Evaluating the impact of design decisions on passive DNS-based domain rankings

Victor Le Pochat, Simon Fernandez, Tom Van Goethem, Samaneh Tajalizadehkhoob, Lieven Desmet, Andrzej Duda, Wouter Joosen, Maciej Korczyński

8th Network Traffic Measurement and Analysis Conference (TMA 2024)
TMA 2024 Community Contribution Award

We evaluate how recent design decisions in ‘top sites’ rankings influence the composition and desired properties of passive DNS-based domain rankings.

Download paper

Reflecting on Research Practices

Victor Le Pochat

Communications of the ACM (CACM 2024)

Sound research practices are crucial for having reliable and reproducible scientific results. In my Communications of the ACM Security column, I show why the research community should focus on studying those practices through meta-research.

Download paper

A Run a Day Won’t Keep the Hacker Away: Inference Attacks on Endpoint Privacy Zones in Fitness Tracking Social Networks

Karel Dhondt, Victor Le Pochat, Alexios Voulimeneas, Wouter Joosen, Stijn Volckaert

2022 ACM Conference on Computer and Communications Security (CCS 2022)
2022 CNIL-Inria Privacy Protection Award Runner-up

We show that implementations of endpoint privacy zones by fitness tracking social networks remain vulnerable to inference attacks that reveal the sensitive location that those zones should protect.

Download paper

An Audit of Facebook’s Political Ad Policy Enforcement

Victor Le Pochat, Laura Edelson, Tom Van Goethem, Wouter Joosen, Damon McCoy, Tobias Lauinger

31st USENIX Security Symposium (USENIX Security 2022)
Distinguished Paper Award

In this paper, we quantify whether Facebook’s current enforcement correctly identifies political ads and ensures compliance by advertisers.

Download paper

Helping hands: Measuring the impact of a large threat intelligence sharing community

Xander Bouwman, Victor Le Pochat, Pawel Foremski, Tom Van Goethem, Carlos H. Gañán, Giovane C. M. Moura, Samaneh Tajalizadehkhoob, Wouter Joosen, Michel van Eeten

31st USENIX Security Symposium (USENIX Security 2022)

In this paper, we track a volunteer security information sharing community to understand whether collaboration at scale leads to better coverage and whether making threat data freely available improves the ability of defenders to act.

Download paper

The 2021 Web Almanac: Privacy

Yana Dimova, Victor Le Pochat

Published in 2021

Privacy chapter of the 2021 Web Almanac covering adoption and impact of online tracking, privacy preference signals and browser initiatives for a privacy-friendlier web.

Read article

Mis-shapes, Mistakes, Misfits: An Analysis of Domain Classification Services

Pelayo Vallina, Victor Le Pochat, Álvaro Feal, Marius Paraschiv, Julien Gamba, Tim Burke, Oliver Hohlfeld, Juan Tapiador, Narseo Vallina-Rodriguez

2020 Internet Measurement Conference (IMC 2020)

In this paper, we study 13 domain classification services, and find that their coverage and accuracy varies significantly and may be lacking for applications in end-user solutions or academic research.

Download paper

A Practical Approach for Taking Down Avalanche Botnets Under Real-World Constraints

Victor Le Pochat, Tim Van hamme, Sourena Maroofi, Tom Van Goethem, Davy Preuveneers, Andrzej Duda, Wouter Joosen, Maciej Korczyński

27th Annual Network and Distributed System Security Symposium (NDSS 2020)

In this paper, we develop a model that automates the classification of registered domains generated by Domain Generation Algorithms of malware using the Avalanche bulletproof hosting service.

Download paper

Tranco: A Research-Oriented Top Sites Ranking Hardened Against Manipulation

Victor Le Pochat, Tom Van Goethem, Samaneh Tajalizadehkhoob, Maciej Korczyński, Wouter Joosen

26th Annual Network and Distributed System Security Symposium (NDSS 2019)
ACSAC 2022 Cybersecurity Artifacts Competition Impactful Dataset Award

This paper studies the properties of top websites rankings (e.g. the Alexa top 1 million), uncovers that these rankings can be manipulated on a large scale, and provides a new improved ranking: Tranco.

Download paper

Idea: Visual Analytics for Web Security

Victor Le Pochat, Tom Van Goethem, Wouter Joosen

10th International Symposium on Engineering Secure Software and Systems (ESSoS 2018)

This paper presents the potential of integrating visual analytics into the analysis process for web security studies, in order to make this process more efficient.

Download paper