| Content security problems? evaluating the effectiveness of content security policy in the wild S Calzavara, A Rabitti, M Bugliesi Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications …, 2016 | 61 | 2016 |
| Mitch: A machine learning approach to the black-box detection of CSRF vulnerabilities S Calzavara, M Conti, R Focardi, A Rabitti, G Tolomei 2019 IEEE European Symposium on Security and Privacy (EuroS&P), 528-543, 2019 | 39 | 2019 |
| Semantics-based analysis of content security policy deployment S Calzavara, A Rabitti, M Bugliesi ACM Transactions on the Web (TWEB) 12 (2), 1-36, 2018 | 39 | 2018 |
| Postcards from the post-http world: Amplification of https vulnerabilities in the web ecosystem S Calzavara, R Focardi, M Nemec, A Rabitti, M Squarcina 2019 IEEE Symposium on Security and Privacy (SP), 281-298, 2019 | 30 | 2019 |
| A tale of two headers: A formal analysis of inconsistent click-jacking protection on the web S Calzavara, S Roth, A Rabitti, M Backes, B Stock | 23 | 2020 |
| Testing for integrity flaws in web sessions S Calzavara, A Rabitti, A Ragazzo, M Bugliesi Computer Security–ESORICS 2019: 24th European Symposium on Research in …, 2019 | 19 | 2019 |
| Machine learning for web vulnerability detection: the case of cross-site request forgery S Calzavara, M Conti, R Focardi, A Rabitti, G Tolomei IEEE Security & Privacy 18 (3), 8-16, 2020 | 16 | 2020 |
| Sub-session hijacking on the web: Root causes and prevention S Calzavara, A Rabitti, M Bugliesi Journal of Computer Security 27 (2), 233-257, 2019 | 15 | 2019 |
| CCSP: Controlled Relaxation of Content Security Policies by Runtime Policy Composition. S Calzavara, A Rabitti, M Bugliesi USENIX Security Symposium, 695-712, 2017 | 11 | 2017 |
| Compositional typed analysis of ARBAC policies S Calzavara, A Rabitti, M Bugliesi 2015 IEEE 28th Computer Security Foundations Symposium, 33-45, 2015 | 9 | 2015 |
| The Security Lottery: Measuring {Client-Side} Web Security Inconsistencies S Roth, S Calzavara, M Wilhelm, A Rabitti, B Stock 31st USENIX Security Symposium (USENIX Security 22), 2047-2064, 2022 | 7 | 2022 |
| Static detection of collusion attacks in ARBAC-based workflow systems S Calzavara, A Rabitti, E Steffinlongo, M Bugliesi 2016 IEEE 29th Computer Security Foundations Symposium (CSF), 458-470, 2016 | 6 | 2016 |
| Dr Cookie and Mr Token-Web Session Implementations and How to Live with Them. S Calzavara, A Rabitti, M Bugliesi ITASEC, 2018 | 5 | 2018 |
| Formal verification of Liferay RBAC S Calzavara, A Rabitti, M Bugliesi Engineering Secure Software and Systems: 7th International Symposium, ESSoS …, 2015 | 4 | 2015 |
| Measuring web session security at scale S Calzavara, H Jonker, B Krumnow, A Rabitti Computers & Security 111, 102472, 2021 | 3 | 2021 |
| A Hard Lesson: Assessing the HTTPS Deployment of Italian University Websites. S Calzavara, R Focardi, A Rabitti, L Soligo ITASEC, 93-104, 2020 | 1 | 2020 |
| You Call This Archaeology? Evaluating Web Archives for Reproducible Web Security Measurements F Hantke, S Calzavara, M Wilhelm, A Rabitti, B Stock | | 2023 |
| You Call This Archaeology? Evaluating Web Archives for Reproducible Web Security Measurements S Calzavara, F Hantke, M Wilhelm, A Rabitti, B Stock | | 2023 |
| Cryptographic Web Applications: from Security Engineering to Formal Analysis M Bugliesi, S Calzavara, A Rabitti Handbook of Formal Analysis and Verification in Cryptography, 2022 | | 2022 |
| Semantically Sound Analysis of Content Security Policies S Calzavara, A Rabitti, M Bugliesi Formal Techniques for Distributed Objects, Components, and Systems: 39th …, 2019 | | 2019 |
