Thou Shalt Not Depend on Me: Analysing the Use of Outdated JavaScript Libraries on the Web
In Network and Distributed Systems Security Symposium (NDSS)
San Diego, CA US, Feb 2017
WHOIS Lost in Translation: (Mis)Understanding Domain Name Expiration and Re-Registration
In ACM Internet Measurement Conference (IMC)
Santa Monica, CA US, Nov 2016
"Recommended For You": A First Look at Content Recommendation Networks
M. A. Bashir, S. Arshad, C. Wilson
In ACM Internet Measurement Conference (IMC)
Santa Monica, CA US, Nov 2016
Trellis: Privilege Separation for Multi-User Applications Made Easy
In International Symposium on Research in Attacks, Intrusions, and Defenses (RAID)
Paris, FR, Sep 2016
Identifying Extension-based Ad Injection via Fine-grained Web Content Provenance
In International Symposium on Research in Attacks, Intrusions, and Defenses (RAID)
Paris, FR, Sep 2016
Runtime Integrity Checking for Exploit Mitigation on Lightweight Embedded Devices
M. Neugschwandtner, C. Mulliner, W. Robertson, E. Kirda
In International Conference on Trust & Trustworthy Computing (TRUST)
Vienna, AT, Aug 2016
UNVEIL: A Large-Scale, Automated Approach to Detecting Ransomware
In USENIX Security Symposium
Austin, TX US, Aug 2016
Tracing Information Flows Between Ad Exchanges Using Retargeted Ads
In USENIX Security Symposium
Austin, TX US, Aug 2016
Overhaul: Input-Driven Access Control for Better Privacy on Traditional Operating Systems
In IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)
Toulouse, FR, Jun 2016
EmailProfiler: Spearphishing Filtering with Header and Stylometric Features of Emails
In IEEE Computer Society International Conference on Computers, Software & Applications (COMPSAC)
Atlanta, GA US, Jun 2016
LAVA: Large-scale Automated Vulnerability Addition
B. Dolan-Gavitt, P. Hulin, E. Kirda, T. Leek, A. Mambretti, W. Robertson, F. Ulrich, R. Whelan
In IEEE Symposium on Security and Privacy (S&P)
San Jose, CA US, May 2016
TriggerScope: Towards Detecting Logic Bombs in Android Apps
In IEEE Symposium on Security and Privacy (S&P)
San Jose, CA US, May 2016
CuriousDroid: Automated User Interface Interaction for Android Application Analysis Sandboxes
In Financial Cryptography and Data Security (FC)
Barbados, Feb 2016
Include Me Out: In-Browser Detection of Malicious Third-Party Content Inclusions
In Financial Cryptography and Data Security (FC)
Barbados, Feb 2016
CrossFire: An Analysis of Firefox Extension-Reuse Vulnerabilities
In Network and Distributed Systems Security Symposium (NDSS)
San Diego, CA US, Feb 2016
ZigZag: Automatically Hardening Web Applications Against Client-side Validation Vulnerabilities
In USENIX Security Symposium
Washington DC, US, Aug 2015
On the Security and Engineering Implications of Finer-Grained Access Controls for Android Developers and Users
In Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA)
Milan, IT, Jul 2015
Cutting the Gordian Knot: A Look Under the Hood of Ransomware Attacks
In Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA)
Milan, IT, Jul 2015
Sentinel: Securing Legacy Firefox Extensions
In Computers & Security, 49(0), 2015
Elsevier
BabelCrypt: The Universal Encryption Layer for Mobile Messaging Applications
In Financial Cryptography and Data Security (FC)
Isla Verde, PR, Jan 2015
TrueClick: Automatically Distinguishing Trick Banners from Genuine Download Links
In Annual Computer Security Applications Conference (ACSAC)
New Orleans, LA US, Dec 2014
Toward Robust Hidden Volumes using Write-Only Oblivious RAM
In ACM Conference on Computer and Communications Security (CCS)
Scottsdale, AZ US, Nov 2014
Why is CSP Failing? Trends and Challenges in CSP Adoption
In International Symposium on Research in Attacks, Intrusions, and Defenses (RAID)
Gothenburg, SE, Sep 2014
A Look at Targeted Attacks through the Lense of an NGO
S. Le Blonde, A. Uritesc, C. Gilbert, Z. Leong Chua, P. Saxena, E. Kirda
In USENIX Security Symposium
San Diego, CA US, Aug 2014
Optical Delusions: A Study of Malicious QR Codes in the Wild
In IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)
Atlanta, GA US, Jun 2014
EXPOSURE: A Passive DNS Analysis Service to Detect and Report Malicious Domains
In ACM Transactions on Information and System Security (TISSEC), 16(4), 2014
ACM
VirtualSwindle: An Automated Attack Against In-App Billing on Android
In ACM Symposium on Information, Computer and Communications Security (ASIACCS)
Kyoto, JP, Jun 2014
Hidden GEMs: Automated Discovery of Access Control Vulnerabilities in Graphical User Interfaces
In IEEE Symposium on Security and Privacy (S&P)
San Jose, CA US, May 2014
Beehive: Large-Scale Log Analysis for Detecting Suspicious Activity in Enterprise Networks
In Annual Computer Security Applications Conference (ACSAC)
New Orleans, LA US, Dec 2013
PatchDroid: Scalable Third-Party Patches for Android Devices
In Annual Computer Security Applications Conference (ACSAC)
New Orleans, LA US, Dec 2013
Holiday Pictures or Blockbuster Movies? Insights into Copyright Infringement in User Uploads to One-Click File Hosters
T. Lauinger, K. Onarlioglu, A. Chaabane, E. Kirda, W. Robertson, M. A. Kaafar
In International Symposium on Research in Attacks, Intrusions and Defenses (RAID)
St. Lucia, LC, Oct 2013
Securing Legacy Firefox Extensions with Sentinel
In Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA)
Berlin, DE, Jul 2013
PrivExec: Private Execution as an Operating System Service
In IEEE Symposium on Security and Privacy (S&P)
San Francisco, CA US, May 2013
A Practical, Targeted, and Stealthy Attack Against WPA Enterprise Authentication
In Network and Distributed Systems Security Symposium (NDSS)
San Diego, CA US, Feb 2013
Clickonomics: Determining the Effect of Anti-Piracy Measures for One-Click Hosting
T. Lauinger, M. Szydlowski, K. Onarlioglu, G. Wondracek, E. Kirda, C. Kruegel
In Network and Distributed Systems Security Symposium (NDSS)
San Diego, CA US, Feb 2013
DISCLOSURE: Detecting Botnet Command and Control Servers Through Large-Scale NetFlow Analysis
In Annual Computer Security Applications Conference (ACSAC)
Orlando, FL US, Dec 2012
TRESOR-HUNT: Attacking CPU-Bound Encryption
In Annual Computer Security Applications Conference (ACSAC)
Orlando, FL US, Dec 2012
Paying for Piracy? An Analysis of One-Click Hosters' Controversial Reward Schemes
T. Lauinger, E. Kirda, P. Michiardi
In International Symposium on Research in Attacks, Intrusions, and Defenses (RAID)
Amsterdam, NL, Sep 2012
A Quantitative Study of Accuracy in System Call-Based Malware Detection
D. Canali, A. Lanzi, D. Balzarotti, M. Christodorescu, C. Kruegel, E. Kirda
In International Symposium on Software Testing and Analysis (ISSTA)
Minneapolis, MN US, Aug 2012
PoX: Protecting Users from Malicious Facebook Applications
In Computer Communications Journal, 0(0), 2012
Elsevier
Protecting Users and Businesses from CRAWLers
In USENIX Security Symposium
Bellevue, WA US, Aug 2012
Preventing Input Validation Vulnerabilities in Web Applications through Automated Type Analysis
In IEEE Computer Software and Applications Conference
Izmir, TR, Jul 2012
A Security Analysis of Amazon's Elastic Compute Cloud Service
M. Balduzzi, J. Zaddach, D. Balzarotti, E. Kirda, S. Loureiro
In ACM Symposium on Applied Computing (SAC)
Trento, IT, Mar 2012
An Empirical Analysis of Input Validation Mechanisms in Web Applications and Languages
In ACM Symposium on Applied Computing (SAC)
Trento, IT, Mar 2012
Insights into User Behavior in Dealing with Internet Attacks
In Network and Distributed Systems Security Symposium (NDSS)
San Diego, CA US, Feb 2012
A Survey on Automated Dynamic Malware Analysis Techniques and Tools
In ACM Computing Surveys, 44(2), 2012
ACM
Have Things Changed Now? An Empirical Study on Input Validation Vulnerabilities in Web Applications
In Computers & Security, 31(3), 2012
Elsevier
The Power of Procrastination: Detection and Mitigation of Execution-Stalling Malicious Code
C. Kolbitsch, E. Kirda, C. Kruegel
In ACM Conference on Computer and Communications Security (CCS)
Chicago, IL US, Oct 2011
BTLab: A System-Centric, Data-Driven Analysis and Measurement Platform for BitTorrent Clients
M. Szydlowski, B. Zhao, E. Kirda, C. Kruegel
In International Conference on Computer Communication Networks (ICCCN)
Maui, HI US, Aug 2011
Reverse Social Engineering Attacks in Online Social Networks
D. Irani, M. Balduzzi, D. Balzarotti, E. Kirda
In Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA)
Amsterdam, NL, Jul 2011
PoX: Protecting Users from Malicious Facebook Applications
In IEEE International Workshop on Security and Social Networking (SESOC)
Seattle, WA US, Mar 2011
Automated Discovery of Parameter Pollution Vulnerabilities in Web Applications
M. Balduzzi, C. T. Gimenez, D. Balzarotti, E. Kirda
In Network and Distributed Systems Security Symposium (NDSS)
San Diego, CA US, Feb 2011
PiOS: Detecting Privacy Leaks in iOS Applications
In Network and Distributed Systems Security Symposium (NDSS)
San Diego, CA US, Feb 2011
EXPOSURE: Finding Malicious Domains Using Passive DNS Analysis
In Network and Distributed Systems Security Symposium (NDSS)
San Diego, CA US, Feb 2011
Quo Vadis? A Study of the Evolution of Input Validation Vulnerabilities in Web Applications
In International Conference on Financial Cryptography and Data Security
St. Lucia, LC, Feb 2011
G-Free: Defeating Return-Oriented Programming through Gadget-less Binaries
In Annual Computer Security Applications Conference (ACSAC)
Austin, TX US, Dec 2010
Static Analysis for Detecting Taint-Style Vulnerabilities in Web Applications
N. Jovanovic, C. Kruegel, E. Kirda
In Journal of Computer Security, 18(0), 2010
IOS Press
AccessMiner: Using System-Centric Models for Malware Protection
A. Lanzi, D. Balzarotti, C. Kruegel, M. Christodorescu
In ACM Conference on Computer and Communications Security (CCS)
Chicago, IL US, Oct 2010
Abusing Social Networks for Automated User Profiling
M. Balduzzi, C. Platzer, T. Holz, E. Kirda, D. Balzarotti
In International Symposium on Recent Advances in Intrusion Detection (RAID)
Ottawa, ON CA, Sep 2010
An Experience in Testing the Security of a Real-World Electronic Voting System
D. Balzarotti, M. Cova, V. Felmetsger, R. Kemmerer, W. Robertson, F. Valeur, G. Vigna
In IEEE Transactions on Software Engineering, 36(4), 2010
IEEE Computer Society
Exploiting Diverse Observation Perspectives to Get Insights on the Malware Landscape
C. Leita, U. Bayer, E. Kirda
In International Conference on Dependable Systems and Networks (DSN)
Chicago, IL US, Jun 2010
Is the Internet for Porn? An Insight into the Online Adult Industry
G. Wondracek, T. Holz, C. Platzer, E. Kirda, C. Kruegel
In Workshop on the Economics of Information Security (WEIS)
Boston, MA US, Jun 2010
Identifying Dormant Functionality in Malware Programs
P. M. Comparetti, G. Salvaneschi, C. Kolbitsch, C. Kruegel, E. Kirda, S. Zanero
In IEEE Symposium on Security and Privacy
Oakland, CA US, May 2010
Inspector Gadget: Automated Extraction of Proprietary Gadgets from Malware Binaries
C. Kolbitsch, T. Holz, C. Kruegel, E. Kirda
In IEEE Symposium on Security and Privacy
Oakland, CA US, May 2010
A Practical Attack to De-Anonymize Social Network Users
G. Wondracek, T. Holz, E. Kirda, C. Kruegel
In IEEE Symposium on Security and Privacy
Oakland, CA US, May 2010
A Solution for the Automated Detection of Clickjacking Attacks
In ACM Symposium on Information, Computer, and Communications Security (ASIACCS)
Beijing, CN, Apr 2010
Honeybot: Your Man in the Middle for Automated Social Engineering
In USENIX Workshp on Large-Scale Exploits and Emergent Threats
San Jose, CA US, Apr 2010
Extending Mondrian Memory Protection
C. Kolbitsch, C. Kruegel, E. Kirda
In NATO RTO IST-091 Symposium
Antalya, TR, Apr 2010
Improving the Efficiency of Dynamic Malware Analysis
U. Bayer, E. Kirda, C. Kruegel
In ACM Symposium on Applied Computing (SAC)
Lausanne, CH, Mar 2010
CAPTCHA Smuggling: Hijacking Web Browsing Sessions to Create CAPTCHA Farms
In ACM Symposium on Applied Computing (SAC)
Lausanne, CH, Mar 2010
Efficient Detection of Split Personalities in Malware
In Network and Distributed Systems Security Symposium (NDSS)
San Diego, CA US, Feb 2010
Effective Anomaly Detection with Scarce Training Data
In Network and Distributed Systems Security Symposium (NDSS)
San Diego, CA US, Feb 2010
FIRE: FInding Rogue nEtworks
B. Stone-Gross, A. Moser, C. Kruegel, K. Almeroth, E. Kirda
In Annual Computer Security Applications Conference (ACSAC)
Honolulu, HI US, Dec 2009
Automated Spyware Collection and Analysis
A. Stamminger, C. Kruegel, G. Vigna, E. Kirda
In Information Security Conference (ISC)
Pisa, IT, Sep 2009
Automatically Generating Models for Botnet Detection
P. Wurzinger, L. Bilge, T. Holz, J. Goebel, C. Kruegel, E. Kirda
In European Symposium on Research in Computer Security (ESORICS)
Saint-Malo, FR, Sep 2009
Protecting a Moving Target: Addressing Web Application Concept Drift
In International Symposium on Recent Advances in Intrusion Detection (RAID)
Saint-Malo, FR, Sep 2009
Client-Side Cross-Site Scripting Protection
E. Kirda, N. Jovanovic, C. Kruegel, G. Vigna
In Computers & Security, 28(7), 2009
Elsevier
Effective and Efficient Malware Detection at the End Host
C. Kolbitsch, P. M. Comparetti, C. Kruegel, E. Kirda, X. Zhou, X. Wang
In USENIX Security Symposium
Montreal, QC CA, Aug 2009
Static Enforcement of Web Application Integrity Through Strong Typing
In USENIX Security Symposium
Montreal, QC CA, Aug 2009
Defending Browsers Against Drive-by Downloads: Mitigating Heap-spraying Code Injection Attacks
M. Egele, P. Wurzinger, C. Kruegel, E. Kirda
In Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA)
Milan, IT, Jun 2009
All Your Contacts Are Belong to Us: Automated Identity Theft Attacks on Social Networks
In International World Wide Web Conference (WWW)
Madrid, ES, May 2009
Server-side Bot Detection in Massively Multiplayer Online Games
S. Mitterhofer, C. Platzer, E. Kirda, C. Kruegel
In IEEE Security & Privacy Magazine, 0(0), 2009
IEEE Computer Society
Prospex: Protocol Specification Extraction
P. M. Comparetti, G. Wondracek, C. Kruegel, E. Kirda
In IEEE Symposium on Security and Privacy
Oakland, CA US, May 2009
SWAP: Mitigating XSS Attacks Using a Reverse Proxy
P. Wurzinger, C. Platzer, C. Ludl, E. Kirda, C. Kruegel
In Internation Workshop on Software Engineering for Secure Systems
Vancouver, BC CA, May 2009
Removing Web Spam Links from Search Engine Results
In European Institute for Computer Antivirus Research Conference (EICAR)
Berlin, DE, May 2009
Reducing Errors in the Anomaly-based Detection of Web-based Attacks Through the Combined Analysis of Web Requests and SQL Queries
In Journal of Computer Security, 17(3), 2009
IOS Press
Insights into Current Malware Behavior
U. Bayer, I. Habibi, D. Balzarotti, E. Kirda, C. Kruegel
In USENIX Workshop on Large-Scale Exploits and Emergent Threats
Boston, MA US, Apr 2009
Mitigating Drive-by Download Attacks: Challenges and Open Problems
In Open Research Problems in Network Security Workshop (iNetSec)
Zurich, CH, Apr 2009
Scalable, Behavior-Based Malware Clustering
U. Bayer, P. M. Comparetti, C. Hlauschek, C. Kruegel, E. Kirda
In Network and Distributed Systems Security Symposium (NDSS)
San Diego, CA US, Feb 2009
Large-Scale Malware Collection: Lessons Learned
J. Canto, M. Dacier, E. Kirda, C. Leita
In IEEE SRDS Workshop on Sharing Field Data and Experiment Measurements on Resilience of Distributed Computing Systems
Naples, IT, Oct 2008
Visual-Similarity-Based Phishing Detection
E. Medvet, E. Kirda, C. Kruegel
In International Conference on Security and Privacy in Communication Networks (SECURECOMM)
Istanbul, TR, Sep 2008
Expanding Human Interactions for In-Depth Testing of Web Applications
S. McAllister, E. Kirda, C. Kruegel
In International Symposium on Recent Advances in Intrusion Detection (RAID)
Boston, MA US, Sep 2008
Overbot - A Botnet Protocol Based on Kademlia
G. Starnberger, C. Kruegel, E. Kirda
In International Conference on Security and Privacy in Communication Networks (SECURECOMM)
Istanbul, TR, Sep 2008
Are Your Votes Really Counted? Testing the Security of Real-world Voting Systems
D. Balzarotti, G. Banks, M. Cova, V. Felmetsger, W. Robertson, F. Valeur, G. Vigna, R. Kemmerer
In International Symposium on Software Testing and Analysis (ISSTA)
Seattle, WA US, Jul 2008
Saner: Composing Static and Dynamic Analysis to Validate Sanitization in Web Applications
M. Cova, V. Felmetsger, D. Balzarotti, N. Jovanovic, C. Kruegel, E. Kirda
In IEEE Symposium on Security and Privacy
Oakland, CA US, May 2008
The Leurre.com Project: Collecting Internet Threats Information using a Worldwide Distributed Honeynet
C. Leita, O. Thonnard, E. Ramirez-Silva, F. Pouget, E. Kirda, M. Dacier
In WOMBAT Workshop
Amsterdam, NL, Apr 2008
Automatic Network Protocol Analysis
G. Wondracek, P. M. Comparetti, C. Kruegel, E. Kirda
In Network and Distributed Systems Security Symposium (NDSS)
San Diego, CA US, Feb 2008
Secure Input for Web Applications
M. Szydlowski, C. Kruegel, E. Kirda
In Annual Computer Security Applications Conference (ACSAC)
Miami Beach, FL US, Dec 2007
Limits of Static Analysis for Malware Detection
A. Moser, C. Kruegel, E. Kirda
In Annual Computer Security Applications Conference (ACSAC)
Miami Beach, FL US, Dec 2007
Improving Signature Testing Through Dynamic Data Flow Analysis
In Annual Computer Security Applications Conference (ACSAC)
Miami Beach, FL US, Dec 2007
Panorama: Capturing System-wide Information Flow for Malware Detection and Analysis
H. Yin, D. Song, M. Egele, C. Kruegel, E. Kirda
In ACM Conference on Computer and Communications Security (CCS)
Alexandria, VA US, Nov 2007
Detecting System Emulators
T. Raffetseder, C. Kruegel, E. Kirda
In Information Security Conference (ISC)
Valparaiso, CL, Oct 2007
A Layout-Similarity-Based Approach for Detecting Phishing Pages
A. Rosiello, E. Kirda, C. Kruegel, F. Ferrandi
In International Conference on Security and Privacy in Communication Networks (SECURECOMM)
Nice, FR, Sep 2007
Exploiting Execution Context for the Detection of Anomalous System Calls
In International Symposium on Recent Advances in Intrusion Detection (RAID)
Gold Coast, QLD AU, Sep 2007
Exploiting Redundancy in Natural Language to Penetrate Bayesian Spam Filters
C. Karlberger, G. Bayler, C. Kruegel, E. Kirda
In USENIX Workshop on Offensive Technologies (WOOT)
Boston, MA US, Aug 2007
On the Effectiveness of Techniques to Detect Phishing Sites
C. Ludl, S. McAllister, E. Kirda, C. Kruegel
In Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA)
Lucerne, CH, Jul 2007
Dynamic Spyware Analysis
M. Egele, C. Kruegel, E. Kirda, H. Yin, D. Song
In USENIX Annual Technical Conference
Santa Clara, CA US, Jun 2007
Building Anti-Phishing Browser Plug-Ins: An Experience Report
T. Raffetseder, E. Kirda, C. Kruegel
In Internation Workshop on Software Engineering for Secure Systems
Minneapolis, MN US, May 2007
Exploring Multiple Execution Paths for Malware Analysis
A. Moser, C. Kruegel, E. Kirda
In IEEE Symposium on Security and Privacy
Oakland, CA US, May 2007
Cross-Site Scripting Prevention with Dynamic Data Tainting and Static Analysis
P. Vogt, F. Nentwich, N. Jovanovic, C. Kruegel, E. Kirda, G. Vigna
In Network and Distributed Systems Security Symposium (NDSS)
San Diego, CA US, Feb 2007
Extending .NET Security to Unmanaged Code
In Information Security Conference (ISC)
Samos, GR, Sep 2006
Dynamic Analysis of Malicious Code
U. Bayer, A. Moser, C. Kruegel, E. Kirda
In Journal of Computer Virology, 0(0), 2006
Springer
Behavior-Based Spyware Detection
In USENIX Security Symposium
Vancouver, BC CA, Aug 2006
Preventing Cross-Site Request Forgery Attacks
N. Jovanovic, E. Kirda, C. Kruegel
In International Conference on Security and Privacy in Communication Networks (SECURECOMM)
Baltimore, MD US, Aug 2006
Using Static Program Analysis to Aid Intrusion Detection
M. Egele, M. Szydlowski, E. Kirda, C. Kruegel
In Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA)
Berlin, DE, Jul 2006
Precise Alias Analysis for Syntactic Detection of Web Application Vulnerabilities
N. Jovanovic, C. Kruegel, E. Kirda
In ACM SIGPLAN Workshop on Programming Languages and Analysis for Security
Ottawa, ON CA, Jun 2006
Pixy: A Static Analysis Tool for Detecting Web Application Vulnerabilities (Short Paper)
N. Jovanovic, C. Kruegel, E. Kirda
In IEEE Symposium on Security and Privacy
Oakland, CA US, May 2006
SecuBat: A Web Vulnerability Scanner
In International World Wide Web Conference (WWW)
Edingurgh, GB, May 2006
Noxes: A Client-Side Solution for Mitigating Cross-Site Scripting Attacks
E. Kirda, C. Kruegel, G. Vigna, N. Jovanovic
In ACM Symposium on Applied Computing (SAC)
Dijon, FR, Apr 2006
An Anomaly-Driven Reverse Proxy for Web Applications
In ACM Symposium on Applied Computing (SAC)
Dijon, FR, Apr 2006
Protecting Users Against Phishing Attacks
In The Computer Journal, 0(0), 2006
Oxford University Press
TTAnalyze: A Tool for Analyzing Malware
U. Bayer, C. Kruegel, E. Kirda
In European Institute for Computer Antivirus Research Conference (EICAR)
Hamburg, DE, Apr 2006
Using Generalization and Characterization Techniques in the Anomaly-based Detection of Web Attacks
In Network and Distributed Systems Security Symposium (NDSS)
San Diego, CA US, Feb 2006
Polymorphic Worm Detection Using Structural Information of Executables
In International Symposium on Recent Advances in Intrusion Detection (RAID)
Seattle, WA US, Sep 2005
Protecting Users Against Phishing Attacks with AntiPhish
In International Computer Software and Applications Conference
Edinburgh, GB, Jul 2005
A Multi-Model Approach to the Detection of Web-based Attacks
In Journal of Computer Networks, 48(5), 2005
Elsevier
Automating Mimicry Attacks Using Static Binary Analysis
In USENIX Security Symposium
Baltimore, MD US, Jul 2005
Reverse Engineering of Network Signatures
In Annual Asia Pacific Information Technology Security Conference (AusCERT)
Gold Coast, QLD AU, May 2005
Detecting Kernel-Level Rootkits Through Binary Analysis
In Annual Computer Security Applications Conference (ACSAC)
Tuscon, AZ US, Dec 2004
Testing Network-based Intrusion Detection Signatures Using Mutant Exploits
In ACM Conference on Computer and Communications Security (CCS)
Washington DC US, Oct 2004
Using Alert Verification to Identify Successful Intrusion Attempts
In Journal of Practice in Information Processing and Communication (PIK), 27(4), 2004
K.G. Saur Verlag
Static Disassembly of Obfuscated Binaries
In USENIX Security Symposium
San Diego, CA US, Aug 2004
Alert Verification: Determining the Success of Intrusion Attempts
In Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA)
Dortmund, DE, Jul 2004
Bayesian Event Classification for Intrusion Detection
C. Kruegel, D. Mutz, W. Robertson, F. Valeur
In Annual Computer Security Applications Conference (ACSAC)
Las Vegas, NV US, Dec 2003
A Stateful Intrusion Detection System for World-Wide Web Servers
In Annual Computer Security Applications Conference (ACSAC)
Las Vegas, NV US, Dec 2003
Run-time Detection of Heap-based Overflows
W. Robertson, C. Kruegel, D. Mutz, F. Valeur
In USENIX Large Installations Systems Administration Conference (LISA)
San Diego, CA US, Oct 2003
Topology-based Detection of Anomalous BGP Messages
C. Kruegel, D. Mutz, W. Robertson, F. Valeur
In International Symposium on Recent Advances in Intrusion Detection (RAID)
Pittsburgh, PA US, Sep 2003