaolapo, Emiliano De Cristofaro, Nicolas Kourtellis, Ilias Leontiadis, Riginos Samaras, Gianluca Stringhini, and Jeremy Blackburn
Proceedings of the 2017 International Conference on Web and Social Media (ICWSM)
Montreal, Canada, 16-18 May 2017 - Best Paper Nominee
Press coverage: Nature, La Repubblica (in Italian), L'Unita' (in Italian), Ansa (in Italian), Sky News, Motherboard, The Independent, The Conversation, MIT Technology Review, Motherboard, La Stampa (in Italian), La Repubblica (in Italian), BoingBoing, Pacific Standard, The New European, BoingBoing

PayBreak: Defense against cryptographic ransomware

Eugene Kolodenker, William Koch, Gianluca Stringhini, and Manuel Egele
Proceedings of the 2017 ACM Asia Conference on Computer and Communications Security (ASIACCS)
Abu Dhabi, UAE, 2-6 April 2017

What's in a Name? Understanding Profile Name Reuse on Twitter

Enrico Mariconti, Jeremiah Onaolapo, Syed Sharique Ahmad, Nicolas Nikiforou, Manuel Egele, Nick Nikiforakis, and Gianluca Stringhini
Proceedings of the 2017 International World Wide Web Conference (WWW)
Perth, Australia, 3-7 April 2017

Kissing Cuisines: Exploring Worldwide Culinary Habits on the Web

Sina Sajadmanesh, Sina Jafarzadeh, Seyed Ali Ossia, Hamid R. Rabiee, Hamed Haddadi, Yelena Mejova, Mirco Musolesi, Emiliano De Cristofaro, and Gianluca Stringhini
Proceedings of the 2017 International World Wide Web Conference (WWW), Web Science Track
Perth, Australia, 3-7 April 2017
Press coverage: MIT Technology Review, The Independent, Sciences et Avenir (in French)

MaMaDroid: Detecting Android Malware by Building Markov Chains of Behavioral Models

Enrico Mariconti, Lucky Onwuzurike, Panagiotis Andriotis, Emiliano De Cristofaro, Gordon Ross, and Gianluca Stringhini
Proceedings of the 2017 ISOC Network and Distributed Systems Security Symposium (NDSS)
San Diego, CA, February 26-March 1 2017 - 2nd Place at the CSAW Europe Applied Research Award
Code

What Happens After You Are Pwnd: Understanding The Use of Leaked Webmail Credentials In The Wild

Jeremiah Onaolapo, Enrico Mariconti, and Gianluca Stringhini
Proceedings of the 2016 ACM SIGCOMM Internet Measurement Conference (IMC)
Santa Monica, CA, November 14-16 2016
Dataset, Code
Press coverage: BBC News, Huffington Post, The State of Security, Breachful

Are Payment Card Contracts Unfair?

Steven J. Murdoch, Ingolf Becker, Ruba Abu-Salma, Ross Anderson, Nicholas Bohm, Alice Hutchings, M. Angela Sasse, and Gianluca Stringhini
Proceedings of the 2016 Financial Cryptography and Data Security Conference
Barbados, February 22-26 2016
Dataset

Drops For Stuff: An Analysis Of Reshipping Mule Scams

Shuang Hao, Kevin Borgolte, Nick Nikiforakis, Gianluca Stringhini, Manuel Egele, Michael Eubanks, Brian Krebs, and Giovanni Vigna
Proceedings of the 2015 ACM Conference on Computer and Communications Security (CCS)
Denver, CO, October 12-16 2015
Press coverage: Krebs on Security, Schneier on Security

EvilCohort: Detecting Communities of Malicious Accounts on Online Services

Gianluca Stringhini, Pierre Mourlanne, Gregoire Jacob, Manuel Egele, Christopher Kruegel, and Giovanni Vigna
Proceedings of the 2015 USENIX Security Symposium
Washington, DC, 12-14 August 2015

That Ain't You: Blocking Spearphishing Through Behavioral Modelling

Gianluca Stringhini and Olivier Thonnard
Proceedings of the 2015 Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA)
Milan, Italy, 8-10 July 2015

Quit Playing Games With My Heart: Understanding Online Dating Scams

JingMin Huang, Gianluca Stringhini, and Peng Yong
Proceedings of the 2015 Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA)
Milan, Italy, 8-10 July 2015
Press coverage: Buzzfeed, Schneier on Security, The Young Turks

The Dark Alleys of Madison Avenue: Understanding Malicious Advertisements

Apostolis Zarras, Alexandros Kapravelos, Gianluca Stringhini, Thorsten Holz, Christopher Kruegel, and Giovanni Vigna
Proceedings of the 2014 Internet Measurement Conference (IMC)
Vancouver, BC, 5-7 November 2014
Press coverage: Infoworld

The Harvester, the Botmaster, and the Spammer: On the Relations Between the Different Actors in the Spam Landscape

Gianluca Stringhini, Oliver Hohlfeld, Christopher Kruegel, and Giovanni Vigna
Proceedings of the 2014 ACM Symposium on Information, Computer and Communications Security (ASIACCS)
Kyoto, Japan, 4-6 June 2014
Press coverage: Help Net Security, Slashdot,Threatpost, Deutschlandfunk (in German), Frankfurter Allgemeine Sonntagszeitung

Stranger Danger: Exploring the Ecosystem of Ad-based URL Shortening Services

Nick Nikiforakis, Federico Maggi, Gianluca Stringhini, M Zubair Rafique, Wouter Joosen, Christopher Kruegel, Frank Piessens, Giovanni Vigna, and Stefano Zanero
Proceedings of the 2014 International World Wide Web Conference (WWW)
Seoul, Korea, 7-11 April 2014
Press coverage: Brown Hat Security

Shady Paths: Leveraging Surfing Crowds to Detect Malicious Web Pages

Gianluca Stringhini, Christopher Kruegel, and Giovanni Vigna
Proceedings of the 2013 ACM Conference on Computer and Communication Security (CCS)
Berlin, Germany, 4-8 November 2013

Follow the Green: Growth and Dynamics in Twitter Followers Markets

Gianluca Stringhini, Gang Wang, Manuel Egele, Christopher Kruegel, Giovanni Vigna, Ben Y. Zhao, and Haitao Zheng
Proceedings of the 2013 Internet Measurement Conference (IMC)
Barcelona, Spain, 23-25 October 2013

Two Years of Short URLs Internet Measurement: Security Threats and Countermeasures

Federico Maggi, Alessandro Frossi, Gianluca Stringhini, Brett Stone-Gross, Christopher Kruegel, Giovanni Vigna, and Stefano Zanero
Proceedings of the 2013 International World Wide Web Conference (WWW)
Rio De Janeiro, Brazil, 13-17 May 2013

COMPA: Detecting Compromised Accounts on Social Networks

Manuel Egele, Gianluca Stringhini, Christopher Kruegel, and Giovanni Vigna
Proceedings of the 2013 ISOC Network and Distributed System Security Symposium (NDSS)
San Diego, CA, 24-27 February 2013
Press coverage: Threatpost, Coastlines - UCSB Alumni Association

B@bel: Leveraging Email Delivery for Spam Mitigation

Gianluca Stringhini, Manuel Egele, Apostolis Zarras, Thorsen Holz, Christopher Kruegel, and Giovanni Vigna
Proceedings of the 2012 USENIX Security Symposium
Bellevue, WA, 8-10 August 2012
MD5 checksums of the malware samples used for our experiments

Hit 'em Where it Hurts: A Live Security Exercise on Cyber Situational Awareness

Adam Doupe, Manuel Egele, Benjamin Caillat, Gianluca Stringhini, Gorkem Yakin, Ali Zand, Ludovico Cavedon, and Giovanni Vigna
Proceedings of the 2011 Annual Computer Security Applications Conference (ACSAC)
Orlando, FL, 5-9 December 2011

BotMagnifier: Locating Spambots on the Internet

Gianluca Stringhini, Thorsten Holz, Brett Stone-Gross, Christopher Kruegel, and Giovanni Vigna
Proceedings of the 2011 USENIX Security Symposium
San Francisco, CA, 8-12 August 2011

Detecting Spammers on Social Networks

Gianluca Stringhini, Christopher Kruegel, and Giovanni Vigna
Proceedings of the 2010 Annual Computer Security Applications Conference (ACSAC)
Austin, TX, 6-10 December 2010 - Best Student Paper Award
Press coverage: Darkreading

JOURNAL PAPERS

International Comparison of Bank Fraud Reimbursement: Customer Perceptions and Contractual Terms

Ingolf Becker, Alice Hutchings, Ruba Abu-Salma, Ross Anderson, Nicholas Bohm, Steven J. Murdoch, M. Angela Sasse and Gianluca Stringhini
In Journal of Cybersecurity
To appear

Dataset
Press coverage: The Register

Towards Detecting Compromised Accounts on Social Networks

Manuel Egele, Gianluca Stringhini, Christopher Kruegel, and Giovanni Vigna
Transactions on Dependable and Secure Computing (TDSC)
2015

Poultry Markets: On the Underground Economy of Twitter Followers

Gianluca Stringhini, Manuel Egele, Christopher Kruegel, and Giovanni Vigna
ACM SIGCOMM Computer Communication Review - Volume 42 Issue 4
August 2012

WORKSHOP PROCEEDINGS

The Cause of All Evils: Assessing Causality Between User Actions and Malware Activity

Enrico Mariconti, Jeremiah Onaolapo, Gordon Ross, and Gianluca Stringhini
Proceedings of the 2017 USENIX Workshop on Cyber Security Experimentation and Test (CSET)
Vancouver, BC, 14 August 2017

Class-based Prediction Errors to Categorize Text with Out-of-vocabulary Words

Joan Serra, Ilias Leontiadis, Dimitris Spathis, Gianluca Stringhini, Jeremy Blackburn, and Athena Vakali
Proceedings of the 2017 Workshop on Abusive Language (ALW)
Vancouver, BC, 4 August 2017

Flipping 419 Scams: Targeting the Weak and the Vulnerable

Gibson Mba, Jeremiah Onaolapo, Gianluca Stringhini, and Lorenzo Cavallaro
Proceedings of the 2017 International Workshop on Computational Methods for CyberSafety (CYBERSAFETY)
Perth, Australia, 3 April 2017

Measuring #GamerGate: A Tale of Hate, Sexism, and Bullying

Despoina Chatzakou, Nicolas Kourtellis, Jeremy Blackburn, Emiliano De Cristofaro, Gianluca Stringhini, and Athena Vakali
Proceedings of the 2017 International Workshop on Computational Methods for CyberSafety (CYBERSAFETY)
Perth, Australia, 3 April 2017

Ethical and Social Challenges with developing Automated Methods to Detect and Warn potential victims of Mass-marketing Fraud (MMF)

Monica whitty, Mike Edwards, Michael Levi, Claudia Peersman, Awais Rashid, Angela Sasse, Tom Sorell, and Gianluca Stringhini
Proceedings of the 2017 International Workshop on Computational Methods for CyberSafety (CYBERSAFETY)
Perth, Australia, 3 April 2017

Permissions Snapshots: Assessing Users' Adaptation to the Android Runtime Permission Model

Panagiotis Andriotis, M. Angela Sasse, and Gianluca Stringhini
To appear in the Proceedings of the 2016 IEEE International Workshop on Information Forensics and Security (WIFS)
Abu Dhabi, UAE, 7-8 December 2016

Honey Sheets: What Happens to Leaked Google Spreadsheets?

Martin Lazarov, Jeremiah Onaolapo, and Gianluca Stringhini
In Proceedings of the 2016 USENIX Workshop on Cyber Security Experimentation and Test (CSET)
Austin, TX, 8 August 2016
Dataset

What's your major threat? On the differences between the network behavior of targeted and commodity malware

Enrico Mariconti, Jeremiah Onaolapo, Gordon Ross, and Gianluca Stringhini
In Proceedings of the 2016 International Workshop on Malware Analysis (WMA)
Salzburg, Austria, 3 September 2016

Dataset

International Comparison of Bank Fraud Reimbursement: Customer Perceptions and Contractual Terms

Ingolf Becker, Alice Hutchings, Ruba Abu-Salma, Ross Anderson, Nicholas Bohm, Steven J. Murdoch, M. Angela Sasse and Gianluca Stringhini
In Proceedings of the 2016 Workshop on the Economics of Information Security (WEIS)
Berkeley, CA, 13-14 June 2016

Dataset
Press coverage: The Register

Why Allowing Profile Name Reuse Is A Bad Idea

Enrico Mariconti, Jeremiah Onaolapo, Syed Sharique Ahmad, Nicolas Nikiforou, Manuel Egele, Nick Nikiforakis, and Gianluca Stringhini
Proceedings of the 2016 European Workshop on System Security (EUROSEC)
London, UK, 18 April 2016

The Tricks of the Trade: What Makes Spam Campaigns Successful?

Jane Iedemska, Gianluca Stringhini, Richard Kemmerer, Christopher Kruegel, and Giovanni Vigna
Proceedings of the 2014 International Workshop on Cyber Crime (IWCC)
San Jose, CA, 18 May 2014
Press coverage: The Register

Poultry Markets: On the Underground Economy of Twitter Followers

Gianluca Stringhini, Manuel Egele, Christopher Kruegel, and Giovanni Vigna
Proceedings of the 2012 SIGCOMM Workshop on Online Social Networks (WOSN)
Helsinki, Finland, 16 August 2012

The Underground Economy of Spam: A Botmaster's Perspective of Coordinating Large-Scale Spam Campaigns

Brett Stone-Gross, Thorsten Holz, Gianluca Stringhini, and Giovanni Vigna
Proceedings of the 2011 USENIX Workshop on Large-Scale Exploits and Emerging Threats (LEET)
Boston, MA, 29 march 2011
Press coverage: Krebs on Security, CSO Online

DISSERTATION

Stepping Up the Cybersecurity Game: Protecting Online Services from Malicious Activity

Gianluca Stringhini
PhD Dissertation, University of California Santa Barbara
June 2014
Outstanding Dissertation Award, Department of Computer Science, UCSB

OTHERS AND UNREFEREED

What Happens After You Are Pwnd: Understanding The Use of Leaked Account Credentials In The Wild

Jeremiah Onaolapo, Enrico Mariconti, and Gianluca Stringhini
Technical Report, 2016

Master Of Puppets: Analyzing And Attacking A Botnet For Fun And Profit

Genki Saito and Gianluca Stringhini
Technical Report, 2015

On The Threats To Cloud-based Online Service Users

Gianluca Stringhini
Extended abstract, International Conference on High Performance Computing and Simulation (HPCS)
Amsterdam, Netherlands, 21 July 2015

Thinking Like They Do: An Inside Look at Cybercriminal Operations

Gianluca Stringhini
Presentation abstract, International Crime and Intelligence Analysis Conference
Manchester, UK, 26-27 February 2015

That Ain't You: Detecting Spearphishing Emails Before They Are Sent

Gianluca Stringhini and Olivier Thonnard
Technical Report, 2014