1. home
  2. about
  3. publications
  4. blog

  • PickleBall: Secure Deserialization of Pickle-based Machine Learning Models
    Andreas D. Kellas, Neophytos Christou, Wenxin Jiang, Penghui Li, Laurent Simon, Yaniv David, Vasileios P. Kemerlis, James C. Davis, Junfeng Yang
    ACM Conference on Computer and Communications Security (CCS), Oct 2025.

  • QUACK: Hindering Deserialization Attacks via Static Duck Typing
    Yaniv David, Neophytos Christou, Andreas D. Kellas, Vasileios P. Kemerlis, and Junfeng Yang
    Network and Distributed System Security Symposium (NDSS), Feb 2024.

  • Divergent Representations: When Compiler Optimizations Enable Exploitation
    Andreas D. Kellas, Alan Cao, Peter Goodman, and Junfeng Yang
    IEEE Workshop on Offensive Technologies (WOOT), May 2023.

  • Timeloops: Automatic System Call Policy Learning for Containerized Microservices
    Meghna Pancholi, Andreas D. Kellas, Vasileios P. Kemerlis, and Simha Sethumadhavan
    ArXiv preprint arXiv:2204.06131, 2022.