Victor Le Pochat, Cameron Ballard, Lieven Desmet, Wouter Joosen, Damon McCoy, Tobias Lauinger
26th Passive and Active Measurement Conference (PAM 2025)
We monitor the deceptive affiliate marketing ecosystem from the vantage point of affiliates, collecting ground truth from 23 aggregators that list deceptive products and services.
Karel Dhondt, Victor Le Pochat, Yana Dimova, Wouter Joosen, Stijn Volckaert
33rd USENIX Security Symposium (USENIX Security 2024)
We analyze privacy risks in 15 location-based dating apps, asessing which personal and sensitive data is shared with other users, both as (intended) data exposure and as inadvertent API leaks, including exact user locations.
Victor Le Pochat, Simon Fernandez, Tom Van Goethem, Samaneh Tajalizadehkhoob, Lieven Desmet, Andrzej Duda, Wouter Joosen, Maciej Korczyński
8th Network Traffic Measurement and Analysis Conference (TMA 2024)
TMA 2024 Community Contribution Award
We evaluate how recent design decisions in ‘top sites’ rankings influence the composition and desired properties of passive DNS-based domain rankings.
Victor Le Pochat
Communications of the ACM (CACM 2024)
Sound research practices are crucial for having reliable and reproducible scientific results. In my Communications of the ACM Security column, I show why the research community should focus on studying those practices through meta-research.
Victor Le Pochat
Published in 2023
My PhD dissertation.
Victor Le Pochat, Wouter Joosen
16th Cyber Security Experimentation and Test Workshop (CSET 2023)
We apply a framework for categorizing meta-research work that analyzes cyber security research practices, with the goal of gaining a better understanding on the research community’s efforts to examine its own research practices.
Karel Dhondt, Victor Le Pochat, Alexios Voulimeneas, Wouter Joosen, Stijn Volckaert
2022 ACM Conference on Computer and Communications Security (CCS 2022)
2022 CNIL-Inria Privacy Protection Award Runner-up
We show that implementations of endpoint privacy zones by fitness tracking social networks remain vulnerable to inference attacks that reveal the sensitive location that those zones should protect.
Yana Dimova, Gertjan Franken, Victor Le Pochat, Wouter Joosen, Lieven Desmet
21st Workshop on Privacy in the Electronic Society (WPES 2022)
We analyze in depth and longitudinally how Facebook’s cookie-based tracking behavior and its communication about tracking have evolved from 2015 to 2022.
Victor Le Pochat, Laura Edelson, Tom Van Goethem, Wouter Joosen, Damon McCoy, Tobias Lauinger
31st USENIX Security Symposium (USENIX Security 2022)
Distinguished Paper Award
In this paper, we quantify whether Facebook’s current enforcement correctly identifies political ads and ensures compliance by advertisers.
Xander Bouwman, Victor Le Pochat, Pawel Foremski, Tom Van Goethem, Carlos H. Gañán, Giovane C. M. Moura, Samaneh Tajalizadehkhoob, Wouter Joosen, Michel van Eeten
31st USENIX Security Symposium (USENIX Security 2022)
In this paper, we track a volunteer security information sharing community to understand whether collaboration at scale leads to better coverage and whether making threat data freely available improves the ability of defenders to act.
Yana Dimova, Victor Le Pochat
Published in 2021
Privacy chapter of the 2021 Web Almanac covering adoption and impact of online tracking, privacy preference signals and browser initiatives for a privacy-friendlier web.
Pelayo Vallina, Victor Le Pochat, Álvaro Feal, Marius Paraschiv, Julien Gamba, Tim Burke, Oliver Hohlfeld, Juan Tapiador, Narseo Vallina-Rodriguez
2020 Internet Measurement Conference (IMC 2020)
In this paper, we study 13 domain classification services, and find that their coverage and accuracy varies significantly and may be lacking for applications in end-user solutions or academic research.
Victor Le Pochat, Tim Van hamme, Sourena Maroofi, Tom Van Goethem, Davy Preuveneers, Andrzej Duda, Wouter Joosen, Maciej Korczyński
27th Annual Network and Distributed System Security Symposium (NDSS 2020)
In this paper, we develop a model that automates the classification of registered domains generated by Domain Generation Algorithms of malware using the Avalanche bulletproof hosting service.
Victor Le Pochat, Tom Van Goethem, Wouter Joosen
12th USENIX Workshop on Cyber Security Experimentation and Test (CSET 2019)
This paper provides a longitudinal evaluation of Tranco, in order to make researchers aware of its properties.
Tom Van Goethem, Victor Le Pochat, Wouter Joosen
2019 ACM Asia Conference on Computer and Communications Security (AsiaCCS 2019)
This paper assesses how organizations apply security consistently across their web estate through a comparison of the desktop and mobile-first versions of their website.
Victor Le Pochat, Tom Van Goethem, Wouter Joosen
4th International Workshop on Traffic Measurements for Cybersecurity (WTMC 2019)
Distinguished Paper Award
This paper explores typosquatting that exploits typos on keyboard layouts other than the standard US English layout.
Victor Le Pochat, Tom Van Goethem, Wouter Joosen
20th Passive and Active Measurement Conference (PAM 2019)
This paper explores Internationalized Domain Names with genuine interest: domains for brands or phrases that contain accented letters.
Victor Le Pochat, Tom Van Goethem, Samaneh Tajalizadehkhoob, Maciej Korczyński, Wouter Joosen
26th Annual Network and Distributed System Security Symposium (NDSS 2019)
ACSAC 2022 Cybersecurity Artifacts Competition Impactful Dataset Award
This paper studies the properties of top websites rankings (e.g. the Alexa top 1 million), uncovers that these rankings can be manipulated on a large scale, and provides a new improved ranking: Tranco.
Victor Le Pochat, Tom Van Goethem, Wouter Joosen
10th International Symposium on Engineering Secure Software and Systems (ESSoS 2018)
This paper presents the potential of integrating visual analytics into the analysis process for web security studies, in order to make this process more efficient.
Victor Le Pochat, Tom Van Goethem, Wouter Joosen
19th Passive and Active Measurement Conference (PAM 2018)
This extended abstract sets out the challenges of integrating visual analytics into the analysis process for web security studies.