The Andreas Pfitzmann Best Student Paper Award

I had the possibility to contribute to this world that is not as it should be. I hope I could help in some areas to make the world a better place, and that I could also encourage other people to be engaged in improving the world. Please, stay engaged. This world needs you, your love, your initiative –now I cannot be part of that anymore.   — Andreas Pfitzmann

Papers written solely or primarily by a student who is presenting the work at PETS are eligible for the award. Selection criteria include reviews by the program committee, the scientific quality of the final paper, the expected impact on the field, and the quality of the presentation.

2024

Award Chairs: Wouter Lueks (CISPA) and Damon McCoy (NYU)

Winners

MixMatch: Flow Matching for Mixnet Traffic
Lennart Oldenburg (COSIC, KU Leuven), Marc Juarez (University of Edinburgh), Enrique Argones Rúa (COSIC, KU Leuven), Claudia Diaz (COSIC, KU Leuven, and Nym Technologies, SA)

Client-side and Server-side Tracking on Meta: Effectiveness and Accuracy
Asmaa EL FRAIHI (CNRS, INRIA, Ecole Polytechnique), Nardjes AMIEUR (CNRS, INRIA, Ecole Polytechnique), Oana GOGA (CNRS, INRIA, Ecole Polytechnique), and Walter Rudametkin (INRIA)

Runners-up

Exploring the Privacy Experiences of Closeted Users of Online Dating Services in the US
Elijah Bouma-Sims (Carnegie Mellon University), Sanjnah Ananda Kumar (Carnegie Mellon University), Lorrie Faith Cranor (Carnegie Mellon University)

Media talks Privacy: Unraveling a Decade of Privacy Discourse around the World
Shujaat Mirza (New York University), Corban Villa (New York University Abu Dhabi), and Christina Poepper (New York University Abu Dhabi)

Over Fences and Into Yards: Privacy Threats and Concerns of Commercial Satellites
Rachel McAmis (University of Washington), Mattea Sim (University of Indiana Bloomington), Mia Bennett (University of Washington), Tadayoshi Kohno (University of Washington)

Interest-disclosing Mechanisms for Advertising are Privacy-Exposing (not Preserving)
Yohan Beugin (University of Wisconsin-Madison), Patrick McDaniel (University of Wisconsin-Madison)

2023

Award Chairs: Wouter Lueks (CISPA) and Nina Taft (Google)

Winners

Researchers’ Experiences in Analyzing Privacy Policies: Challenges and Opportunities
Abraham Mhaidli (University of Michigan), Selin Fidan (University of Michigan), An Doan (University of Michigan), Gina Herakovic (University of Michigan), Mukund Srinath (Penn State University), Lee Matheson (Future for Privacy Forum), Shomir Wilson (Penn State University), and Florian Schaub (University of Michigan)

Lox: Protecting the Social Graph in Bridge Distribution
Lindsey Tulloch (University of Waterloo), Ian Goldberg (University of Waterloo)

Everybody's Looking for SSOmething: A large-scale evaluation on the privacy of OAuth authentication on the web
Yana Dimova (imec-DistriNet), Tom Van Goethem (Google), and Wouter Joosen (imec-DistriNet)

Runners-up

Convolutions in Overdrive: Maliciously Secure Convolutions for MPC
Marc Rivinius (University of Stuttgart), Pascal Reisert (University of Stuttgart), Sebastian Hasler (University of Stuttgart), Ralf Küsters (University of Stuttgart)

Not Your Average App: A Large-scale Privacy Analysis of Android Browsers
Amogh Pradeep (Northeastern University), Álvaro Feal (IMDEA Networks Institute / Universidad Carlos III de Madrid), Julien Gamba (IMDEA Networks Institute / Universidad Carlos III de Madrid), Ashwin Rao (University of Helsinki), Martina Lindorfer (TU Wien), Narseo Vallina-Rodriguez (IMDEA Networks Institute / AppCensus Inc.), David Choffnes (Northeastern University)

Story Beyond the Eye: Glyph Positions Break PDF Text Redaction
Maxwell Bland (University of Illinois, Urbana-Champaign), Anushya Iyer (University of Illinois, Urbana-Champaign), Kirill Levchenko (University of Illinois, Urbana-Champaign)

2022

Award Chairs: Veelasha Moonsamy and Jeremiah Blocki

Winners

CoverDrop: Blowing the Whistle Through A News App
Mansoor Ahmed-Rengers (University of Cambridge), Diana A. Vasile (University of Cambridge), Daniel Hugenroth (University of Cambridge), Alastair R. Beresford (University of Cambridge), and Ross Anderson (University of Cambridge)

Runners-up

ATOM: Ad-network Tomography
Maaz Bin Musa (University of Iowa) and Rishab Nithyanand (University of Iowa)

Leveraging Strategic Connection Migration-Powered Traffic Splitting for Privacy
Mona Wang (Princeton University), Anunay Kulshrestha (Princeton University), Liang Wang (Princeton University), and Prateek Mittal (Princeton University)

On Defeating Graph Analysis of Anonymous Transactions
Christoph Egger (Friedrich-Alexander-Universität Erlangen-Nürnberg), Russell W. F. Lai (Friedrich-Alexander-Universität Erlangen-Nürnberg), Viktoria Ronge (Friedrich-Alexander-Universität Erlangen-Nürnberg), Ivy K. Y. Woo (Independent), and Hoover H. F. Yin (The Chinese University of Hong Kong)

2021

Award Chairs: Apu Kapadia and David Evans

Winners

Residue-Free Computing
Logan Arkema (Georgetown University) and Micah Sherr (Georgetown University)

Oblivious DNS over HTTPS (ODoH): A Practical Privacy Enhancement to DNS
Sudheesh Singanamalla (University of Washington / Cloudflare Inc.), Suphanat Chunhapanya (Cloudflare Inc.), Jonathan Hoyland (Cloudflare Inc.), Marek Vavruša (Cloudflare Inc.), Tanya Verma (Cloudflare Inc.), Peter Wu (Cloudflare Inc.), Marwan Fayed (Cloudflare Inc.), Kurtis Heimerl (University of Washington), Nick Sullivan (Cloudflare Inc.), and Christopher Wood (Cloudflare Inc.)

Runners-up

Fast Privacy-Preserving Punch Cards
Saba Eskandarian (Stanford University)

The CNAME of the Game: Large-scale Analysis of DNS-based Tracking Evasion
Yana Dimova (imec-DistriNet, KU Leuven), Gunes Acar (imec-COSIC, KU Leuven), Lukasz Olejnik (European Data Protection Supervisor), Wouter Joosen (imec-DistriNet, KU Leuven), and Tom Van Goethem (imec-DistriNet, KU Leuven)

2020

Award Chairs: Nikita Borisov and Nick Hopper

Protecting Private Inputs: Bounded Distortion Guarantees With Randomised Approximations
Patrick Ah-Fat (Imperial College London) and Michael Huth (Imperial College London)

Automatic Discovery of Privacy-Utility Pareto Fronts
Brendan Avent (University of Southern California), Javier González (Amazon), Tom Diethe (Amazon), Andrei Paleyes (University of Cambridge), and Borja Balle (DeepMind)

2019

Award Chairs: Claudia Diaz and Steven Murdoch

Cardinality Estimators do not Preserve Privacy
Damien Desfontaines (ETH Zürich / Google), Andreas Lochbihler (Digital Asset), and David Basin (ETH Zürich)

Investigating sources of PII used in Facebook’s targeted advertising
Giridhari Venkatadri (Northeastern University), Elena Lucherini (Northeastern University), Piotr Sapiezynski (Northeastern University), and Alan Mislove (Northeastern University)

On Privacy Notions in Anonymous Communication
Christiane Kuhn (TU Dresden), Martin Beck (TU Dresden), Stefan Schiffner (Université du Luxembourg), Eduard Jorswieck (TU Dresden), and Thorsten Strufe (TU Dresden)

2018

Award Chair: Paul Syverson

NoMoAds: Effective and Efficient Cross-App Mobile Ad-Blocking
Anastasia Shuba (UC Irvine), Athina Markopoulou (UC Irvine), and Zubair Shafiq (University of Iowa)

Turtles, Locks, and Bathrooms: Understanding Mental Models of Privacy Through Illustration
Maggie Oates, Yama Ahmadullah, Abigail Marsh, Chelse Swoopes, Shikun Zhang, Rebecca Balebako, and Lorrie Cranor (Carnegie Mellon University)

Privacy Pass: Bypassing Internet Challenges Anonymously
Alex Davidson (Royal Holloway, University of London), Ian Goldberg (University of Waterloo), Nick Sullivan (Cloudflare), George Tankersley (Independent), and Filippo Valsorda (Independent)

2017

Social Engineering Attacks on Government Opponents: Target Perspectives and Defenses
William Marczak and Vern Paxson (UC Berkeley)

Bayes, not Naïve: Security Bounds on Website Fingerprinting Defenses
Giovanni Cherubin (Royal Holloway University of London)

2016

Are You Sure You Want to Contact Us? Quantifying the Leakage of PII via Website Contact Forms
Oleksii Starov, Phillipa Gill, and Nick Nikiforakis (Stony Brook University)

Access Denied! Contrasting Data Access in the United States and Ireland
Samuel Grogan (Queen Mary, University of London) and Aleecia M. McDonald (Non-resident Fellow, Stanford Center for Internet and Society)

Don't Interrupt Me While I Type: Inferring Text Entered Through Gesture Typing on Android Keyboards
Laurent Simon, Wenduan Xu, and Ross Anderson (University of Cambridge)

2015

Blocking-resistant communication through domain fronting
David Fifield (University of California, Berkeley), Chang Lan (University of California, Berkeley), Rod Hynes (Psiphon Inc), Percy Wegmann (Brave New Software), and Vern Paxson(University of California, Berkeley and the International Computer Science Institute)

2014

I Know Why You Went to the Clinic: Risks and Realization of HTTPS Traffic Analysis
Brad Miller (UC Berkeley), Ling Huang (Intel Labs), A. D. Joseph (UC Berkeley) and J. D. Tygar (UC Berkeley)

2013

How Low Can You Go: Balancing Performance with Anonymity in Tor
John Geddes (University of Minnesota, Minneapolis), Rob Jansen (U.S. Naval Research Laboratory) and Nicholas Hopper (University of Minnesota, Minneapolis)

The Path Less Travelled: Overcoming Tor's Bottlenecks with Traffic Splitting
Mashael Alsabah, Kevin Bauer, Tariq Elahi and Ian Goldberg (University of Waterloo)

2012

Use Fewer Instances of the Letter ``i'': Toward Writing Style Anonymization
Andrew McDonald, Sadia Afroz, Aylin Caliskan, Ariel Stolerman and Rachel Greenstadt (Drexel University)

2011

How Unique and Traceable are Usernames?
Daniele Perito, Claude Castelluccia, Mohamed Ali Kaafar, and Pere Manils (INRIA)