My name is Oleksii Starov (or Alex Starov), and I’m a security researcher, scientist and philosopher. My research focuses on proactive and data-driven Web security and malicious URL detection.
Currently, I’m proud to manage innovative Web Security Research team at Palo Alto Networks, where I have an honor to work with the brightest researchers and engineers on protecting Web users against sophisticated cyberattacks.
Before joining PAN in 2018, I received my PhD in Computer Science from Stony Brook University, New York. I was working in the PragSec Lab, advised by Professor Nick Nikiforakis.
Earlier, in 2013 I got my MS degree in Software Engineering from East Carolina University, USA, and MS in Computer Engineering from National Aerospace University βKhAIβ, Ukraine. Both with university honors.
Recently, I joined πΊπ¦ No Name Podcast, where we run a series of international interviews to support Ukraine and discuss urgent cybersecurity topics. We #StandWithUkraine
Please find below my selected academic publications and community service. You can also search for “Starov” among Unit42 blogs for some of research my team worked on or participated in.
RECENT PUBLICATIONS
- (NEW) “PhishInPatterns: Measuring Elicited User Interactions at Scale on Phishing Websites,” Karthika Subramani, William Melicher, Oleksii Starov, Phani Vadrevu, and Roberto Perdisci β in Proceedings of ACM Internet Measurement Conference (IMC), 2022.
- “Catching Transparent Phish: Analyzing and Detecting MITM Phishing Toolkits,” Brian Kondracki, Babak Amin Azad, Oleksii Starov, and Nick Nikiforakis β in Proceedings of ACM Conference on Computer and Communications Security (CCS), 2021.
- “Innocent Until Proven Guilty (IUPG): Building Deep Learning Models with Embedded Robustness to Out-Of-Distribution Content,” Brody Kutt, William Hewlett, Oleksii Starov, Yuchen Zhou β in Proceedings of the 4th Deep Learning and Security Workshop (DLS), 2021.
- “Fingerprinting in Style: Detecting Browser Extensions via Injected Style Sheets,” Pierre Laperdrix, Oleksii Starov, Quan Chen, Alexandros Kapravelos, and Nick Nikiforakis β in Proceedings of the USENIX Security Symposium (USENIX Security), 2021.
- “Web Runner 2049: Evaluating Third-Party Anti-bot Services,” Babak Amin Azad, Oleksii Starov, Pierre Laperdrix, and Nick Nikiforakis β in Proceedings of the 17th Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), 2020.
- “Taming The Shape Shifter: Detecting Anti-fingerprinting Browsers,” Babak Amin Azad, Oleksii Starov, Pierre Laperdrix, and Nick Nikiforakis β in Proceedings of the 17th Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), 2020.
- “Everyone is Different: Client-side Diversification for Defending Against Extension Fingerprinting,” Erik Trickel, Oleksii Starov, Alexandros Kapravelos, Nick Nikiforakis, and Adam DoupΓ© β in Proceedings of the 28th USENIX Security Symposium, 2019.
- “Detecting Malicious Campaigns in Obfuscated JavaScript with Scalable Behavioral Analysis,” Oleksii Starov, Yuchen Zhou, Jun Wang β in Proceedings of the 4th International Workshop on Traffic Measurements for Cybersecurity (WTMC), 2019.
- “Unnecessarily Identifiable: Quantifying the fingerprintability of browser extensions due to bloat,” Oleksii Starov, Pierre Laperdrix, Alexandros Kapravelos, and Nick Nikiforakis β in Proceedings of the Web Conference (TheWebConf/WWW), 2019.
- βPrivacyMeter: Designing and Developing a Privacy-Preserving Browser Extension,β Oleksii Starov and Nick Nikiforakis β in Proceedings of the 10th International Symposium on Engineering Secure Software and Systems (ESSoS) 2018.
- βBetrayed by Your Dashboard: Discovering Malicious Campaigns via Web Analytics,β Oleksii Starov, Yuchen Zhou, Xiao Zhang, Najmeh Miramirkhani, Nick Nikiforakis β in Proceedings of the Web Conference (TheWebConf/WWW), 2018.
- βHindsight: Understanding the Evolution of UI Vulnerabilities in Mobile Browsers,β Meng Luo, Oleksii Starov, Nima Honarmand, Nick Nikiforakis β in Proceedings of the 24th ACM Conference on Computer and Communications Security (CCS), 2017.
- βXHOUND: Quantifying the Fingerprintability of Browser Extensions,β Oleksii Starov, Nick Nikiforakis β in Proceedings of the 38th IEEE Symposium on Security and Privacy (IEEE S&P), 2017.
- βExtended Tracking Powers: Measuring the Privacy Diffusion Enabled by Browser Extensions,β Oleksii Starov, Nick Nikiforakis β in Proceedings of the 26th International World Wide Web Conference (WWW), 2017.
- βDial One for Scam: A Large-Scale Analysis of Technical Support Scams,β Najmeh Miramirkhani, Oleksii Starov, Nick Nikiforakis β in Proceedings of the 24th Network and Distributed System Security Symposium (NDSS), 2017. (Distinguished Paper Award!)
- βNo Honor Among Thieves: A Large-Scale Analysis of Malicious Web Shells,β Oleksii Starov, Johannes Dahse, Syed Sharique Ahmad, Thorsten Holz, Nick Nikiforakis β in Proceedings of the 25th International World Wide Web Conference (WWW), 2016.
- βMeasuring and Mitigating AS-level Adversaries against Tor,β Rishab Nithyanand, Oleksii Starov, Adva Zairy, Phillipa Gill, Michael Schapira β in Proceedings of the Network and Distributed System Security Symposium (NDSS), 2016. (Selected to CSAWβ16 finals)
- βAre You Sure You Want to Contact Us? Quantifying the Leakage of PII via Website Contact Forms,β Oleksii Starov, Phillipa Gill, Nick Nikiforakis β in Proceedings of the 16th Privacy Enhancing Technologies Symposium (PETS), 2016. (Honorable mention)
- βOn the Privacy Practices of Just Plain Sites,β Amirhossein Aleyasen, Oleksii Starov, Alyssa Phung Au, Allan Schiffman, Jeff Shrager β in Proceedings of the Workshop on Privacy in the Electronic Society (WPES), 2015.
COMMUNITY SERVICE
- ACM CCS 2023: Program Committee Member
- ACSAC 2023: Program Committee Member
- WTMC 2023: Program Committee Member
- ACSAC 2022: Program Committee Member
- WTMC 2022: Program Committee Member
- NoNameCon 2021: Program Committee Member
- MADWeb 2021: Program Committee Chair
- WTMC 2021: Program Committee Member
- PETS 2021: External Reviewer
- NoNameCon 2020: Program Committee Member
- PETS 2020: External Reviewer
- MADWeb 2020: Program Committee Chair
- LEMINCS 2019: Program Committee Member
- NoNameCon 2019: Program Committee Member
- PETS 2019: External Reviewer
- UA-CTF 2018: Co-creator & Organizer
- CSAW 2018: One of the Final Judges for Applied Research Competition
- UISGCON 2018: Organizing Committee Member / CTF Master
- NoNameCon 2018: Program Committee Member
- PETS 2018: External Reviewer
- IET Information Security: Several reviews in 2017-2018
CONTACTS
- Email: ostarov[at]paloaltonetworks[dot]com or ostarov[at]cs[dot]stonybrook[dot]edu
- Twitter: @o_starov