About me
I am a Postdoc at TU Wien, working in the Security & Privacy Research Unit since January 2021.
Before joining TU Wien, I completed a PhD in Computer Science at Chalmers University of Technology, where my supervisor was Andrei Sabelfeld and my co-supervisor was Daniel Hedin.
My research is within web security and programming languages, and my current research is to create tools for static analysis for verifying security properties in WebAssembly.
I also have an interest in information-flow control (IFC) and how it can be used to increase security by not allowing sensitive data to flow to undesired sinks.
During my PhD, I also worked on how users can protect their data online; be it from helping them block unwanted privacy-invasive content to limiting the effects installed software can have to identify them online.
Publications
-
SecWasm: Information Flow Control for WebAssembly
Iulia Bastys, Maximilian Algehed, Alexander Sjösten, Andrei Sabelfeld
Static Analysis Symposium (SAS)
Auckland, New Zeeland, December 2022
[PDF] [Full version with proofs]
-
EssentialFP: Exposing the Essence of Browser Fingerprinting
Alexander Sjösten, Daniel Hedin, Andrei Sabelfeld
SecWeb Workshop 2021
Vienna, Austria, September 2021
[PDF] [Additional material]
-
Filter List Generation for Underserved Regions
Alexander Sjösten, Peter Snyder, Antonio Pastor, Panagiotis Papadopoulos, Benjamin Livshits
The Web Conference (WWW)
Taipei, Taiwan, April 2020
[PDF]
-
Latex Gloves: Protecting Browser Extensions from Probing and Revelation Attacks
Alexander Sjösten, Steven Van Acker, Pablo Picazo-Sanchez, Andrei Sabelfeld
Network and Distributed System Security Symposium (NDSS)
San Diego, CA, USA, February 2019
[PDF]
-
Information Flow Tracking for Side-effectful Libraries
Alexander Sjösten, Daniel Hedin, Andrei Sabelfeld
International Conference on Formal Techniques for Distributed Objects, Components, and Systems (FORTE)
Madrid, Spain, June 2018
[PDF] [Additional material]
-
A Principled Approach to Tracking Information Flow in the Presence of Libraries
Daniel Hedin, Alexander Sjösten, Frank Piessens, Andrei Sabelfeld
International Conference on Principles of Security and Trust (POST)
Uppsala, Sweden, April 2017
[PDF] [Additional material]
-
Discovering Browser Extensions via Web Accessible Resources
Alexander Sjösten, Steven Van Acker, Andrei Sabelfeld
Proceedings of the ACM Conference on Data and Applications Security and Privacy (CODASPY)
Scottsdale, AZ, USA, March 2017
[PDF] [Additional material]
Theses
Teaching
At TU Wien, I am currently a teaching assistant in the following courses:
- Formal Methods for Security and Privacy (192.059)
- Introduction to Security (184.783 and 192.082)
Past teaching
While at Chalmers, I supervised two BSc. theses and one MSc. thesis, and was a teaching assistant in the following courses:
- Language-Based Security (TDA602/TDA601/DIT103/DIT101)
- Principles of Concurrent Programming (TDA384/DIT391)
- Introduction to Functional Programming (TDA555/DIT440)
- Datastructures (DIT960)
- Imperative Programming with Basic Object-orientation (DIT012)
- Object-oriented Software Development (DIT011)
- Object-oriented programming (TDA540 and TDA545 and DAT043)
- Introduction to Computer Programming (TDA600/DIT700)