Engin Kirda
Orcid: 0000-0001-9988-6873Affiliations:
- Northeastern University, USA
According to our database1,
Engin Kirda
authored at least 202 papers
between 2000 and 2024.
Collaborative distances:
Collaborative distances:
Timeline
Legend:
Book In proceedings Article PhD thesis Dataset OtherLinks
Online presence:
-
on zbmath.org
-
on orcid.org
-
on iseclab.org
-
on dl.acm.org
On csauthors.net:
Bibliography
2024
On the Complexity of the Web's PKI: Evaluating Certificate Validation of Mobile Browsers.
IEEE Trans. Dependable Secur. Comput., 2024
IEEE Trans. Dependable Secur. Comput., 2024
IEEE Trans. Dependable Secur. Comput., 2024
Design and Realization of a Benchmarking Testbed for Evaluating Autonomous Platooning Algorithms.
CoRR, 2024
Proceedings of the 33rd USENIX Security Symposium, 2024
Proceedings of the 33rd USENIX Security Symposium, 2024
Proceedings of the 27th International Symposium on Research in Attacks, 2024
Proceedings of the 31st Annual Network and Distributed System Security Symposium, 2024
Assessing the Feasibility of the Virtual Smartphone Paradigm in Countering Zero-Click Attacks.
Proceedings of the 57th Hawaii International Conference on System Sciences, 2024
2023
Proceedings of the IEEE International Conference on Software Analysis, 2023
Proceedings of the 32nd USENIX Security Symposium, 2023
Proceedings of the Annual Computer Security Applications Conference, 2023
2022
HotFuzz: Discovering Temporal and Spatial Denial-of-Service Vulnerabilities Through Guided Micro-Fuzzing.
ACM Trans. Priv. Secur., 2022
Who's Controlling My Device? Multi-User Multi-Device-Aware Access Control System for Shared Smart Home Environment.
ACM Trans. Internet Things, 2022
Experience Report on the Challenges and Opportunities in Securing Smartphones Against Zero-Click Attacks.
CoRR, 2022
Proceedings of the 31st USENIX Security Symposium, 2022
Proceedings of the 31st USENIX Security Symposium, 2022
Proceedings of the 29th Annual Network and Distributed System Security Symposium, 2022
SoK: All or Nothing - A Postmortem of Solutions to the Third-Party Script Inclusion Permission Model and a Path Forward.
Proceedings of the 7th IEEE European Symposium on Security and Privacy, 2022
A Recent Year On the Internet: Measuring and Understanding the Threats to Everyday Internet Devices.
Proceedings of the Annual Computer Security Applications Conference, 2022
2021
GhostBuster: understanding and overcoming the pitfalls of transient execution vulnerability checkers.
Proceedings of the 28th IEEE International Conference on Software Analysis, 2021
Proceedings of the 2021 Truth and Trust Online Conference (TTO 2021), 2021
Proceedings of the 42nd IEEE Symposium on Security and Privacy, 2021
Proceedings of the SAC '21: The 36th ACM/SIGAPP Symposium on Applied Computing, 2021
Browserprint: an Analysis of the Impact of Browser Features on Fingerprintability and Web Privacy.
Proceedings of the Information Security - 24th International Conference, 2021
Proceedings of the IEEE European Symposium on Security and Privacy, 2021
Proceedings of the IEEE European Symposium on Security and Privacy, 2021
Proceedings of the Detection of Intrusions and Malware, and Vulnerability Assessment, 2021
You've Got (a Reset) Mail: A Security Analysis of Email-Based Password Reset Procedures.
Proceedings of the Detection of Intrusions and Malware, and Vulnerability Assessment, 2021
Proceedings of the IEEE International Conference on Decentralized Applications and Infrastructures, 2021
Proceedings of the CCS '21: 2021 ACM SIGSAC Conference on Computer and Communications Security, Virtual Event, Republic of Korea, November 15, 2021
Proceedings of the ARES 2021: The 16th International Conference on Availability, 2021
2020
CoRR, 2020
Proceedings of the WiSec '20: 13th ACM Conference on Security and Privacy in Wireless and Mobile Networks, 2020
Proceedings of the 29th USENIX Security Symposium, 2020
What's in an Exploit? An Empirical Analysis of Reflected Server XSS Exploitation Techniques.
Proceedings of the 23rd International Symposium on Research in Attacks, 2020
HotFuzz: Discovering Algorithmic Denial-of-Service Vulnerabilities Through Guided Micro-Fuzzing.
Proceedings of the 27th Annual Network and Distributed System Security Symposium, 2020
2019
Proceedings of the 22nd International Symposium on Research in Attacks, 2019
Clustering and the Weekend Effect: Recommendations for the Use of Top Domain Lists in Security Research.
Proceedings of the Passive and Active Measurement - 20th International Conference, 2019
Getting Under Alexa's Umbrella: Infiltration Attacks Against Internet Top Domain Lists.
Proceedings of the Information Security - 22nd International Conference, 2019
Proceedings of the Information Security - 22nd International Conference, 2019
Proceedings of the Internet Measurement Conference, 2019
It's Not what It Looks Like: Measuring Attacks and Defensive Registrations of Homograph Domains.
Proceedings of the 7th IEEE Conference on Communications and Network Security, 2019
Proceedings of the 35th Annual Computer Security Applications Conference, 2019
2018
IEEE Secur. Priv., 2018
Proceedings of the 2018 World Wide Web Conference on World Wide Web, 2018
Proceedings of the 2018 IEEE Symposium on Security and Privacy, 2018
From Deletion to Re-Registration in Zero Seconds: Domain Registrar Behaviour During the Drop.
Proceedings of the Internet Measurement Conference 2018, 2018
Proceedings of the Internet Measurement Conference 2018, 2018
Proceedings of the 2018 IEEE European Symposium on Security and Privacy, 2018
Proceedings of the 34th Annual Computer Security Applications Conference, 2018
2017
it Inf. Technol., 2017
Proceedings of the IEEE 24th International Conference on Software Analysis, 2017
Proceedings of the Research in Attacks, Intrusions, and Defenses, 2017
Thou Shalt Not Depend on Me: Analysing the Use of Outdated JavaScript Libraries on the Web.
Proceedings of the 24th Annual Network and Distributed System Security Symposium, 2017
Semi-automated discovery of server-based information oversharing vulnerabilities in Android applications.
Proceedings of the 26th ACM SIGSOFT International Symposium on Software Testing and Analysis, Santa Barbara, CA, USA, July 10, 2017
Proceedings of the 33rd Annual Computer Security Applications Conference, 2017
2016
Proceedings of the 25th USENIX Security Symposium, 2016
Proceedings of the Trust and Trustworthy Computing - 9th International Conference, 2016
Proceedings of the IEEE Symposium on Security and Privacy, 2016
Proceedings of the IEEE Symposium on Security and Privacy, 2016
Proceedings of the Research in Attacks, Intrusions, and Defenses, 2016
Proceedings of the 23rd Annual Network and Distributed System Security Symposium, 2016
WHOIS Lost in Translation: (Mis)Understanding Domain Name Expiration and Re-Registration.
Proceedings of the 2016 ACM on Internet Measurement Conference, 2016
CuriousDroid: Automated User Interface Interaction for Android Application Analysis Sandboxes.
Proceedings of the Financial Cryptography and Data Security, 2016
Overhaul: Input-Driven Access Control for Better Privacy on Traditional Operating Systems.
Proceedings of the 46th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, 2016
EmailProfiler: Spearphishing Filtering with Header and Stylometric Features of Emails.
Proceedings of the 40th IEEE Annual Computer Software and Applications Conference, 2016
2015
ZigZag: Automatically Hardening Web Applications Against Client-side Validation Vulnerabilities.
Proceedings of the 24th USENIX Security Symposium, 2015
Proceedings of the Financial Cryptography and Data Security, 2015
Proceedings of the Detection of Intrusions and Malware, and Vulnerability Assessment, 2015
On the Security and Engineering Implications of Finer-Grained Access Controls for Android Developers and Users.
Proceedings of the Detection of Intrusions and Malware, and Vulnerability Assessment, 2015
2014
ACM Trans. Inf. Syst. Secur., 2014
Proceedings of the 23rd USENIX Security Symposium, San Diego, CA, USA, August 20-22, 2014., 2014
Hidden GEMs: Automated Discovery of Access Control Vulnerabilities in Graphical User Interfaces.
Proceedings of the 2014 IEEE Symposium on Security and Privacy, 2014
Proceedings of the 44th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, 2014
Proceedings of the 9th ACM Symposium on Information, Computer and Communications Security, 2014
Proceedings of the 30th Annual Computer Security Applications Conference, 2014
2013
ERCIM News, 2013
Proceedings of the 2013 IEEE Symposium on Security and Privacy, 2013
Holiday Pictures or Blockbuster Movies? Insights into Copyright Infringement in User Uploads to One-Click File Hosters.
Proceedings of the Research in Attacks, Intrusions, and Defenses, 2013
Proceedings of the 20th Annual Network and Distributed System Security Symposium, 2013
Proceedings of the 20th Annual Network and Distributed System Security Symposium, 2013
Proceedings of the Detection of Intrusions and Malware, and Vulnerability Assessment, 2013
Beehive: large-scale log analysis for detecting suspicious activity in enterprise networks.
Proceedings of the Annual Computer Security Applications Conference, 2013
Proceedings of the Annual Computer Security Applications Conference, 2013
2012
ACM Comput. Surv., 2012
Have things changed now? An empirical study on input validation vulnerabilities in web applications.
Comput. Secur., 2012
Comput. Commun. Rev., 2012
Proceedings of the 21th USENIX Security Symposium, Bellevue, WA, USA, August 8-10, 2012, 2012
An empirical analysis of input validation mechanisms in web applications and languages.
Proceedings of the ACM Symposium on Applied Computing, 2012
Proceedings of the ACM Symposium on Applied Computing, 2012
Proceedings of the Research in Attacks, Intrusions, and Defenses, 2012
Proceedings of the 19th Annual Network and Distributed System Security Symposium, 2012
Proceedings of the International Symposium on Software Testing and Analysis, 2012
Proceedings of the IEEE/IFIP International Conference on Dependable Systems and Networks Workshops, 2012
Preventing Input Validation Vulnerabilities in Web Applications through Automated Type Analysis.
Proceedings of the 36th Annual IEEE Computer Software and Applications Conference, 2012
Disclosure: detecting botnet command and control servers through large-scale NetFlow analysis.
Proceedings of the 28th Annual Computer Security Applications Conference, 2012
2011
Proceedings of the Encyclopedia of Cryptography and Security, 2nd Ed., 2011
Proceedings of the Encyclopedia of Cryptography and Security, 2nd Ed., 2011
Proceedings of the Network and Distributed System Security Symposium, 2011
Proceedings of the Network and Distributed System Security Symposium, 2011
Proceedings of the Network and Distributed System Security Symposium, 2011
Efficient and Stealthy Instruction Tracing and Its Applications in Automated Malware Analysis: Open Problems and Challenges.
Proceedings of the Open Problems in Network Security - IFIP WG 11.4 International Workshop, 2011
BTLab: A System-Centric, Data-Driven Analysis and Measurement Platform for BitTorrent Clients.
Proceedings of 20th International Conference on Computer Communications and Networks, 2011
Quo Vadis? A Study of the Evolution of Input Validation Vulnerabilities in Web Applications.
Proceedings of the Financial Cryptography and Data Security, 2011
Proceedings of the Detection of Intrusions and Malware, and Vulnerability Assessment, 2011
The power of procrastination: detection and mitigation of execution-stalling malicious code.
Proceedings of the 18th ACM Conference on Computer and Communications Security, 2011
2010
Proceedings of the Cyber Situational Awareness - Issues and Research, 2010
J. Comput. Secur., 2010
Proceedings of the 9th Annual Workshop on the Economics of Information Security, 2010
Proceedings of the 31st IEEE Symposium on Security and Privacy, 2010
Proceedings of the 31st IEEE Symposium on Security and Privacy, 2010
Proceedings of the 31st IEEE Symposium on Security and Privacy, 2010
Proceedings of the 2010 ACM Symposium on Applied Computing (SAC), 2010
Proceedings of the 2010 ACM Symposium on Applied Computing (SAC), 2010
Proceedings of the Recent Advances in Intrusion Detection, 13th International Symposium, 2010
Proceedings of the Network and Distributed System Security Symposium, 2010
Proceedings of the 3rd USENIX Workshop on Large-Scale Exploits and Emergent Threats, 2010
Exploiting diverse observation perspectives to get insights on the malware landscape.
Proceedings of the 2010 IEEE/IFIP International Conference on Dependable Systems and Networks, 2010
Proceedings of the 17th ACM Conference on Computer and Communications Security, 2010
Proceedings of the 5th ACM Symposium on Information, 2010
Proceedings of the Twenty-Sixth Annual Computer Security Applications Conference, 2010
2009
Reducing errors in the anomaly-based detection of web-based attacks through the combined analysis of web requests and SQL queries.
J. Comput. Secur., 2009
IEEE Secur. Priv., 2009
All your contacts are belong to us: automated identity theft attacks on social networks.
Proceedings of the 18th International Conference on World Wide Web, 2009
Proceedings of the 18th USENIX Security Symposium, 2009
Proceedings of the 30th IEEE Symposium on Security and Privacy (SP 2009), 2009
Proceedings of the Network and Distributed System Security Symposium, 2009
Proceedings of the 2nd USENIX Workshop on Large-Scale Exploits and Emergent Threats, 2009
Proceedings of the Information Security, 12th International Conference, 2009
Proceedings of the iNetSec 2009 - Open Research Problems in Network Security, 2009
Proceedings of the ICSE Workshop on Software Engineering for Secure Systems, 2009
Proceedings of the Computer Security, 2009
Achieving Life-Cycle Compliance of Service-Oriented Architectures: Open Issues and Challenges.
Proceedings of the Data Privacy Management and Autonomous Spontaneous Security, 2009
Defending Browsers against Drive-by Downloads: Mitigating Heap-Spraying Code Injection Attacks.
Proceedings of the Detection of Intrusions and Malware, 2009
Proceedings of the Twenty-Fifth Annual Computer Security Applications Conference, 2009
2008
Saner: Composing Static and Dynamic Analysis to Validate Sanitization in Web Applications.
Proceedings of the 2008 IEEE Symposium on Security and Privacy (SP 2008), 2008
Proceedings of the 4th International ICST Conference on Security and Privacy in Communication Networks, 2008
Proceedings of the 4th International ICST Conference on Security and Privacy in Communication Networks, 2008
Proceedings of the Recent Advances in Intrusion Detection, 11th International Symposium, 2008
Proceedings of the Network and Distributed System Security Symposium, 2008
Proceedings of the Perspectives Workshop: Network Attack Detection and Defense, 2.3., 2008
Proceedings of the Perspectives Workshop: Network Attack Detection and Defense, 2.3., 2008
2007
Proceedings of the First USENIX Workshop on Offensive Technologies, 2007
Proceedings of the 2007 USENIX Annual Technical Conference, 2007
Proceedings of the 2007 IEEE Symposium on Security and Privacy (S&P 2007), 2007
Proceedings of the Third International Conference on Security and Privacy in Communication Networks and the Workshops, 2007
Proceedings of the Network and Distributed System Security Symposium, 2007
Proceedings of the Information Security, 10th International Conference, 2007
Proceedings of the Third International Workshop on Software Engineering for Secure Systems, 2007
Proceedings of the Detection of Intrusions and Malware, 2007
Proceedings of the 2007 ACM Conference on Computer and Communications Security, 2007
Proceedings of the 23rd Annual Computer Security Applications Conference (ACSAC 2007), 2007
Proceedings of the 23rd Annual Computer Security Applications Conference (ACSAC 2007), 2007
2006
Proceedings of the 15th international conference on World Wide Web, 2006
Proceedings of the 15th USENIX Security Symposium, Vancouver, BC, Canada, July 31, 2006
Pixy: A Static Analysis Tool for Detecting Web Application Vulnerabilities (Short Paper).
Proceedings of the 2006 IEEE Symposium on Security and Privacy (S&P 2006), 2006
Proceedings of the Second International Conference on Security and Privacy in Communication Networks and the Workshops, 2006
Proceedings of the 2006 ACM Symposium on Applied Computing (SAC), 2006
Proceedings of the 2006 ACM Symposium on Applied Computing (SAC), 2006
Proceedings of the 2006 Workshop on Programming Languages and Analysis for Security, 2006
Proceedings of the Detection of Intrusions and Malware & Vulnerability Assessment, 2006
2005
ShareMe: Running a Distributed Systems Lab for 600 Students With Three Faculty Members.
IEEE Trans. Educ., 2005
Proceedings of the 14th USENIX Security Symposium, Baltimore, MD, USA, July 31, 2005
Proceedings of the Recent Advances in Intrusion Detection, 8th International Symposium, 2005
Proceedings of the 29th Annual International Computer Software and Applications Conference, 2005
2004
Proceedings of the Web Engineering - 4th International Conference, 2004
Proceedings of the Ubiquitous Mobile Information and Collaboration Systems, 2004
2003
Supporting Collaboration in the Development of Tools and Dies in Manufacturing Networks.
Proceedings of the 12th IEEE International Workshops on Enabling Technologies (WETICE 2003), 2003
Integrating Publish/Subscribe into a Mobile Teamwork Support Platform.
Proceedings of the Fifteenth International Conference on Software Engineering & Knowledge Engineering (SEKE'2003), 2003
Proceedings of the 29th EUROMICRO Conference 2003, 2003
Proceedings of the 15th Conference on Advanced Information Systems Engineering (CAiSE '03), 2003
2002
Proceedings of the 11th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE 2002), 2002
Proceedings of the 11th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE 2002), 2002
Proceedings of the 14th international conference on Software engineering and knowledge engineering, 2002
Proceedings of the 2002 ACM Symposium on Applied Computing (SAC), 2002
Proceedings of the 2nd International Conference on Peer-to-Peer Computing (P2P 2002), 2002
Proceedings of the Web Engineering and Peer-to-Peer Computing, 2002
Proceedings of the 22nd International Conference on Distributed Computing Systems, 2002
Proceedings of the 26th International Computer Software and Applications Conference (COMPSAC 2002), 2002
2001
Proceedings of the 3rd International Workshop on Web Site Evolution (WSE 2001), 2001
Proceedings of the 10th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE 2001), 2001
Proceedings of the 10th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE 2001), 2001
Proceedings of the Web Engineering, Software Engineering and Web Application Development, 2001
Proceedings of the 8th European Software Engineering Conference held jointly with 9th ACM SIGSOFT International Symposium on Foundations of Software Engineering 2001, 2001
Proceedings of the Advances in Network and Distributed Systems Security, 2001
Proceedings of the 23rd International Conference on Software Engineering, 2001
Proceedings of the 25th International Computer Software and Applications Conference (COMPSAC 2001), 2001
2000
MyXML: An XML based template engine for the generation of flexible web content.
Proceedings of WebNet 2000 - World Conference on the WWW and Internet, San Antonio, Texas, USA, October 30, 2000