• CCS 2023 (to appear)
    Jack-in-the-box: An Empirical Study of JavaScript Bundling on the Web and its Security Implications
    Jeremy Rack, Cristian-Alexandru Staicu
  • USENIX Security 2023
    SandDriller: A Fully-Automated Approach for Testing Language-Based JavaScript Sandboxes
    Abdullah Alhamdan, Cristian-Alexandru Staicu
  • USENIX Security 2023
    Bilingual Problems: Studying the Security Risks Incurred by Native Extensions in Scripting Languages
    Cristian-Alexandru Staicu, Sazzadur Rahaman, Ágnes Kiss, Michael Backes
  • USENIX Security 2023
    Silent Spring: Prototype Pollution Leads to Remote Code Execution in Node.js
    Mikhail Shcherbakov, Musard Balliu, Cristian-Alexandru Staicu
  • ICSE 2023
    SecBench.js: An Executable Security Benchmark Suite for Server-Side JavaScript
    Masudul Hasan Masud Bhuiyan, Adithya Srinivas Parthasarathy, Nikos Vasilakis, Michael Pradel, Cristian-Alexandru Staicu
  • CCS 2021
    Preventing Dynamic Library Compromise on Node.js via RWX-Based Privilege Reduction
    Nikos Vasilakis, Cristian-Alexandru Staicu, Grigoris Ntousakis, Konstantinos Kallas, Ben Karel, André DeHon, Michael Pradel
  • ICSE 2020
    Extracting Taint Specifications for JavaScript Libraries
    Cristian-Alexandru Staicu, Martin Toldam Torp, Max Schäfer, Anders Møller, Michael Pradel
    (paper, poster)
  • PhD Thesis (2020)
    Enhancing the Security and Privacy of Full-Stack JavaScript Web Applications
    advised by Prof. Dr. Michael Pradel
    (thesis, presentation)
  • USENIX Security 2019
    Leaky Images: Targeted Privacy Attacks in the Web
    Cristian-Alexandru Staicu, Michael Pradel
  • USENIX Security 2019
    Small World with High Risks: A Study of Security Threats in the npm Ecosystem
    Markus Zimmermann, Cristian-Alexandru Staicu, Cam Tenny, Michael Pradel
    (paper, reviewed by The Morning Paper)
  • The Web Conference 2019
    Anything to Hide? Studying Minified and Obfuscated Code in the Web
    Philippe Skolka, Cristian-Alexandru Staicu, Michael Pradel
    (paper, presentation, dataset)
  • PLAS@CCS 2019
    An Empirical Study of Information Flows in Real-World JavaScript
    Cristian-Alexandru Staicu, Daniel Schoepe, Musard Balliu, Michael Pradel, Andrei Sabelfeld
    (paper, presentation)
  • USENIX Security 2018
    Freezing the Web: A Study of ReDoS Vulnerabilities in JavaScript-based Web Servers
    Cristian-Alexandru Staicu, Michael Pradel
    (paper, presentation, video, reviewed by Bleeping Computer, Naked Security and TU Darmstadt website)
  • NDSS 2018
    Synode: Understanding and Automatically Preventing Injection Attacks on Node.js
    Cristian-Alexandru Staicu, Michael Pradel, Ben Livshits
    (paper, presentation, video, reviewed by The Morning Paper)
  • ASE 2017
    Saying 'Hi!' Is Not Enough: Mining Inputs for Effective Test Generation
    Luca Della Toffola, Cristian-Alexandru Staicu, Michael Pradel
  • CSUR 2017
    A Survey of Dynamic Analysis and Test Generation for JavaScript
    Esben Andreasen, Liang Gong, Anders Møller, Michael Pradel, Marija Selakovic, Koushik Sen, Cristian-Alexandru Staicu
  • SSBSE 2016
    Search Based Clustering for Protecting Software with Diversified Updates
    Mariano Ceccato, Paolo Falcarin, Alessandro Cabutto, Yosief Weldezghi Frezghi, Cristian-Alexandru Staicu
  • ICSE 2016
    Nomen Est Omen: Exploring and Exploiting Similarities between Argument and Parameter Names
    Hui Liu, Qiurong Liu, Cristian-Alexandru Staicu, Michael Pradel, Yue Luo
    (paper, presentation)
  • PLDI Student Research Competition 2015
    An Empirical Study of Implicit Information Flow
    Cristian-Alexandru Staicu
    (poster, presentation)
  • Master Thesis (2014)
    Evaluation of HIMMO with Long Identifiers, an Extension of the HIMMO Key Establishment Scheme
    work done during an internship at Philips Research Eindhoven, supervised by Dr. Oscar García Morchon and Prof. Dr. Andreas Peter
    (thesis, presentation)
  • Bachelor Thesis (2011)
    SherlockJ - Unealta de Depanarea Statistic a Programelor Java (in Romanian)
    supervised by Prof. Dr. Marius Minea
    (thesis, presentation)