publications

2024

1. UntrustIDE: Exploiting Weaknesses in VS Code Extensions

   Lin, Elizabeth,  Koishybayev, Igibek, Dunlap, Trevor, Enck, William, and Kapravelos, Alexandros

   In Network and Distributed System Security Symposium (NDSS 2024) Feb 2024

2023

1. ARGUS: A Framework for Staged Static Taint Analysis of GitHub Workflows and Actions

   Muralee, Siddharth,  Koishybayev, Igibek, Nahapetyan, Aleksandr, Tystahl, Greg, Reaves, Brad, Bianchi, Antonio, Enck, William, Kapravelos, Alexandros, and Machiry, Aravind

   In 32nd USENIX Security Symposium (USENIX Security 23) Aug 2023

2022

1. yoU aRe a Liar://A Unified Framework for Cross-Testing URL Parsers

   Ajmani, Dashmeet Kaur,  Koishybayev, Igibek, and Kapravelos, Alexandros

   In Proceedings of the IEEE SecWeb Workshop Jun 2022
2. Characterizing the Security of Github CI Workflows

   Koishybayev, Igibek, Nahapetyan, Aleksandr, Zachariah, Raima, Muralee, Siddharth, Reaves, Bradley, Kapravelos, Alexandros, and Machiry, Aravind

   In 31st USENIX Security Symposium (USENIX Security 22) Aug 2022

2020

1. Mininode: Reducing the Attack Surface of Node.js Applications

   Koishybayev, Igibek, and Kapravelos, Alexandros

   In 23rd International Symposium on Research in Attacks, Intrusions and Defenses (RAID 2020) Oct 2020