Sajjad Arshadhttps://scholar.google.com/citations?user=OUSMDbQAAAAJhttps://dl.acm.org/profile/81508698719https://twitter.com/sajjadiumhttps://www.wikidata.org/entity/Q112940007https://ieeexplore.ieee.org/author/38241651800Behzad OusatEsteban SchafirDuc C. HoangMohammad Ali TofighiCuong V. NguyenSajjad ArshadA. Selcuk UluagacAmin KharrazThe Matter of Captchas: An Analysis of a Brittle Security Feature on the Modern Web.1835-18462024WWWhttps://doi.org/10.1145/3589334.3645619conf/www/2024db/conf/www/www2024.html#OusatSHTNAUK24William BlairAndrea MambrettiSajjad ArshadMichael WeissbacherWilliam Robertson 0002Engin KirdaManuel EgeleHotFuzz: Discovering Temporal and Spatial Denial-of-Service Vulnerabilities Through Guided Micro-Fuzzing.33:1-33:35202225ACM Trans. Priv. Secur.4https://doi.org/10.1145/3532184https://www.wikidata.org/entity/Q112939950db/journals/tissec/tissec25.html#BlairMAW0KE22William BlairAndrea MambrettiSajjad ArshadMichael WeissbacherWilliam Robertson 0002Engin KirdaManuel EgeleHotFuzz: Discovering Algorithmic Denial-of-Service Vulnerabilities Through Guided Micro-Fuzzing.2020NDSShttps://www.ndss-symposium.org/ndss-paper/hotfuzz-discovering-algorithmic-denial-of-service-vulnerabilities-through-guided-micro-fuzzing/conf/ndss/2020db/conf/ndss/ndss2020.html#BlairMAW0KE20Seyed Ali MirheidariSajjad ArshadKaan OnarliogluBruno CrispoEngin KirdaWilliam Robertson 0002Cached and Confused: Web Cache Deception in the Wild.665-6822020USENIX Security Symposiumhttps://www.usenix.org/conference/usenixsecurity20/presentation/mirheidariconf/uss/2020db/conf/uss/uss2020.html#MirheidariAOCK020Sajjad ArshadUnderstanding and Mitigating the Security Risks of Content Inclusion in Web Browsers.2020abs/2001.03643CoRRhttps://arxiv.org/abs/2001.03643db/journals/corr/corr2001.html#abs-2001-03643William BlairAndrea MambrettiSajjad ArshadMichael WeissbacherWilliam K. RobertsonEngin KirdaManuel EgeleHotFuzz: Discovering Algorithmic Denial-of-Service Vulnerabilities Through Guided Micro-Fuzzing.2020abs/2002.03416CoRRhttps://arxiv.org/abs/2002.03416db/journals/corr/corr2002.html#abs-2002-03416Hossein Rahmani 0001Sajjad ArshadMohsen Ebrahimi MoghaddamA Disk Scheduling Algorithm Based on ANT Colony Optimization.2020abs/2003.00926CoRRhttps://arxiv.org/abs/2003.00926db/journals/corr/corr2003.html#abs-2003-00926Muhammad Ahmad BashirSajjad ArshadEngin KirdaWilliam K. RobertsonChristo WilsonA Longitudinal Analysis of the ads.txt Standard.294-3072019Internet Measurement Conferencehttps://doi.org/10.1145/3355369.3355603https://www.wikidata.org/entity/Q72092092conf/imc/2019db/conf/imc/imc2019.html#BashirAKRW19Seyed Ali MirheidariSajjad ArshadKaan OnarliogluBruno CrispoEngin KirdaWilliam K. RobertsonCached and Confused: Web Cache Deception in the Wild.2019abs/1912.10190CoRRhttp://arxiv.org/abs/1912.10190db/journals/corr/corr1912.html#abs-1912-10190Reza Mirzazade FarkhaniSaman JafariSajjad ArshadWilliam K. RobertsonEngin KirdaHamed OkhraviOn the Effectiveness of Type-based Control Flow Integrity.28-392018ACSAChttps://doi.org/10.1145/3274694.3274739https://www.wikidata.org/entity/Q112940058conf/acsac/2018db/conf/acsac/acsac2018.html#FarkhaniJARKO18Muhammad Ahmad BashirSajjad ArshadEngin KirdaWilliam K. RobertsonChristo WilsonHow Tracking Companies Circumvented Ad Blockers Using WebSockets.471-4772018Internet Measurement Conferencehttps://dl.acm.org/citation.cfm?id=3278573conf/imc/2018db/conf/imc/imc2018.html#BashirAKRW18Sajjad ArshadSeyed Ali MirheidariTobias LauingerBruno CrispoEngin KirdaWilliam K. RobertsonLarge-Scale Analysis of Style Injection by Relative Path Overwrite.237-2462018WWWhttps://doi.org/10.1145/3178876.3186090conf/www/2018db/conf/www/www2018.html#ArshadMLCKR18Reza Mirzazade FarkhaniSaman JafariSajjad ArshadWilliam K. RobertsonEngin KirdaHamed OkhraviOn the Effectiveness of Type-based Control Flow Integrity.2018abs/1810.10649CoRRhttp://arxiv.org/abs/1810.10649db/journals/corr/corr1810.html#abs-1810-10649Sajjad ArshadSeyed Ali MirheidariTobias LauingerBruno CrispoEngin KirdaWilliam K. RobertsonLarge-Scale Analysis of Style Injection by Relative Path Overwrite.2018abs/1811.00917CoRRhttp://arxiv.org/abs/1811.00917db/journals/corr/corr1811.html#abs-1811-00917Tobias LauingerAbdelberi ChaabaneSajjad ArshadWilliam K. RobertsonChristo WilsonEngin KirdaThou Shalt Not Depend on Me: Analysing the Use of Outdated JavaScript Libraries on the Web.2018abs/1811.00918CoRRhttp://arxiv.org/abs/1811.00918db/journals/corr/corr1811.html#abs-1811-00918Sajjad ArshadAmin KharrazWilliam K. RobertsonIdentifying Extension-based Ad Injection via Fine-grained Web Content Provenance.2018abs/1811.00919CoRRhttp://arxiv.org/abs/1811.00919db/journals/corr/corr1811.html#abs-1811-00919Muhammad Ahmad BashirSajjad ArshadWilliam K. RobertsonChristo WilsonTracing Information Flows Between Ad Exchanges Using Retargeted Ads.2018abs/1811.00920CoRRhttp://arxiv.org/abs/1811.00920db/journals/corr/corr1811.html#abs-1811-00920Seyed Ali MirheidariSajjad ArshadRasool JaliliAlert Correlation Algorithms: A Survey and Taxonomy.2018abs/1811.00921CoRRhttp://arxiv.org/abs/1811.00921db/journals/corr/corr1811.html#abs-1811-00921Seyed Ali MirheidariSajjad ArshadSaeidreza KhoshkdahanRasool JaliliA Comprehensive Approach to Abusing Locality in Shared Web Hosting Servers.2018abs/1811.00922CoRRhttp://arxiv.org/abs/1811.00922db/journals/corr/corr1811.html#abs-1811-00922Seyed Ali MirheidariSajjad ArshadSaeidreza KhoshkdahanRasool JaliliTwo Novel Server-Side Attacks against Log File in Shared Web Hosting Servers.2018abs/1811.00923CoRRhttp://arxiv.org/abs/1811.00923db/journals/corr/corr1811.html#abs-1811-00923Seyed Ali MirheidariSajjad ArshadSaeidreza KhoshkdahanPerformance Evaluation of Shared Hosting Security Methods.2018abs/1811.00924CoRRhttp://arxiv.org/abs/1811.00924db/journals/corr/corr1811.html#abs-1811-00924Sajjad ArshadMaghsoud AbbaspourMehdi KharraziHooman SanatkarAn Anomaly-based Botnet Detection Approach for Identifying Stealthy Botnets.2018abs/1811.00925CoRRhttp://arxiv.org/abs/1811.00925db/journals/corr/corr1811.html#abs-1811-00925Sajjad ArshadAmin KharrazWilliam K. RobertsonInclude Me Out: In-Browser Detection of Malicious Third-Party Content Inclusions.2018abs/1811.00926CoRRhttp://arxiv.org/abs/1811.00926db/journals/corr/corr1811.html#abs-1811-00926Tobias LauingerAbdelberi ChaabaneSajjad ArshadWilliam Robertson 0002Christo WilsonEngin KirdaThou Shalt Not Depend on Me: Analysing the Use of Outdated JavaScript Libraries on the Web.2017NDSShttps://www.ndss-symposium.org/ndss2017/ndss-2017-programme/thou-shalt-not-depend-me-analysing-use-outdated-javascript-libraries-web/conf/ndss/2017db/conf/ndss/ndss2017.html#LauingerCA0WK17Sajjad ArshadAmin KharrazWilliam Robertson 0002Include Me Out: In-Browser Detection of Malicious Third-Party Content Inclusions.441-4592016Financial Cryptographyhttps://doi.org/10.1007/978-3-662-54970-4_26conf/fc/2016db/conf/fc/fc2016.html#ArshadK016Muhammad Ahmad BashirSajjad ArshadChristo Wilson"Recommended For You": A First Look at Content Recommendation Networks.17-242016Internet Measurement Conferencehttp://dl.acm.org/citation.cfm?id=2987469conf/imc/2016db/conf/imc/imc2016.html#BashirAW16Sajjad ArshadAmin KharrazWilliam Robertson 0002Identifying Extension-Based Ad Injection via Fine-Grained Web Content Provenance.415-4362016RAIDhttps://doi.org/10.1007/978-3-319-45719-2_19conf/raid/2016db/conf/raid/raid2016.html#ArshadKR16Muhammad Ahmad BashirSajjad ArshadWilliam K. RobertsonChristo WilsonTracing Information Flows Between Ad Exchanges Using Retargeted Ads.481-4962016USENIX Security Symposiumhttps://www.usenix.org/conference/usenixsecurity16/technical-sessions/presentation/bashirconf/uss/2016db/conf/uss/uss2016.html#BashirARW16Amin KharrazSajjad ArshadCollin MullinerWilliam K. RobertsonEngin KirdaUNVEIL: A Large-Scale, Automated Approach to Detecting Ransomware.757-7722016USENIX Security Symposiumhttps://www.usenix.org/conference/usenixsecurity16/technical-sessions/presentation/kharazconf/uss/2016db/conf/uss/uss2016.html#KharrazAMRK16Seyed Ali MirheidariSajjad ArshadRasool JaliliAlert Correlation Algorithms: A Survey and Taxonomy.183-1972013CSShttps://doi.org/10.1007/978-3-319-03584-0_14conf/css/2013db/conf/css/css2013.html#MirheidariAJ13Seyed Ali MirheidariSajjad ArshadSaeidreza KhoshkdahanRasool JaliliA Comprehensive Approach to Abusing Locality in Shared Web Hosting Servers.1620-16252013TrustCom/ISPA/IUCChttps://doi.org/10.1109/TrustCom.2013.200https://doi.ieeecomputersociety.org/10.1109/TrustCom.2013.200conf/trustcom/2013db/conf/trustcom/trustcom2013.html#MirheidariAKJ13Seyed Ali MirheidariSajjad ArshadSaeidreza KhoshkdahanRasool JaliliTwo novel server-side attacks against log file in Shared Web Hosting servers.318-3232012ICITSThttps://ieeexplore.ieee.org/document/6470968/conf/icitst/2012db/conf/icitst/icitst2012.html#MirheidariAKJ12Seyed Ali MirheidariSajjad ArshadSaeidreza KhoshkdahanPerformance Evaluation of Shared Hosting Security Methods.1310-13152012TrustComhttps://doi.org/10.1109/TrustCom.2012.219https://doi.ieeecomputersociety.org/10.1109/TrustCom.2012.219conf/trustcom/2012db/conf/trustcom/trustcom2012.html#MirheidariAK12Hossein Rahmani 0001Sajjad ArshadMohsen Ebrahimi MoghaddamA Disk Scheduling Algorithm Based on ANT Colony Optimization.37-422009PDCCSconf/ISCApdcs/2009db/conf/ISCApdcs/pdccs2009.html#RahmaniAM09Maghsoud AbbaspourMuhammad Ahmad BashirWilliam BlairAbdelberi ChaabaneBruno CrispoManuel EgeleReza Mirzazade FarkhaniDuc C. HoangSaman JafariRasool JaliliAmin KharrazMehdi KharraziSaeidreza KhoshkdahanEngin KirdaTobias LauingerAndrea MambrettiSeyed Ali MirheidariMohsen Ebrahimi MoghaddamCollin MullinerViet Cuong NguyenCuong V. NguyenHamed OkhraviKaan OnarliogluBehzad OusatHossein Rahmani 0001William K. RobertsonWilliam Robertson 0002Hooman SanatkarEsteban SchafirMohammad Ali TofighiA. Selcuk UluagacMichael WeissbacherChristo Wilson