2023
Detecting Stealthy Cobalt Strike C&C Activities via Multi-Flow based Machine Learning.
Proceedings of the International Conference on Machine Learning and Applications, 2023
2021
Practical Protection of Binary Applications via Transparent Immunization.
Proceedings of the 18th International Conference on Privacy, Security and Trust, 2021
On the Feasibility of Detecting Software Supply Chain Attacks.
Proceedings of the 2021 IEEE Military Communications Conference, 2021
CloudImmu: Transparent Protection of Binary Applications in the Cloud.
Proceedings of the 2021 IEEE Military Communications Conference, 2021
2015
Springer Briefs in Computer Science, Springer, ISBN: 978-1-4939-3441-6, 2015
2014
CipherXRay: Exposing Cryptographic Operations and Transient Secrets from Monitored Binary Execution.
IEEE Trans. Dependable Secur. Comput., 2014
A Host-Based Approach for Unknown Fast-Spreading Worm Detection and Containment.
ACM Trans. Auton. Adapt. Syst., 2014
Exploiting VoIP softphone vulnerabilities to disable host computers: Attacks and mitigation.
Int. J. Crit. Infrastructure Prot., 2014
CodeXt: Automatic Extraction of Obfuscated Attack Code from Memory Dump.
Proceedings of the Information Security - 17th International Conference, 2014
2013
Disabling a Computer by Exploiting Softphone Vulnerabilities: Threat and Mitigation.
Proceedings of the Security and Privacy in Communication Networks, 2013
2012
Interval-based flow watermarking for tracing interactive traffic.
Comput. Networks, 2012
VoIP Shield: A transparent protection of deployed VoIP systems from SIP-based exploits.
Proceedings of the 2012 IEEE Network Operations and Management Symposium, 2012
2011
Robust Correlation of Encrypted Attack Traffic through Stepping Stones by Flow Watermarking.
IEEE Trans. Dependable Secur. Comput., 2011
Call Behavioral Analysis to Thwart SPIT Attacks on VoIP Networks.
Proceedings of the Security and Privacy in Communication Networks, 2011
Thwarting Spam over Internet Telephony (SPIT) attacks on VoIP networks.
Proceedings of the 19th International Workshop on Quality of Service, 2011
2010
Stealthy malware detection and monitoring through VMM-based "out-of-the-box" semantic view reconstruction.
ACM Trans. Inf. Syst. Secur., 2010
An Application-Level Data Transparent Authentication Scheme without Communication Overhead.
IEEE Trans. Computers, 2010
Roving bugnet: Distributed surveillance threat and mitigation.
Comput. Secur., 2010
On the billing vulnerabilities of SIP-based VoIP systems.
Comput. Networks, 2010
Artificial Malware Immunization Based on Dynamically Assigned Sense of Self.
Proceedings of the Information Security - 13th International Conference, 2010
2009
Online detection of network traffic anomalies using behavioral distance.
Proceedings of the 17th International Workshop on Quality of Service, 2009
An Empirical Investigation into the Security of Phone Features in SIP-Based VoIP Systems.
Proceedings of the Information Security Practice and Experience, 2009
ReFormat: Automatic Reverse Engineering of Encrypted Messages.
Proceedings of the Computer Security, 2009
On the feasibility of launching the man-in-the-middle attacks on VoIP from remote attackers.
Proceedings of the 2009 ACM Symposium on Information, 2009
2008
Voice pharming attack and the trust of VoIP.
Proceedings of the 4th International ICST Conference on Security and Privacy in Communication Networks, 2008
Countering Persistent Kernel Rootkits through Systematic Hook Discovery.
Proceedings of the Recent Advances in Intrusion Detection, 11th International Symposium, 2008
A First Step towards Live Botmaster Traceback.
Proceedings of the Recent Advances in Intrusion Detection, 11th International Symposium, 2008
2007
Billing Attacks on SIP-Based VoIP Systems.
Proceedings of the First USENIX Workshop on Offensive Technologies, 2007
Network Flow Watermarking Attack on Low-Latency Anonymous Communication Systems.
Proceedings of the 2007 IEEE Symposium on Security and Privacy (S&P 2007), 2007
"Out-of-the-Box" Monitoring of VM-Based High-Interaction Honeypots.
Proceedings of the Recent Advances in Intrusion Detection, 10th International Symposium, 2007
Tracing Traffic through Intermediate Hosts that Repacketize Flows.
Proceedings of the INFOCOM 2007. 26th IEEE International Conference on Computer Communications, 2007
Stealthy malware detection through vmm-based "out-of-the-box" semantic view reconstruction.
Proceedings of the 2007 ACM Conference on Computer and Communications Security, 2007
2006
On the anonymity and traceability of peer-to-peer VoIP calls.
IEEE Netw., 2006
DaTA - Data-Transparent Authentication Without Communication Overhead.
Proceedings of the Second International Conference on Security and Privacy in Communication Networks and the Workshops, 2006
WormTerminator: an effective containment of unknown and polymorphic fast spreading worms.
Proceedings of the 2006 ACM/IEEE Symposium on Architecture for Networking and Communications Systems, 2006
2005
Active Timing-Based Correlation of Perturbed Traffic Flows with Chaff Packets.
Proceedings of the 25th International Conference on Distributed Computing Systems Workshops (ICDCS 2005 Workshops), 2005
Tracking anonymous peer-to-peer VoIP calls on the internet.
Proceedings of the 12th ACM Conference on Computer and Communications Security, 2005
2003
Robust correlation of encrypted attack traffic through stepping stones by manipulation of interpacket delays.
Proceedings of the 10th ACM Conference on Computer and Communications Security, 2003
2002
Inter-Packet Delay Based Correlation for Tracing Encrypted Connections through Stepping Stones.
Proceedings of the Computer Security, 2002
2001
Sleepy Watermark Tracing: An Active Network-Based Intrusion Response Framework.
Proceedings of the Trusted Information: The New Decade Challenge, 2001
1999
DecIdUouS: Decentralized Source Identification for Network-Based Intrusions.
Proceedings of the 1999 IEEE/IFIP International Symposium on Integrated Network Management, 1999