Cristalli, S., Vignati, E., Bruschi, D., & Lanzi, A. (2018, September). Trusted Execution Path for Protecting Java Applications Against Deserialization of Untrusted Data. In International Symposium on Research in Attacks, Intrusions, and Defenses (pp. 445-464). Springer, Cham. Open paper website
Luca Buccioli, Stefano Cristalli, Edoardo Vignati, Lorenzo Nava, Daniele Badagliacca, Danilo Bruschi, Long Lu, and Andrea Lanzi. JChainz: Automatic Detection of Deserialization Attacks in the Java Environment. In LNCS Proceedings – ESORICS/STM 2022 Open conference website