2020 Nomination for Most Innovative Research
Web Cache Deception in the Wild
This work extended the exploitability of the Web Cache Deception (WCD) attack by developing novel attack techniques. The work demonstrated that variations of the path confusion technique make it possible to exploit sites which are otherwise not impacted by the original attack. Findings showed that many popular sites remain vulnerable two years after the public disclosure of WCD. The paper was published at USENIX Security Symposium 2020.