Vern Paxson

Proceedings of the ACM SIGCOMM 2023 Conference, 2023

2021

Hopper: Modeling and Detecting Lateral Movement (Extended Report).

[BibT_eX]

[DOI]

CoRR, 2021

Hopper: Modeling and Detecting Lateral Movement.

[BibT_eX]

[DOI]

Proceedings of the 30th USENIX Security Symposium, 2021

2020

Composition Kills: A Case Study of Email Sender Authentication.

[BibT_eX]

[DOI]

Jianjun Chen

Jian Jiang

Proceedings of the 29th USENIX Security Symposium, 2020

2019

Detecting and Characterizing Lateral Phishing at Scale.

[BibT_eX]

[DOI]

Proceedings of the 28th USENIX Security Symposium, 2019

2018

A Large-Scale Empirical Study of Security Patches.

[BibT_eX]

[DOI]

Frank Li

Toward Continual Measurement of Global Network-Level Censorship.

[BibT_eX]

[DOI]

IEEE Secur. Priv., 2018

Exploring Server-side Blocking of Regions.

[BibT_eX]

[DOI]

CoRR, 2018

Scanning the Internet for Liveness.

[BibT_eX]

[DOI]

Comput. Commun. Rev., 2018

A Bestiary of Blocking: The Motivations and Modes behind Website Unavailability.

[BibT_eX]

[DOI]

Proceedings of the 8th USENIX Workshop on Free and Open Communications on the Internet, 2018

We Still Don't Have Secure Cross-Domain Requests: an Empirical Study of CORS.

[BibT_eX]

[DOI]

Proceedings of the 27th USENIX Security Symposium, 2018

2017

Global-Scale Measurement of DNS Manipulation.

[BibT_eX]

[DOI]

Social Engineering Attacks on Government Opponents: Target Perspectives.

[BibT_eX]

[DOI]

William R. Marczak

Proc. Priv. Enhancing Technol., 2017

On the Potential Abuse of IGMP.

[BibT_eX]

[DOI]

Comput. Commun. Rev., 2017

Tools for Automated Analysis of Cybercriminal Markets.

[BibT_eX]

[DOI]

Rebecca S. Portnoff

Greg Durrett

Jonathan K. Kummerfeld

Taylor Berg-Kirkpatrick

Damon McCoy

Kirill Levchenko

Proceedings of the 26th International Conference on World Wide Web, 2017

Characterizing the Nature and Dynamics of Tor Exit Blocking.

[BibT_eX]

[DOI]

Phillipa Gill

Proceedings of the 26th USENIX Security Symposium, 2017

Global Measurement of DNS Manipulation.

[BibT_eX]

[DOI]

Proceedings of the 26th USENIX Security Symposium, 2017

Detecting Credential Spearphishing in Enterprise Settings.

[BibT_eX]

[DOI]

Proceedings of the 26th USENIX Security Symposium, 2017

Augur: Internet-Wide Detection of Connectivity Disruptions.

[BibT_eX]

[DOI]

Proceedings of the 2017 IEEE Symposium on Security and Privacy, 2017

The Security Impact of HTTPS Interception.

[BibT_eX]

[DOI]

Proceedings of the 24th Annual Network and Distributed System Security Symposium, 2017

Target generation for internet-wide IPv6 scanning.

[BibT_eX]

[DOI]

Proceedings of the 2017 Internet Measurement Conference, 2017

Packetlab: a universal measurement endpoint interface.

[BibT_eX]

[DOI]

Proceedings of the 2017 Internet Measurement Conference, 2017

Identifying Products in Online Cybercrime Marketplaces: A Dataset for Fine-grained Domain Adaptation.

[BibT_eX]

[DOI]

Greg Durrett

Jonathan K. Kummerfeld

Taylor Berg-Kirkpatrick

Proceedings of the 2017 Conference on Empirical Methods in Natural Language Processing, 2017

Data Breaches, Phishing, or Malware?: Understanding the Risks of Stolen Credentials.

[BibT_eX]

[DOI]

Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, 2017

2016

Towards Mining Latent Client Identifiers from Network Traffic.

[BibT_eX]

[DOI]

Sakshi Jain

Mobin Javed

Proc. Priv. Enhancing Technol., 2016

Remedying Web Hijacking: Notification Effectiveness and Webmaster Comprehension.

[BibT_eX]

[DOI]

Proceedings of the 25th International Conference on World Wide Web, 2016

You've Got Vulnerability: Exploring Effective Vulnerability Notifications.

[BibT_eX]

[DOI]

Proceedings of the 25th USENIX Security Symposium, 2016

SoK: Towards Grounding Censorship Circumvention in Empiricism.

[BibT_eX]

[DOI]

anonymous

Proceedings of the IEEE Symposium on Security and Privacy, 2016

Detecting DNS Root Manipulation.

[BibT_eX]

[DOI]

Proceedings of the Passive and Active Measurement - 17th International Conference, 2016

VAST: A Unified Platform for Interactive Network Forensics.

[BibT_eX]

[DOI]

Matthias Vallentin

Proceedings of the 13th USENIX Symposium on Networked Systems Design and Implementation, 2016

Do You See What I See? Differential Treatment of Anonymous Users.

[BibT_eX]

[DOI]

Proceedings of the 23rd Annual Network and Distributed System Security Symposium, 2016

Forwarding-Loop Attacks in Content Delivery Networks.

[BibT_eX]

[DOI]

Proceedings of the 23rd Annual Network and Distributed System Security Symposium, 2016

A Multi-perspective Analysis of Carrier-Grade NAT Deployment.

[BibT_eX]

[DOI]

Philipp Richter

Florian Wohlfart

Proceedings of the 2016 ACM on Internet Measurement Conference, 2016

An Analysis of the Privacy and Security Risks of Android VPN Permission-enabled Apps.

[BibT_eX]

[DOI]

Muhammad Ikram

Suranga Seneviratne

Mohamed Ali Kâafar

Proceedings of the 2016 ACM on Internet Measurement Conference, 2016

Profiling underground merchants based on network behavior.

[BibT_eX]

[DOI]

Proceedings of the 2016 APWG Symposium on Electronic Crime Research, 2016

PREDATOR: Proactive Recognition and Elimination of Domain Abuse at Time-Of-Registration.

[BibT_eX]

[DOI]

Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, 2016

Host of Troubles: Multiple Host Ambiguities in HTTP Implementations.

[BibT_eX]

[DOI]

Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, 2016

2015

Blocking-resistant communication through domain fronting.

[BibT_eX]

[DOI]

Proc. Priv. Enhancing Technol., 2015

Haystack: In Situ Mobile Traffic Analysis in User Space.

[BibT_eX]

[DOI]

Abbas Razaghpanah

CoRR, 2015

A Primer on IPv4 Scarcity.

[BibT_eX]

[DOI]

Comput. Commun. Rev., 2015

Ad Injection at Scale: Assessing Deceptive Advertisement Modifications.

[BibT_eX]

[DOI]

Alexandros Kapravelos

Proceedings of the 2015 IEEE Symposium on Security and Privacy, 2015

Temporal Lensing and Its Application in Pulsing Denial-of-Service Attacks.

[BibT_eX]

[DOI]

Proceedings of the 2015 IEEE Symposium on Security and Privacy, 2015

Header Enrichment or ISP Enrichment?: Emerging Privacy Threats in Mobile Networks.

[BibT_eX]

[DOI]

Srikanth Sundaresan

Proceedings of the 2015 ACM SIGCOMM Workshop on Hot Topics in Middleboxes and Network Function Virtualization, 2015

Ethical Concerns for Censorship Measurement.

[BibT_eX]

[DOI]

Proceedings of the 2015 ACM SIGCOMM Workshop on Ethics in Networked Systems Research, 2015

Beyond the Radio: Illuminating the Higher Layers of Mobile Networks.

[BibT_eX]

[DOI]

Proceedings of the 13th Annual International Conference on Mobile Systems, 2015

Keynote Speaker.

[BibT_eX]

[DOI]

Proceedings of the 10th International Conference on Malicious and Unwanted Software, 2015

Measurement and Analysis of Traffic Exchange Services.

[BibT_eX]

[DOI]

Proceedings of the 2015 ACM Internet Measurement Conference, 2015

Examining How the Great Firewall Discovers Hidden Circumvention Servers.

[BibT_eX]

[DOI]

Proceedings of the 2015 ACM Internet Measurement Conference, 2015

GFlux: A google-based system for Fast Flux detection.

[BibT_eX]

[DOI]

Proceedings of the 2015 IEEE Conference on Communications and Network Security, 2015

Exploring Privacy Preservation in Outsourced K-Nearest Neighbors with Multiple Data Owners.

[BibT_eX]

[DOI]

Frank Li

Richard Shin

Proceedings of the 2015 ACM Workshop on Cloud Computing Security Workshop, 2015

2014

On Modeling the Costs of Censorship.

[BibT_eX]

[DOI]

J. Doug Tygar

CoRR, 2014

When Governments Hack Opponents: A Look at Actors and Technology.

[BibT_eX]

[DOI]

Proceedings of the 23rd USENIX Security Symposium, San Diego, CA, USA, August 20-22, 2014., 2014

Hulk: Eliciting Malicious Behavior in Browser Extensions.

[BibT_eX]

[DOI]

Alexandros Kapravelos

Proceedings of the 23rd USENIX Security Symposium, San Diego, CA, USA, August 20-22, 2014., 2014

Native actors: how to scale network forensics.

[BibT_eX]

[DOI]

Proceedings of the ACM SIGCOMM 2014 Conference, 2014

Here Be Web Proxies.

[BibT_eX]

[DOI]

Proceedings of the Passive and Active Measurement - 15th International Conference, 2014

HILTI: an Abstract Execution Environment for Deep, Stateful Network Traffic Analysis.

[BibT_eX]

[DOI]

Proceedings of the 2014 Internet Measurement Conference, 2014

A Look at the Consequences of Internet Censorship Through an ISP Lens.

[BibT_eX]

[DOI]

Proceedings of the 2014 Internet Measurement Conference, 2014

The Matter of Heartbleed.

[BibT_eX]

[DOI]

Proceedings of the 2014 Internet Measurement Conference, 2014

A Tangled Mass: The Android Root Certificate Stores.

[BibT_eX]

[DOI]

Proceedings of the 10th ACM International on Conference on emerging Networking Experiments and Technologies, 2014

Consequences of Connectivity: Characterizing Account Hijacking on Twitter.

[BibT_eX]

[DOI]

Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, 2014

Characterizing Large-Scale Click Fraud in ZeroAccess.

[BibT_eX]

[DOI]

Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, 2014

2013

Trafficking Fraudulent Accounts: The Role of the Underground Market in Twitter Spam and Abuse.

[BibT_eX]

[DOI]

Proceedings of the 22th USENIX Security Symposium, Washington, DC, USA, August 14-16, 2013, 2013

Practical Comprehensive Bounds on Surreptitious Communication over DNS.

[BibT_eX]

[DOI]

Proceedings of the 22th USENIX Security Symposium, Washington, DC, USA, August 14-16, 2013, 2013

Towards Illuminating a Censorship Monitor's Model to Facilitate Evasion.

[BibT_eX]

[DOI]

Proceedings of the 3rd USENIX Workshop on Free and Open Communications on the Internet, 2013

Understanding the domain registration behavior of spammers.

[BibT_eX]

[DOI]

Proceedings of the 2013 Internet Measurement Conference, 2013

Detecting stealthy, distributed SSH brute-forcing.

[BibT_eX]

[DOI]

Mobin Javed

Proceedings of the 2013 ACM SIGSAC Conference on Computer and Communications Security, 2013

2012

Cloud Terminal: Secure Access to Sensitive Applications from Untrusted Systems.

[BibT_eX]

[DOI]

Proceedings of the 2012 USENIX Annual Technical Conference, 2012

Prudent Practices for Designing Malware Experiments: Status Quo and Outlook.

[BibT_eX]

[DOI]

Christian Rossow

Christian J. Dietrich

Proceedings of the IEEE Symposium on Security and Privacy, 2012

The BIZ Top-Level Domain: Ten Years Later.

[BibT_eX]

[DOI]

Proceedings of the Passive and Active Measurement - 13th International Conference, 2012

Adapting Social Spam Infrastructure for Political Censorship.

[BibT_eX]

[DOI]

Kurt Thomas

Chris Grier

Proceedings of the 5th USENIX Workshop on Large-Scale Exploits and Emergent Threats, 2012

Fathom: a browser-based network measurement platform.

[BibT_eX]

[DOI]

Proceedings of the 12th ACM SIGCOMM Internet Measurement Conference, 2012

Manufacturing compromise: the emergence of exploit-as-a-service.

[BibT_eX]

[DOI]

Christian J. Dietrich

Kirill Levchenko

Panayiotis Mavrommatis

Proceedings of the ACM Conference on Computer and Communications Security, 2012

2011

Computing TCP's Retransmission Timer.

[BibT_eX]

[DOI]

RFC, June, 2011

Towards Situational Awareness of Large-Scale Botnet Probing Events.

[BibT_eX]

[DOI]

IEEE Trans. Inf. Forensics Secur., 2011

Redirecting DNS for Ads and Profit.

[BibT_eX]

[DOI]

Proceedings of the USENIX Workshop on Free and Open Communications on the Internet, 2011

Show Me the Money: Characterizing Spam-advertised Revenue.

[BibT_eX]

[DOI]

Proceedings of the 20th USENIX Security Symposium, 2011

Measuring Pay-per-Install: The Commoditization of Malware Distribution.

[BibT_eX]

[DOI]

Proceedings of the 20th USENIX Security Symposium, 2011

Design and Evaluation of a Real-Time URL Spam Filtering Service.

[BibT_eX]

[DOI]

Proceedings of the 32nd IEEE Symposium on Security and Privacy, 2011

Click Trajectories: End-to-End Analysis of the Spam Value Chain.

[BibT_eX]

[DOI]

Proceedings of the 32nd IEEE Symposium on Security and Privacy, 2011

Experiences from Netalyzr with engaging users in end-system measurement.

[BibT_eX]

[DOI]

Proceedings of the first ACM SIGCOMM workshop on Measurements up the stack, 2011

Detecting and Analyzing Automated Activity on Twitter.

[BibT_eX]

[DOI]

Chao Michael Zhang

Proceedings of the Passive and Active Measurement - 12th International Conference, 2011

Suspended accounts in retrospect: an analysis of twitter spam.

[BibT_eX]

[DOI]

Proceedings of the 11th ACM SIGCOMM Internet Measurement Conference, 2011

GQ: practical containment for measuring modern malware systems.

[BibT_eX]

[DOI]

Proceedings of the 11th ACM SIGCOMM Internet Measurement Conference, 2011

What's Clicking What? Techniques and Innovations of Today's Clickbots.

[BibT_eX]

[DOI]

Proceedings of the Detection of Intrusions and Malware, and Vulnerability Assessment, 2011

An Assessment of Overt Malicious Activity Manifest in Residential Networks.

[BibT_eX]

[DOI]

Proceedings of the Detection of Intrusions and Malware, and Vulnerability Assessment, 2011

2010

Employing Honeynets For Network Situational Awareness.

[BibT_eX]

[DOI]

Proceedings of the Cyber Situational Awareness - Issues and Research, 2010

Outside the Closed World: On Using Machine Learning for Network Intrusion Detection.

[BibT_eX]

[DOI]

Proceedings of the 31st IEEE Symposium on Security and Privacy, 2010

A Longitudinal View of HTTP Traffic.

[BibT_eX]

[DOI]

Tom Callahan

Proceedings of the Passive and Active Measurement, 11th International Conference, 2010

A Preliminary Analysis of TCP Performance in an Enterprise Network.

[BibT_eX]

[DOI]

Proceedings of the 2010 Internet Network Management Workshop / Workshop on Research on Enterprise Networking, 2010

Botnet Judo: Fighting Spam with Itself.

[BibT_eX]

[DOI]

Proceedings of the Network and Distributed System Security Symposium, 2010

On the Potential of Proactive Domain Blacklisting.

[BibT_eX]

[DOI]

Márk Félegyházi

Proceedings of the 3rd USENIX Workshop on Large-Scale Exploits and Emergent Threats, 2010

Insights from the Inside: A View of Botnet Management from Infiltration.

[BibT_eX]

[DOI]

Proceedings of the 3rd USENIX Workshop on Large-Scale Exploits and Emergent Threats, 2010

Netalyzr: illuminating the edge network.

[BibT_eX]

[DOI]

Proceedings of the 10th ACM SIGCOMM Internet Measurement Conference, 2010

Using strongly typed networking to architect for tussle.

[BibT_eX]

[DOI]

Proceedings of the 9th ACM Workshop on Hot Topics in Networks. HotNets 2010, Monterey, CA, USA - October 20, 2010

@spam: the underground on 140 characters or less.

[BibT_eX]

[DOI]

Proceedings of the 17th ACM Conference on Computer and Communications Security, 2010

2009

TCP Congestion Control.

[BibT_eX]

[DOI]

Ethan Blanton

RFC, September, 2009

An architecture for exploiting multi-core processors to parallelize network intrusion prevention.

[BibT_eX]

[DOI]

Concurr. Comput. Pract. Exp., 2009

Selecting the 2008 sigcomm test-of-time awardwinner(s).

[BibT_eX]

[DOI]

Nick McKeown

Jennifer Rexford

Comput. Commun. Rev., 2009

Spamalytics: an empirical analysis of spam marketing conversion.

[BibT_eX]

[DOI]

Commun. ACM, 2009

Detecting Forged TCP Reset Packets.

[BibT_eX]

[DOI]

Proceedings of the Network and Distributed System Security Symposium, 2009

Spamcraft: An Inside Look At Spam Campaign Orchestration.

[BibT_eX]

[DOI]

Proceedings of the 2nd USENIX Workshop on Large-Scale Exploits and Emergent Threats, 2009

On calibrating enterprise switch measurements.

[BibT_eX]

[DOI]

Proceedings of the 9th ACM SIGCOMM Internet Measurement Conference, IMC 2009, Chicago, 2009

On dominant characteristics of residential broadband internet traffic.

[BibT_eX]

[DOI]

Proceedings of the 9th ACM SIGCOMM Internet Measurement Conference, IMC 2009, Chicago, 2009

Securing Mediated Trace Access Using Black-box Permutation Analysis.

[BibT_eX]

[DOI]

Proceedings of the Eight ACM Workshop on Hot Topics in Networks (HotNets-VIII), 2009

Automating analysis of large-scale botnet probing events.

[BibT_eX]

[DOI]

Proceedings of the 2009 ACM Symposium on Information, 2009

2008

On the adaptive real-time detection of fast-propagating network worms.

[BibT_eX]

[DOI]

Jaeyeon Jung

Rodolfo A. Milito

J. Comput. Virol., 2008

Principles for Developing Comprehensive Network Visibility.

[BibT_eX]

[DOI]

Proceedings of the 3rd USENIX Workshop on Hot Topics in Security, 2008

Efficient and Robust TCP Stream Normalization.

[BibT_eX]

[DOI]

Mythili Vutukuru

Hari Balakrishnan

Proceedings of the 2008 IEEE Symposium on Security and Privacy (SP 2008), 2008

Enriching network security analysis with time travel.

[BibT_eX]

[DOI]

Proceedings of the ACM SIGCOMM 2008 Conference on Applications, 2008

Predicting the Resource Consumption of Network Intrusion Detection Systems.

[BibT_eX]

[DOI]

Proceedings of the Recent Advances in Intrusion Detection, 11th International Symposium, 2008

A Reactive Measurement Framework.

[BibT_eX]

[DOI]

Proceedings of the Passive and Active Network Measurement, 9th International Conference, 2008

On the Spam Campaign Trail.

[BibT_eX]

[DOI]

Proceedings of the First USENIX Workshop on Large-Scale Exploits and Emergent Threats, 2008

A Tool for Offline and Live Testing of Evasion Resilience in Network Intrusion Detection Systems.

[BibT_eX]

[DOI]

Proceedings of the Detection of Intrusions and Malware, 2008

2007

Very Fast Containment of Scanning Worms, Revisited.

[BibT_eX]

[DOI]

Stuart Staniford

Proceedings of the Malware Detection, 2007

The Strengths of Weaker Identities: Opportunistic Personas.

[BibT_eX]

[DOI]

Proceedings of the 2nd USENIX Workshop on Hot Topics in Security, 2007

The NIDS Cluster: Scalable, Stateful Network Intrusion Detection on Commodity Hardware.

[BibT_eX]

[DOI]

Proceedings of the Recent Advances in Intrusion Detection, 10th International Symposium, 2007

A brief history of scanning.

[BibT_eX]

[DOI]

Jeff Terrell

Proceedings of the 7th ACM SIGCOMM Internet Measurement Conference, 2007

Issues and etiquette concerning use of shared measurement data.

[BibT_eX]

[DOI]

Proceedings of the 7th ACM SIGCOMM Internet Measurement Conference, 2007

Enabling an Energy-Efficient Future Internet Through Selectively Connected End Systems.

[BibT_eX]

[DOI]

Proceedings of the 6th ACM Workshop on Hot Topics in Networks, 2007

The shunt: an FPGA-based accelerator for network intrusion prevention.

[BibT_eX]

[DOI]

José M. González

Proceedings of the ACM/SIGDA 15th International Symposium on Field Programmable Gate Arrays, 2007

Shunting: a hardware/software architecture for flexible, high-performance network intrusion prevention.

[BibT_eX]

[DOI]

José M. González

Proceedings of the 2007 ACM Conference on Computer and Communications Security, 2007

An inquiry into the nature and causes of the wealth of internet miscreants.

[BibT_eX]

[DOI]

Proceedings of the 2007 ACM Conference on Computer and Communications Security, 2007

2006

IAB Thoughts on the Role of the Internet Research Task Force (IRTF).

[BibT_eX]

[DOI]

Internet Architecture Board

Aaron Falk

RFC, March, 2006

Observed structure of addresses in IP traffic.

[BibT_eX]

[DOI]

IEEE/ACM Trans. Netw., 2006

Network loss tomography using striped unicast probes.

[BibT_eX]

[DOI]

IEEE/ACM Trans. Netw., 2006

The devil and packet trace anonymization.

[BibT_eX]

[DOI]

Comput. Commun. Rev., 2006

Rethinking Hardware Support for Network Analysis and Intrusion Prevention.

[BibT_eX]

[DOI]

Proceedings of the 1st USENIX Workshop on Hot Topics in Security, 2006

Work in Progress: Bro-LAN Pervasive Network Inspection and Control for LAN Traffic.

[BibT_eX]

[DOI]

Proceedings of the Second International Conference on Security and Privacy in Communication Networks and the Workshops, 2006

Enhancing Network Intrusion Detection with Integrated Sampling and Filtering.

[BibT_eX]

[DOI]

José M. González

Proceedings of the Recent Advances in Intrusion Detection, 9th International Symposium, 2006

Protocol-Independent Adaptive Replay of Application Dialog.

[BibT_eX]

[DOI]

Proceedings of the Network and Distributed System Security Symposium, 2006

binpac: a yacc for writing application protocol parsers.

[BibT_eX]

[DOI]

Proceedings of the 6th ACM SIGCOMM Internet Measurement Conference, 2006

Semi-automated discovery of application session structure.

[BibT_eX]

[DOI]

Proceedings of the 6th ACM SIGCOMM Internet Measurement Conference, 2006

Network System Challenges in Selective Sharing and Verification for Personal, Social, and Urban-Scale Sensing Applications.

[BibT_eX]

[DOI]

Proceedings of the 5th ACM Workshop on Hot Topics in Networks, 2006

Fighting Coordinated Attackers with Cross-Organizational Information Sharing.

[BibT_eX]

[DOI]

Proceedings of the 5th ACM Workshop on Hot Topics in Networks, 2006

2005

Guest Editor's Introduction: 2005 IEEE Symposium on Security and Privacy.

[BibT_eX]

[DOI]

Michael Waidner

IEEE Trans. Dependable Secur. Comput., 2005

The Network Oracle.

[BibT_eX]

[DOI]

Joseph M. Hellerstein

IEEE Data Eng. Bull., 2005

An analysis of the witty outbreak: exploiting underlying structure for detailed reconstruction of an internet-scale event.

[BibT_eX]

[DOI]

Proceedings of the 2005 ACM Workshop on Rapid Malcode, 2005

Robust TCP Stream Reassembly in the Presence of Adversaries.

[BibT_eX]

[DOI]

Sarang Dharmapurikar

Proceedings of the 14th USENIX Security Symposium, Baltimore, MD, USA, July 31, 2005

A First Look at Modern Enterprise Traffic.

[BibT_eX]

[DOI]

Proceedings of the 5th Internet Measurement Conference, 2005

Exploiting Underlying Structure for Detailed Reconstruction of an Internet-scale Event.

[BibT_eX]

[DOI]

Abhishek Kumar

Proceedings of the 5th Internet Measurement Conference, 2005

Building a Time Machine for Efficient Recording and Retrieval of High-Volume Network Traffic.

[BibT_eX]

[DOI]

Proceedings of the 5th Internet Measurement Conference, 2005

Enhancing the Accuracy of Network-Based Intrusion Detection with Host-Based Context.

[BibT_eX]

[DOI]

Proceedings of the Detection of Intrusions and Malware, 2005

Exploiting Independent State For Network Intrusion Detection.

[BibT_eX]

[DOI]

Proceedings of the 21st Annual Computer Security Applications Conference (ACSAC 2005), 2005

2004

Cyber defense technology networking and evaluation.

[BibT_eX]

[DOI]

Commun. ACM, 2004

Preliminary results using scale-down to explore worm dynamics.

[BibT_eX]

[DOI]

Proceedings of the 2004 ACM Workshop on Rapid Malcode, 2004

The top speed of flash worms.

[BibT_eX]

[DOI]

Proceedings of the 2004 ACM Workshop on Rapid Malcode, 2004

Very Fast Containment of Scanning Worms.

[BibT_eX]

[DOI]

Stuart Staniford

Proceedings of the 13th USENIX Security Symposium, August 9-13, 2004, San Diego, CA, USA, 2004

Fast Portscan Detection Using Sequential Hypothesis Testing.

[BibT_eX]

[DOI]

Proceedings of the 2004 IEEE Symposium on Security and Privacy (S&P 2004), 2004

Measuring adversaries.

[BibT_eX]

[DOI]

Proceedings of the International Conference on Measurements and Modeling of Computer Systems, 2004

Strategies for sound internet measurement.

[BibT_eX]

[DOI]

Proceedings of the 4th ACM SIGCOMM Internet Measurement Conference, 2004

Characteristics of internet background radiation.

[BibT_eX]

[DOI]

Proceedings of the 4th ACM SIGCOMM Internet Measurement Conference, 2004

Worms vs. perimeters: the case for hard-LANs.

[BibT_eX]

[DOI]

Proceedings of the 12th Annual IEEE Symposium on High Performance Interconnects, 2004

Operational experiences with high-volume network intrusion detection.

[BibT_eX]

[DOI]

Proceedings of the 11th ACM Conference on Computer and Communications Security, 2004

2003

Inside the Slammer Worm.

[BibT_eX]

[DOI]

Stuart Staniford-Chen

IEEE Secur. Priv., 2003

A taxonomy of computer worms.

[BibT_eX]

[DOI]

Proceedings of the 2003 ACM Workshop on Rapid Malcode, 2003

Active Mapping: Resisting NIDS Evasion without Altering Traffic.

[BibT_eX]

[DOI]

Umesh Shankar

Proceedings of the 2003 IEEE Symposium on Security and Privacy (S&P 2003), 2003

A high-level programming environment for packet trace anonymization and transformation.

[BibT_eX]

[DOI]

Ruoming Pang

Proceedings of the ACM SIGCOMM 2003 Conference on Applications, 2003

Enhancing byte-level network intrusion detection signatures with context.

[BibT_eX]

[DOI]

Proceedings of the 10th ACM Conference on Computer and Communications Security, 2003

2002

Controlling high bandwidth aggregates in the network.

[BibT_eX]

[DOI]

Comput. Commun. Rev., 2002

Aggregate congestion control.

[BibT_eX]

[DOI]

Comput. Commun. Rev., 2002

How to Own the Internet in Your Spare Time.

[BibT_eX]

[DOI]

Stuart Staniford

Proceedings of the 11th USENIX Security Symposium, 2002

On the characteristics and origins of internet flow rates.

[BibT_eX]

[DOI]

Proceedings of the ACM SIGCOMM 2002 Conference on Applications, 2002

Multiscale Stepping-Stone Detection: Detecting Pairs of Jittered Interactive Streams by Exploiting Maximum Tolerable Delay.

[BibT_eX]

[DOI]

Proceedings of the Recent Advances in Intrusion Detection, 5th International Symposium, 2002

2001

Difficulties in simulating the internet.

[BibT_eX]

[DOI]

IEEE/ACM Trans. Netw., 2001

An analysis of using reflectors for distributed denial-of-service attacks.

[BibT_eX]

[DOI]

Comput. Commun. Rev., 2001

On estimating end-to-end network path properties.

[BibT_eX]

[DOI]

Comput. Commun. Rev., 2001

Network Intrusion Detection: Evasion, Traffic Normalization, and End-to-End Protocol Semantics.

[BibT_eX]

[DOI]

Mark Handley

Proceedings of the 10th USENIX Security Symposium, 2001

Inferring Link Loss Using Striped Unicast Probes.

[BibT_eX]

[DOI]

Proceedings of the Proceedings IEEE INFOCOM 2001, 2001

2000

Computing TCP's Retransmission Timer.

[BibT_eX]

[DOI]

Hanns Juergen Schwarzbauer

RFC, November, 2000

Stream Control Transmission Protocol.

[BibT_eX]

[DOI]

RFC, October, 2000

TCP Processing of the IPv4 Precedence Field.

[BibT_eX]

[DOI]

RFC, June, 2000

IANA Allocation Guidelines For Values In the Internet Protocol and Related Headers.

[BibT_eX]

[DOI]

Scott O. Bradner

RFC, March, 2000

The use of end-to-end multicast measurements for characterizing internal network behavior.

[BibT_eX]

[DOI]

IEEE Commun. Mag., 2000

Detecting Stepping Stones.

[BibT_eX]

[DOI]

Yin Zhang

Proceedings of the 9th USENIX Security Symposium, 2000

Detecting Backdoors.

[BibT_eX]

[DOI]

Yin Zhang

Proceedings of the 9th USENIX Security Symposium, 2000

1999

IPPM Metrics for Measuring Connectivity.

[BibT_eX]

[DOI]

Jamshid Mahdavi

RFC, September, 1999

TCP Congestion Control.

[BibT_eX]

[DOI]

W. Richard Stevens

RFC, April, 1999

Known TCP Implementation Problems.

[BibT_eX]

[DOI]

RFC, March, 1999

End-to-end internet packet dynamics.

[BibT_eX]

[DOI]

IEEE/ACM Trans. Netw., 1999

Bro: a system for detecting network intruders in real-time.

[BibT_eX]

[DOI]

Comput. Networks, 1999

Defending against network IDS evasion.

[BibT_eX]

[DOI]

Proceedings of the Recent Advances in Intrusion Detection, Second International Workshop, 1999

An Architecture for a Global Internet Host Distance Estimation Service.

[BibT_eX]

[DOI]

Proceedings of the Proceedings IEEE INFOCOM '99, 1999

1998

IETF Criteria for Evaluating Reliable Multicast Transport and Application Protocols.

[BibT_eX]

[DOI]

RFC, June, 1998

Framework for IP Performance Metrics.

[BibT_eX]

[DOI]

RFC, May, 1998

An architecture for large-scale Internet measurement.

[BibT_eX]

[DOI]

IEEE Commun. Mag., 1998

On Calibrating Measurements of Packet Transit Times.

[BibT_eX]

[DOI]

Proceedings of the 1998 ACM SIGMETRICS joint international conference on Measurement and modeling of computer systems, 1998

1997

End-to-end routing behavior in the Internet.

[BibT_eX]

[DOI]

IEEE/ACM Trans. Netw., 1997

Fast, approximate synthesis of fractional Gaussian noise for generating self-similar network traffic.

[BibT_eX]

[DOI]

Comput. Commun. Rev., 1997

Why We Don't Know How To Simulate the Internet.

[BibT_eX]

[DOI]

Proceedings of the 29th conference on Winter simulation, 1997

Automated Packet Trace Analysis of TCP Implementations.

[BibT_eX]

[DOI]

Proceedings of the ACM SIGCOMM 1997 Conference on Applications, 1997

1995

Wide area traffic: the failure of Poisson modeling.

[BibT_eX]

[DOI]

IEEE/ACM Trans. Netw., 1995

Network Traffic Measurement and Modelling (Panel).

[BibT_eX]

[DOI]

Proceedings of the 1995 ACM SIGMETRICS joint international conference on Measurement and modeling of computer systems, 1995

1994

Empirically derived analytic models of wide-area TCP connections.

[BibT_eX]

[DOI]

IEEE/ACM Trans. Netw., 1994

Growth trends in wide-area TCP connections.

[BibT_eX]

[DOI]

IEEE Netw., 1994

1993

Glish: A User-Level Software Bus for Loosely-Coupled Distributed Systems.

[BibT_eX]