A Run a Day Won’t Keep the Hacker Away: Inference Attacks on Endpoint Privacy Zones in Fitness Tracking Social Networks

Karel Dhondt, Victor Le Pochat, Alexios Voulimeneas, Wouter Joosen, Stijn Volckaert

Presented at 2022 ACM Conference on Computer and Communications Security (CCS 2022)
2022 CNIL-Inria Privacy Protection Award Runner-up

We show that implementations of endpoint privacy zones by fitness tracking social networks remain vulnerable to inference attacks that reveal the sensitive location that those zones should protect.

Download paper

Tracking the Evolution of Cookie-based Tracking on Facebook

Yana Dimova, Gertjan Franken, Victor Le Pochat, Wouter Joosen, Lieven Desmet

Presented at 21st Workshop on Privacy in the Electronic Society (WPES 2022)

We analyze in depth and longitudinally how Facebook’s cookie-based tracking behavior and its communication about tracking have evolved from 2015 to 2022.

Download paper

An Audit of Facebook’s Political Ad Policy Enforcement

Victor Le Pochat, Laura Edelson, Tom Van Goethem, Wouter Joosen, Damon McCoy, Tobias Lauinger

Presented at 31st USENIX Security Symposium (USENIX Security 2022)
Distinguished Paper Award

In this paper, we quantify whether Facebook’s current enforcement correctly identifies political ads and ensures compliance by advertisers.

Download paper

Helping hands: Measuring the impact of a large threat intelligence sharing community

Xander Bouwman, Victor Le Pochat, Pawel Foremski, Tom Van Goethem, Carlos H. Gañán, Giovane C. M. Moura, Samaneh Tajalizadehkhoob, Wouter Joosen, Michel van Eeten

Presented at 31st USENIX Security Symposium (USENIX Security 2022)

In this paper, we track a volunteer security information sharing community to understand whether collaboration at scale leads to better coverage and whether making threat data freely available improves the ability of defenders to act.

Download paper

The 2021 Web Almanac: Privacy

Yana Dimova, Victor Le Pochat

Published in 2021

Privacy chapter of the 2021 Web Almanac covering adoption and impact of online tracking, privacy preference signals and browser initiatives for a privacy-friendlier web.

Read article

Mis-shapes, Mistakes, Misfits: An Analysis of Domain Classification Services

Pelayo Vallina, Victor Le Pochat, Álvaro Feal, Marius Paraschiv, Julien Gamba, Tim Burke, Oliver Hohlfeld, Juan Tapiador, Narseo Vallina-Rodriguez

Presented at 2020 Internet Measurement Conference (IMC 2020)

In this paper, we study 13 domain classification services, and find that their coverage and accuracy varies significantly and may be lacking for applications in end-user solutions or academic research.

Download paper

A Practical Approach for Taking Down Avalanche Botnets Under Real-World Constraints

Victor Le Pochat, Tim Van hamme, Sourena Maroofi, Tom Van Goethem, Davy Preuveneers, Andrzej Duda, Wouter Joosen, Maciej Korczyński

Presented at 27th Annual Network and Distributed System Security Symposium (NDSS 2020)

In this paper, we develop a model that automates the classification of registered domains generated by Domain Generation Algorithms of malware using the Avalanche bulletproof hosting service.

Download paper

Tranco: A Research-Oriented Top Sites Ranking Hardened Against Manipulation

Victor Le Pochat, Tom Van Goethem, Samaneh Tajalizadehkhoob, Maciej Korczyński, Wouter Joosen

Presented at 26th Annual Network and Distributed System Security Symposium (NDSS 2019)
ACSAC 2022 Cybersecurity Artifacts Competition Impactful Dataset Award

This paper studies the properties of top websites rankings (e.g. the Alexa top 1 million), uncovers that these rankings can be manipulated on a large scale, and provides a new improved ranking: Tranco.

Download paper

Idea: Visual Analytics for Web Security

Victor Le Pochat, Tom Van Goethem, Wouter Joosen

Presented at 10th International Symposium on Engineering Secure Software and Systems (ESSoS 2018)

This paper presents the potential of integrating visual analytics into the analysis process for web security studies, in order to make this process more efficient.

Download paper

Towards Visual Analytics for Web Security Data

Victor Le Pochat, Tom Van Goethem, Wouter Joosen

Presented at 19th Passive and Active Measurement Conference (PAM 2018)

This extended abstract sets out the challenges of integrating visual analytics into the analysis process for web security studies.

Download paper