My research focuses on web security, software security, language-based security, IoT security, and location privacy. I lead a team of researchers, engaged in a number of EU and national projects and collaborations with industry including Google, Facebook, Amazon, Microsoft, and SAP.

My (over 100) papers are published in venues that include flagships IEEE Security & Privacy, ACM CCS, USENIX Security, and NDSS. Most recent:

I serve on the steering committees of IEEE CSF (chair) and NordSec, and (over 100) program committees including IEEE Security & Privacy, ACM CCS, USENIX Security, and NDSS. Current/recent PCs:

I am recipient of Amazon Research Award (2022), Facebook Privacy-Enhancing Technologies Research Award (2021), Facebook Research Program Gift (2021), ERC Proof of Concept (2018), Facebook Research Program Gift (2016), Google Faculty Research Award (2016), ERC Starter/Consolidator (2012), Chalmers Research Supervisor of the year (2010), and SSF Future Research Leader (2008) awards.

Check out the security tools recently designed within my team: Spider-Scents, Black Widow, Input Validation Challenge, SandTrap, JSFlow, IFC Challenge, AutoNav, TOPPool, FlowIT, and more!

Check out our video on Securing Web Applications:

PhD students
  • Eric Olsson
  • Ivan Oleynikov
  • Mohammad Ahmadpanah
  • Benjamin Eriksson
  • Iulia Bastys
Postdocs
  • Pablo Picazo-Sanchez (2019-2021)
  • Musard Balliu (2014-17)
  • Steven Van Acker (2015-18)
  • Daniel Hedin (2010-14)
PhD students graduated
  • Alexander Sjösten
  • Daniel Schoepe
  • Elena Pagnin
  • Daniel Hausknecht
  • Per Hallgren
  • Luciano Bello
  • Willard Rafnsson
  • Arnar Birgisson
  • Jonas Magazinius
  • Aslan Askarov
  • Alejandro Russo