CESR: Center for Evidence-based Security Research
A UCSD, ICSI, and NYU Joint NSF SaTC Frontier Project

Home
People
Papers
Projects
Contact

Towards Mining Latent Client Identifiers from Network Traffic, Sakshi Jain, Mobin Javed, and Vern Paxson, Privacy Enhancing Technologies Symposium, Darmstadt, Germany, July 2016.

Remedying Web Hijacking: Notification Effectiveness and Webmaster Comprehension, Frank Li, Grant Ho, Eric Kuan, Yuan Niu, Lucas Ballard, Kurt Thomasand Elie Bursztein, and Vern Paxson, Proceedings of the International World Wide Web Conference (WWW), Montreal, Canada, April 2016.

Stress Testing the Booters: Understanding and Undermining the Business of DDoS Services, Mohammad Karami, Youngsam Park, and Damon McCoy, Proceedings of the International World Wide Web Conference (WWW), Montreal, Canada, April 2016.

Characterizing Long-tail SEO Spam on Cloud Web Hosting Services, Xiaojing Liao, Chang Liu, Damon McCoy, Elaine Shi, and Raheem Beyah, Proceedings of the International World Wide Web Conference (WWW), Montreal, Canada, April 2016.

Detecting DNS Root Manipulation, Ben Jones, Nick Feamster, Vern Paxson, Nicholas Weaver, and Mark Allman, Passive and Active Measurement Conference, March 2016.

Don't Forget to Lock the Back Door! A Characterization of IPv6 Network Security Policy, Jakub Czyz, Matthew Luckie, Mark Allman, and Michael Bailey, Proceedings of the Network and Distributed System Security Symposium (NDSS), San Diego, CA, February 2016.

Do You See What I See? Differential Treatment of Anonymous Users, Sheharbano Khattak, David Fifield, Saida Afroz, Mobin Javed, Srikanth Sundaresan, Vern Paxson, Steven J. Murdoch, and Damon McCoy, Proceedings of the Network and Distributed System Security Symposium (NDSS), San Diego, CA, February 2016.

Understanding Craigslist Rental Scams, Youngsam Park, Damon McCoy, and Elaine Shi, Proceedings of the Financial Cryptography and Data Security Conference (FC), Christ Church, Barbados, February 2016.

Stressing Out: Bitcoin "Stress Testing", Khaled Baqer, Danny Yuxing Huang, Nicholas Weaver, and Damon McCoy, BITCOIN '14: The Third Workshop on Bitcoin and Blockchain Research, Christ Church, Barbados, February 2016.

Exploring Controller Area Networks, Ian Foster and Karl Koscher, USENIX ;login: 40(6), December 2015.

Security by Any Other Name: On the Effectiveness of Provider Based Email Security, Ian Foster, Jon Larson, Max Masich, Alex C. Snoeren, Stefan Savage, and Kirill Levchenko, Proceedings of the ACM Conference on Computer and Communications Security, Denver, Colorado, October 2015.

Resilience of Deployed TCP to Blind Off-Path Attacks, Matthew Luckie, Robert Beverly, Tiange Wu, Mark Allman, and kc claffy, Proceedings of the ACM Internet Measurement Conference, Tokyo, Japan, October 2015.

Measurement and Analysis of Traffic Exchange Services, Mobin Javed, Cormac Herley, Marcus Peinado, and V. Paxson, Proceedings of the ACM Internet Measurement Conference, Tokyo, Japan, October 2015.

Examining How the Great Firewall Discovers Hidden Circumvention Servers, Roya Ensafi, David Fifield, Philipp Winter, Nick Feamster, Nicholas Weaver, and Vern Paxson, Proceedings of the ACM Internet Measurement Conference, Tokyo, Japan, October 2015.

Empirical Analysis of Search Advertising Strategies, Bhanu Vattikonda, Vacha Dave, Saikat Guha, and Alex C. Snoeren, Proceedings of the ACM Internet Measurement Conference, Tokyo, Japan, October 2015.

From .academy to .zone: An Analysis of the New TLD Land Rush, Tristan Halvorson, Matthew F. Der, Ian Foster, Stefan Savage, Lawrence K. Saul, and Geoffrey M. Voelker, Proceedings of the ACM Internet Measurement Conference, Tokyo, Japan, October 2015.

Who is .com? Learning to Parse WHOIS Records, Suqi Liu, Ian Foster, Stefan Savage, Geoffrey M. Voelker, and Lawrence K. Saul, Proceedings of the ACM Internet Measurement Conference, Tokyo, Japan, October 2015.

Affiliate Crookies: Characterizing Affiliate Marketing Abuse, Neha Chachra, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the ACM Internet Measurement Conference, Tokyo, Japan, October 2015.

Fuzzing E-mail Filters with Generative Grammars and N-Gram Analysis, Sean Palka and Damon McCoy, Proceedings of the USENIX Workshop On Offensive Technologies (WOOT), Washington D.C., August 2015.

Fast and Vulnerable: A Story of Telematic Failures, Ian Foster, Andrew Prudhomme, Karl Koscher, and Stefan Savage, Proceedings of the USENIX Workshop On Offensive Technologies (WOOT), Washington D.C., August 2015.

SURROGATES: Enabling Near-Real-Time Dynamic Analyses of Embedded Systems, Karl Koscher, Tadayoshi Kohno, and David Molnar, Proceedings of the USENIX Workshop On Offensive Technologies (WOOT), Washington D.C., August 2015.

Header Enrichment or ISP Enrichment? Emerging Privacy Threats in Mobile Networks, Narseo Vallina-Rodriguez, Srikanth Sundaresan, Christian Kreibich, and Vern Paxson, Proceedings of the SIGCOMM HotMiddlebox Workshop, August 2015.

Addressing Ethical Considerations in Network Measurement Papers, Craig Partridge and Mark Allman, Proceedings of the SIGCOMM HotMiddlebox Workshop, August 2015.

Ethical Concerns for Censorship Measurement, Ben Jones, Roya Ensafi, Nick Feamster, Vern Paxson, and Nick Weaver, Proceedings of the SIGCOMM Workshop on Ethics in Networked Systems Research, August 2015.

An Analysis of China's 'Great Cannon', Bill Marczak, Nicholas Weaver, Jakub Dalek, Roya Ensafi, David Fifield, Sarah McKune, Arn Rey, John Scott-Railton, Ron Deibert, and Vern Paxson, Proceedings of the USENIX Workshop on Free and Open Communications on the Internet (FOCI), August 2015.

Interpreting Advertiser Intent in Sponsored Search, Bhanu C. Vattikonda, Santhosh Kodipaka, Hongyan Zhou, Vacha Dave, Saikat Guha, and Alex C. Snoeren, Proceedings of the ACM SIGKDD Conference, Sydney, Australia, August 2015.

Censorship Arms Race: Research vs. Practice, Sadia Afroz, David Fifield, Michael Tschanztz, Vern Paxson, and J. D. Tygar, Proceedings of the Workshop on Hot Topics in Privacy Enhancing Technologies (HotPETs), June 2015.

Framing Dependencies Introduced by Underground Commoditization, Kurt Thomas, Danny Yuxing Huang, David Wang, Elie Bursztein, Chris Grier, Tom Holt, Christopher Kruegel, Damon McCoy, Stefan Savage, and Giovanni Vigna, Proceedings of the Workshop on the Economics of Information Security (WEIS), Delft, Netherlands, June 2015.

Ad Injection at Scale: Assessing Deceptive Advertisement Modifications, Kurt Thomas, Elie Bursztein, Chris Grier, Grant Ho, Nav Jagpal, Alexandros Kapravelos, Damon McCoy, Antonio Nappa, Vern Paxson, Paul Pearce, Niels Provos, and Moheeb Abu Rajab, Proceedings of the IEEE Symposium and Security and Privacy, San Jose, CA, May 2015.

Temporal Lensing and its Application in Pulsing Denial-of-Service Attacks, Ryan Rasti, Mukul Murthy, Nicholas Weaver, and Vern Paxson, Proceedings of the IEEE Symposium and Security and Privacy, San Jose, CA, May 2015.

Beyond the Radio: Illuminating the Higher Layers of Mobile Networks, Narseo Vallina-Rodriguez, Srikanth Sundaresan, Christian Kreibich, Nicholas Weaver, and Vern Paxson, Proceedings of the ACM Conference on Mobile Systems, Appliations and Services (MobiSys), Florence, Italy, June 2015.

On The Power and Limitations of Detecting Network Filtering via Passive Observation, Matthew Sargent, Jakub Czyz, Mark Allman, and Michael Bailey, Proceedings of the Passive and Active Measurement Conference (PAM), New York, NY, March 2015.

A Tangled Mass: The Android Root Certificate Stores, Narseo Vallina-Rodriguez, Johanna Amann, Christian Kreibich, Nicholas Weaver, and Vern Paxson, Proceedings of ACM CoNEXT, Sydney, Australia, December 2014.

Search + Seizure: The Effectiveness of Interventions on SEO Campaigns, David Wang, Matthew Der, Mohammad Karami, Lawrence Saul, Damon McCoy, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the ACM Internet Measurement Conference, Vancouver, BC, Canada, October 2014.

Handcrafted Fraud and Extortion: Manual Account Hijacking in the Wild, Borbala Benko, Elie Bursztein, Daniel Margolis, Tadek Pietraszek, Andy Archer, Allan Aquino, Andreas Pitsillidis, and Stefan Savage, Proceedings of the ACM Internet Measurement Conference, Vancouver, BC, Canada, October 2014.

The Matter of Heartbleed, Zakir Durumeric, Frank Li, James Kasten, Johanna Amann, Jethro Beekman, Matthias Payer, Nicholas Weaver, David Adrian, Vern Paxson, Michael Bailey, and J. Alex Halderman, Proceedings of the ACM Internet Measurement Conference, Vancouver, BC, Canada, October 2014.

A Look at the Consequences of Internet Censorship Through an ISP Lens, Sheharbano Khattak, Mobin Javed, Syed Ali Khayam, Zartash Uzmi, and Vern Paxson, Proceedings of the ACM Internet Measurement Conference, Vancouver, BC, Canada, October 2014.

Characterizing Large-Scale Click Fraud in ZeroAccess, Paul Pearce, Vacha Dave Chris Grier Kirill Levchenko Saikat Guha Damon McCoy Vern Paxson Stefan Savage and Geoffrey M. Voelker, Proceedings of the ACM Conference on Computer and Communications Security, Scottsdale, AZ, November 2014.

Consequences of Connectivity: Characterizing Account Hijacking on Twitter, Kurt Thomas, Frank Li, Chris Grier, and Vern Paxson, Proceedings of the ACM Conference on Computer and Communications Security, Scottsdale, AZ, November 2014.

Dialing Back Abuse on Phone Verified Accounts, Kurt Thomas, Dima Iatskiv, Elie Bursztein, Tadek Pietraszek, Chris Grier, and Damon McCoy, Proceedings of the ACM Conference on Computer and Communications Security, Scottsdale, AZ, November 2014.

The Check is in the Mail: Monetization of Craigslist Buyer Scams, Jackie Jones and Damon McCoy, IEEE International Workshop on Cyber Crime (IWCC 2014), September 2014.

When Governments Hack Opponents: A Look at Actors and Technology, William Marczak, John Scott-Railton, Morgan Marquis-Boire, and Vern Paxson, Proceedings of the USENIX Security Symposium, San Diego, CA, August 2014.

Hulk: Eliciting Malicious Behavior in Browser Extensions, Alexandros Kapravelos, Chris Grier, Neha Chachra, Chris Kruegel, Giovanni Vigna, and Vern Paxson, Proceedings of the USENIX Security Symposium, San Diego, CA, August 2014.

Knock It Off: Profiling the Online Storefronts of Counterfeit Merchandise, Matthew Der, Lawrence K. Saul, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the ACM SIGKDD Conference, Washington D.C., August 2014.

Empirically Characterizing Domain Abuse and the Revenue Impact of Blacklisting, Neha Chachra, Damon McCoy, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the Workshop on the Economics of Information Security (WEIS), State College, PA, June 2014.

Doppelgänger Finder: Taking Stylometry To The Underground, Sadia Afroz, Aylin Caliskan Islam, Ariel Stolerman, Rachel Greenstadt, and Damon McCoy, Proceedings of the IEEE Symposium and Security and Privacy, San Jose, CA, May 2014.

Constructing and Analyzing Criminal Networks, Hamed Sarvari, Ehab Abozinadah, Alex Mbaziira, and Damon McCoy, IEEE International Workshop on Cyber Crime (IWCC 2014), May 2014.

XXXtortion? Inferring Registration Intent in the .XXX TLD, Tristan Halvorson, Kirill Levchenko, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the International World Wide Web Conference (WWW), Seoul, Korea, April 2014.

Cyber-security Research Ethics Dialogue & Strategy Workshop, Erin Kenneally and Michael Bailey, ACM Computer Communication Review 44(2), April 2014.

Assessing DNS Vulnerability to Record Injection, Kyle Schomp, Tom Callahan, Michael Rabinovich, and Mark Allman, Proceedings of the Passive and Active Measurement Conference (PAM), Los Angeles, CA, March 2014.

Here Be Web Proxies, Nicholas Weaver, Christian Kreibich, Martin Dam, and Vern Paxson, Proceedings of the Passive and Active Measurement Conference (PAM), Los Angeles, CA, March 2014.

Techniques for the Detection of Faulty Packet Header Modifications, Ryan Craven, Robert Beverly, and Mark Allman, Naval Postgraduate School technical report NPS-CS-14-002, March 2014.

Botcoin: Monetizing Stolen Cycles, Danny Yuxing Huang, Hitesh Dharmdasani, Sarah Meiklejohn, Vacha Dave, Chris Grier, Damon McCoy, Stefan Savage, Nicholas Weaver, Alex C. Snoeren, and Kirill Levchenko, Proceedings of the Network and Distributed System Security Symposium (NDSS), San Diego, CA, February 2014.

DSpin: Detecting Automatically Spun Content on the Web, Qing Zhang, David Wang, and Geoffrey M. Voelker, Proceedings of the Network and Distributed System Security Symposium (NDSS), San Diego, CA, February 2014.

Scambaiter: Understanding Targeted Nigerian Scams on Craigslist, Youngsam Park, Jackie Jones, Damon McCoy, Elaine Shi, and Markus Jakobsson, Proceedings of the Network and Distributed System Security Symposium (NDSS), San Diego, CA, February 2014.

A Large-Scale Empirical Analysis of Email Spam Detection Through Network Characteristics in a Stand-Alone Enterprise, Tu Ouyang, Soumya Ray, Mark Allman, and Michael Rabinovich, Computer Networks 59:100-121, February 2014.

The ZeroAccess Auto-Clicking and Search-Hijacking Click Fraud Modules, Paul Pearce, Chris Grier, Vern Paxson, Vacha Dave, Damon McCoy, Geoffrey M. Voelker, and Stefan Savage, University of California, Berkeley technical report UCB/EECS-2013-211, December 2013.

A Fistful of Bitcoins: Characterizing Payments Among Men with No Names, Sarah Meiklejohn, Marjori Pomarole, Grant Jordan, Kirill Levchenko, Damon McCoy, Geoffrey M. Voelker, and Stefan Savage, USENIX ;login: 38(6), December 2013.

Rent to Pwn: Analyzing Commodity Booter DDoS Services, Karami and McCoy, USENIX ;login: 38(6), December 2013.

Toward a Comprehensive Disclosure Control Framework for Shared Data, Scott E. Coull and Erin Kenneally, Proceedings of the IEEE International Conference on Technologies for Homeland Security (HST), November 2013.

Detecting Stealthy, Distributed SSH Brute-Forcing, Mobin Javed and Vern Paxson, Proceedings of the ACM Conference on Computer and Communications Security, Berlin, Germany, November 2013.

ViceROI: Catching Click-Spam in Search Ad Networks, Vacha Dave, Saikat Guha, and Yin Zhang, Proceedings of the ACM Conference on Computer and Communications Security, Berlin, Germany, November 2013.

A Fistful of Bitcoins: Characterizing Payments Among Men with No Names, Sarah Meiklejohn, Marjori Pomarole, Grant Jordan, Kirill Levchenko, Damon McCoy, Geoffrey M. Voelker, and Stefan Savage, Proceedings of the ACM Internet Measurement Conference, Barcelona, Spain, October 2013.

Understanding the Domain Registration Behavior of Spammers, Shuang Hao, Matthew Thomas, Vern Paxson, Nick Feamster, Christian Kreibich, Chris Grier, and Scott Hollenbeck, Proceedings of the ACM Internet Measurement Conference, Barcelona, Spain, October 2013.

Honor Among Thieves: A Common's Analysis of Cybercrime Economics, Sadia Afroz, Vaibhav Garg, Damon McCoy, and Rachel Greenstadt, APWG eCrime Researchers Summit, San Francisco, CA, September 2013.

Folex: An Analysis of an Herbal and Counterfeit Luxury Goods Affiliate Program, Mohammad Karami, Shiva Ghaemi, and Damon McCoy, APWG eCrime Researchers Summit, San Francisco, CA, September 2013.

Trafficking Fraudulent Accounts: The Role of the Underground Market in Twitter Spam and Abuse, Kurt Thomas, Damon McCoy, Chris Grier, Alek Kolcz, and Vern Paxson, Proceedings of the USENIX Security Symposium, Washington D.C., August 2013.

Practical Comprehensive Bounds on Surreptitious Communication Over DNS, Vern Paxson, Mihai Christodorescu, Mobin Javed, Josyula Rao, Reiner Sailer, Douglas Schales, Marc Ph. Stoecklin, Kurt Thomas, Wietse Venema, and Nicholas Weaver, Proceedings of the USENIX Security Symposium, Washington D.C., August 2013.

Towards Illuminating a Censorship Monitor's Model to Facilitate Evasion, Sheharbano Khattak, Mobin Javed, Philip D. Anderson, and Vern Paxson, Proceedings of the USENIX Workshop on Free and Open Communications on the Internet (FOCI), August 2013.

Take This Personally: Pollution Attacks on Personalized Services, Xinyu Xing, Wei Ming, Dan Doozan, Alex C. Snoeren, Nick Feamster, and Wenke Lee, Proceedings of the USENIX Security Symposium, Washington D.C., August 2013.

D{N,o}SSec: Measuring the Practical Impact of DNSSEC Deployment, Wilson Lian, Eric Rescorla, Hovav Shacham, and Stefan Savage, Proceedings of the USENIX Security Symposium, Washington D.C., August 2013.

On Modern DNS Behavior and Properties, Tom Callahan, Mark Allman, and Michael Rabinovich, ACM Computer Communication Review 43(3), July 2013.

On Changing the Culture of Empirical Internet Assessment, Mark Allman, ACM Computer Communication Review 43(3), July 2013.

Traffic Monitoring Considered Reasonable, Mark Allman, IEEE Symposium on Security and Privacy Cyber-security Research Ethics Dialog and Strategy Workshop (CREDS), May 2013.

There Are No Free iPads: An Analysis of Survey Scams as a Business, Jason W. Clark and Damon McCoy, Proceedings of the USENIX Workshop on Large-scale Exploits and Emergent Threats (LEET), Boston, MA, March 2013.

Understanding the Emerging Threat of DDoS-as-a-Service, Mohammad Karami and Damon McCoy, Proceedings of the USENIX Workshop on Large-scale Exploits and Emergent Threats (LEET), Boston, MA, March 2013.

A Variational Approximation for Topic Modeling of Hierarchical Corpora, Do-kyum Kim, Geoffrey M. Voelker, and Lawrence K. Saul, Proceedings of the International Conference on Machine Learning, Atlanta, GA, June 2013.

Juice: A Longitudinal Study of an SEO Campaign, David Wang, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the Network and Distributed System Security Symposium (NDSS), San Diego, CA, February 2013.

The following list of past papers by the group served as the foundation of our efforts of our SaTC Frontier project

PharmaLeaks: Understanding the Business of Online Pharmaceutical Affiliate Programs, Damon McCoy, Andreas Pitsillidis, Grant Jordan, Nicholas Weaver, Christian Kreibich, Brian Krebs, Geoffrey M. Voelker, Stefan Savage, and Kirill Levchenko, Proceedings of the USENIX Security Symposium, Bellevue, WA, August 2012.

When Good Services Go Wild: Reassembling Web Services for Unintended Purposes, Feng Lu, Jiaqi Zhang, and Stefan Savage, Proceedings of the USENIX Workshop on Hot Topics in Security, Bellevue, WA, August 2012.

Economic Analysis of Cybercrime in Crowdsourced Labor Markets, Vaibhav Garg, Chris Kanich, and L. Jean Camp, Proceedings of the Workshop on the Economics of Information Security (WEIS), Berlin, Germany, June 2012.

Prudent Practices for Designing Malware Experiments: Status Quo and Outlook, Christian Rossow, Christian J. Dietrich, Christian Kreibich, Chris Grier, Vern Paxson, Norbert Pohlmann, Herbert Bos, and Maarten van Steen, Proceedings of the IEEE Symposium on Security and Privacy, May 2012.

Adapting Social Spam Infrastructure for Political Censorship, Kurt Thomas, Chris Grier, and Vern Paxson, Proceedings of the USENIX Workshop on Large-scale Exploits and Emergent Threats (LEET), April 2012.

The BIZ Top-Level Domain: Ten Years Later, Tristan Halvorson, Janos Szurdi, Gregor Maier, Mark Felegyhazi, Christian Kreibich, Nicholas Weaver, Kirill Levchenko, and Vern Paxson, Proceedings of the Passive and Active Measurement Workshop, Vienna, Austria, March 2012.

Applying Ethical Principles to Information and Communication Technology Research: A Companion to the Department of Homeland Security Menlo Report, Erin Kenneally, Co-Leader & Author, U.S. Department of Homeland Working Group on Ethics in Computer Security Research, January 2012.

An Analysis of Underground Forums, Marti Motoyama, Damon McCoy, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the ACM Internet Measurement Conference, Berlin, CA, November 2011.

Suspended Accounts in Retrospect: An Analysis of Twitter Spam, Kurt Thomas, Chris Grier, Vern Paxson, and Dawn Song, Proceedings of the ACM Internet Measurement Conference, Berlin, CA, November 2011.

Practical Containment for Measuring Modern Malware Systems, Christian Kreibich, Nicholas Weaver, Chris Kanich, Wedong Cui, and Vern Paxson, Proceedings of the ACM Internet Measurement Conference, Berlin, CA, November 2011.

Topic Modeling of Freelance Job Postings to Monitor Web Service Abuse, Do-kyum Kim, Marti Motoyama, Geoffrey M. Voelker, and Lawrence K. Saul, Proceedings of the ACM Workshop on Artificial Intelligence and Security (AISEC), Chicago, IL, October 2011.

Judging a site by its content: learning the textual, structural, and visual features of malicious Web pages, Sushma Nagesh Bannur, Lawrence K. Saul, and Stefan Savage, Proceedings of the ACM Workshop on Artificial Intelligence and Security (AISEC), Chicago, IL, October 2011.

Cloak and Dagger: Dynamics of Web Search Cloaking, David Wang, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the ACM Conference on Computer and Communications Security, Chicago, IL, October 2011.

Putting Out a HIT: Crowdsourcing Malware Installs, Chris Kanich, Stephen Checkoway, and Keaton Mowery, Proceedings of Workshop On Offensive Technologies (WOOT), August 2011.

The Menlo Report: Ethical Principles Guiding Information and Communication Technology Research, Erin Kenneally, Co-Leader & Author, U.S. Department of Homeland Working Group on Ethics in Computer Security Research, September 2011.

No Plan Survives Contact: Experience with Cybercrime Measurement, Chris Kanich, Neha Chachra, Damon McCoy, Chris Grier, David Wang, Marti Motoyama, Kirill Levchenko, Stefan Savage, and Geoffrey M. Voelker, Proceedings of Workshop on Cyber Security Experimentation and Test (CSET), August 2011.

Measuring Pay-per-Install: The Commoditization of Malware Distribution, Juan Caballero, Chris Grier, Christian Kreibich, and Vern Paxson, Proceedings of the USENIX Security Symposium, San Francisco, CA, August 2011.

Show Me the Money: Characterizing Spam-advertised Revenue, Chris Kanich, Nicholas Weaver, Damon McCoy, Tristan Halvorson, Christian Kreibich, Kirill Levchenko, Vern Paxson, Geoffrey M. Voelker, and Stefan Savage, Proceedings of the USENIX Security Symposium, San Francisco, CA, August 2011.

Dirty Jobs: The Role of Freelance Labor in Web Service Abuse, Marti Motoyama, Damon McCoy, Kirill Levchenko, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the USENIX Security Symposium, San Francisco, CA, August 2011.

Redirecting DNS for Ads and Profit, Nicholas Weaver, Christian Kreibich, and Vern Paxson, Proceedings of the USENIX Workshop on Free and Open Communications on the Internet (FOCI), August 2011.

Interview with Stefan Savage: On the Spam Payment Trail, Rik Farrow and Stefan Savage, USENIX ;login: 36(4):7-20, August 2011.

What's Clicking What? Techniques and Innovations of Today's Clickbots, Brad Miller, Paul Pearce, Chris Grier, Christian Kreibich, and Vern Paxson, Proceedings of the Eighth Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), July 2011.

An Assessment of Overt Malicious Activity Manifest in Residential Networks, Gregor Maier, Anja Feldmann, Vern Paxson, Robin Sommer, and Matthias Vallentin, Proceedings of the Eighth Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), July 2011.

Privacy-preserving Network Forensics, Mikhail Afanasyev, Tadayoshi Kohno, Justin Ma, Nick Murphy, Stefan Savage, Alex C. Snoeren, and Geoffrey M. Voelker, Communications of the Association for Computing Machinery, June 2011.

Click Trajectories: End-to-End Analysis of the Spam Value Chain, Kirill Levchenko, Andreas Pitsillidis, Neha Chachra, Brandon Enright, Márk Félegyházi, Chris Grier, Tristan Halvorson, Chris Kanich, Christian Kreibich, He Liu, Damon McCoy, Nicholas Weaver, Vern Paxson, Geoffrey M. Voelker, and Stefan Savage, Proceedings of the IEEE Symposium and Security and Privacy, May 2011, pages 431-446.

Design and Evaluation of a Real-Time URL Spam Filtering Service, Kurt Thomas, Chri Grier, Justin Ma, Vern Paxson, and Dawn Song, Proceedings of the IEEE Symposium and Security and Privacy, May 2011.

Dissemination in Opportunistic Mobile Ad-hoc Networks: the Power of the Crowd, Gjergji Zyba, Geoffrey M. Voelker, Stratis Ioannidis, and Christophe Diot, Proceedings of the IEEE Infocom Conference, Shanghai, China, April 2011, pages 1179-1187.

Learning to Detect Malicious URLs, Justin Ma, Lawrence K Saul, Stefan Savage, and Geoffrey M Voelker, ACM Transactions on Intelligent Systems and Technology (TIST) 2(3):30:1-30:24, April 2011.

On the Effects of Registrar-level Intervention, He Liu, Kirill Levchenko, Márk Félegyházi, Christian Kreibich, Gregor Maier, Geoffrey M. Voelker, and Stefan Savage, Proceedings of the USENIX Workshop on Large-scale Exploits and Emergent Threats (LEET), Boston, MA, March 2011, pages 1-8.

Detecting and Analyzing Automated Activity on Twitter, Chao Michael Zhang and Vern Paxson, Proceedings of the Passive & Active Measurement, March 2011.

Got Traffic? An Evaluation of Click Traffic Providers, Qing Zhang, Thomas Ristenpart, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the WICOM/AIRWeb Workshop on Web Quality (WebQuality), Hyderabad, India, March 2011, pages 19-26.

Proximax: Fighting Censorship with an Adaptive System for Distribution of Open Proxies, Kirill Levchenko, Jose Andre Morales, and Damon McCoy, Proceedings of the International Conference on Financial Cryptography and Data Security, St Lucia, February 2011.

Moving Forward, Building An Ethics Community (Panel Statements), Erin Kenneally, Angelos Stavrou, John McHugh, and Nicolas Christin, Proceedings of the Workshop on Ethics in Computer Security Research (WECSR'11), February 2011.

Can Network Science Help Re-Write The Privacy Playbook?, Erin Kenneally, Information Security and Privacy Journal, American Bar Association Information Security Committee 1:21-31, Fall 2010.

Using Network Science to Understand and Apply Privacy Controls, Erin Kenneally, Proceedings of the W3C Workshop on Privacy and Data Usage Control, October 2010.

Towards Situational Awareness of Large-scale Botnet Probing Events, Zhichun Li, Anup Goyal, Yan Chen, and Vern Paxson, IEEE Transactions on Information Forensics and Security 5(4), October 2010.

Employing Honeynets For Network Situational Awareness, Paul Barford, Yan Chen, Anup Goyal, Zhichun Li, Vern Paxson, and Vinod Yegneswaran, In Cyber Situational Awareness: Issues and Research. Sushil Jajodia and Peng Liu and Vipin Swarup and Cliff Wang, editor. Springer, 2010.

Re: CAPTCHAs -- Understanding CAPTCHA-Solving from an Economic Context, Marti Motoyama, Kirill Levchenko, Chris Kanich, Damon McCoy, Geoffrey M. Voelker, and Stefan Savage, Proceedings of the USENIX Security Symposium, Washington, D.C., August 2010.

Dialing Privacy and Utility: A Proposed Data-Sharing Framework to Advance Internet Research, Erin E. Kenneally and Kimberly Claffy, IEEE Security and Privacy 8(4):31-39, July 2010.

Beyond Heuristics: Learning to Classify Vulnerabilities and Predict Exploits, Mehran Bozorgi, Lawrence K. Saul, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the ACM SIGKDD Conference, Washington D.C., July 2010.

SecondLife: a Social Network of Humans and Bots, Matteo Varvello and Geoffrey M. Voelker, Proceedings of the ACM International Workshop on Network and Operating Systems Support for Digital Audio and Video (NOSSDAV), Amsterdam, the Netherlands, June 2010.

Measuring Online Service Availability Using Twitter, Marti Motoyama, Brendan Meeder, Kirill Levchenko, Stefan Savage, and Geoffrey M. Voelker, Proceedings of ACM Workshop on Online Social Networks (WOSN), Boston, MA, June 2010.

Outside the Closed World: On Using Machine Learning For Network Intrusion Detection, Robin Sommer and Vern Paxson, Proceedings of the IEEE Symposium and Security and Privacy, Oakland, CA, May 2010.

Exploiting Feature Covariance in High-Dimensional Online Learning, Justin Ma, Alex Kulesza, Mark Dredze, Koby Crammer, Lawrence K. Saul, and Fernando Pereira, Proceedings of the International Conference on Artificial Intelligence and Statistics (AISTATS), Sardinia, Italy, May 2010.

Insights from the Inside: A View of Botnet Management from Infiltration, Chia Yuan Cho, Juan Caballero, Chris Grier, Vern Paxson, and Dawn Song, Proceedings of the 3rd USENIX Workshop on Large-Scale Exploits and Emergent Threats, San Jose, CA, April 2010.

On the Potential of Proactive Domain Blacklisting, M. Felegyhazi and C. Kreibich and V. Paxson, Proceedings of the 3rd USENIX Workshop on Large-Scale Exploits and Emergent Threats, San Jose, CA, April 2010.

Botnet Judo: Fighting Spam with Itself, Andreas Pitsillidis, Kirill Levchenko, Christian Kreibich, Chris Kanich, Geoffrey M. Voelker, Vern Paxson, Nicholas Weaver, and Stefan Savage, Proceedings of the Network and Diestributed System Security Symposium (NDSS), San Diego, CA, February 2010.

A Framework for Understanding and Applying Ethical Principles in Network and Security Research, Erin Kenneally, Michael Bailey, and Douglas Maughan, Proceedings of the Workshop on Ethics in Computer Security Research (WECSR 2010), Canary Islands, Spain, January 2010.

An Internet Sharing Framework for Balancing Privacy and Utility, Erin E. Kenneally and kc claffy, Proceedings of Engaging Data: First International Forum on the Application and Management of Personal Electronic Information, October 2009.

Dispatcher: Enabling Active Botnet Infiltration using Automatic Protocol Reverse-Engineering, Juan Caballero, Pongsin Poosankam, Christian Kreibich, and Dawn Song, Proceedings of the ACM Conference on Computer and Communications Security, Chicago, IL, November 2009.

Hey, You, Get Off of My Cloud: Exploring Information Leakage in Third-Party Compute Clouds, Thomas Ristenpart, Eran Tromer, Hovav Shacham, and Stefan Savage, Proceedings of the ACM Conference on Computer and Communications Security, Chicago, IL, November 2009.

Spamalytics: An Empirical Analysis of Spam Marketing Conversion, Chris Kanich, Christian Kreibich, Kirill Levchenko, Brandon Enright, Geoffrey M. Voelker, Vern Paxson, and Stefan Savage, Communications of the Association for Computing Machinery 52(9):99-107, September 2009.

Security of open source and closed source software: An empirical comparison of published vulnerabilities, Guido Schryen, Proceedings of the 15th Americas Conference on Information Systems, 2009.

Competitive Cyber-Insurance and Internet Security, Nikhil Shetty, Galina Schwartz, Mark Felegyhazi, and Jean Walrand, Workshop on Economics of Information Security (WEIS 2009), 2009.

Identifying Suspicious URLs: An Application of Large-Scale Online Learning, Justin Ma, Lawrence K. Saul, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the International Conference on Machine Learning, Montreal, Quebec, June 2009.

Beyond Blacklists: Learning to Detect Malicious Web Sites from Suspicious URLs, Justin Ma, Lawrence K. Saul, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the ACM SIGKDD Conference, Paris, France, June 2009.

Defending Mobile Phones from Proximity Malware, Gjergji Zyba, Geoffrey M. Voelker, Michael Liljenstam, András Méhes, and Per Johansson, Proceedings of the IEEE Infocom Conference, Rio de Janeiro, Brazil, April 2009.

Spamcraft: An Inside Look at Spam Campaign Orchestration, Christian Kreibich, Chris Kanich, Kirill Levchenko, Brandon Enright, Geoffrey M. Voelker, Vern Paxson, and Stefan Savage, Proceedings of the USENIX Workshop on Large-scale Exploits and Emergent Threats (LEET), Boston, MA, April 2009.

Automating Analysis of Large-Scale Botnet Probing Events, Zhichun Li, Anup Goyal, Yan Chen, and Vern Paxson, Proceedings of ASIACCS, March 2009.

Detecting Forged TCP Reset Packets, Nicholas Weaver, Robin sommer, and Vern Paxson, Proceedings of the 16th Annual Network and Distributed System Security Symposium (NDSS'09), February 2009.

Detecting Malicious Packet Losses, Alper Mizrak, Stefan Savage, and Keith Marzullo, IEEE Transactions on Parallel and Distributed Systems 20(2), February 2009.

Detecting In-Flight Page Changes with Web Tripwires, Charles Reis, Steven D. Gribble, Tadayoshi Kohno, and Nicholas Weaver, Proceedings of the 5th ACM/USENIX Symposium on Networked Systems Design and Implementation (NSDI), San Francisco, CA, April 2008.

Spamalytics: an Empirical Analysis of Spam Marketing Conversion, Chris Kanich, Christian Kreibich, Kirill Levchenko, Brandon Enright, Vern Paxson, Geoffrey M. Voelker, and Stefan Savage, Proceedings of the ACM Conference on Computer and Communications Security, Alexandria, VA, October 2008.

Reconsidering Physical Key Secrecy: Teleduplication via Optical Decoding, Benjamin Laxton, Kai Wang, and Stefan Savage, Proceedings of the ACM Conference on Computer and Communications Security, Alexandria, VA, October 2008.

When Good Instructions Go Bad: Generalizing Return-oriented Programming to the SPARC, Erik Buchanan, Ryan Roemer, Hovav Shacham, and Stefan Savage, Proceedings of the ACM Conference on Computer and Communications Security, Alexandria, VA, October 2008.

Predicting the Resource Consumption of Network Intrusion Detection Systems, Holger Dreger, Anja Feldmann, Vern Paxson, and Robin Sommer, RAID 2008, September 2008.

Enriching Network Security Analysis with Time Travel, Gregor Maier, Robin Sommer, Holger Dreger, Anja Feldmann, Vern Paxson, and Fabian Schneider, Proceedings of the ACM SIGCOMM Conference, Seattle, WA, August 2008.

A Tool for Offline and Live Testing of Evasion Resilience in Network Intrusion Detection Systems (Extended Abstract), Leo Juan, Christian Kreibich, Chih-Hung Lin, and Vern Paxson, Proc. Fifth GI International Conference on Detection of Intrusions and Malware & Vulnerability Assessment, July 2008.

Storm: When Researchers Collide, Brandon Enright, Geoff Voelker, Stefan Savage, Chris Kanich, and Kirill Levchenko, USENIX ;login: 33(4), August 2008.

On the Spam Campaign Trail, Christian Kreibich, Chris Kanich, Kirill Levchenko, Brandon Enright, Geoffrey M. Voelker, Vern Paxson, and Stefan Savage, Proceedings of the USENIX Workshop on Large-scale Exploits and Emergent Threats (LEET), San Franciso, CA, April 2008.

The Heisenbot Uncertainty Problem: Challenges in Separating Bots from Chaff, Chris Kanich, Kirill Levchenko, Brandon Enright, Geoffrey M. Voelker, and Stefan Savage, Proceedings of the USENIX Workshop on Large-scale Exploits and Emergent Threats (LEET), San Franciso, CA, April 2008.

Detecting Compromised Routers via Packet Forwarding Behavior, Alper Mizrak, Stefan Savage, and Keith Marzullo, IEEE Network 22(2), March 2008.

Can You Infect Me Now? Malware Propagation in Mobile Phone Networks, Chris Fleizach, Michael Lilijenstam, Per Johansson, Geoffrey M. Voelker, and András Méhes, Proceedings of the ACM Workshop on Recurring Malcode (WORM), Washington D.C., November 2007.

Issues and Etiquette Concerning Use of Shared Measurement Data, Mark Allman and Vern Paxson, Proceedings of the ACM Internet Measurement Conference, San Diego, CA, October 2007.

A Brief History of Scanning, Mark Allman, Vern Paxson, and Jeff Terrell, Proceedings of the ACM Internet Measurement Conference, San Diego, CA, October 2007.

Shunting: A Hardware/Software Architecture for Flexible, High-Performance Network Intrusion Prevention, Jose Maria Gonzalez, Nicholas Weaver, and Vern Paxson, Proceedings of the ACM Conference on Computer and Communications Security, Alexandria, VA, October 2007.

An Inquiry into the Nature and Causes of the Wealth of Internet Miscreants, Jason Franklin, Vern Paxson, Adrian Perrig, and Stefan Savage, Proceedings of the ACM Conference on Computer and Communications Security, Alexandria, VA, October 2007.

Spamscatter: Characterizing Internet Scam Hosting Infrastructure, David S. Anderson, Chris Fleizach, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the USENIX Security Symposium, Boston, MA, August 2007.

Slicing Spam with Occam's Razor, Chris Fleizach, Geoffrey M. Voelker, and Stefan Savage, Proceedings of the Conference on Email and Anti-Spam (CEAS), Mountain View, CA, August 2007.

On the Adaptive Real-Time Detection of Fast-Propagating Network Worms, Jaeyeon Jung, Rodolfo A. Milito, and Vern Paxson, Proceedings of the Fourth GI International Conference on Detection of Intrusions & Malware, and Vulnerability Assessment, Lucerne, Switzerland, July 2007.

The Shunt: An FPGA-Based Accelerator for Network Intrusion Prevention, Nicholas Weaver, Vern Paxson, and Jose M. Gonzalez, Proceedings of the ACM/SIGDA 15th International Symposium on Field Programmable Gate Arrays, February 2007.

Glavlit: Preventing Exfiltration at Wire Speed, Nabil Schear, Carmelo Kintana, Qing Zhang, and Amin Vahdat, Proceedings of the 5th ACM Workshop on Hot Topics in Networks (HotNets-V), Irvine, CA, November 2006.

Fighting Coordinated Attackers with Cross-Organizational Information Sharing, Mark Allman, Ethan Blanton, Vern Paxson, and Scott Shenker, Proceedings of the 5th ACM Workshop on Hot Topics in Networks (HotNets-V), Irvine, CA, November 2006.

On the Adaptive Real-Time Detection of Fast-Propagating Network Worms, Jaeyeon Jung, Rodolfo A. Milito, and Vern Paxson, MIT technical report MIT-CSAIL-TR-2006-074, November 2006.

binpac: A yacc for Writing Application Protocol Parsers, Ruoming Pang, Vern Paxson, Robin Sommer, and Larry Peterson, Proceedings of the ACM Internet Measurement Conference, Rio de Janeiro, Brazil, October 2006.

Semi-Automated Discovery of Application Session Structure, Jayanthkumar Kannan, Jaeyeon Jung, Vern Paxson, and Can Emre Koksal, Proceedings of the ACM Internet Measurement Conference, Rio de Janeiro, Brazil, October 2006.

Automated Protocol Inference: Unexpected Means of Identifying Protocols, Justin Ma, Kirill Levchenko, Cristian Kriebich, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the ACM Internet Measurement Conference, Rio de Janeiro, Brazil, October 2006.

Finding Diversity in Remote Code Injection Exploits, Justin Ma, John Dunagan, Helen J. Wang, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the ACM Internet Measurement Conference, Rio de Janeiro, Brazil, October 2006.

GQ: Realizing a System to Catch Worms in a Quarter Million Places, Weidong Cui, Vern Paxson, and Nicholas Weaver, ICSI technical report TR-06-004, September 2006.

Dynamic Application-Layer Protocol Analysis for Network Intrusion Detection, Holger Dreger, Anja Feldmann, Michael Mai, Vern Paxson, and Robin Sommer, 15th Usenix Security Symposium, August 2006.

Fatih: Detecting and Isolating Malicious Routers via Traffic Validation, Alper Mizrak, Yu-Chung Cheng, Keith Marzullo, and Stefan Savage, IEEE Transactions on Dependable and Secure Computing 3(3), July 2006.

Inferring Internet Denial-of-Service Activity, David Moore, Colleen Shannon, Doug Brown, Geoffrey M. Voelker, and Stefan Savage, ACM Transactions on Computer Systems 24(2):115-139, May 2006.

Community-Oriented Network Measurement Infrastructure (CONMI) Workshop Report, kc claffy, Mark Crovella, Timur Friedman, Colleen Shannon, and Neil Spring, 36(2):41-48, April 2006.

Protocol-Independent Adaptive Replay of Application Dialog, Weidong Cui, Vern Paxson, Nicholas Weaver, and Randy H. Katz, 13th Annual Network and Distributed System Security Symposium (NDSS'06), February 2006.

Case Study: A Failure Wrapped in Success' Clothing - On the Need for Sound Forensics in Handling Digital Evidence Cases, Erin E. Kenneally and Andrea Monti, Digital Investigation, Elsevier Ltd., Winter 2005.

Using Honeynets for Internet Situational Awareness, Vinod Yegneswaran, Paul Barford, and Vern Paxson, Proceedings of the 4th ACM Workshop on Hot Topics in Networks (HotNets-IV), College Park, MD, November 2005.

Opportunistic Measurement: Extracting Insight from Spurious Traffic, Martin Casado, Tal Garfinkel, Weidong Cui, Vern Paxson, and Stefan Savage, Proceedings of the 4th ACM Workshop on Hot Topics in Networks (HotNets-IV), College Park, MD, November 2005.

Self-stopping Worms, Justin Ma, Geoffrey M. Voelker, and Stefan Savage, Proceedings of the ACM Workshop on Rapid Malcode (WORM), Washington D.C., November 2005.

Scalability, Fidelity and Containment in the Potemkin Virtual Honeyfarm, Michael Vrable, Justin Ma, Jay Chen, David Moore, Erik VandeKieft, Alex C. Snoeren, Geoffrey M. Voelker, and Stefan Savage, Proceedings of the 20th ACM Symposium on Operating System Principles (SOSP), Brighton, UK, October 2005.

Exploiting Underlying Structure for Detailed Reconstruction of an Internet-scale Event, Abhishek Kumar, Vern Paxson, and Nicholas Weaver, Proceedings of the USENIX/ACM Internet Measurement Conference, New Orleans, LA, October 2005.

Confluence of Digital Evidence and the Law: On the Forensic Soundness of Live-Remote Digital Evidence Collection, Erin E. Kenneally, UCLA Journal of Law and Technology, 2005.