My name is Marco Squarcina, I’m a postdoctoral researcher at TU Wien. My research interests focus on web security, but I’m passionate about computer security and hacking in its broadest sense. I play and organise CTFs under the nickname “lavish” as a member of WE_0WN_Y0U, mhackeroni and formerly c00kies. Before relocating to Austria I served as a coach for the national cybersecurity team in Italy to compete in the ENISA European Cyber Security Challenge.

Roles

PostDoc Researcher

Contact

Publications

2021

The Remote on the Local: Exacerbating Web Attacks Via Service Workers Caches / M. Squarcina, S. Calzavara, M. Maffei / Talk: 15th IEEE Workshop on Offensive Technologies, San Francisco, CA, USA; 2021-05-27; in: "IEEE Security and Privacy Workshops", (2021), 432 - 443
Can I Take Your Subdomain? Exploring Same-Site Attacks in the Modern Web / M. Squarcina, M. Tempesta, L. Veronese, S. Calzavara, M. Maffei / Talk: 30th USENIX Security Symposium, Online; 2021-08-11 - 2021-08-13; in: "30th USENIX Security Symposium", 30th USENIX Security Symposium, USENIX Security 2021, August 11-13, 2021, (2021), 2917 - 2934

2020

The Remote on the Local: Exacerbating Web Attacks Via Service Workers Caches in Progressive Web Applications / D. Somé, M. Squarcina, S. Calzavara, M. Maffei / Talk: EuroS&P 2020 SecWeb Workshop, Genova, IT; 2020-09-11

2019

Postcards from the Post-HTTP World: Amplification of HTTPS Vulnerabilities in the Web Ecosystem / S. Calzavara, R. Focardi, M. Nemec, A. Rabitti, M. Squarcina / in: "2019 IEEE Symposium on Security and Privacy (SP)", issued by: IEEE; IEEE, 2019, ISBN: 978-1-5386-6661-6, 281 - 298
Gathering of robots in a ring with mobile faults / S. Das, R. Focardi, F. Luccio, E. Markou, M. Squarcina / Theoretical Computer Science, Volume 764 (2019), Volume 764; 42 pages

2018

Mind Your Keys? A Security Evaluation of Java Keystores / R. Focardi, M. Squarcina, G. Steel, M. Palmarini, M. Tempesta / Talk: Network and Distributed System Security Symposium (NDSS), San Diego; 2018-02-18 - 2018-02-21; in: "Proceedings of 2019 Network and Distributed System Security Symposium", (2018), ISBN: 1-891562-49-5; 1 - 15
Surviving the Web: A Journey into Web Session Security (Extended Abstract) / S. Calzavara, M. Squarcina, R. Focardi, M. Tempesta / in: "Proceedings of the 2018 World Wide Web Conference", issued by: International World Wide Web Conferences Steering Committee Republic and Canton of Geneva, Switzerland ©2018; ACM, Schwitzerland, 2018, ISBN: 978-1-4503-5640-4, 451 - 455
WPSE: Fortifying Web Protocols via Browser-Side Security Monitoring / S. Calzavara, M. Maffei, C. Schneidewind, M. Tempesta, M. Squarcina / in: "Proceedings of the 27th USENIX Security Symposium", 27th; issued by: USENIX Association Berkley, CA, USA; USENIX, 2018, ISBN: 978-1-931971-46-1, 1493 - 1510

2017

Run-Time Attack Detection in Cryptographic APIs / M. Squarcina, R. Focardi / Talk: IEEE Computer Security Foundations Symposium, Santa Barbara, USA; 2017-08-21 - 2017-08-25; in: "Run-Time Attack Detection in Cryptographic APIs", IEEE Xplore Digital Library, (2017), ISBN: 978-1-5386-3217-8; 176 - 188
Surviving the Web: A Journey into Web Session Security / S. Calzavara, M. Squarcina, M. Tempesta, R. Focardi / Acm Computing Surveys, Volume 50 Issue 1 (2017), 13; 1 - 34