Publications

  • Automated Feature Extraction for Website Fingerprinting through Deep Learning
    Vera Rimmer, Davy Preuveneers, Marc Juarez, Tom Van Goethem, Wouter Joosen
    In Proceedings of the 25th Network and Distributed System Security Symposium (NDSS), 2018. (to appear)
  • Herding Vulnerable Cats: a Statistical Approach to Disentangle Joint Responsibility for Web Security in Shared Hosting
    Samaneh Tajalizadehkhoob, Tom Van Goethem, Maciej Korczyński, Arman Noroozian, Rainer Böhme, Tyler Moore, Wouter Joosen, Michel van Eeten
    In Proceedings of the 24th ACM SIGSAC Conference on Computer and Communications Security (CCS), 2017.
    Cite
    X
    Cite
    Chicago Tajalizadehkhoob, Samaneh, Van Goethem, Tom, Korczyński, Maciej, Noroozian, Arman, Böhme, Rainer, Moore, Tyler, Joosen, Wouter, van Eeten, Michel. "Herding Vulnerable Cats: a Statistical Approach to Disentangle Joint Responsibility for Web Security in Shared Hosting." In Proceedings of the 24th ACM SIGSAC Conference on Computer and Communications Security, ACM, 2017.
    BibTeX
    @inproceedings{tajalizadehkhoob2017herding,
      title={Herding Vulnerable Cats: a Statistical Approach to Disentangle Joint Responsibility for Web Security in Shared Hosting},
      author={Tajalizadehkhoob, Samaneh and Van Goethem, Tom and Korczy{\'n}ski, Maciej and Noroozian, Arman and B{\"o}hme, Rainer and Moore, Tyler and Joosen, Wouter and van Eeten, Michel},
      booktitle={Proceedings of the 24th ACM SIGSAC Conference on Computer and Communications Security},
      year={2017},
      organization={ACM}
    }
    
  • The Wolf of Name Street: Hijacking Domains through their Nameservers
    Thomas Vissers, Timothy Barron, Tom Van Goethem, Wouter Joosen, Nick Nikiforakis
    In Proceedings of the 24th ACM SIGSAC Conference on Computer and Communications Security (CCS), 2017.
    Cite
    X
    Cite
    Chicago Vissers, Thomas, Barron, Timothy, Van Goethem, Tom, Wouter Joosen, and Nick Nikiforakis. "The Wolf of Name Street: Hijacking Domains through their Nameservers." In Proceedings of the 24th ACM SIGSAC Conference on Computer and Communications Security, ACM, 2017.
    BibTeX
    @inproceedings{vissers2017thewolf,
      title={The Wolf of Name Street: Hijacking Domains through their Nameservers},
      author={Vissers, Thomas and Barron, Timothy and Van Goethem, Tom and Joosen, Wouter and Nikiforakis, Nick},
      booktitle={Proceedings of the 24th ACM SIGSAC Conference on Computer and Communications Security},
      year={2017},
      organization={ACM}
    }
    
  • One Side-Channel to Bring Them All and in the Darkness Bind Them: Associating Isolated Browsing Sessions
    Tom Van Goethem, Wouter Joosen
    11th USENIX Workshop on Offensive Technologies (WOOT), 2017
    Cite
    X
    Cite
    Chicago Van Goethem, Tom, and Wouter Joosen. "One Side-Channel to Bring Them All and in the Darkness Bind Them: Associating Isolated Browsing Sessions." In WOOT. 2017.
    BibTeX
    @inproceedings{van2017one,
      title={One Side-Channel to Bring Them All and in the Darkness Bind Them: Associating Isolated Browsing Sessions},
      author={Van Goethem, Tom and Joosen, Wouter},
      booktitle={WOOT},
      year={2017}
    }
  • Request and Conquer: Exposing Cross-Origin Resource Size
    Tom Van Goethem, Mathy Vanhoef, Frank Piessens, Wouter Joosen
    25th USENIX Security Symposium (USENIX Security), 2016
    Cite
    X
    Cite
    Chicago Van Goethem, Tom, Mathy Vanhoef, Frank Piessens, and Wouter Joosen. "Request and Conquer: Exposing Cross-Origin Resource Size." In Proceedings of the 25th USENIX Security Symposium. 2016.
    BibTeX
    @incollection{van2016request,
      title={Request and Conquer: Exposing Cross-Origin Resource Size},
      author={Van Goethem, Tom and Vanhoef, Mathy and Piessens, Frank and Joosen, Wouter},
      booktitle={Proceedings of the 25th USENIX Security Symposium},
      year={2016}
    }
  • HEIST: HTTP Encrypted Information can be Stolen through TCP-windows
    Tom Van Goethem, Mathy Vanhoef
    Black Hat USA, 2016
  • Accelerometer-based Device Fingerprinting for Multi-factor Mobile Authentication
    Tom Van Goethem, Wout Scheepers, Davy Preuveneers, Wouter Joosen
    Engineering Secure Software and Systems (ESSoS), 2016
    Cite
    X
    Cite
    Chicago Van Goethem, Tom, Wout Scheepers, Davy Preuveneers, and Wouter Joosen. "Accelerometer-Based Device Fingerprinting for Multi-factor Mobile Authentication." In Engineering Secure Software and Systems, pp. 106-121. Springer International Publishing, 2016.
    BibTeX
    @incollection{van2016accelerometer,
      title={Accelerometer-Based Device Fingerprinting for Multi-factor Mobile Authentication},
      author={Van Goethem, Tom and Scheepers, Wout and Preuveneers, Davy and Joosen, Wouter},
      booktitle={Engineering Secure Software and Systems},
      pages={106--121},
      year={2016},
      publisher={Springer}
    }
  • It's Free for a Reason: Exploring the Ecosystem of Free Live Streaming Services
    Zubair Rafique, Tom Van Goethem, Wouter Joosen, Christophe Huygens, Nick Nikiforakis
    In Proceedings of the 23rd Network and Distributed System Security Symposium (NDSS), 2016
    Cite
    X
    Cite
    Chicago Rafique, M. Zubair, Tom Van Goethem, Wouter Joosen, Christophe Huygens, and Nick Nikiforakis. "It’s Free for a Reason: Exploring the Ecosystem of Free Live Streaming Services." (2016).
    BibTeX
    @article{rafique2016s,
      title={It’s Free for a Reason: Exploring the Ecosystem of Free Live Streaming Services},
      author={Rafique, M Zubair and Van Goethem, Tom and Joosen, Wouter and Huygens, Christophe and Nikiforakis, Nick},
      year={2016}
    }
  • The Clock is Still Ticking: Timing Attacks in the Modern Web
    Tom Van Goethem, Wouter Joosen, Nick Nikiforakis
    In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security (CCS), 2015.
    Cite
    X
    Cite
    Chicago Van Goethem, Tom, Wouter Joosen, and Nick Nikiforakis. "The Clock is Still Ticking: Timing Attacks in the Modern Web." In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, pp. 1382-1393. ACM, 2015.
    BibTeX
    @inproceedings{van2015clock,
      title={The Clock is Still Ticking: Timing Attacks in the Modern Web},
      author={Van Goethem, Tom and Joosen, Wouter and Nikiforakis, Nick},
      booktitle={Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security},
      pages={1382--1393},
      year={2015},
      organization={ACM}
    }
  • Maneuvering Around Clouds: Bypassing Cloud-based Security Providers
    Thomas Vissers, Tom Van Goethem, Wouter Joosen, Nick Nikiforakis
    In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security (CCS), 2015.
    Cite
    X
    Cite
    Chicago Vissers, Thomas, Tom Van Goethem, Wouter Joosen, and Nick Nikiforakis. "Maneuvering Around Clouds: Bypassing Cloud-based Security Providers." In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, pp. 1530-1541. ACM, 2015.
    BibTeX
    @inproceedings{vissers2015maneuvering,
      title={Maneuvering Around Clouds: Bypassing Cloud-based Security Providers},
      author={Vissers, Thomas and Van Goethem, Tom and Joosen, Wouter and Nikiforakis, Nick},
      booktitle={Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security},
      pages={1530--1541},
      year={2015},
      organization={ACM}
    }
  • Clubbing Seals: Exploring the Ecosystem of Third-party Security Seals
    Tom Van Goethem, Frank Piessens, Wouter Joosen, Nick Nikiforakis
    In Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security (CCS), 2014.
    Cite
    X
    Cite
    Chicago Van Goethem, Tom, Frank Piessens, Wouter Joosen, and Nick Nikiforakis. "Clubbing Seals: Exploring the Ecosystem of Third-party Security Seals." In Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, pp. 918-929. ACM, 2014.
    BibTeX
    @inproceedings{van2014clubbing,
      title={Clubbing Seals: Exploring the Ecosystem of Third-party Security Seals},
      author={Van Goethem, Tom and Piessens, Frank and Joosen, Wouter and Nikiforakis, Nick},
      booktitle={Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security},
      pages={918--929},
      year={2014},
      organization={ACM}
    }
  • Large-scale Security Analysis of the Web: Challenges and Findings
    Tom Van Goethem, Ping Chen, Nick Nikiforakis, Lieven Desmet, Wouter Joosen
    In Proceedings of the 7th International Conference on Trust & Trustworthy Computing (TRUST), 2014.
    Cite
    X
    Cite
    Chicago Van Goethem, Tom, Ping Chen, Nick Nikiforakis, Lieven Desmet, and Wouter Joosen. "Large-scale security analysis of the web: Challenges and findings." In Proceedings of the 7th International Conference on Trust & Trustworthy Computing (TRUST 2014). 2014.
    BibTeX
    @inproceedings{van2014arge,
      title={Large-scale security analysis of the web: Challenges and findings},
      author={Van Goethem, Tom and Chen, Ping and Nikiforakis, Nick and Desmet, Lieven and Joosen, Wouter},
      booktitle={Proceedings of the 7th International Conference on Trust \& Trustworthy Computing (TRUST 2014)},
      year={2014}
    }

Talks

Contact

Email:
Address:
Celestijnenlaan 200A
3001, Heverlee
Belgium