You are here
Avinash Sudhodanan is a final year PhD student at University of Trento and a Junior Researcher at the Security & Trust Unit of Fondazione Bruno Kessler (FBK). He is pursuing an industrial doctorate in the context of the SECENTIS project. The topic of his PhD is "Automatic Security Testing of Browser-Based Security Protocols". His research is jointly supervised by Alessandro Armando (FBK), Roberto Carbone (FBK) and Luca Compagna (SAP Labs France). He received his Masters in Cyber Security (graduated in 2013) and Bachelors in Computer Science and Engineering (graduated in 2011) from Amrita Vishwa Vidyapeetham University, India. He has spoken at various top security conferences such as NDSS, OWASP AppSec Europe, IEEE Euro S&P etc. His research has led to the discovery of many serious security vulnerabilities in top web sites. He has also received bug bounties and/or honorable mentions from Microsoft, Yahoo, Pinterest, Open SAP etc.
- Avinash Sudhodanan, Alessandro Armando, Roberto Carbone, and Luca Compagna, Attack Patterns for Black-Box Security Testing of Multi-Party Web Applications, in Network & Distributed System Security Symposium (NDSS), February 2016. (acceptance rate: 15.4%) [Bibtex, PDF, Slides]
- Avinash Sudhodanan, Nicolas Dolgin, Umberto Morelli, Roberto Carbone, Luca Compagna and Alessandro Armando, Large-Scale Analysis & Detection of Authentication Cross-Site Request Forgeries, in IEEE European Symposium on Security and Privacy (EuroS&P), April 2017. (acceptance rate: 19.5%)
- Avinash Sudhodanan, Alessandro Armando, Roberto Carbone, and Luca Compagna, Attack Patterns for Black-Box Detection of Logical Vulnerabilities in Multi-Party Web Applications, in OWASP AppSec Europe, June 2016 [Slides, Video]
- Avinash Sudhodanan and Luca Compagna, Black-box Security Testing of Cross-Domain Web Apps, Developer Faire Booth in SAP DKOM Karlsruhe (January 2016) and SAP DKOM Silicon Valley (February 2016)