Fabian Monrose

Orcid: 0000-0002-9805-2217

Affiliations:
  • Georgia Institute of Technology, USA
  • University of North Carolina at Chapel Hill, USA (former)


According to our database1, Fabian Monrose authored at least 114 papers between 1997 and 2024.

Collaborative distances:

Timeline

Legend:

Book 
In proceedings 
Article 
PhD thesis 
Dataset
Other 

Links

Online presence:

On csauthors.net:

Bibliography

2024
SoK: An Essential Guide For Using Malware Sandboxes In Security Applications: Challenges, Pitfalls, and Lessons Learned.
CoRR, 2024

Towards Practical Fabrication Stage Attacks Using Interrupt-Resilient Hardware Trojans.
CoRR, 2024

Comparing Malware Evasion Theory with Practice: Results from Interviews with Expert Analysts.
Proceedings of the Twentieth Symposium on Usable Privacy and Security, 2024

Understanding LLMs Ability to Aid Malware Analysts in Bypassing Evasion Techniques.
Proceedings of the Companion Proceedings of the 26th International Conference on Multimodal Interaction, 2024

Towards Practical Fabrication Stage Attacks Using Interrupt-Resilient Hardware Trojans.
Proceedings of the IEEE International Symposium on Hardware Oriented Security and Trust, 2024

CrashTalk: Automated Generation of Precise, Human Readable, Descriptions of Software Security Bugs.
Proceedings of the Fourteenth ACM Conference on Data and Application Security and Privacy, 2024

2023
Beyond The Gates: An Empirical Analysis of HTTP-Managed Password Stealers and Operators.
Proceedings of the 32nd USENIX Security Symposium, 2023

Securely Autograding Cybersecurity Exercises Using Web Accessible Jupyter Notebooks.
Proceedings of the 54th ACM Technical Symposium on Computer Science Education, Volume 1, 2023

Virtual Career Advisor System.
Proceedings of the Mobile Web and Intelligent Information Systems, 2023

More Carrot or Less Stick: Organically Improving Student Time Management With Practice Tasks and Gamified Assignments.
Proceedings of the 2023 Conference on Innovation and Technology in Computer Science Education V. 1, 2023

Stale TLS Certificates: Investigating Precarious Third-Party Access to Valid TLS Keys.
Proceedings of the 2023 ACM on Internet Measurement Conference, 2023

Improving Security Tasks Using Compiler Provenance Information Recovered At the Binary-Level.
Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security, 2023

2022
Leveraging Disentangled Representations to Improve Vision-Based Keystroke Inference Attacks Under Low Data.
CoRR, 2022

Automatic Recovery of Fine-grained Compiler Artifacts at the Binary Level.
Proceedings of the 2022 USENIX Annual Technical Conference, 2022

Separating the Wheat from the Chaff: Using Indexing and Sub-Sequence Mining Techniques to Identify Related Crashes During Bug Triage.
Proceedings of the 22nd IEEE International Conference on Software Quality, 2022

Leveraging Disentangled Representations to Improve Vision-Based Keystroke Inference Attacks Under Low Data Constraints.
Proceedings of the CODASPY '22: Twelveth ACM Conference on Data and Application Security and Privacy, Baltimore, MD, USA, April 24, 2022

View from Above: Exploring the Malware Ecosystem from the Upper DNS Hierarchy.
Proceedings of the Annual Computer Security Applications Conference, 2022

2021
The Circle Of Life: A Large-Scale Study of The IoT Malware Lifecycle.
Proceedings of the 30th USENIX Security Symposium, 2021

DynPTA: Combining Static and Dynamic Analysis for Practical Selective Data Protection.
Proceedings of the 42nd IEEE Symposium on Security and Privacy, 2021

An Online Gamified Learning Platform for Teaching Cybersecurity and More.
Proceedings of the SIGITE '21: The 22nd Annual Conference on Information Technology Education, SnowBird, UT, USA, October 6, 2021

To Gamify or Not?: On Leaderboard Effects, Student Engagement and Learning Outcomes in a Cybersecurity Intervention.
Proceedings of the SIGCSE '21: The 52nd ACM Technical Symposium on Computer Science Education, 2021

Applicable Micropatches and Where to Find Them: Finding and Applying New Security Hot Fixes to Old Software.
Proceedings of the 14th IEEE Conference on Software Testing, Verification and Validation, 2021

2020
Mitigating Data-only Attacks by Protecting Memory-resident Sensitive Data.
DTRAP, 2020

Revisiting the Threat Space for Vision-Based Keystroke Inference Attacks.
Proceedings of the Computer Vision - ECCV 2020 Workshops, 2020

Methodologies for Quantifying (Re-)randomization Security and Timing under JIT-ROP.
Proceedings of the CCS '20: 2020 ACM SIGSAC Conference on Computer and Communications Security, 2020

A Flexible Framework for Expediting Bug Finding by Leveraging Past (Mis-)Behavior to Discover New Bugs.
Proceedings of the ACSAC '20: Annual Computer Security Applications Conference, 2020

2019
Measuring Attack Surface Reduction in the Presence of Code (Re-)Randomization.
CoRR, 2019

SoK: The Challenges, Pitfalls, and Perils of Using Hardware Performance Counters for Security.
Proceedings of the 2019 IEEE Symposium on Security and Privacy, 2019

SoK: Security Evaluation of Home-Based IoT Deployments.
Proceedings of the 2019 IEEE Symposium on Security and Privacy, 2019

The SEVerESt Of Them All: Inference Attacks Against Secure Virtual Enclaves.
Proceedings of the 2019 ACM Asia Conference on Computer and Communications Security, 2019

Mitigating data leakage by protecting memory-resident sensitive data.
Proceedings of the 35th Annual Computer Security Applications Conference, 2019

2018
Tutorial: Parry and RIPOSTE: Honing Cybersecurity Skills with Challenge-Based Exercises.
Proceedings of the 2018 IEEE Cybersecurity Development, SecDev 2018, Cambridge, MA, USA, 2018

Security Risks in Asynchronous Web Servers: When Performance Optimizations Amplify the Impact of Data-Oriented Attacks.
Proceedings of the 2018 IEEE European Symposium on Security and Privacy, 2018

2017
Revisiting Browser Security in the Modern Era: New Data-Only Attacks and Defenses.
Proceedings of the 2017 IEEE European Symposium on Security and Privacy, 2017

Defeating Zombie Gadgets by Re-randomizing Code upon Disclosure.
Proceedings of the Engineering Secure Software and Systems - 9th International Symposium, 2017

Caught Red-Handed: Toward Practical Video-Based Subsequences Matching in the Presence of Real-World Transformations.
Proceedings of the 2017 IEEE Conference on Computer Vision and Pattern Recognition Workshops, 2017

Practical Attacks Against Graph-based Clustering.
Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, 2017

2016
Virtual U: Defeating Face Liveness Detection by Building Virtual Models from Your Public Photos.
Proceedings of the 25th USENIX Security Symposium, 2016

Return to the Zombie Gadgets: Undermining Destructive Code Reads via Code Inference Attacks.
Proceedings of the IEEE Symposium on Security and Privacy, 2016

Cache, Trigger, Impersonate: Enabling Context-Sensitive Honeyclient Analysis On-the-Wire.
Proceedings of the 23rd Annual Network and Distributed System Security Symposium, 2016

Detecting Malicious Exploit Kits using Tree-based Similarity Searches.
Proceedings of the Sixth ACM on Conference on Data and Application Security and Privacy, 2016

No-Execute-After-Read: Preventing Code Disclosure in Commodity Software.
Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security, 2016

2015
Isomeron: Code Randomization Resilient to (Just-In-Time) Return-Oriented Programming.
Proceedings of the 22nd Annual Network and Distributed System Security Symposium, 2015

2014
Security Analysis and Related Usability of Motion-Based CAPTCHAs: Decoding Codewords in Motion.
IEEE Trans. Dependable Secur. Comput., 2014

Stitching the Gadgets: On the Ineffectiveness of Coarse-Grained Control-Flow Integrity Protection.
Proceedings of the 23rd USENIX Security Symposium, San Diego, CA, USA, August 20-22, 2014., 2014

Isn't that Fantabulous: Security, Linguistic and Usability Challenges of Pronounceable Tokens.
Proceedings of the 2014 workshop on New Security Paradigms Workshop, 2014

Watching the Watchers: Automatically Inferring TV Content From Outdoor Light Effusions.
Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, 2014

2013
On the Privacy Risks of Virtual Keyboards: Automatic Reconstruction of Typed Input from Compromising Reflections.
IEEE Trans. Dependable Secur. Comput., 2013

Just-In-Time Code Reuse: On the Effectiveness of Fine-Grained Address Space Layout Randomization.
Proceedings of the 2013 IEEE Symposium on Security and Privacy, 2013

Check My Profile: Leveraging Static Analysis for Fast and Accurate Detection of ROP Gadgets.
Proceedings of the Research in Attacks, Intrusions, and Defenses, 2013

Clear and Present Data: Opaque Traffic and its Security Implications for the Future.
Proceedings of the 20th Annual Network and Distributed System Security Symposium, 2013

Crossing the threshold: Detecting network malfeasance via sequential hypothesis testing.
Proceedings of the 2013 43rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), 2013

Seeing double: reconstructing obscured typed input from repeated compromising reflections.
Proceedings of the 2013 ACM SIGSAC Conference on Computer and Communications Security, 2013

2012
Trail of Bytes: New Techniques for Supporting Data Provenance and Limiting Privacy Breaches.
IEEE Trans. Inf. Forensics Secur., 2012

Understanding domain registration abuses.
Comput. Secur., 2012

Security and Usability Challenges of Moving-Object CAPTCHAs: Decoding Codewords in Motion.
Proceedings of the 21th USENIX Security Symposium, Bellevue, WA, USA, August 8-10, 2012, 2012

Toward Efficient Querying of Compressed Network Payloads.
Proceedings of the 2012 USENIX Annual Technical Conference, 2012

2011
SHELLOS: Enabling Fast Detection and Forensic Analysis of Code Injection Attacks.
Proceedings of the 20th USENIX Security Symposium, 2011

Phonotactic Reconstruction of Encrypted VoIP Conversations: Hookt on Fon-iks.
Proceedings of the 32nd IEEE Symposium on Security and Privacy, 2011

On Measuring the Similarity of Network Hosts: Pitfalls, New Metrics, and Empirical Analyses.
Proceedings of the Network and Distributed System Security Symposium, 2011

An empirical study of the performance, security and privacy implications of domain name prefetching.
Proceedings of the 2011 IEEE/IFIP International Conference on Dependable Systems and Networks, 2011

Amplifying limited expert input to sanitize large network traces.
Proceedings of the 2011 IEEE/IFIP International Conference on Dependable Systems and Networks, 2011

iSpy: automatic reconstruction of typed input from compromising reflections.
Proceedings of the 18th ACM Conference on Computer and Communications Security, 2011

2010
Peeking Through the Cloud: Client Density Estimation via DNS Cache Probing.
ACM Trans. Internet Techn., 2010

Uncovering Spoken Phrases in Encrypted Voice over IP Conversations.
ACM Trans. Inf. Syst. Secur., 2010

Traffic classification using visual motifs: an empirical evaluation.
Proceedings of the 7th International Symposium on Visualization for Cyber Security, 2010

DNS Prefetching and Its Privacy Implications: When Good Things Go Bad.
Proceedings of the 3rd USENIX Workshop on Large-Scale Exploits and Emergent Threats, 2010

The security of modern password expiration: an algorithmic framework and empirical analysis.
Proceedings of the 17th ACM Conference on Computer and Communications Security, 2010

Trail of bytes: efficient support for forensic analysis.
Proceedings of the 17th ACM Conference on Computer and Communications Security, 2010

2009
Traffic Morphing: An Efficient Defense Against Statistical Traffic Analysis.
Proceedings of the Network and Distributed System Security Symposium, 2009

Toward Resisting Forgery Attacks via Pseudo-Signatures.
Proceedings of the 10th International Conference on Document Analysis and Recognition, 2009

Browser Fingerprinting from Coarse Traffic Summaries: Techniques and Implications.
Proceedings of the Detection of Intrusions and Malware, 2009

English shellcode.
Proceedings of the 2009 ACM Conference on Computer and Communications Security, 2009

TimeCapsule: secure recording of accesses to a protected datastore.
Proceedings of the 1st ACM Workshop on Virtual Machine Security, 2009

2008
Masquerade: Simulating a Thousand Victims.
login Usenix Mag., 2008

To Catch a Predator: A Natural Language Approach for Eliciting Malicious Payloads.
Proceedings of the 17th USENIX Security Symposium, 2008

All Your iFRAMEs Point to Us.
Proceedings of the 17th USENIX Security Symposium, 2008

Spot Me if You Can: Uncovering Spoken Phrases in Encrypted VoIP Conversations.
Proceedings of the 2008 IEEE Symposium on Security and Privacy (SP 2008), 2008

Taming the Devil: Techniques for Evaluating Anonymized Network Data.
Proceedings of the Network and Distributed System Security Symposium, 2008

Towards practical biometric key generation with randomized biometric templates.
Proceedings of the 2008 ACM Conference on Computer and Communications Security, 2008

Peeking Through the Cloud: DNS-Based Estimation and Its Applications.
Proceedings of the Applied Cryptography and Network Security, 6th International Conference, 2008

2007
Forgery Quality and Its Implications for Behavioral Biometric Security.
IEEE Trans. Syst. Man Cybern. Part B, 2007

Language Identification of Encrypted VoIP Traffic: Alejandra y Roberto or Alice and Bob?
Proceedings of the 16th USENIX Security Symposium, Boston, MA, USA, August 6-10, 2007, 2007

On Web Browsing Privacy in Anonymized NetFlows.
Proceedings of the 16th USENIX Security Symposium, Boston, MA, USA, August 6-10, 2007, 2007

My Botnet Is Bigger Than Yours (Maybe, Better Than Yours): Why Size Estimates Remain Challenging.
Proceedings of the First Workshop on Hot Topics in Understanding Botnets, 2007

Playing Devil's Advocate: Inferring Sensitive Information from Anonymized Network Traces.
Proceedings of the Network and Distributed System Security Symposium, 2007

Toward Valley-Free Inter-domain Routing.
Proceedings of IEEE International Conference on Communications, 2007

2006
On Inferring Application Protocol Behaviors in Encrypted Network Traffic.
J. Mach. Learn. Res., 2006

On the impact of dynamic addressing on malware propagation.
Proceedings of the 2006 ACM Workshop on Rapid Malcode, 2006

Using visual motifs to classify encrypted traffic.
Proceedings of the 3rd International Workshop on Visualization for Computer Security, 2006

Biometric Authentication Revisited: Understanding the Impact of Wolves in Sheep's Clothing.
Proceedings of the 15th USENIX Security Symposium, Vancouver, BC, Canada, July 31, 2006

Fast and Evasive Attacks: Highlighting the Challenges Ahead.
Proceedings of the Recent Advances in Intrusion Detection, 9th International Symposium, 2006

Characterizing Address Use Structure and Stability of Origin Advertisement in Inter-domain Routing.
Proceedings of the 11th IEEE Symposium on Computers and Communications (ISCC 2006), 2006

A multifaceted approach to understanding the botnet phenomenon.
Proceedings of the 6th ACM SIGCOMM Internet Measurement Conference, 2006

Efficient Memory Bound Puzzles Using Pattern Databases.
Proceedings of the Applied Cryptography and Network Security, 4th International Conference, 2006

2005
Correlation-Resistant Storage via Keyword-Searchable Encryption.
IACR Cryptol. ePrint Arch., 2005

Worm evolution tracking via timing analysis.
Proceedings of the 2005 ACM Workshop on Rapid Malcode, 2005

On the Effectiveness of Distributed Worm Monitoring.
Proceedings of the 14th USENIX Security Symposium, Baltimore, MD, USA, July 31, 2005

Achieving Efficient Conjunctive Keyword Searches over Encrypted Data.
Proceedings of the Information and Communications Security, 7th International Conference, 2005

An Extensible Platform for Evaluating Security Protocols.
Proceedings of the Proceedings 38th Annual Simulation Symposium (ANSS-38 2005), 2005

2004
HMM profiles for network traffic classification.
Proceedings of the 1st ACM Workshop on Visualization and Data Mining for Computer Security, 2004

On User Choice in Graphical Password Schemes.
Proceedings of the 13th USENIX Security Symposium, August 9-13, 2004, San Diego, CA, USA, 2004

Time-Scoped Searching of Encrypted Audit Logs.
Proceedings of the Information and Communications Security, 6th International Conference, 2004

2002
Password hardening based on keystroke dynamics.
Int. J. Inf. Sec., 2002

Toward Speech-Generated Cryptographic Keys on Resource-Constrained Devices.
Proceedings of the 11th USENIX Security Symposium, 2002

2001
Cryptographic Key Generation from Voice.
Proceedings of the 2001 IEEE Symposium on Security and Privacy, 2001

Using voice to generate cryptographic keys.
Proceedings of the 2001: A Speaker Odyssey, 2001

2000
Keystroke dynamics as a biometric for authentication.
Future Gener. Comput. Syst., 2000

Privacy-preserving global customization.
Proceedings of the 2nd ACM Conference on Electronic Commerce (EC-00), 2000

1999
Toward Stronger User Authentication.
PhD thesis, 1999

The Design and Analysis of Graphical Passwords.
Proceedings of the 8th USENIX Security Symposium, Washington, DC, USA, August 23-26, 1999, 1999

Distributed Execution with Remote Audit.
Proceedings of the Network and Distributed System Security Symposium, 1999

1998
Leaving the sandbox: Third party validation for Java applications.
Proceedings of the Computers and Their Applications (CATA-98), 1998

1997
Authentication via Keystroke Dynamics.
Proceedings of the CCS '97, 1997


  Loading...