| Accurate Real-Time Labeling of Application Traffic | 2022 IEEE 47th Conference on Local Computer Networks (LCN) | SCOUT |
| DISTINCT: Identity Theft using In-Browser Communications in Dual-Window Single Sign-On | 2022 ACM SIGSAC Conference on Computer and Communications Security | SES |
| We Really Need to Talk About Session Tickets: A Large-Scale Analysis of Cryptographic Dangers with TLS Session Tickets | USENIX Security’23 | SEAN |
| Content-Type: multipart/oracle – Tapping into Format Oracles in Email End-to-End Encryption | USENIX Security’23 | SEAN |
| Every Signature is Broken: On the Insecurity of Microsoft Office’s OOXML Signatures | USENIX Security’23 | |
| Behind the Screens: The Security & Privacy Advice Landscape of Children in Grades 5 & 6 | WiPSCE’23 | SCOUT |
| Assessing the Security and Privacy of Baby Monitor Apps | Journal of Cybersecurity and Privacy | MedMax |
| Improving trace synthesis by utilizing computer vision for user action emulation | Forensic Science International: Digital Investigation | MedMax |
| Security Analysis of the 3MF Data Format | RAID’23 | |