Lorenzo De Carli

This page lists my publications in reverse chronological order. Other nice lists are maintained by Google Scholar and DBLP.

2024

  • E. Wyss, D. Davidson, L. De Carli. What’s in a URL? An Analysis of Hardcoded URLs in npm Packages. ACM SCORED (CCS Workshop) 2024. [PDF] [Data]
    Workshop

Back to top ↑

2023

  • E. Wyss, L. De Carli, D. Davidson. (Nothing But) Many Eyes Make All Bugs Shallow. ACM SCORED (CCS Workshop) 2023. [PDF] [Data]
    Workshop
  • S. Bukhari, B. Tan, L. De Carli. Distinguishing AI- and Human-Generated Code: a Case Study. ACM SCORED (CCS Workshop) 2023. [PDF] [Data]
    Workshop
  • S. Neupane, G. Holmes, E. Wyss, D. Davidson, L. De Carli. Beyond Typosquatting: An In-depth Look at Package Confusion. USENIX Security 2023. [PDF] [Data]
    Conference
  • F. Tazi, S. Saka, G. Opp, S. Neupane, S. Das, L. De Carli, I. Ray. Accessibility Evaluation of IoT Android Mobile Companion Apps. CHI LBW Track 2023. [PDF] [Video]
    Workshop

Back to top ↑

2022

  • T. Ren, R. Williams, S. Ganguly, L. Lu, L. De Carli. Breaking Embedded Software Homogeneity with Protocol Mutations. EAI SecureComm 2022. [PDF] [Data] [Video]
    Conference
  • F. De Gaspari, D. Hitaj, G. Pagnotta, L. De Carli, L. V. Mancini. Reliable Detection of Compressed and Encrypted Data. Neural Computing and Applications (NCAA), July 2022. [PDF]
    Journal
  • S. Neupane, F. Tazi, U. Paudel, F. Veloz Baez, M. Adamjee, L. De Carli, S. Das, I. Ray. On the Data Privacy, Security, and Risk Postures of IoT Mobile Companion Apps. IFIP DBSec 2022. [PDF] [Data]
    Conference
  • E. Wyss, A. Wittman, D. Davidson, L. De Carli. Wolf at the Door: Preventing Install-Time Attacks in npm with Latch. ACM AsiaCCS 2022. [PDF] [Data]
    Conference
  • E. Wyss, L. De Carli, D. Davidson. What the Fork? Finding Hidden Code Clones in npm. IEEE/ACM ICSE 2022. [PDF] [Data] [Video]
    Conference
  • F. De Gaspari, D. Hitaj, G. Pagnotta, L. De Carli, L. V. Mancini. Evading Behavioral Classifiers: A Comprehensive Analysis on Evading Ransomware Detection Techniques. Neural Computing and Applications (NCAA), March 2022. [PDF]
    Journal
  • R. Williams, T. Ren, L. De Carli, L. Lu, G. Smith. Guided Feature Identification and Removal for Resource-Constrained Firmware. ACM Trans. Softw. Eng. Methodol. (TOSEM) 31, 2, April 2022. [PDF] [Data]
    Journal

Back to top ↑

2021

  • L. De Carli, E. Solovey, I. Ray. Stewardship of Smart Devices Security for the Aging Population. EuroUSEC 2021. :trophy: Honorary mention. [PDF]
    Conference
  • V. Bhosale, L. De Carli, I. Ray. Detection of Anomalous User Activity for Home IoT Devices. IoTBDS 2021. [PDF] [Data]
    Conference
  • T. Ren, A. Wittman, L. De Carli, D. Davidson. An Analysis of First-Party Cookie Exfiltration due to CNAME Redirections. madWEB (NDSS Workshop) 2021. :trophy: Best paper award runner-up. [PDF] [Data] [Video]
    Workshop

Back to top ↑

2020

  • E. Zhou, J. Turcotte, L. De Carli. Enabling Security Analysis of IoT Device-to-Cloud Traffic. IEEE TrustCom IWCSS Workshop 2020. [PDF] [Video]
    Workshop
  • L. De Carli, A. Mignano. Network Security for Home IoT Devices Must Involve the User: a Position Paper. FPS 2020. [PDF] [Video]
    Conference
  • M. Taylor, R. Vaidya, D. Davidson, L. De Carli, V. Rastogi. Defending Against Package Typosquatting. NSS 2020. [PDF] [Video]
    Conference
  • F. De Gaspari, D. Hitaj, G. Pagnotta, L. De Carli, L. V. Mancini. EnCoD: Distinguishing Compressed and Encrypted File Fragments. NSS 2020. [PDF]
    Conference
  • N. Hansen, L. De Carli, D. Davidson. Assessing Adaptive Attacks Against Trained JavaScript Classifiers. EAI SecureComm 2020. [PDF] [Video]
    Conference
  • F. De Gaspari, D. Hitaj, G. Pagnotta, L. De Carli, L. V. Mancini. The Naked Sun: Malicious Cooperation Between Benign-Looking Processes. ACNS 2020. [PDF] [Video]
    Conference
  • L. De Carli, I. Ray, E. Solovey. Enabling IoT Residential Security Stewardship for the Aging Population (Extended Abstract). ACM CHI Workshop "Designing Interactions for the Ageing Populations" 2020.
    Workshop

Back to top ↑

2019

  • R. K. Vaidya, L. De Carli, D. Davidson, V. Rastogi. Security Issues in Language-based Software Ecosystems. arXiv CoRR abs/1903.02613 2019. [PDF]
    Report

Back to top ↑

2017

  • L. De Carli, R. Torres, G. Modelo-Howard, A. Tongaonkar, S. Jha. Kali: Scalable Encryption Fingerprinting in Dynamic Malware Traces. MALCON 2017. [PDF]
    Conference
  • V. Rastogi, D. Davidson, L. De Carli, S. Jha, P. McDaniel. Cimplifier: Automatically Debloating Containers. ACM FSE 2017. [PDF]
    Conference
  • L. De Carli, R. Torres, G. Modelo-Howard, A. Tongaonkar, S. Jha. Botnet Protocol Inference in the Presence of Encrypted Traffic. IEEE INFOCOM 2017. [PDF]
    Conference

Back to top ↑

2014

  • R. Sommer, M. Vallentin, L. De Carli, V. Paxson. HILTI: An Abstract Execution Environment for Deep, Stateful Network Traffic Analysis. ACM IMC 2014. [PDF]
    Conference
  • T. Nowatzki, M. Sartin-Tarm, L. De Carli, K. Sankaralingam, C. Estan, B. Robatmili. A Scheduling Framework for Spatial Architectures Across Multiple Constraint-Solving Theories. ACM Trans. Program. Lang. Syst. (TOPLAS) 37, 1, November 2014.
    Journal
  • L. De Carli, R. Sommer, S. Jha. Beyond Pattern Matching: A Concurrency Model for Stateful Deep Packet Inspection. ACM CCS 2014. [PDF]
    Conference
  • D. Luchaup, L. De Carli, S. Jha, E. Bach. Deep Packet Inspection with DFA-trees and Parametrized Language Overapproximation. IEEE INFOCOM 2014. [PDF]
    Conference

Back to top ↑

2013

  • M. Sartin-Tarm, T. Nowatzki, L. De Carli, K. Sankaralingam, C. Estan. Constraint centric scheduling guide. ACM SIGARCH Computer Architecture News, Volume 41 Issue 2, May 2013.
    Journal
  • S. J. Kim, L. De Carli, K. Sankaralingam, C. Estan. SWSL: SoftWare Synthesis for Network Lookup. ACM/IEEE ANCS 2013. [PDF]
    Conference
  • T. Nowatzki, M. Sartin-Tarm, L. De Carli, K. Sankaralingam, C. Estan, B. Robatmili. A General Constraint-centric Scheduling Framework for Spatial Architectures. ACM PLDI 2013. :trophy: Distinguished paper award. [PDF]
    Conference

Back to top ↑

2012

  • E. Harris, S. Wasmundt, L. De Carli, K. Sankaralingam, C. Estan. LEAP: Latency- Energy- and Area-optimized Lookup Pipeline. ACM/IEEE ANCS 2012. [PDF]
    Conference

Back to top ↑

2011

  • B. Aggarwal, R. Bhagwan, L. De Carli, V. N. Padmanabhan, K. P. N. Puttaswamy. Deja Vu: Fingerprinting Network Problems. ACM CoNEXT 2011.
    Conference
  • N. Vaish, T. Kooburat, L. De Carli, K. Sankaralingam, C. Estan. Experiences in Co-designing a Packet Classification Algorithm and a Flexible Hardware Platform. ACM/IEEE ANCS 2011. [PDF]
    Conference

Back to top ↑

2010

  • A. Kumar, L. De Carli, S. J. Kim, M. de Kruijf, K. Sankaralingam, C. Estan, S. Jha. Design and Implementation of the PLUG Architecture for Programmable and Efficient Network Lookups. PACT 2010. [PDF]
    Conference

Back to top ↑

2009

  • L. De Carli, Y. Pan, A. Kumar, C. Estan, K. Sankaralingam. PLUG: Flexible Lookup Modules for Rapid Deployment of New Protocols in High-speed Routers. ACM SIGCOMM 2009. [PDF]
    Conference
  • A. Baldini, L. De Carli, F. Risso. Increasing Performances of TCP Data Transfers Through Multiple Parallel Connections. IEEE ISCC 2009.
    Conference

Back to top ↑