Publications

Get the full BibTeX

The Harvester, the Botmaster, and the Spammer: On the Relations Between the Different Actors in the Spam Landscape G. Stringhini, O. Hohlfeld, C. Kruegel, G. Vigna Proceedings of the ACM Symposium on InformAtion, Computer and Communications Security (ASIACCS 2014) BibTeX Fulltext (PDF, 2.8 MB)

The Tricks of the Trade: What Makes Spam Campaigns Successful? J. Iedemska, G. Stringhini, R. Kemmerer, C. Kruegel, G. Vigna Proceedings of the International Workshop on Cyber Crime (IWCC 2014) BibTeX Fulltext (PDF, 265.9 KB)

Rippler: Delay Injection for Service Dependency Detection A. Zand, G. Vigna, R. Kemmerer, C. Kruegel Proceedings of the International Conference on Computer Communications (INFOCOM 2014) BibTeX Fulltext (PDF, 449.0 KB)

Do You Feel Lucky? A Large-Scale Analysis of Risk-Rewards Trade-Offs in Cyber Security Y. Shoshitaishvili, L. Invernizzi, A. Doupé, G. Vigna Proceedings of the ACM Symposium on Applied Computing (SAC 2014) BibTeX Fulltext (PDF, 593.4 KB)

Extracting Probable Command and Control Signatures for Detecting Botnets A. Zand, G. Vigna, X. Yan, C. Kruegel Proceedings of the ACM Symposium on Applied Computing (SAC 2014) BibTeX Fulltext (PDF, 154.6 KB)

Nazca: Detecting Malware Distribution in Large-Scale Networks L. Invernizzi, S. Miskovic, R. Torres, S. Saha, S. Lee, M. Mellia, C. Kruegel, G. Vigna Proceedings of the ISOC Network and Distributed System Security Symposium (NDSS 2014) BibTeX Fulltext (PDF, 5.1 MB)

Execute This! Analyzing Unsafe and Malicious Dynamic Code Loading in Android Applications S. Poeplau, Y. Fratantonio, A. Bianchi, C. Kruegel, G. Vigna Proceedings of the ISOC Network and Distributed System Security Symposium (NDSS 2014) BibTeX Fulltext (PDF, 478.5 KB)

Message In A Bottle: Sailing Past Censorship L. Invernizzi, C. Kruegel, G. Vigna Proceedings of the Annual Computer Security Applications Conference (ACSAC 2013) BibTeX Fulltext (PDF, 2.1 MB)

SigMal: A Static Signal Processing Based Malware Triage D. Kirat, L. Nataraj, G. Vigna, B. Manjunath Proceedings of the Annual Computer Security Applications Conference (ACSAC 2013) BibTeX Fulltext (PDF, 1.5 MB)

Shady Paths: Leveraging Surfing Crowds to Detect Malicious Web Pages G. Stringhini, C. Kruegel, G. Vigna Proceedings of the ACM Conference on Computer and Communications Security (CCS 2013) BibTeX Fulltext (PDF, 325.3 KB)

deDacota: Toward Preventing Server-Side XSS via Automatic Code and Data Separation A. Doupé, W. Cui, M. H. Jakubowski, M. Peinado, C. Kruegel, G. Vigna Proceedings of the ACM Conference on Computer and Communications Security (CCS 2013) BibTeX Fulltext (PDF, 266.6 KB)

Study of Cryptographic Misuse in Android Applications M. Egele, D. Brumley, Y. Fratantonio, C. Kruegel Proceedings of the ACM Conference on Computer and Communications Security (CCS 2013) BibTeX Fulltext (PDF, 289.5 KB)

Delta: Automatic Identification of Unknown Web-based Infection Campaigns K. Borgolte, C. Kruegel, G. Vigna Proceedings of the ACM Conference on Computer and Communications Security (CCS 2013) BibTeX Fulltext (PDF, 584.5 KB)

Follow the Green: Growth and Dynamics in Twitter Follower Markets G. Stringhini, G. Wang, M. Egele, C. Kruegel, G. Vigna, H. Zheng, B. Y. Zhao Proceedings of the ACM Internet Measurement Conference (ICM 2013) BibTeX Fulltext (PDF, 1.0 MB)

Writing Groups in Computer Science Research Labs A. Doupé, J. L. Kayfetz Proceedings of the Frontiers in Education Conference (FIE 2013) BibTeX Fulltext (PDF, 149.2 KB)

Revolver: An Automated Approach to the Detection of Evasive Web-based Malware A. Kapravelos, Y. Shoshitaishvili, M. Cova, C. Kruegel, G. Vigna Proceedings of the USENIX Security Symposium (USENIX Security 2013) BibTeX Fulltext (PDF, 472.3 KB)

Steal This Movie - Automatically Bypassing DRM Protection in Streaming Media Services R. Wang, Y. Shoshitaishvili, C. Kruegel, G. Vigna Proceedings of the USENIX Security Symposium (USENIX Security 2013) BibTeX Fulltext (PDF, 173.1 KB)

Cookieless Monster: Exploring the Ecosystem of Web-based Device Fingerprinting N. Nikiforakis, A. Kapravelos, W. Joosen , C. Kruegel, F. Piessens, G. Vigna Proceedings of the IEEE Symposium on Security and Privacy (SSP 2013) BibTeX Fulltext (PDF, 470.2 KB)

Two Years of Short URLs Internet Measurement: Security Threats and Countermeasures F. Maggi, G. Stringhini, B. Stone-Gross, C. Kruegel, G. Vigna, S. Zanero Proceedings of the International World Wide Web Conference (WWW 2013) BibTeX Fulltext (PDF, 856.7 KB)

Formulating Cyber-Security as Convex Optimization Problems (Book Chapter) K. G. Vamvoudakis, J. Hespanha, R. Kemmerer, G. Vigna Fulltext (PDF, 281.5 KB)

COMPA: Detecting Compromised Accounts on Social Networks M. Egele, G. Stringhini, C. Kruegel, G. Vigna Proceedings of the ISOC Network and Distributed System Security Symposium (NDSS 2013) BibTeX Fulltext (PDF, 272.9 KB)

You Are What You Include: Large-scale Evaluation of Remote JavaScript Inclusions N. Nikiforakis, L. Invernizzi, A. Kapravelos, S. Van Acker, W. Joosen , C. Kruegel, F. Piessens, G. Vigna Proceedings of the ACM Conference on Computer and Communications Security (CCS 2012) BibTeX Fulltext (PDF, 737.7 KB)

Blacksheep: Detecting Compromised Hosts in Homogeneous Crowds A. Bianchi, Y. Shoshitaishvili, C. Kruegel, G. Vigna Proceedings of the ACM Conference on Computer and Communications Security (CCS 2012) BibTeX Fulltext (PDF, 424.7 KB)

Poultry Markets: On the Underground Economy of Twitter Followers G. Stringhini, M. Egele, C. Kruegel, G. Vigna Proceedings of the Workshop on Online Social Networks (WOSN 2012) BibTeX Fulltext (PDF, 767.5 KB)

B@BEL: Leveraging Email Delivery for Spam Mitigation G. Stringhini, M. Egele, A. Zarras, T. Holz, C. Kruegel, G. Vigna Proceedings of the USENIX Security Symposium (USENIX Security 2012) BibTeX Fulltext (PDF, 983.3 KB)

Enemy of the State: A State-Aware Black-Box Web Vulnerability Scanner A. Doupé, L. Cavedon, C. Kruegel, G. Vigna Proceedings of the USENIX Security Symposium (USENIX Security 2012) BibTeX Fulltext (PDF, 230.8 KB)

A Mission-Centric Visualization Tool for Cybersecurity Situation Awareness (2012-07) N. Stockman, K. G. Vamvoudakis, L. Devendorf, T. Hollerer, R. Kemmerer, J. Hespanha Fulltext (PDF, 761.1 KB)

A Quantitative Study of Accuracy in System Call-Based Malware Detection D. Canali, A. Lanzi, D. Balzarotti, C. Kruegel, M. Christoderescu, E. Kirda Proceedings of the International Symposium on Software Testing and Analysis (ISSTA 2012) BibTeX Fulltext (PDF, 551.6 KB)

EVILSEED: A Guided Approach to Finding Malicious Web Pages L. Invernizzi, S. Benvenuti, P. Milani Comparetti, M. Cova, C. Kruegel, G. Vigna Proceedings of the IEEE Symposium on Security and Privacy (SSP 2012) BibTeX Fulltext (PDF, 759.4 KB)

BareBox: Efficient Malware Analysis on Bare Metal D. Kirat, G. Vigna, C. Kruegel Proceedings of the Annual Computer Security Applications Conference (ACSAC 2011) BibTeX Fulltext (PDF, 726.0 KB)

Nexat: A History-Based Approach to Predict Attacker Actions C. Cipriano, A. Zand, A. Houmansadr, C. Kruegel, G. Vigna Proceedings of the Annual Computer Security Applications Conference (ACSAC 2011) BibTeX Fulltext (PDF, 225.5 KB)

Hit 'em Where it Hurts: A Live Security Exercise on Cyber Situational Awareness A. Doupé, M. Egele, B. Caillat, G. Stringhini, G. Yakin, A. Zand, L. Cavedon, G. Vigna Proceedings of the Annual Computer Security Applications Conference (ACSAC 2011) BibTeX Fulltext (PDF, 1.9 MB)

Understanding Fraudulent Activities in Online Ad Exchanges B. Stone-Gross, R. Stevens, A. Zarras, R. Kemmerer, C. Kruegel Proceedings of the Internet Measurement Conference (IMC 2011) BibTeX Fulltext (PDF, 781.4 KB)

Fear the EAR: Discovering and Mitigating Execution After Redirect Vulnerabilities A. Doupé, B. Boe, C. Kruegel, G. Vigna Proceedings of the ACM Conference on Computer and Communications Security (CCS 2011) BibTeX Fulltext (PDF, 228.2 KB)

Dymo: Tracking Dynamic Code Identity B. Gilbert, R. Kemmerer, C. Kruegel, G. Vigna Proceedings of the International Symposium on Recent Advances in Intrusion Detection (RAID 2011) BibTeX Fulltext (PDF, 209.2 KB)

Shellzer: a tool for the dynamic analysis of malicious shellcode Y. Fratantonio, C. Kruegel, G. Vigna Proceedings of the International Symposium on Recent Advances in Intrusion Detection (RAID 2011) BibTeX Fulltext (PDF, 284.4 KB)

BotMagnifier: Locating Spambots on the Internet G. Stringhini, T. Holz, B. Stone-Gross, C. Kruegel, G. Vigna Proceedings of the USENIX Security Symposium (USENIX Security 2011) BibTeX Fulltext (PDF, 286.6 KB)

Jackstraws: Picking Command and Control Connections from Bot Traffic G. Jacob, R. Hund, C. Kruegel, T. Holz Proceedings of the USENIX Security Symposium (USENIX Security 2011) Fulltext (PDF, 313.7 KB)

Escape from Monkey Island: Evading High-Interaction Honeyclients A. Kapravelos, M. Cova, C. Kruegel, G. Vigna Proceedings of the Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA 2011) BibTeX Fulltext (PDF, 224.9 KB)

MISHIMA: Multilateration of Internet hosts hidden using malicious fast-flux agents G. Banks, A. Fattori, R. Kemmerer, C. Kruegel, G. Vigna Proceedings of the Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA 2011) BibTeX Fulltext (PDF, 124.1 KB)

The Underground Economy of Fake Antivirus Software B. Stone-Gross, R. Abman, R. Kemmerer, C. Kruegel, G. Vigna Proceedings of the Workshop on Economics of Information Security (WEIS 2011) BibTeX Fulltext (PDF, 799.3 KB)

Peering Through the iFrame B. Stone-Gross, M. Cova, C. Kruegel, G. Vigna Proceedings of the International Conference on Computer Communications (INFOCOM 2011) BibTeX Fulltext (PDF, 312.9 KB)

Prophiler: A Fast Filter for the Large-Scale Detection of Malicious Web Pages D. Canali, M. Cova, G. Vigna, C. Kruegel Proceedings of the International World Wide Web Conference (WWW 2011) BibTeX Fulltext (PDF, 1.2 MB)

The Underground Economy of Spam: A Botmaster's Perspective of Coordinating Large-Scale Spam Campaigns B. Stone-Gross, T. Holz, G. Stringhini, G. Vigna Proceedings of the Usenix Workshop on Large-Scale Exploits and Emergent Threats (LEET 2011) BibTeX Fulltext (PDF, 1.2 MB)

PiOS: Detecting Privacy Leaks in iOS Applications M. Egele, C. Kruegel, E. Kirda, G. Vigna Proceedings of the ISOC Network and Distributed System Security Symposium (NDSS 2011) BibTeX Fulltext (PDF, 272.1 KB)

Exposure: Finding Malicious Domains Using Passive DNS Analysis L. Bilge, E. Kirda, C. Kruegel, M. Balduzzi Proceedings of the ISOC Network and Distributed System Security Symposium (NDSS 2011) Fulltext (PDF, 275.6 KB)

Analysis of a Botnet Takeover B. Stone-Gross, M. Cova, B. Gilbert, R. Kemmerer, C. Kruegel, G. Vigna IEEE Security and Privacy Magazine, 2011, vol. 9, no.1 BibTeX Fulltext (PDF, 1.3 MB)

Detecting Spammers on Social Networks G. Stringhini, C. Kruegel, G. Vigna Proceedings of the Annual Computer Security Applications Conference (ACSAC 2010) BibTeX Fulltext (PDF, 202.3 KB)

Network Intrusion Detection: Dead or Alive? G. Vigna Proceedings of the Annual Computer Security Applications Conference (ACSAC 2010) BibTeX Fulltext (PDF, 168.2 KB)

AccessMiner: Using System-Centric Models for Malware Protection A. Lanzi, D. Balzarotti, C. Kruegel, M. Christoderescu, E. Kirda Proceedings of the ACM Conference on Computer and Communications Security (CCS 2010) BibTeX Fulltext (PDF, 452.1 KB)

Abusing Social Networks for Automated User Profiling M. Balduzzi, C. Platzer, T. Holz, E. Kirda, D. Balzarotti, C. Kruegel Proceedings of the International Symposium on Recent Advances in Intrusion Detection (RAID 2010) BibTeX Fulltext (PDF, 309.3 KB)

Static Analysis for Detecting Taint-Style Vulnerabilities in Web Applications N. Jovanovic, C. Kruegel, E. Kirda Journal of Computer Security, 2010 Fulltext (PDF, 273.9 KB)

Toward Automated Detection of Logic Vulnerabilities in Web Applications V. Felmetsger, L. Cavedon, C. Kruegel, G. Vigna Proceedings of the USENIX Security Symposium (USENIX Security 2010) BibTeX Fulltext (PDF, 246.9 KB)

Why Johnny Can't Pentest: An Analysis of Black-box Web Vulnerability Scanners A. Doupé, M. Cova, G. Vigna Proceedings of the Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA 2010) BibTeX Fulltext (PDF, 177.3 KB)

An Experience in Testing the Security of Real-world Electronic Voting Systems D. Balzarotti, G. Banks, M. Cova, R. Kemmerer, W. Robertson, F. Valeur, G. Vigna IEEE Transactions on Software Engineering, 2010 BibTeX

Organizing Large Scale Hacking Competitions N. Childers, B. Boe, L. Cavallaro, L. Cavedon, M. Cova, M. Egele, G. Vigna Proceedings of the Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA 2010) BibTeX Fulltext (PDF, 1.9 MB)

Inspector Gadget: Automated Extraction of Proprietary Gadgets from Malware Binaries C. Kolbitsch, T. Holz, C. Kruegel, E. Kirda Proceedings of the IEEE Symposium on Security and Privacy (SSP 2010) BibTeX Fulltext (PDF, 474.7 KB)

Identifying Dormant Functionality in Malware Programs P. Milani Comparetti, G. Salvaneschi, E. Kirda, C. Kolbitsch, C. Kruegel, S. Zanero Proceedings of the IEEE Symposium on Security and Privacy (SSP 2010) BibTeX Fulltext (PDF, 367.5 KB)

A Practical Attack to De-Anonymize Social Network Users G. Wondraceck, T. Holz, E. Kirda, C. Kruegel Proceedings of the IEEE Symposium on Security and Privacy (SSP 2010) BibTeX Fulltext (PDF, 560.1 KB)

Detection and Analysis of Drive-by-Download Attacks and Malicious JavaScript Code M. Cova, C. Kruegel, G. Vigna Proceedings of the International World Wide Web Conference (WWW 2010) BibTeX Fulltext (PDF, 242.5 KB)

A Solution for the Automated Detection of Clickjacking Attacks M. Balduzzi, M. Egele, E. Kirda, D. Balzarotti, C. Kruegel Proceedings of the ACM Symposium on InformAtion, Computer and Communications Security (ASIACCS 2010) BibTeX Fulltext (PDF, 398.3 KB)

Effective Anomaly Detection with Scarce Training Data W. Robertson, F. Maggi, C. Kruegel, G. Vigna Proceedings of the ISOC Network and Distributed System Security Symposium (NDSS 2010) BibTeX Fulltext (PDF, 490.3 KB)

Are BGP Routers Open To Attack? An Experiment L. Cavedon, C. Kruegel, G. Vigna Proceedings of the Open Research Problems in Network Security (iNetSec 2010) BibTeX Fulltext (PDF, 240.4 KB)

CAPTCHA Smuggling: Hijacking Web Browsing Sessions to Create CAPTCHA Farms M. Egele, L. Bilge, E. Kirda, C. Kruegel Proceedings of the ACM Symposium on Applied Computing (SAC 2010) BibTeX

Improving the Efficiency of Dynamic Malware Analysis U. Bayer, E. Kirda, C. Kruegel Proceedings of the ACM Symposium on Applied Computing (SAC 2010) BibTeX Fulltext (PDF, 180.9 KB)

Efficient Detection of Split Personalities in Malware D. Balzarotti, M. Cova, C. Karlberger, C. Kruegel, G. Vigna Proceedings of the ISOC Network and Distributed System Security Symposium (NDSS 2010) BibTeX Fulltext (PDF, 154.6 KB)

FIRE: FInding Rogue nEtworks B. Stone-Gross, A. Moser, C. Kruegel, E. Kirda, K. Almeroth Proceedings of the Annual Computer Security Applications Conference (ACSAC 2009) BibTeX Fulltext (PDF, 198.6 KB)

Analyzing and Detecting Malicious Flash Advertisements S. Ford, M. Cova, C. Kruegel, G. Vigna Proceedings of the Annual Computer Security Applications Conference (ACSAC 2009) BibTeX Fulltext (PDF, 376.0 KB)

Your Botnet is My Botnet: Analysis of a Botnet Takeover B. Stone-Gross, M. Cova, B. Gilbert, L. Cavallaro, C. Kruegel, M. Szydlowski, G. Vigna, R. Kemmerer Proceedings of the ACM Conference on Computer and Communications Security (CCS 2009) BibTeX Fulltext (PDF, 921.8 KB)

Protecting a Moving Target: Addressing Web Application Concept Drift F. Maggi, W. Robertson, C. Kruegel, G. Vigna Proceedings of the International Symposium on Recent Advances in Intrusion Detection (RAID 2009) BibTeX Fulltext (PDF, 244.6 KB)

Automated Spyware Collection and Analysis A. Stamminger, C. Kruegel, G. Vigna, E. Kirda Proceedings of the Information Security Conference (ISC 2009) BibTeX Fulltext (PDF, 151.4 KB)

Automatically Generating Models for Botnet Detection P. Wurzinger, L. Bilge, T. Holz, J. Goebel, C. Kruegel, E. Kirda Proceedings of the European Symposium on Research in Computer Security (ESORICS 2009) BibTeX Fulltext (PDF, 157.2 KB)

Static Enforcement of Web Application Integrity Through Strong Typing W. Robertson, G. Vigna Proceedings of the USENIX Security Symposium (USENIX Security 2009) BibTeX Fulltext (PDF, 479.0 KB)

Reducing Errors in the Anomaly-based Detection of Web-Based Attacks through the Combined Analysis of Web Requests and SQL Queries G. Vigna, F. Valeur, D. Balzarotti, W. Robertson, C. Kruegel, E. Kirda Computer Security, 2009, vol. 17, no.3 BibTeX Fulltext (PDF, 345.7 KB)

Client-side Cross-site Scripting Protection E. Kirda, N. Jovanovic, C. Kruegel, G. Vigna Computers & Security, 2009, vol. 28, no.7 BibTeX Fulltext (PDF, 1.2 MB)

Effective and Efficient Malware Detection at the End Host C. Kolbitsch, P. Milani Comparetti, C. Kruegel, E. Kirda, X. Zhou, X. Wang Proceedings of the USENIX Security Symposium (USENIX Security 2009) BibTeX Fulltext (PDF, 497.1 KB)

Are Your Votes Really Counted? Testing the Security of Real-world Electronic Voting Systems D. Balzarotti, G. Banks, M. Cova, V. Felmetsger, R. Kemmerer, W. Robertson, F. Valeur, G. Vigna Proceedings of the International Symposium on Software Testing and Analysis (ISSTA 2008) BibTeX Fulltext (PDF, 220.9 KB)

VeriKey: A Dynamic Certificate Verification System for Public Key Exchanges B. Stone-Gross, D. Sigal, R. Cohn, J. Morse, K. Almeroth, C. Kruegel Proceedings of the Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA 2008) BibTeX Fulltext (PDF, 582.0 KB)

Saner: Composing Static and Dynamic Analysis to Validate Sanitization in Web Applications D. Balzarotti, M. Cova, V. Felmetsger, N. Jovanovic, E. Kirda, C. Kruegel, G. Vigna Proceedings of the IEEE Symposium on Security and Privacy (SSP 2008) BibTeX Fulltext (PDF, 244.4 KB)

ClearShot: Eavesdropping on Keyboard Input from Video D. Balzarotti, M. Cova, G. Vigna Proceedings of the IEEE Symposium on Security and Privacy (SSP 2008) BibTeX Fulltext (PDF, 217.7 KB)

Malware in IEEE 802.11 Wireless Networks B. Stone-Gross, C. Wilson, K. Almeroth, E. M. Belding, H. Zheng, K. Papagiannaki Proceedings of the Passive and Active Measurement Conference (PAM 2008) BibTeX Fulltext (PDF, 272.6 KB)

A Parallel Architecture for Stateful, High-Speed Intrusion Detection L. Foschini, A. V. Thapliyal, L. Cavallaro, C. Kruegel, G. Vigna Proceedings of the International Conference on Information Systems Security (ICISS 2008) BibTeX Fulltext (PDF, 275.9 KB)

There is No Free Phish: An Analysis of "Free" and Live Phishing Kits M. Cova, C. Kruegel, G. Vigna Proceedings of the USENIX Workshop on Offensive Technologies (WOOT 2008) BibTeX Fulltext (PDF, 134.1 KB)

Feature Omission Vulnerabilities: Thwarting Signature Generation for Polymorphic Worms M. Van Gundy, H. Chen, Z. Su, G. Vigna Proceedings of the ISOC Network and Distributed System Security Symposium (NDSS 2007) BibTeX Fulltext (PDF, 143.6 KB)

Improving Signature Testing Through Dynamic Data Flow Analysis C. Kruegel, D. Balzarotti, W. Robertson, G. Vigna Proceedings of the Annual Computer Security Applications Conference (ACSAC 2007) BibTeX Fulltext (PDF, 178.6 KB)

Multi-Module Vulnerability Analysis of Web-based Applications D. Balzarotti, V. Felmetsger, G. Vigna Proceedings of the ACM Conference on Computer and Communications Security (CCS 2007) BibTeX Fulltext (PDF, 247.2 KB)

Extending .NET Security to Unmanaged Code P. Klinkoff, E. Kirda, C. Kruegel, G. Vigna International Journal of Information Security, 2007 BibTeX

Swaddler: An Approach for the Anomaly-based Detection of State Violations in Web Applications D. Balzarotti, V. Felmetsger, G. Vigna Proceedings of the International Symposium on Recent Advances in Intrusion Detection (RAID 2007) BibTeX Fulltext (PDF, 538.3 KB)

Exploiting Execution Context for the Detection of Anomalous System Calls D. Mutz, W. Robertson, G. Vigna, R. Kemmerer Proceedings of the International Symposium on Recent Advances in Intrusion Detection (RAID 2007) BibTeX Fulltext (PDF, 212.4 KB)

Catch Me, If You Can: Evading Network Signatures with Web-based Polymorphic Worms M. Van Gundy, D. Balzarotti, G. Vigna Proceedings of the USENIX Workshop on Offensive Technologies (WOOT 2007) BibTeX Fulltext (PDF, 106.1 KB)

Security Evaluation of the Sequoia Voting System G. Vigna, R. Kemmerer, D. Balzarotti, G. Banks, V. Felmetsger, W. Robertson, F. Valeur BibTeX Fulltext (PDF, 108.5 KB)

Is Code Still Moving Around? Looking Back at a Decade of Code Mobility A. Carzaniga, G. P. Picco, G. Vigna Proceedings of the International Conference on Software Engineering (ICSE 2007) BibTeX Fulltext (PDF, 146.0 KB)

Cross-Site Scripting Prevention with Dynamic Data Tainting and Static Analysis P. Vogt , F. Nentwich , N. Jovanovic, E. Kirda, C. Kruegel, G. Vigna Proceedings of the ISOC Network and Distributed System Security Symposium (NDSS 2007) BibTeX Fulltext (PDF, 177.5 KB)

Using a Virtual Security Testbed for Digital Forensic Reconstruction A. Årnes , P. Haas, G. Vigna, R. Kemmerer Journal in Computer Virology, 2007, vol. 2, no.4 BibTeX

Testing and Analysis of Web Services V. Felmetsger, G. Vigna BibTeX

Static Disassembly and Code Analysis G. Vigna Malware Detection, 2007, vol. 27 BibTeX

Vulnerability Analysis of MMS User Agents C. Mulliner, G. Vigna Proceedings of the Annual Computer Security Applications Conference (ACSAC 2006) BibTeX Fulltext (PDF, 147.5 KB)

Static Detection of Vulnerabilities in x86 Executables V. Felmetsger, G. Banks, G. Vigna Proceedings of the Annual Computer Security Applications Conference (ACSAC 2006) BibTeX Fulltext (PDF, 321.8 KB)

Using Hidden Markov Models to Evaluate the Risks of Intrusions: System Architecture and Model Validation A. Årnes , F. Valeur, G. Vigna, R. Kemmerer Proceedings of the International Symposium on Recent Advances in Intrusion Detection (RAID 2006) BibTeX Fulltext (PDF, 393.9 KB)

Behavior-based Spyware Detection E. Kirda, C. Kruegel, G. Banks, G. Vigna, R. Kemmerer Proceedings of the USENIX Security Symposium (USENIX Security 2006) BibTeX Fulltext (PDF, 325.5 KB)

SNOOZE: toward a Stateful NetwOrk prOtocol fuzZEr G. Banks, M. Cova, V. Felmetsger, K. Almeroth, R. Kemmerer, G. Vigna Proceedings of the Information Security Conference (ISC 2006)

An Anomaly-driven Reverse Proxy for Web Applications F. Valeur, G. Vigna, C. Kruegel, E. Kirda Proceedings of the ACM Symposium on Applied Computing (SAC 2006)

Using Generalization and Characterization Techniques in the Anomaly-based Detection of Web Attacks W. Robertson, G. Vigna, C. Kruegel, R. Kemmerer Proceedings of the ISOC Network and Distributed System Security Symposium (NDSS 2006)

A Multi-model Approach to the Detection of Web-based Attacks C. Kruegel, G. Vigna, W. Robertson Computer Networks, 2005, vol. 48, no.5 BibTeX

Polymorphic Worm Detection Using Structural Information of Executables C. Kruegel, E. Kirda, D. Mutz, W. Robertson, G. Vigna Proceedings of the International Symposium on Recent Advances in Intrusion Detection (RAID 2005) BibTeX

Automating Mimicry Attacks Using Static Binary Analysis C. Kruegel, E. Kirda, D. Mutz, W. Robertson, G. Vigna Proceedings of the USENIX Security Symposium (USENIX Security 2005) BibTeX

A Learning-Based Approach to the Detection of SQL Attacks F. Valeur, D. Mutz, G. Vigna Proceedings of the Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA 2005) BibTeX

Exploiting OS-level Mechanisms to Implement Mobile Code Security V. Felmetsger, G. Vigna Proceedings of the International Conference on Engineering of Complex Computer Systems (ICECCS 2005) BibTeX

Detecting Malicious JavaScript Code in Mozilla O. Hallaraker, G. Vigna Proceedings of the International Conference on Engineering of Complex Computer Systems (ICECCS 2005) BibTeX

Reverse Engineering of Network Signatures C. Kruegel, D. Mutz, W. Robertson, G. Vigna, R. Kemmerer Proceedings of the Asia Pacific Information Technology Security Conference (AusCERT 2005) BibTeX

Intrusion Detection and Correlation: Challenges and Solutions C. Kruegel, F. Valeur, G. Vigna BibTeX

Sensor Families for Intrusion Detection Infrastructures R. Kemmerer, G. Vigna BibTeX

Detecting Kernel-Level Rootkits Through Binary Analysis C. Kruegel, W. Robertson, G. Vigna Proceedings of the Annual Computer Security Applications Conference (ACSAC 2004) BibTeX Fulltext (PDF, 788.3 KB)

Detecting Attacks That Exploit Application-Logic Errors Through Application-Level Auditing J. Zhou, G. Vigna Proceedings of the Annual Computer Security Applications Conference (ACSAC 2004) BibTeX

An Intrusion Detection Tool for AODV-based Ad Hoc Wireless Networks G. Vigna, S. Gwalani, K. Srinivasan, E. M. Belding, R. Kemmerer Proceedings of the Annual Computer Security Applications Conference (ACSAC 2004) BibTeX Fulltext (PDF, 239.1 KB)

Using Alert Verification to Identify Successful Intrusion Attempts C. Kruegel, W. Robertson, G. Vigna Practice in Information Processing and Communication (PIK), 2004 BibTeX

Static Disassembly of Obfuscated Binaries C. Kruegel, W. Robertson, F. Valeur, G. Vigna Proceedings of the USENIX Security Symposium (USENIX Security 2004) BibTeX Fulltext (PDF, 211.9 KB)

A Comprehensive Approach to Intrusion Detection Alert Correlation F. Valeur, G. Vigna, C. Kruegel, R. Kemmerer IEEE Transactions on Dependable and Secure Computing, 2004 BibTeX

Mobile Agents: Ten Reasons For Failure G. Vigna Proceedings of the IEEE International Conference on Mobile Data Management (MDM 2004) BibTeX Fulltext (PDF, 28.2 KB)

Testing Network-based Intrusion Detection Signatures Using Mutant Exploits G. Vigna, W. Robertson, D. Balzarotti Proceedings of the ACM Conference on Computer and Communications Security (CCS 2004) BibTeX Fulltext (PDF, 165.2 KB)

A Stateful Intrusion Detection System for World-Wide Web Servers G. Vigna, W. Robertson, V. Kher, R. Kemmerer Proceedings of the Annual Computer Security Applications Conference (ACSAC 2003) BibTeX

An Experience Developing an IDS Stimulator for the Black-Box Testing of Network Intrusion Detection Systems D. Mutz, G. Vigna, R. Kemmerer Proceedings of the Annual Computer Security Applications Conference (ACSAC 2003) BibTeX

Bayesian event classification for intrusion detection C. Kruegel, D. Mutz, W. Robertson, F. Valeur Proceedings of the Annual Computer Security Applications Conference (ACSAC 2003)

Anomaly Detection of Web-based Attacks C. Kruegel, G. Vigna Proceedings of the ACM Conference on Computer and Communications Security (CCS 2003) BibTeX

On the Detection of Anomalous System Call Arguments C. Kruegel, D. Mutz, F. Valeur, G. Vigna Proceedings of the European Symposium on Research in Computer Security (ESORICS 2003) BibTeX

Teaching Hands-On Network Security: Testbeds and Live Exercises G. Vigna Journal of Information Warfare, 2003 BibTeX

A Topological Characterization of TCP/IP Security G. Vigna Proceedings of the International FME Symposium (FME 2003) BibTeX

Designing and Implementing A Family of Intrusion Detection Systems G. Vigna, F. Valeur, R. Kemmerer Proceedings of the European Conference on Software Engineering (ESEC 2003) BibTeX

Teaching Network Security Through Live Exercises G. Vigna Proceedings of the Annual World Conference on Information Security Education (WISE 2003) BibTeX

Detecting Malicious Java Code Using Virtual Machine Auditing S. Soman, C. Krintz, G. Vigna Proceedings of the USENIX Security Symposium (USENIX Security 2003) BibTeX

Mnemosyne: Designing and Implementing Network Short-Term Memory G. Vigna, A. Mitchell Proceedings of the International Conference on Engineering of Complex Computer Systems (ICECCS 2002) BibTeX Fulltext (PDF, 148.3 KB)

Sensor-Based Intrusion Detection for Intra-Domain Distance-Vector Routing V. Mittal, G. Vigna Proceedings of the ACM Conference on Computer and Communications Security (CCS 2002) BibTeX Fulltext (PDF, 184.7 KB)

An Intrusion Detection System for Aglets G. Vigna, B. Cassell, D. Fayram Proceedings of the International Conference on Mobile Agents (MA 2002) BibTeX Fulltext (PDF, 200.4 KB)

Stateful Intrusion Detection for High-Speed Networks C. Kruegel, F. Valeur, G. Vigna, R. Kemmerer Proceedings of the IEEE Symposium on Security and Privacy (SSP 2002) BibTeX Fulltext (PDF, 107.0 KB)

Intrusion Detection: A Brief History and Overview R. Kemmerer, G. Vigna IEEE Computer, 2002, vol. 35, no.4 BibTeX Fulltext (PDF, 363.2 KB)

Composable Tools For Network Discovery and Security Analysis G. Vigna, F. Valeur, J. Zhou, R. Kemmerer Proceedings of the Annual Computer Security Applications Conference (ACSAC 2002) BibTeX

STATL: An Attack Language for State-based Intrusion Detection S. T. Eckmann, G. Vigna, R. Kemmerer Journal of Computer Security, 2002 BibTeX Fulltext (PDF, 810.7 KB)

Evaluating the Security Of Three Java-Based Mobile Agent Systems S. Fischmeister, G. Vigna, R. Kemmerer Proceedings of the International Conference on Mobile Agents (MA 2001) BibTeX Fulltext (PDF, 89.5 KB)

Designing a Web of Highly-Configurable Intrusion Detection Sensors G. Vigna, R. Kemmerer, P. Blix Proceedings of the International Symposium on Recent Advances in Intrusion Detection (RAID 2001) BibTeX Fulltext (PDF, 218.7 KB)

MASSA: Mobile Agents Security through Static/Dynamic Analysis A. Orso, M. Harrold, G. Vigna Proceedings of the ICSE Workshop on Software Engineering and Mobility (WSEM 2001) BibTeX Fulltext (PDF, 34.8 KB)

E-Commerce Security and Privacy A. dos Santos, G. Vigna, R. Kemmerer BibTeX

Security Testing of the Online Banking Service of a Large International Bank A. dos Santos, G. Vigna, R. Kemmerer Proceedings of the Workshop on Security and Privacy in E-Commerce (WSPEC 2000) BibTeX

Attack Languages G. Vigna, S. T. Eckmann, R. Kemmerer Proceedings of the Information Survivability Workshop (ISW 2000) BibTeX

The STAT Tool Suite G. Vigna, S. T. Eckmann, R. Kemmerer Proceedings of the DARPA Information Survivability Conference and Exposition (DISCEX 2000) BibTeX

NetSTAT: A Network-based Intrusion Detection System G. Vigna, R. Kemmerer Journal of Computer Security, 1999, vol. 7, no.1 BibTeX

NetSTAT: A Network-based Intrusion Detection Approach G. Vigna, R. Kemmerer Proceedings of the Annual Computer Security Applications Conference (ACSAC 1998) BibTeX

Requirements Targeting Software and System Engineering C. Ghezzi, G. Vigna BibTeX

Mobile Agents and Security G. Vigna BibTeX

Cryptographic Traces for Mobile Agents G. Vigna BibTeX

A Model-Centered Electronic Commerce Middleware G. Vigna Proceedings of the International IFIP Working Conference on Trends in Electronic Commerce (TrEC 1998) BibTeX