Papers From NEU SecLab

Cutting the Gordian Knot: A Look Under the Hood of Ransomware Attacks

A. Kharraz, W. Robertson, D. Balzarotti, L. Bilge, E. Kirda

In Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA)

Milan, IT, Jul 2015
BiBTeX

---

Sentinel: Securing Legacy Firefox Extensions

K. Onarlioglu, A. S. Buyukkayhan, W. Robertson, E. Kirda

In Computers & Security, 49(0), 2015

Elsevier
PDF BiBTeX

---

BabelCrypt: The Universal Encryption Layer for Mobile Messaging Applications

A. T. Ozcan, C. Gemicioglu, K. Onarlioglu, M. Weissbacher, C. Mulliner, W. Robertson, E. Kirda

In Financial Cryptography and Data Security (FC)

Isla Verde, PR, Jan 2015
PDF BiBTeX

---

TrueClick: Automatically Distinguishing Trick Banners from Genuine Download Links

S. Duman, K. Onarlioglu, A. O. Ulusoy, W. Robertson, E. Kirda

In Annual Computer Security Applications Conference (ACSAC)

New Orleans, LA US, Dec 2014
PDF BiBTeX

---

Toward Robust Hidden Volumes using Write-Only Oblivious RAM

E. Blass, T. Mayberry, G. Noubir, K. Onarlioglu

In ACM Conference on Computer and Communications Security (CCS)

Scottsdale, AZ US, Nov 2014
PDF BiBTeX

---

Why is CSP Failing? Trends and Challenges in CSP Adoption

M. Weissbacher, T. Lauinger, W. Robertson

In International Symposium on Research in Attacks, Intrusions, and Defenses (RAID)

Gothenburg, SE, Sep 2014
PDF BiBTeX

---

A Look at Targeted Attacks through the Lense of an NGO

S. Le Blonde, A. Uritesc, C. Gilbert, Z. Leong Chua, P. Saxena, E. Kirda

In USENIX Security Symposium

San Diego, CA US, Aug 2014
PDF BiBTeX

---

Optical Delusions: A Study of Malicious QR Codes in the Wild

A. Kharraz, E. Kirda, W. Robertson, D. Balzarotti, A. Francillon

In IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)

Atlanta, GA US, Jun 2014
PDF BiBTeX

---

EXPOSURE: A Passive DNS Analysis Service to Detect and Report Malicious Domains

L. Bilge, S. Sen, D. Balzarotti, E. Kirda, C. Kruegel

In ACM Transactions on Information and System Security (TISSEC), 16(4), 2014

ACM
PDF BiBTeX

---

VirtualSwindle: An Automated Attack Against In-App Billing on Android

C. Mulliner, W. Robertson, E. Kirda

In ACM Symposium on Information, Computer and Communications Security (ASIACCS)

Kyoto, JP, Jun 2014
PDF BiBTeX

---

Hidden GEMs: Automated Discovery of Access Control Vulnerabilities in Graphical User Interfaces

C. Mulliner, W. Robertson, E. Kirda

In IEEE Symposium on Security and Privacy (S&P)

San Jose, CA US, May 2014
PDF BiBTeX

---

Beehive: Large-Scale Log Analysis for Detecting Suspicious Activity in Enterprise Networks

T. Yen, A. Oprea, K. Onarlioglu, T. Leetham, W. Robertson, A. Juels, E. Kirda

In Annual Computer Security Applications Conference (ACSAC)

New Orleans, LA US, Dec 2013
PDF BiBTeX

---

PatchDroid: Scalable Third-Party Patches for Android Devices

C. Mulliner, J. Oberheide, W. Robertson, E. Kirda

In Annual Computer Security Applications Conference (ACSAC)

New Orleans, LA US, Dec 2013
PDF BiBTeX

---

Holiday Pictures or Blockbuster Movies? Insights into Copyright Infringement in User Uploads to One-Click File Hosters

T. Lauinger, K. Onarlioglu, A. Chaabane, E. Kirda, W. Robertson, M. A. Kaafar

In International Symposium on Research in Attacks, Intrusions and Defenses (RAID)

St. Lucia, LC, Oct 2013
PDF BiBTeX

---

Securing Legacy Firefox Extensions with Sentinel

K. Onarlioglu, M. Battal, W. Robertson, E. Kirda

In Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA)

Berlin, DE, Jul 2013
PDF BiBTeX

---

PrivExec: Private Execution as an Operating System Service

K. Onarlioglu, C. Mulliner, W. Robertson, E. Kirda

In IEEE Symposium on Security and Privacy (S&P)

San Francisco, CA US, May 2013
PDF BiBTeX

---

A Practical, Targeted, and Stealthy Attack Against WPA Enterprise Authentication

A. Cassola, W. Robertson, E. Kirda, G. Noubir

In Network and Distributed Systems Security Symposium (NDSS)

San Diego, CA US, Feb 2013
PDF BiBTeX

---

Clickonomics: Determining the Effect of Anti-Piracy Measures for One-Click Hosting

T. Lauinger, M. Szydlowski, K. Onarlioglu, G. Wondracek, E. Kirda, C. Kruegel

In Network and Distributed Systems Security Symposium (NDSS)

San Diego, CA US, Feb 2013
PDF BiBTeX

---

DISCLOSURE: Detecting Botnet Command and Control Servers Through Large-Scale NetFlow Analysis

L. Bilge, D. Balzarotti, W. Robertson, E. Kirda, C. Kruegel

In Annual Computer Security Applications Conference (ACSAC)

Orlando, FL US, Dec 2012
PDF BiBTeX

---

TRESOR-HUNT: Attacking CPU-Bound Encryption

E. Blass, W. Robertson

In Annual Computer Security Applications Conference (ACSAC)

Orlando, FL US, Dec 2012
PDF BiBTeX

---

Paying for Piracy? An Analysis of One-Click Hosters’ Controversial Reward Schemes

T. Lauinger, E. Kirda, P. Michiardi

In International Symposium on Research in Attacks, Intrusions, and Defenses (RAID)

Amsterdam, NL, Sep 2012
PDF BiBTeX

---

A Quantitative Study of Accuracy in System Call-Based Malware Detection

D. Canali, A. Lanzi, D. Balzarotti, M. Christodorescu, C. Kruegel, E. Kirda

In International Symposium on Software Testing and Analysis (ISSTA)

Minneapolis, MN US, Aug 2012
PDF BiBTeX

---

PoX: Protecting Users from Malicious Facebook Applications

M. Egele, A. Moser, C. Kruegel, E. Kirda

In Computer Communications Journal, 0(0), 2012

Elsevier
PDF BiBTeX

---

Protecting Users and Businesses from CRAWLers

G. Jacob, C. Kruegel, E. Kirda, G. Vigna

In USENIX Security Symposium

Bellevue, WA US, Aug 2012
PDF BiBTeX

---

Preventing Input Validation Vulnerabilities in Web Applications through Automated Type Analysis

T. Scholte, W. Robertson, D. Balzarotti, E. Kirda

In IEEE Computer Software and Applications Conference

Izmir, TR, Jul 2012
PDF BiBTeX

---

A Security Analysis of Amazon’s Elastic Compute Cloud Service

M. Balduzzi, J. Zaddach, D. Balzarotti, E. Kirda, S. Loureiro

In ACM Symposium on Applied Computing (SAC)

Trento, IT, Mar 2012
PDF BiBTeX

---

An Empirical Analysis of Input Validation Mechanisms in Web Applications and Languages

T. Scholte, W. Robertson, D. Balzarotti, E. Kirda

In ACM Symposium on Applied Computing (SAC)

Trento, IT, Mar 2012
PDF BiBTeX

---

Insights into User Behavior in Dealing with Internet Attacks

K. Onarlioglu, U. O. Yilmaz, E. Kirda, D. Balzarotti

In Network and Distributed Systems Security Symposium (NDSS)

San Diego, CA US, Feb 2012
PDF BiBTeX

---

A Survey on Automated Dynamic Malware Analysis Techniques and Tools

M. Egele, T. Scholte, E. Kirda, C. Kruegel

In ACM Computing Surveys, 44(2), 2012

ACM
PDF BiBTeX

---

Have Things Changed Now? An Empirical Study on Input Validation Vulnerabilities in Web Applications

T. Scholte, D. Balzarotti, E. Kirda

In Computers & Security, 31(3), 2012

Elsevier
PDF BiBTeX

---

The Power of Procrastination: Detection and Mitigation of Execution-Stalling Malicious Code

C. Kolbitsch, E. Kirda, C. Kruegel

In ACM Conference on Computer and Communications Security (CCS)

Chicago, IL US, Oct 2011
PDF BiBTeX

---

BTLab: A System-Centric, Data-Driven Analysis and Measurement Platform for BitTorrent Clients

M. Szydlowski, B. Zhao, E. Kirda, C. Kruegel

In International Conference on Computer Communication Networks (ICCCN)

Maui, HI US, Aug 2011
PDF BiBTeX

---

Reverse Social Engineering Attacks in Online Social Networks

D. Irani, M. Balduzzi, D. Balzarotti, E. Kirda

In Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA)

Amsterdam, NL, Jul 2011
PDF BiBTeX

---

PoX: Protecting Users from Malicious Facebook Applications

M. Egele, A. Moser, C. Kruegel, E. Kirda

In IEEE International Workshop on Security and Social Networking (SESOC)

Seattle, WA US, Mar 2011
PDF BiBTeX

---

Automated Discovery of Parameter Pollution Vulnerabilities in Web Applications

M. Balduzzi, C. T. Gimenez, D. Balzarotti, E. Kirda

In Network and Distributed Systems Security Symposium (NDSS)

San Diego, CA US, Feb 2011
PDF BiBTeX

---

PiOS: Detecting Privacy Leaks in iOS Applications

M. Egele, C. Kruegel, E. Kirda, G. Vigna

In Network and Distributed Systems Security Symposium (NDSS)

San Diego, CA US, Feb 2011
PDF BiBTeX

---

EXPOSURE: Finding Malicious Domains Using Passive DNS Analysis

L. Bilge, E. Kirda, C. Kruegel, M. Balduzzi

In Network and Distributed Systems Security Symposium (NDSS)

San Diego, CA US, Feb 2011
PDF BiBTeX

---

Quo Vadis? A Study of the Evolution of Input Validation Vulnerabilities in Web Applications

T. Scholte, D. Balzarotti, E. Kirda

In International Conference on Financial Cryptography and Data Security

St. Lucia, LC, Feb 2011
PDF BiBTeX

---

G-Free: Defeating Return-Oriented Programming through Gadget-less Binaries

K. Onarlioglu, L. Bilge, A. Lanzi, D. Balzarotti, E. Kirda

In Annual Computer Security Applications Conference (ACSAC)

Austin, TX US, Dec 2010
PDF BiBTeX

---

Static Analysis for Detecting Taint-Style Vulnerabilities in Web Applications

N. Jovanovic, C. Kruegel, E. Kirda

In Journal of Computer Security, 18(0), 2010

IOS Press
PDF BiBTeX

---

AccessMiner: Using System-Centric Models for Malware Protection

A. Lanzi, D. Balzarotti, C. Kruegel, M. Christodorescu

In ACM Conference on Computer and Communications Security (CCS)

Chicago, IL US, Oct 2010
PDF BiBTeX

---

Abusing Social Networks for Automated User Profiling

M. Balduzzi, C. Platzer, T. Holz, E. Kirda, D. Balzarotti

In International Symposium on Recent Advances in Intrusion Detection (RAID)

Ottawa, ON CA, Sep 2010
PDF BiBTeX

---

An Experience in Testing the Security of a Real-World Electronic Voting System

D. Balzarotti, M. Cova, V. Felmetsger, R. Kemmerer, W. Robertson, F. Valeur, G. Vigna

In IEEE Transactions on Software Engineering, 36(4), 2010

IEEE Computer Society
PDF BiBTeX

---

Exploiting Diverse Observation Perspectives to Get Insights on the Malware Landscape

C. Leita, U. Bayer, E. Kirda

In International Conference on Dependable Systems and Networks (DSN)

Chicago, IL US, Jun 2010
PDF BiBTeX

---

Is the Internet for Porn? An Insight into the Online Adult Industry

G. Wondracek, T. Holz, C. Platzer, E. Kirda, C. Kruegel

In Workshop on the Economics of Information Security (WEIS)

Boston, MA US, Jun 2010
PDF BiBTeX

---

Identifying Dormant Functionality in Malware Programs

P. M. Comparetti, G. Salvaneschi, C. Kolbitsch, C. Kruegel, E. Kirda, S. Zanero

In IEEE Symposium on Security and Privacy

Oakland, CA US, May 2010
PDF BiBTeX

---

Inspector Gadget: Automated Extraction of Proprietary Gadgets from Malware Binaries

C. Kolbitsch, T. Holz, C. Kruegel, E. Kirda

In IEEE Symposium on Security and Privacy

Oakland, CA US, May 2010
PDF BiBTeX

---

A Practical Attack to De-Anonymize Social Network Users

G. Wondracek, T. Holz, E. Kirda, C. Kruegel

In IEEE Symposium on Security and Privacy

Oakland, CA US, May 2010
PDF BiBTeX

---

A Solution for the Automated Detection of Clickjacking Attacks

M. Balduzzi, M. Egele, D. Balzarotti, E. Kirda, C. Kruegel

In ACM Symposium on Information, Computer, and Communications Security (ASIACCS)

Beijing, CN, Apr 2010
PDF BiBTeX

---

Honeybot: Your Man in the Middle for Automated Social Engineering

T. Lauinger, V. Pankakoski, D. Balzarotti, E. Kirda

In USENIX Workshp on Large-Scale Exploits and Emergent Threats

San Jose, CA US, Apr 2010
PDF BiBTeX

---

Extending Mondrian Memory Protection

C. Kolbitsch, C. Kruegel, E. Kirda

In NATO RTO IST-091 Symposium

Antalya, TR, Apr 2010
PDF BiBTeX

---

Improving the Efficiency of Dynamic Malware Analysis

U. Bayer, E. Kirda, C. Kruegel

In ACM Symposium on Applied Computing (SAC)

Lausanne, CH, Mar 2010
PDF BiBTeX

---

CAPTCHA Smuggling: Hijacking Web Browsing Sessions to Create CAPTCHA Farms

M. Egele, L. Bilge, E. Kirda, C. Kruegel

In ACM Symposium on Applied Computing (SAC)

Lausanne, CH, Mar 2010
PDF BiBTeX

---

Efficient Detection of Split Personalities in Malware

D. Balzarotti, M. Cova, C. Karlberger, C. Kruegel, E. Kirda, G. Vigna

In Network and Distributed Systems Security Symposium (NDSS)

San Diego, CA US, Feb 2010
PDF BiBTeX

---

Effective Anomaly Detection with Scarce Training Data

W. Robertson, F. Maggi, C. Kruegel, G. Vigna

In Network and Distributed Systems Security Symposium (NDSS)

San Diego, CA US, Feb 2010
PDF BiBTeX

---

FIRE: FInding Rogue nEtworks

B. Stone-Gross, A. Moser, C. Kruegel, K. Almeroth, E. Kirda

In Annual Computer Security Applications Conference (ACSAC)

Honolulu, HI US, Dec 2009
PDF BiBTeX

---

Automated Spyware Collection and Analysis

A. Stamminger, C. Kruegel, G. Vigna, E. Kirda

In Information Security Conference (ISC)

Pisa, IT, Sep 2009
PDF BiBTeX

---

Automatically Generating Models for Botnet Detection

P. Wurzinger, L. Bilge, T. Holz, J. Goebel, C. Kruegel, E. Kirda

In European Symposium on Research in Computer Security (ESORICS)

Saint-Malo, FR, Sep 2009
PDF BiBTeX

---

Protecting a Moving Target: Addressing Web Application Concept Drift

F. Maggi, W. Robertson, C. Kruegel, G. Vigna

In International Symposium on Recent Advances in Intrusion Detection (RAID)

Saint-Malo, FR, Sep 2009
PDF BiBTeX

---

Client-Side Cross-Site Scripting Protection

E. Kirda, N. Jovanovic, C. Kruegel, G. Vigna

In Computers & Security, 28(7), 2009

Elsevier
PDF BiBTeX

---

Effective and Efficient Malware Detection at the End Host

C. Kolbitsch, P. M. Comparetti, C. Kruegel, E. Kirda, X. Zhou, X. Wang

In USENIX Security Symposium

Montreal, QC CA, Aug 2009
PDF BiBTeX

---

Static Enforcement of Web Application Integrity Through Strong Typing

W. Robertson, G. Vigna

In USENIX Security Symposium

Montreal, QC CA, Aug 2009
PDF BiBTeX

---

Defending Browsers Against Drive-by Downloads: Mitigating Heap-spraying Code Injection Attacks

M. Egele, P. Wurzinger, C. Kruegel, E. Kirda

In Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA)

Milan, IT, Jun 2009
PDF BiBTeX

---

All Your Contacts Are Belong to Us: Automated Identity Theft Attacks on Social Networks

L. Bilge, T. Strufe, D. Balzarotti, E. Kirda

In International World Wide Web Conference (WWW)

Madrid, ES, May 2009
PDF BiBTeX

---

Server-side Bot Detection in Massively Multiplayer Online Games

S. Mitterhofer, C. Platzer, E. Kirda, C. Kruegel

In IEEE Security & Privacy Magazine, 0(0), 2009

IEEE Computer Society
PDF BiBTeX

---

Prospex: Protocol Specification Extraction

P. M. Comparetti, G. Wondracek, C. Kruegel, E. Kirda

In IEEE Symposium on Security and Privacy

Oakland, CA US, May 2009
PDF BiBTeX

---

SWAP: Mitigating XSS Attacks Using a Reverse Proxy

P. Wurzinger, C. Platzer, C. Ludl, E. Kirda, C. Kruegel

In Internation Workshop on Software Engineering for Secure Systems

Vancouver, BC CA, May 2009
PDF BiBTeX

---

Removing Web Spam Links from Search Engine Results

M. Egele, C. Kruegel, E. Kirda

In European Institute for Computer Antivirus Research Conference (EICAR)

Berlin, DE, May 2009
PDF BiBTeX

---

Reducing Errors in the Anomaly-based Detection of Web-based Attacks Through the Combined Analysis of Web Requests and SQL Queries

G. Vigna, F. Valeur, D. Balzarotti, W. Robertson, C. Kruegel, E. Kirda

In Journal of Computer Security, 17(3), 2009

IOS Press
PDF BiBTeX

---

Insights into Current Malware Behavior

U. Bayer, I. Habibi, D. Balzarotti, E. Kirda, C. Kruegel

In USENIX Workshop on Large-Scale Exploits and Emergent Threats

Boston, MA US, Apr 2009
PDF BiBTeX

---

Mitigating Drive-by Download Attacks: Challenges and Open Problems

M. Egele, E. Kirda, C. Kruegel

In Open Research Problems in Network Security Workshop (iNetSec)

Zurich, CH, Apr 2009
PDF BiBTeX

---

Scalable, Behavior-Based Malware Clustering

U. Bayer, P. M. Comparetti, C. Hlauschek, C. Kruegel, E. Kirda

In Network and Distributed Systems Security Symposium (NDSS)

San Diego, CA US, Feb 2009
PDF BiBTeX

---

Large-Scale Malware Collection: Lessons Learned

J. Canto, M. Dacier, E. Kirda, C. Leita

In IEEE SRDS Workshop on Sharing Field Data and Experiment Measurements on Resilience of Distributed Computing Systems

Naples, IT, Oct 2008
PDF BiBTeX

---

Visual-Similarity-Based Phishing Detection

E. Medvet, E. Kirda, C. Kruegel

In International Conference on Security and Privacy in Communication Networks (SECURECOMM)

Istanbul, TR, Sep 2008
PDF BiBTeX

---

Expanding Human Interactions for In-Depth Testing of Web Applications

S. McAllister, E. Kirda, C. Kruegel

In International Symposium on Recent Advances in Intrusion Detection (RAID)

Boston, MA US, Sep 2008
PDF BiBTeX

---

Overbot – A Botnet Protocol Based on Kademlia

G. Starnberger, C. Kruegel, E. Kirda

In International Conference on Security and Privacy in Communication Networks (SECURECOMM)

Istanbul, TR, Sep 2008
PDF BiBTeX

---

Are Your Votes Really Counted? Testing the Security of Real-world Voting Systems

D. Balzarotti, G. Banks, M. Cova, V. Felmetsger, W. Robertson, F. Valeur, G. Vigna, R. Kemmerer

In International Symposium on Software Testing and Analysis (ISSTA)

Seattle, WA US, Jul 2008
PDF BiBTeX

---

Saner: Composing Static and Dynamic Analysis to Validate Sanitization in Web Applications

M. Cova, V. Felmetsger, D. Balzarotti, N. Jovanovic, C. Kruegel, E. Kirda

In IEEE Symposium on Security and Privacy

Oakland, CA US, May 2008
PDF BiBTeX

---

The Leurre.com Project: Collecting Internet Threats Information using a Worldwide Distributed Honeynet

C. Leita, O. Thonnard, E. Ramirez-Silva, F. Pouget, E. Kirda, M. Dacier

In WOMBAT Workshop

Amsterdam, NL, Apr 2008
PDF BiBTeX

---

Automatic Network Protocol Analysis

G. Wondracek, P. M. Comparetti, C. Kruegel, E. Kirda

In Network and Distributed Systems Security Symposium (NDSS)

San Diego, CA US, Feb 2008
PDF BiBTeX

---

Secure Input for Web Applications

M. Szydlowski, C. Kruegel, E. Kirda

In Annual Computer Security Applications Conference (ACSAC)

Miami Beach, FL US, Dec 2007
PDF BiBTeX

---

Limits of Static Analysis for Malware Detection

A. Moser, C. Kruegel, E. Kirda

In Annual Computer Security Applications Conference (ACSAC)

Miami Beach, FL US, Dec 2007
PDF BiBTeX

---

Improving Signature Testing Through Dynamic Data Flow Analysis

D. Balzarotti, W. Robertson, C. Kruegel, G. Vigna

In Annual Computer Security Applications Conference (ACSAC)

Miami Beach, FL US, Dec 2007
PDF BiBTeX

---

Panorama: Capturing System-wide Information Flow for Malware Detection and Analysis

H. Yin, D. Song, M. Egele, C. Kruegel, E. Kirda

In ACM Conference on Computer and Communications Security (CCS)

Alexandria, VA US, Nov 2007
PDF BiBTeX

---

Detecting System Emulators

T. Raffetseder, C. Kruegel, E. Kirda

In Information Security Conference (ISC)

Valparaiso, CL, Oct 2007
PDF BiBTeX

---

A Layout-Similarity-Based Approach for Detecting Phishing Pages

A. Rosiello, E. Kirda, C. Kruegel, F. Ferrandi

In International Conference on Security and Privacy in Communication Networks (SECURECOMM)

Nice, FR, Sep 2007
PDF BiBTeX

---

Exploiting Execution Context for the Detection of Anomalous System Calls

D. Mutz, W. Robertson, G. Vigna, R. Kemmerer

In International Symposium on Recent Advances in Intrusion Detection (RAID)

Gold Coast, QLD AU, Sep 2007
PDF BiBTeX

---

Exploiting Redundancy in Natural Language to Penetrate Bayesian Spam Filters

C. Karlberger, G. Bayler, C. Kruegel, E. Kirda

In USENIX Workshop on Offensive Technologies (WOOT)

Boston, MA US, Aug 2007
PDF BiBTeX

---

On the Effectiveness of Techniques to Detect Phishing Sites

C. Ludl, S. McAllister, E. Kirda, C. Kruegel

In Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA)

Lucerne, CH, Jul 2007
PDF BiBTeX

---

Dynamic Spyware Analysis

M. Egele, C. Kruegel, E. Kirda, H. Yin, D. Song

In USENIX Annual Technical Conference

Santa Clara, CA US, Jun 2007
PDF BiBTeX

---

Building Anti-Phishing Browser Plug-Ins: An Experience Report

T. Raffetseder, E. Kirda, C. Kruegel

In Internation Workshop on Software Engineering for Secure Systems

Minneapolis, MN US, May 2007
PDF BiBTeX

---

Exploring Multiple Execution Paths for Malware Analysis

A. Moser, C. Kruegel, E. Kirda

In IEEE Symposium on Security and Privacy

Oakland, CA US, May 2007
PDF BiBTeX

---

Cross-Site Scripting Prevention with Dynamic Data Tainting and Static Analysis

P. Vogt, F. Nentwich, N. Jovanovic, C. Kruegel, E. Kirda, G. Vigna

In Network and Distributed Systems Security Symposium (NDSS)

San Diego, CA US, Feb 2007
PDF BiBTeX

---

Extending .NET Security to Unmanaged Code

P. Klinkoff, C. Kruegel, E. Kirda, G. Vigna

In Information Security Conference (ISC)

Samos, GR, Sep 2006
PDF BiBTeX

---

Dynamic Analysis of Malicious Code

U. Bayer, A. Moser, C. Kruegel, E. Kirda

In Journal of Computer Virology, 0(0), 2006

Springer
PDF BiBTeX

---

Behavior-Based Spyware Detection

E. Kirda, C. Kruegel, G. Banks, G. Vigna, R. Kemmerer

In USENIX Security Symposium

Vancouver, BC CA, Aug 2006
PDF BiBTeX

---

Preventing Cross-Site Request Forgery Attacks

N. Jovanovic, E. Kirda, C. Kruegel

In International Conference on Security and Privacy in Communication Networks (SECURECOMM)

Baltimore, MD US, Aug 2006
PDF BiBTeX

---

Using Static Program Analysis to Aid Intrusion Detection

M. Egele, M. Szydlowski, E. Kirda, C. Kruegel

In Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA)

Berlin, DE, Jul 2006
PDF BiBTeX

---

Precise Alias Analysis for Syntactic Detection of Web Application Vulnerabilities

N. Jovanovic, C. Kruegel, E. Kirda

In ACM SIGPLAN Workshop on Programming Languages and Analysis for Security

Ottawa, ON CA, Jun 2006
PDF BiBTeX

---

Pixy: A Static Analysis Tool for Detecting Web Application Vulnerabilities (Short Paper)

N. Jovanovic, C. Kruegel, E. Kirda

In IEEE Symposium on Security and Privacy

Oakland, CA US, May 2006
PDF BiBTeX

---

SecuBat: A Web Vulnerability Scanner

S. Kals, E. Kirda, C. Kruegel

In International World Wide Web Conference (WWW)

Edingurgh, GB, May 2006
PDF BiBTeX

---

Noxes: A Client-Side Solution for Mitigating Cross-Site Scripting Attacks

E. Kirda, C. Kruegel, G. Vigna, N. Jovanovic

In ACM Symposium on Applied Computing (SAC)

Dijon, FR, Apr 2006
PDF BiBTeX

---

An Anomaly-Driven Reverse Proxy for Web Applications

F. Valeur, G. Vigna, C. Kruegel, E. Kirda

In ACM Symposium on Applied Computing (SAC)

Dijon, FR, Apr 2006
PDF BiBTeX

---

Protecting Users Against Phishing Attacks

E. Kirda, C. Kruegel

In The Computer Journal, 0(0), 2006

Oxford University Press
PDF BiBTeX

---

TTAnalyze: A Tool for Analyzing Malware

U. Bayer, C. Kruegel, E. Kirda

In European Institute for Computer Antivirus Research Conference (EICAR)

Hamburg, DE, Apr 2006
PDF BiBTeX

---

Using Generalization and Characterization Techniques in the Anomaly-based Detection of Web Attacks

W. Robertson, G. Vigna, C. Kruegel, R. Kemmerer

In Network and Distributed Systems Security Symposium (NDSS)

San Diego, CA US, Feb 2006
PDF BiBTeX

---

Polymorphic Worm Detection Using Structural Information of Executables

C. Kruegel, E. Kirda, D. Mutz, W. Robertson, G. Vigna

In International Symposium on Recent Advances in Intrusion Detection (RAID)

Seattle, WA US, Sep 2005
PDF BiBTeX

---

Protecting Users Against Phishing Attacks with AntiPhish

E. Kirda, C. Kruegel

In International Computer Software and Applications Conference

Edinburgh, GB, Jul 2005
PDF BiBTeX

---

A Multi-Model Approach to the Detection of Web-based Attacks

C. Kruegel, W. Robertson, G. Vigna

In Journal of Computer Networks, 48(5), 2005

Elsevier
PDF BiBTeX

---

Automating Mimicry Attacks Using Static Binary Analysis

C. Kruegel, E. Kirda, D. Mutz, W. Robertson, G. Vigna

In USENIX Security Symposium

Baltimore, MD US, Jul 2005
PDF BiBTeX

---

Reverse Engineering of Network Signatures

D. Mutz, C. Kruegel, W. Robertson, G. Vigna, R. Kemmerer

In Annual Asia Pacific Information Technology Security Conference (AusCERT)

Gold Coast, QLD AU, May 2005
PDF BiBTeX

---

Detecting Kernel-Level Rootkits Through Binary Analysis

C. Kruegel, W. Robertson, G. Vigna

In Annual Computer Security Applications Conference (ACSAC)

Tuscon, AZ US, Dec 2004
PDF BiBTeX

---

Testing Network-based Intrusion Detection Signatures Using Mutant Exploits

G. Vigna, D. Balzarotti, W. Robertson

In ACM Conference on Computer and Communications Security (CCS)

Washington DC US, Oct 2004
PDF BiBTeX

---

Using Alert Verification to Identify Successful Intrusion Attempts

C. Kruegel, G. Vigna, W. Robertson

In Journal of Practice in Information Processing and Communication (PIK), 27(4), 2004

K.G. Saur Verlag
PDF BiBTeX

---

Static Disassembly of Obfuscated Binaries

C. Kruegel, W. Robertson, F. Valeur, G. Vigna

In USENIX Security Symposium

San Diego, CA US, Aug 2004
PDF BiBTeX

---

Alert Verification: Determining the Success of Intrusion Attempts

C. Kruegel, W. Robertson

In Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA)

Dortmund, DE, Jul 2004
PDF BiBTeX

---

Bayesian Event Classification for Intrusion Detection

C. Kruegel, D. Mutz, W. Robertson, F. Valeur

In Annual Computer Security Applications Conference (ACSAC)

Las Vegas, NV US, Dec 2003
PDF BiBTeX

---

A Stateful Intrusion Detection System for World-Wide Web Servers

G. Vigna, W. Robertson, V. Kher, R. Kemmerer

In Annual Computer Security Applications Conference (ACSAC)

Las Vegas, NV US, Dec 2003
PDF BiBTeX

---

Run-time Detection of Heap-based Overflows

W. Robertson, C. Kruegel, D. Mutz, F. Valeur

In USENIX Large Installations Systems Administration Conference (LISA)

San Diego, CA US, Oct 2003
PDF BiBTeX

---

Topology-based Detection of Anomalous BGP Messages

C. Kruegel, D. Mutz, W. Robertson, F. Valeur

In International Symposium on Recent Advances in Intrusion Detection (RAID)

Pittsburgh, PA US, Sep 2003
PDFBiBTeX

---

From: http://seclab.ccs.neu.edu/publications.html