Giancarlo Pellegrino: Home

Giancarlo Pellegrino
353 Serra Mall
Gates Computer Science Building, Room 495
Stanford CA 94305
US
gpellegrino@cispa.saarland / gpellegrino@stanford.edu
Follow @tgianko

I am a visiting Assistant Professor at Stanford University and Independent Research Group Leader at CISPA (Center for IT Security, Privacy, and Accountability). Before that I was postdoc in the System Security group at CISPA and during my doctoral studies I was member of the S3 group at EURECOM in Sophia-Antipolis (France) under the supervision of Davide Balzarotti. Until August 2013, I worked as researcher associate in the "Security and Trust" group at the SAP research labs.

Research

My main research interests include, but are not limited to, web security, dynamic program analysis, and automated vulnerability analysis. I create techniques and build automated tools to detect and study vulnerabilities in the next generation application software.

I also study the life-cycle of vulnerabilities with empirical and large-scale analyses. In particular, I am interested at solving the shortcomings between the identification of vulnerabilities and their resolution.

Services

PC member at Usenix Security (2019)
PC member at ACM CCS (2018)
PC member at ACSAC (2018, 2017)
PC membre at ASIA CCS (2019)
PC membre at EuroSec (2019)
PC member at Usenix (WOOT 2018)
PC member at ACM CCS Poster (2016)
PC member at IWCC (2016, 2015)
PC member at DEPEND (2016, 2015)
PC member at WTMC (2016)
PC member at STAST (2014)
PC member at NBiS (2014)
Publicity chair for ACM CCS (2017)
PC (co-)chair at SECTEST2015
Journal reviewer for ACM Computing Surveys, IEEE Transactions on Cloud Computing (TCC), and Transactions on Dependable and Secure Computing (TDSC)

Presentations and Talks

Deemon: Detecting CSRF with Dynamic Analysis and Property Graphs, ITASEC Italian Conference on Cybersecurity, Milan, Italy, February 2018
slides
Compression Bombs Strike Back, BeNeLux OWASP Day 2016, Leuven, Belgium, November 25, 2016
slides
Compression Bombs Strike Back, OWASP AppSec Europe '16, Rome, Italy, June 27 - July 01, 2016
slides
Business Logic Vulnerabilities in eCommerce Web Applications, OWASP Europe Tour 2013, Biot Sophia Antipolis, France, June 24, 2013
slides