Infiltration of Botnet Command & Control
and Support Ecosystems

Home  

People  

Papers  

Contact  

Papers

Detecting Stealthy, Distributed SSH Brute-Forcing, Mobin Javed and Vern Paxson, Proceedings of the ACM Conference on Computer and Communications Security, Berlin, Germany, November 2013.

A Fistful of Bitcoins: Characterizing Payments Among Men with No Names, Sarah Meiklejohn, Marjori Pomarole, Grant Jordan, Kirill Levchenko, Damon McCoy, Geoffrey M. Voelker, and Stefan Savage, Proceedings of the ACM Internet Measurement Conference, Barcelona, Spain, October 2013.

Understanding the Domain Registration Behavior of Spammers, Shuang Hao, Matthew Thomas, Vern Paxson, Nick Feamster, Christian Kreibich, Chris Grier, and Scott Hollenbeck, Proceedings of the ACM Internet Measurement Conference, Barcelona, Spain, October 2013.

Trafficking Fraudulent Accounts: The Role of the Underground Market in Twitter Spam and Abuse, Kurt Thomas, Damon McCoy, Chris Grier, Alek Kolcz, and Vern Paxson, Proceedings of the USENIX Security Symposium, Washington D.C., August 2013.

Practical Comprehensive Bounds on Surreptitious Communication Over DNS, Vern Paxson, Mihai Christodorescu, Mobin Javed, Josyula Rao, Reiner Sailer, Douglas Schales, Marc Ph. Stoecklin, Kurt Thomas, Wietse Venema, and Nicholas Weaver, Proceedings of the USENIX Security Symposium, Washington D.C., August 2013.

A Variational Approximation for Topic Modeling of Hierarchical Corpora, Do-kyum Kim, Geoffrey M. Voelker, and Lawrence K. Saul, Proceedings of the International Conference on Machine Learning, Atlanta, GA, June 2013.

Juice: A Longitudinal Study of an SEO Campaign, David Wang, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the Network and Distributed System Security Symposium (NDSS), San Diego, CA, February 2013.

Taster's Choice: A Comparative Analysis of Spam Feeds, Andreas Pitsillidis, Chris Kanich, Geoffrey M. Voelker, Kirill Levchenko, and Stefan Savage, Proceedings of the ACM Internet Measurement Conference, Boston, MA, November 2012.

Priceless: The Role of Payments in Abuse-advertised Goods, Damon McCoy, Hitesh Dharmdasani, Christian Kreibich, Geoffrey M. Voelker, and Stefan Savage, Proceedings of the ACM Conference on Computer and Communications Security, Raleigh, NC, October 2012.

Manufacturing Compromise: The Emergence of Exploit-as-a-Service, Chris Grier, Lucas Ballard, Juan Caballero, Neha Chachra, Christian J. Dietrich, Kirill Levchenko, Panayiotis Mavrommatis, Damon McCoy, Antonio Nappa, Andreas Pitsillidis, Niels Provos, M. Zubair Rafique, Moheeb Abu Rajab, Christian Rossow, Kurt Thomas, Vern Paxson, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the ACM Conference on Computer and Communications Security, Raleigh, NC, October 2012.

PharmaLeaks: Understanding the Business of Online Pharmaceutical Affiliate Programs, Damon McCoy, Andreas Pitsillidis, Grant Jordan, Nicholas Weaver, Christian Kreibich, Brian Krebs, Geoffrey M. Voelker, Stefan Savage, and Kirill Levchenko, Proceedings of the USENIX Security Symposium, Bellevue, WA, August 2012.

Economic Analysis of Cybercrime in Crowdsourced Labor Markets, Vaibhav Garg, Chris Kanich, and L. Jean Camp, Proceedings of the Workshop on the Economics of Information Security (WEIS), Berlin, Germany, June 2012.

Prudent Practices for Designing Malware Experiments: Status Quo and Outlook, Christian Rossow, Christian J. Dietrich, Christian Kreibich, Chris Grier, Vern Paxson, Norbert Pohlmann, Herbert Bos, and Maarten van Steen, Proceedings of the IEEE Symposium on Security and Privacy, May 2012.

Adapting Social Spam Infrastructure for Political Censorship, Kurt Thomas, Chris Grier, and Vern Paxson, Proceedings of the USENIX Workshop on Large-scale Exploits and Emergent Threats (LEET), April 2012.

The BIZ Top-Level Domain: Ten Years Later, Tristan Halvorson, Janos Szurdi, Gregor Maier, Mark Felegyhazi, Christian Kreibich, Nicholas Weaver, Kirill Levchenko, and Vern Paxson, Proceedings of the Passive and Active Measurement Workshop, Vienna, Austria, March 2012.

Applying Ethical Principles to Information and Communication Technology Research: A Companion to the Department of Homeland Security Menlo Report, Erin Kenneally, Co-Leader & Author, U.S. Department of Homeland Working Group on Ethics in Computer Security Research, January 2012.

An Analysis of Underground Forums, Marti Motoyama, Damon McCoy, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the ACM Internet Measurement Conference, Berlin, CA, November 2011.

Suspended Accounts in Retrospect: An Analysis of Twitter Spam, Kurt Thomas, Chris Grier, Vern Paxson, and Dawn Song, Proceedings of the ACM Internet Measurement Conference, Berlin, CA, November 2011.

Practical Containment for Measuring Modern Malware Systems, Christian Kreibich, Nicholas Weaver, Chris Kanich, Wedong Cui, and Vern Paxson, Proceedings of the ACM Internet Measurement Conference, Berlin, CA, November 2011.

Topic Modeling of Freelance Job Postings to Monitor Web Service Abuse, Do-kyum Kim, Marti Motoyama, Geoffrey M. Voelker, and Lawrence K. Saul, Proceedings of the ACM Workshop on Artificial Intelligence and Security (AISEC), Chicago, IL, October 2011.

Judging a site by its content: learning the textual, structural, and visual features of malicious Web pages, Sushma Nagesh Bannur, Lawrence K. Saul, and Stefan Savage, Proceedings of the ACM Workshop on Artificial Intelligence and Security (AISEC), Chicago, IL, October 2011.

Cloak and Dagger: Dynamics of Web Search Cloaking, David Wang, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the ACM Conference on Computer and Communications Security, Chicago, IL, October 2011.

Putting Out a HIT: Crowdsourcing Malware Installs, Chris Kanich, Stephen Checkoway, and Keaton Mowery, Proceedings of Workshop On Offensive Technologies (WOOT), August 2011.

The Menlo Report: Ethical Principles Guiding Information and Communication Technology Research, Erin Kenneally, Co-Leader & Author, U.S. Department of Homeland Working Group on Ethics in Computer Security Research, September 2011.

No Plan Survives Contact: Experience with Cybercrime Measurement, Chris Kanich, Neha Chachra, Damon McCoy, Chris Grier, David Wang, Marti Motoyama, Kirill Levchenko, Stefan Savage, and Geoffrey M. Voelker, Proceedings of Workshop on Cyber Security Experimentation and Test (CSET), August 2011.

Measuring Pay-per-Install: The Commoditization of Malware Distribution, Juan Caballero, Chris Grier, Christian Kreibich, and Vern Paxson, Proceedings of the USENIX Security Symposium, San Francisco, CA, August 2011.

Show Me the Money: Characterizing Spam-advertised Revenue, Chris Kanich, Nicholas Weaver, Damon McCoy, Tristan Halvorson, Christian Kreibich, Kirill Levchenko, Vern Paxson, Geoffrey M. Voelker, and Stefan Savage, Proceedings of the USENIX Security Symposium, San Francisco, CA, August 2011.

Dirty Jobs: The Role of Freelance Labor in Web Service Abuse, Marti Motoyama, Damon McCoy, Kirill Levchenko, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the USENIX Security Symposium, San Francisco, CA, August 2011.

Redirecting DNS for Ads and Profit, Nicholas Weaver, Christian Kreibich, and Vern Paxson, Proceedings of the USENIX Workshop on Free and Open Communications on the Internet (FOCI), August 2011.

Interview with Stefan Savage: On the Spam Payment Trail, Rik Farrow and Stefan Savage, USENIX ;login: 36(4):7-20, August 2011.

What's Clicking What? Techniques and Innovations of Today's Clickbots, Brad Miller, Paul Pearce, Chris Grier, Christian Kreibich, and Vern Paxson, Proceedings of the Eighth Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), July 2011.

An Assessment of Overt Malicious Activity Manifest in Residential Networks, Gregor Maier, Anja Feldmann, Vern Paxson, Robin Sommer, and Matthias Vallentin, Proceedings of the Eighth Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), July 2011.

Privacy-preserving Network Forensics, Mikhail Afanasyev, Tadayoshi Kohno, Justin Ma, Nick Murphy, Stefan Savage, Alex C. Snoeren, and Geoffrey M. Voelker, Communications of the Association for Computing Machinery, June 2011.

Click Trajectories: End-to-End Analysis of the Spam Value Chain, Kirill Levchenko, Andreas Pitsillidis, Neha Chachra, Brandon Enright, Márk Félegyházi, Chris Grier, Tristan Halvorson, Chris Kanich, Christian Kreibich, He Liu, Damon McCoy, Nicholas Weaver, Vern Paxson, Geoffrey M. Voelker, and Stefan Savage, Proceedings of the IEEE Symposium and Security and Privacy, May 2011, pages 431-446.

Design and Evaluation of a Real-Time URL Spam Filtering Service, Kurt Thomas, Chri Grier, Justin Ma, Vern Paxson, and Dawn Song, Proceedings of the IEEE Symposium and Security and Privacy, May 2011.

Learning to Detect Malicious URLs, Justin Ma, Lawrence K Saul, Stefan Savage, and Geoffrey M Voelker, ACM Transactions on Intelligent Systems and Technology (TIST) 2(3):30:1-30:24, April 2011.

On the Effects of Registrar-level Intervention, He Liu, Kirill Levchenko, Márk Félegyházi, Christian Kreibich, Gregor Maier, Geoffrey M. Voelker, and Stefan Savage, Proceedings of the USENIX Workshop on Large-scale Exploits and Emergent Threats (LEET), Boston, MA, March 2011, pages 1-8.

Detecting and Analyzing Automated Activity on Twitter, Chao Michael Zhang and Vern Paxson, Proceedings of the Passive & Active Measurement, March 2011.

Got Traffic? An Evaluation of Click Traffic Providers, Qing Zhang, Thomas Ristenpart, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the WICOM/AIRWeb Workshop on Web Quality (WebQuality), Hyderabad, India, March 2011, pages 19-26.

Proximax: Fighting Censorship with an Adaptive System for Distribution of Open Proxies, Kirill Levchenko, Jose Andre Morales, and Damon McCoy, Proceedings of the International Conference on Financial Cryptography and Data Security, St Lucia, February 2011.

Moving Forward, Building An Ethics Community (Panel Statements), Erin Kenneally, Angelos Stavrou, John McHugh, and Nicolas Christin, Proceedings of the Workshop on Ethics in Computer Security Research (WECSR'11), February 2011.

Towards Situational Awareness of Large-scale Botnet Probing Events, Zhichun Li, Anup Goyal, Yan Chen, and Vern Paxson, IEEE Transactions on Information Forensics and Security 5(4), October 2010.

Employing Honeynets For Network Situational Awareness, Paul Barford, Yan Chen, Anup Goyal, Zhichun Li, Vern Paxson, and Vinod Yegneswaran, In Cyber Situational Awareness: Issues and Research. Sushil Jajodia and Peng Liu and Vipin Swarup and Cliff Wang, editor. Springer, 2010.

Re: CAPTCHAs -- Understanding CAPTCHA Solving from an Economic Context, Marti Motoyama, Kirill Levchenko, Chris Kanich, Damon McCoy, Geoffrey M. Voelker, and Stefan Savage, Proceedings of the USENIX Security Symposium, Washington, D.C., August 2010.

Dialing Privacy and Utility: A Proposed Data-Sharing Framework to Advance Internet Research, Erin E. Kenneally and Kimberly Claffy, IEEE Security and Privacy 8(4):31-39, July 2010.

Beyond Heuristics: Learning to Classify Vulnerabilities and Predict Exploits, Mehran Bozorgi, Lawrence K. Saul, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the ACM SIGKDD Conference, Washington D.C., July 2010.

An Entity-Level Approach to Information Extraction, Aria Haghighi and Dan Klein, Proceedings of ACL 2010, July 2010.

Second Life: a Social Network of Humans and Bots, Matteo Varvello and Geoffrey M. Voelker, Proceedings of the ACM International Workshop on Network and Operating Systems Support for Digital Audio and Video (NOSSDAV), Amsterdam, the Netherlands, June 2010.

Outside the Closed World: On Using Machine Learning For Network Intrusion Detection, Robin Sommer and Vern Paxson, Proceedings of the IEEE Symposium and Security and Privacy, Oakland, CA, May 2010.

Exploiting Feature Covariance in High-Dimensional Online Learning, Justin Ma, Alex Kulesza, Mark Dredze, Koby Crammer, Lawrence K. Saul, and Fernando Pereira, Proceedings of the International Conference on Artificial Intelligence and Statistics (AISTATS), Sardinia, Italy, May 2010.

On the Potential of Proactive Domain Blacklisting, Mark Felegyhazi and Christian Kreibich and Vern Paxson, Proceedings of the 3rd USENIX Workshop on Large-Scale Exploits and Emergent Threats, San Jose, CA, April 2010.

Insights from the Inside: A View of Botnet Management from Infiltration, Chia Yuan Cho, Juan Caballero, Chris Grier, Vern Paxson, and Dawn Song, Proceedings of the 3rd USENIX Workshop on Large-Scale Exploits and Emergent Threats, San Jose, CA, April 2010.

Binary Code Extraction and Interface Identification for Security Applications, Juan Caballero, Noah M. Johnson, Stephen McCamant, and Dawn Song, Proceedings of the Network and Distributed System Security Symposium (NDSS), San Diego, CA, February 2010.

Botnet Judo: Fighting Spam with Itself, Andreas Pitsillidis, Kirill Levchenko, Christian Kreibich, Chris Kanich, Geoffrey M. Voelker, Vern Paxson, Nicholas Weaver, and Stefan Savage, Proceedings of the Network and Distributed System Security Symposium (NDSS), San Diego, CA, February 2010.

Coreference Resolution in a Modular, Entity-Centered Model, Aria Haghighi and Dan Klein, Proceedings of NAACL 2010, March 2010.

A Framework for Understanding and Applying Ethical Principles in Network and Security Research, Erin Kenneally, Michael Bailey, and Douglas Maughan, Proceedings of the Workshop on Ethics in Computer Security Research (WECSR 2010), Canary Islands, Spain, January 2010.