diff --git a/aixcc/index.html b/aixcc/index.html new file mode 100644 index 0000000..3cc15e6 --- /dev/null +++ b/aixcc/index.html @@ -0,0 +1,455 @@ + + + + + + + AI Cyber Challenge (AIxCC) | Shellphish + + + + +

The AI Cyber Challenge

+ +
+ + Shellphish AIxCC Logo + +
+ + +

The AI Cyber Challenge (AIxCC) is a two-year competition sponsored by DARPA and ARPA-H, +designed to address pressing cybersecurity challenges in an increasingly interconnected world.

+ +

Complex open-source software is part of the backbone of essential systems from financial networks to public utilities, and therefore there is a need + for autonomous, scalable, efficient, and robust AI-enabled cybersecurity solutions to identify vulnerabilities in software and fix them before they are exploited + by adversaries with disastrous consequences.

+ +

AIxCC brings together top minds in AI and cybersecurity to develop innovative AI systems capable of safeguarding the software that + underpins critical sectors, including healthcare, transportation, and public utilities. + The competition offers a total of $29.5 million in prizes, with $7 million specifically allocated to small businesses to encourage entrepreneurial innovation.

+ +

AIxCC is a collaboration between leading AI companies, DARPA, and ARPA-H, ensuring that + competitors have access to the latest technology and expertise. + The competition also works closely with the open-source community, emphasizing the importance of + securing open-source software, which is integral to much of the world's critical infrastructure.

+ +

The competition takes place at DEF CON, one of the world's premier cybersecurity conferences. + The semifinals were carried out during DEF CON 2024, with the final competition at DEF CON 2025, where the top team will be awarded a $4 million prize.

+ +

The Shellphish team participates to this competition with a novel Cyber Reasoning System (CRS), called ARTIPHISHELL, which qualified for the final competition in August 2024, + receiving a 2 million dollar award (see the press release for details).

+ +

The ARTIPHISHELL AI-based Cyber Reasoning System is the result of many year of research work from the members of the Shellphish hacker collective. + Some of the relevant works published in the last ten years are listed below.

+ + + diff --git a/aixcc/publications/1994_carzaniga_picco_vigna_isooms94.bib b/aixcc/publications/1994_carzaniga_picco_vigna_isooms94.bib new file mode 100644 index 0000000..d599c8f --- /dev/null +++ b/aixcc/publications/1994_carzaniga_picco_vigna_isooms94.bib @@ -0,0 +1,13 @@ +@InProceedings{carzaniga94:isooms, + author = {Antonio Carzaniga and Gian Pietro Picco and Giovanni Vigna}, + title = {{Designing and Implementing Inter-Client Communication in the O2 Database Management System}}, + booktitle = {Proceedings of the International Symposium on Object-Oriented Methodologies and Systems (ISOOMS)}, + pages = {53--64}, + year = 1994, + number = 858, + series = {LNCS}, + address = {Palermo, Italy}, + month = {September}, + publisher = {Springer-Verlag} +} + diff --git a/aixcc/publications/1994_carzaniga_picco_vigna_isooms94.pdf b/aixcc/publications/1994_carzaniga_picco_vigna_isooms94.pdf new file mode 100644 index 0000000..8b57d7f Binary files /dev/null and b/aixcc/publications/1994_carzaniga_picco_vigna_isooms94.pdf differ diff --git a/aixcc/publications/1994_carzaniga_vigna_msthesis.bib b/aixcc/publications/1994_carzaniga_vigna_msthesis.bib new file mode 100644 index 0000000..07690f7 --- /dev/null +++ b/aixcc/publications/1994_carzaniga_vigna_msthesis.bib @@ -0,0 +1,9 @@ +@MastersThesis{carzaniga94:msthesis, + author = {Antonio Carzaniga and Giovanni Vigna}, + title = {{The Design and Implementation of SPADE-1 2.0}}, + school = {Politecnico di Milano}, + year = 1994, + address = {Milano, Italy}, + month = {July} +} + diff --git a/aixcc/publications/1994_carzaniga_vigna_msthesis.pdf b/aixcc/publications/1994_carzaniga_vigna_msthesis.pdf new file mode 100644 index 0000000..0254221 Binary files /dev/null and b/aixcc/publications/1994_carzaniga_vigna_msthesis.pdf differ diff --git a/aixcc/publications/1995_bandinelli_carzaniga_vigna_wsa95.bib b/aixcc/publications/1995_bandinelli_carzaniga_vigna_wsa95.bib new file mode 100644 index 0000000..52eeccf --- /dev/null +++ b/aixcc/publications/1995_bandinelli_carzaniga_vigna_wsa95.bib @@ -0,0 +1,10 @@ +@InProceedings{bandinelli95:archetype, + author = {Sergio Bandinelli and Antonio Carzaniga and Giovanni Vigna}, + title = {{Archetype: Addressing Configuration Issues in Software Architectures}}, + booktitle = {Proceedings of the ICSE International Workshop on Architectures for Software Systems}, + year = 1995, + address = {Seattle, WA}, + pages = {9--12}, + month = {April} +} + diff --git a/aixcc/publications/1995_bandinelli_carzaniga_vigna_wsa95.pdf b/aixcc/publications/1995_bandinelli_carzaniga_vigna_wsa95.pdf new file mode 100644 index 0000000..722830e Binary files /dev/null and b/aixcc/publications/1995_bandinelli_carzaniga_vigna_wsa95.pdf differ diff --git a/aixcc/publications/1995_vigna_inspect.bib b/aixcc/publications/1995_vigna_inspect.bib new file mode 100644 index 0000000..8392a8d --- /dev/null +++ b/aixcc/publications/1995_vigna_inspect.bib @@ -0,0 +1,8 @@ +@techreport{vigna95:inspect, + Author = {Giovanni Vigna}, + Institution = {Politecnico di Milano}, + Title = {Inspect: A Distributed Approach To Automated Audit Trail Analysis}, + Month = {June}, + Year = 1995 +} + diff --git a/aixcc/publications/1996_cugola_ghezzi_picco_vigna_lncs1222.bib b/aixcc/publications/1996_cugola_ghezzi_picco_vigna_lncs1222.bib new file mode 100644 index 0000000..c7bea36 --- /dev/null +++ b/aixcc/publications/1996_cugola_ghezzi_picco_vigna_lncs1222.bib @@ -0,0 +1,13 @@ +@InCollection{cugola96:analyzing, + author = {Gianpaolo Cugola and Carlo Ghezzi and Gian Pietro Picco and Giovanni Vigna}, + title = {{Analyzing Mobile Code Languages}}, + booktitle = {Mobile Object Systems: Towards the Programmable Internet}, + pages = {93--111}, + publisher = {Springer-Verlag}, + year = {1997}, + editor = {J. Vitek and C. Tschudin}, + volume = {1222}, + series = {LNCS State-of-the-Art Survey}, + month = {April} +} + diff --git a/aixcc/publications/1996_cugola_ghezzi_picco_vigna_lncs1222.pdf b/aixcc/publications/1996_cugola_ghezzi_picco_vigna_lncs1222.pdf new file mode 100644 index 0000000..31fb8ac Binary files /dev/null and b/aixcc/publications/1996_cugola_ghezzi_picco_vigna_lncs1222.pdf differ diff --git a/aixcc/publications/1996_cugola_ghezzi_picco_vigna_mos96.bib b/aixcc/publications/1996_cugola_ghezzi_picco_vigna_mos96.bib new file mode 100644 index 0000000..850aab7 --- /dev/null +++ b/aixcc/publications/1996_cugola_ghezzi_picco_vigna_mos96.bib @@ -0,0 +1,12 @@ +@InProceedings{cugola96:characterization, + author = {Gianpaolo Cugola and Carlo Ghezzi and Gian Pietro Picco and Giovanni Vigna}, + title = {{A Characterization of Mobility and State Distribution in Mobile Code Languages}}, + booktitle = {Proceedings of the ECOOP Workshop on Mobile Object Systems}, + pages = {309--318}, + address = {Linz, Austria}, + year = {1996}, + editor = {M. Muhlauser}, + month = {July}, + publisher = {dpunkt} +} + diff --git a/aixcc/publications/1996_cugola_ghezzi_picco_vigna_mos96.pdf b/aixcc/publications/1996_cugola_ghezzi_picco_vigna_mos96.pdf new file mode 100644 index 0000000..c628a17 Binary files /dev/null and b/aixcc/publications/1996_cugola_ghezzi_picco_vigna_mos96.pdf differ diff --git a/aixcc/publications/1996_vigna_TCPIP.bib b/aixcc/publications/1996_vigna_TCPIP.bib new file mode 100644 index 0000000..98fc57c --- /dev/null +++ b/aixcc/publications/1996_vigna_TCPIP.bib @@ -0,0 +1,8 @@ +@techreport{vigna96:tcpip, + Author = {Giovanni Vigna}, + Institution = {Politecnico di Milano}, + Month = {November}, + Number = {TR-96.156}, + Title = {{A Topological Characterization of TCP/IP Security}}, + Year = 1996} + diff --git a/aixcc/publications/1997_carzaniga_picco_vigna_icse97.bib b/aixcc/publications/1997_carzaniga_picco_vigna_icse97.bib new file mode 100644 index 0000000..5fbe281 --- /dev/null +++ b/aixcc/publications/1997_carzaniga_picco_vigna_icse97.bib @@ -0,0 +1,10 @@ +@InProceedings{carzaniga97:designing, + author = {Antonio Carzaniga and Gian Pietro Picco and Giovanni Vigna}, + title = {{Designing Distributed Applications with Mobile Code Paradigms}}, + booktitle = {Proceedings of the International Conference on Software Engineering (ICSE)}, + year = {1997}, + month = {April}, + address = {Boston, MA}, + publisher = {ACM Press}, + pages = {22--32} +} diff --git a/aixcc/publications/1997_carzaniga_picco_vigna_icse97.pdf b/aixcc/publications/1997_carzaniga_picco_vigna_icse97.pdf new file mode 100644 index 0000000..63920b4 Binary files /dev/null and b/aixcc/publications/1997_carzaniga_picco_vigna_icse97.pdf differ diff --git a/aixcc/publications/1997_carzaniga_picco_vigna_icse97.ppt b/aixcc/publications/1997_carzaniga_picco_vigna_icse97.ppt new file mode 100644 index 0000000..c3bcb82 Binary files /dev/null and b/aixcc/publications/1997_carzaniga_picco_vigna_icse97.ppt differ diff --git a/aixcc/publications/1997_ghezzi_vigna_ma97.bib b/aixcc/publications/1997_ghezzi_vigna_ma97.bib new file mode 100644 index 0000000..7ff8a94 --- /dev/null +++ b/aixcc/publications/1997_ghezzi_vigna_ma97.bib @@ -0,0 +1,13 @@ +@InProceedings{ghezzi97:case, + author = {Carlo Ghezzi and Giovanni Vigna}, + title = {{Mobile Code Paradigms and Technologies: A Case Study}}, + booktitle = {Proceedings of the International Workshop on Mobile Agents (MA)}, + pages = {39--49}, + editor = {K. Rothermel and R. Popescu-Zeletin}, + publisher = {Springer-Verlag}, + address = {Berlin, Germany}, + series = {LNCS}, + volume = 1219, + year = 1997, + month = {April} +} \ No newline at end of file diff --git a/aixcc/publications/1997_ghezzi_vigna_ma97.pdf b/aixcc/publications/1997_ghezzi_vigna_ma97.pdf new file mode 100644 index 0000000..1165ce4 Binary files /dev/null and b/aixcc/publications/1997_ghezzi_vigna_ma97.pdf differ diff --git a/aixcc/publications/1997_vigna_mos97.bib b/aixcc/publications/1997_vigna_mos97.bib new file mode 100644 index 0000000..94b7fb2 --- /dev/null +++ b/aixcc/publications/1997_vigna_mos97.bib @@ -0,0 +1,10 @@ +@InProceedings{vigna97:protecting, + author = {Giovanni Vigna}, + title = {{Protecting Mobile Agents through Tracing}}, + booktitle = {Proceedings of the International ECOOP Workshop on Mobile Object Systems}, + year = 1997, + month = {June}, + address = {Jyvaskyla, Finland}, + note = {Online Proceedings} +} + \ No newline at end of file diff --git a/aixcc/publications/1997_vigna_mos97.pdf b/aixcc/publications/1997_vigna_mos97.pdf new file mode 100644 index 0000000..b434f84 Binary files /dev/null and b/aixcc/publications/1997_vigna_mos97.pdf differ diff --git a/aixcc/publications/1998_coda_ghezzi_vigna_garzotto_iwssd98.bib b/aixcc/publications/1998_coda_ghezzi_vigna_garzotto_iwssd98.bib new file mode 100644 index 0000000..fd426d7 --- /dev/null +++ b/aixcc/publications/1998_coda_ghezzi_vigna_garzotto_iwssd98.bib @@ -0,0 +1,11 @@ +@InProceedings{coda98:towards, + author = {Francesco Coda and Carlo Ghezzi and Giovanni Vigna and Franca Garzotto}, + title = {{Towards a Software Engineering Approach to Web Site Development}}, + booktitle = {Proceedings of the International Workshop on Software Specification and Design}, + publisher = {IEEE Press}, + pages = {8--17}, + year = 1998, + address = {Ise-Shima, Japan}, + month = {April} +} + diff --git a/aixcc/publications/1998_coda_ghezzi_vigna_garzotto_iwssd98.pdf b/aixcc/publications/1998_coda_ghezzi_vigna_garzotto_iwssd98.pdf new file mode 100644 index 0000000..03ca37f Binary files /dev/null and b/aixcc/publications/1998_coda_ghezzi_vigna_garzotto_iwssd98.pdf differ diff --git a/aixcc/publications/1998_fuggetta_picco_vigna_understanding.bib b/aixcc/publications/1998_fuggetta_picco_vigna_understanding.bib new file mode 100644 index 0000000..61711d9 --- /dev/null +++ b/aixcc/publications/1998_fuggetta_picco_vigna_understanding.bib @@ -0,0 +1,10 @@ +@Article{fuggetta98:understanding, + author = {Alfonso Fuggetta and Gian Pietro Picco and Giovanni Vigna}, + title = {{Understanding Code Mobility}}, + journal = {IEEE Transactions on Software Engineering}, + year = {1998}, + volume = {24}, + number = {5}, + pages = {342--361}, + month = {May} +} diff --git a/aixcc/publications/1998_fuggetta_picco_vigna_understanding.pdf b/aixcc/publications/1998_fuggetta_picco_vigna_understanding.pdf new file mode 100644 index 0000000..5205d0d Binary files /dev/null and b/aixcc/publications/1998_fuggetta_picco_vigna_understanding.pdf differ diff --git a/aixcc/publications/1998_ghezzi_vigna_LNCS1526.bib b/aixcc/publications/1998_ghezzi_vigna_LNCS1526.bib new file mode 100644 index 0000000..3369b5b --- /dev/null +++ b/aixcc/publications/1998_ghezzi_vigna_LNCS1526.bib @@ -0,0 +1,12 @@ +@InCollection{ghezzi98:softengissues, + author = {Carlo Ghezzi and Giovanni Vigna}, + title = {{Software Engineering Issues in Network Computing}}, + booktitle = {Requirements Targeting Software and Systems Engineering}, + publisher = {Springer-Verlag}, + year = 1998, + editor = {M. Broy and B. Rumpe}, + pages = {101--123}, + volume = 1526, + series = {LNCS}, + month = {August} +} diff --git a/aixcc/publications/1998_ghezzi_vigna_LNCS1526.pdf b/aixcc/publications/1998_ghezzi_vigna_LNCS1526.pdf new file mode 100644 index 0000000..92f4dd3 Binary files /dev/null and b/aixcc/publications/1998_ghezzi_vigna_LNCS1526.pdf differ diff --git a/aixcc/publications/1998_vigna_CryptoTraces.bib b/aixcc/publications/1998_vigna_CryptoTraces.bib new file mode 100644 index 0000000..1892109 --- /dev/null +++ b/aixcc/publications/1998_vigna_CryptoTraces.bib @@ -0,0 +1,12 @@ +@InCollection{vigna98:cryptotraces, + author = {Giovanni Vigna}, + title = {{Cryptographic Traces for Mobile Agents}}, + booktitle = {Mobile Agents and Security}, + publisher = {Springer-Verlag}, + pages = {137--153}, + year = 1998, + volume = 1419, + series = {LNCS State-of-the-Art Survey}, + month = {June} +} + diff --git a/aixcc/publications/1998_vigna_CryptoTraces.pdf b/aixcc/publications/1998_vigna_CryptoTraces.pdf new file mode 100644 index 0000000..1a074a7 Binary files /dev/null and b/aixcc/publications/1998_vigna_CryptoTraces.pdf differ diff --git a/aixcc/publications/1998_vigna_LNCS1419.bib b/aixcc/publications/1998_vigna_LNCS1419.bib new file mode 100644 index 0000000..37ceaf7 --- /dev/null +++ b/aixcc/publications/1998_vigna_LNCS1419.bib @@ -0,0 +1,10 @@ +@Collection{vigna98:lncs1419, + editor = {Giovanni Vigna}, + title = {{Mobile Agents and Security}}, + publisher = {Springer-Verlag}, + year = 1998, + volume = 1419, + series = {LNCS State-of-the-Art Survey}, + month = {June} +} + diff --git a/aixcc/publications/1998_vigna_LNCS1419.gif b/aixcc/publications/1998_vigna_LNCS1419.gif new file mode 100644 index 0000000..05561fc Binary files /dev/null and b/aixcc/publications/1998_vigna_LNCS1419.gif differ diff --git a/aixcc/publications/1998_vigna_LNCS1419.pdf b/aixcc/publications/1998_vigna_LNCS1419.pdf new file mode 100644 index 0000000..c8e7f64 Binary files /dev/null and b/aixcc/publications/1998_vigna_LNCS1419.pdf differ diff --git a/aixcc/publications/1998_vigna_PhDThesis.bib b/aixcc/publications/1998_vigna_PhDThesis.bib new file mode 100644 index 0000000..aee77fd --- /dev/null +++ b/aixcc/publications/1998_vigna_PhDThesis.bib @@ -0,0 +1,9 @@ +@PhdThesis{vigna98:phdthesis, + author = {Giovanni Vigna}, + title = {{Mobile Code Technologies, Paradigms, and Applications}}, + school = {Politecnico di Milano}, + year = 1998, + address = {Milano, Italy}, + month = {February} +} + diff --git a/aixcc/publications/1998_vigna_PhDThesis.pdf b/aixcc/publications/1998_vigna_PhDThesis.pdf new file mode 100644 index 0000000..d045e65 Binary files /dev/null and b/aixcc/publications/1998_vigna_PhDThesis.pdf differ diff --git a/aixcc/publications/1998_vigna_bonomi_JECOM.bib b/aixcc/publications/1998_vigna_bonomi_JECOM.bib new file mode 100644 index 0000000..12dd523 --- /dev/null +++ b/aixcc/publications/1998_vigna_bonomi_JECOM.bib @@ -0,0 +1,8 @@ +@InProceedings{vigna98:jecom, + author = {Giovanni Vigna and Luca Bonomi}, + title = {{A Model-Centered Electronic Commerce Middleware}}, + booktitle = {Proceedings of the International IFIP Working Conference on Trends in Electronic Commerce (TrEC)}, + year = 1998, + address = {Hamburg, Germany}, + month = {June} +} diff --git a/aixcc/publications/1998_vigna_bonomi_JECOM.pdf b/aixcc/publications/1998_vigna_bonomi_JECOM.pdf new file mode 100644 index 0000000..fc18c5a Binary files /dev/null and b/aixcc/publications/1998_vigna_bonomi_JECOM.pdf differ diff --git a/aixcc/publications/1998_vigna_kemmerer_acsac98.bib b/aixcc/publications/1998_vigna_kemmerer_acsac98.bib new file mode 100644 index 0000000..f39cf08 --- /dev/null +++ b/aixcc/publications/1998_vigna_kemmerer_acsac98.bib @@ -0,0 +1,12 @@ +@InProceedings{vigna98:netstat, + author = {Giovanni Vigna and Richard Kemmerer}, + title = {{NetSTAT: A Network-based Intrusion Detection Approach}}, + booktitle = {Proceedings of the Annual Computer Security Applications Conference (ACSAC)}, + year = 1998, + address = {Scottsdale, AZ}, + pages = {25--34}, + publisher = {IEEE Press}, + month = {December}, + note = {Best Paper Award} +} + diff --git a/aixcc/publications/1998_vigna_kemmerer_acsac98.pdf b/aixcc/publications/1998_vigna_kemmerer_acsac98.pdf new file mode 100644 index 0000000..eb9bee2 Binary files /dev/null and b/aixcc/publications/1998_vigna_kemmerer_acsac98.pdf differ diff --git a/aixcc/publications/1999_fischmeister_vigna_MobileCodeSecurity.bib b/aixcc/publications/1999_fischmeister_vigna_MobileCodeSecurity.bib new file mode 100644 index 0000000..9763c26 --- /dev/null +++ b/aixcc/publications/1999_fischmeister_vigna_MobileCodeSecurity.bib @@ -0,0 +1,8 @@ +@techreport{fisch99:security, + Author = {Sebastian Fischmeister and Giovanni Vigna}, + Institution = {Department of Computer Science, UCSB}, + Month = {December}, + Title = {{Security Analysis of Mobile Code Systems}}, + Year = 1999 +} + diff --git a/aixcc/publications/1999_vigna_kemmerer_jcs99.bib b/aixcc/publications/1999_vigna_kemmerer_jcs99.bib new file mode 100644 index 0000000..f209a9a --- /dev/null +++ b/aixcc/publications/1999_vigna_kemmerer_jcs99.bib @@ -0,0 +1,11 @@ +@Article{vigna99:netstat, + author = {Giovanni Vigna and Richard Kemmerer}, + title = {{NetSTAT: A Network-based Intrusion Detection System}}, + journal = {Journal of Computer Security}, + pages = {37--71}, + publisher = {IOS Press}, + month = {January}, + volume = 7, + number = 1, + year = 1999 +} diff --git a/aixcc/publications/1999_vigna_kemmerer_jcs99.pdf b/aixcc/publications/1999_vigna_kemmerer_jcs99.pdf new file mode 100644 index 0000000..6877038 Binary files /dev/null and b/aixcc/publications/1999_vigna_kemmerer_jcs99.pdf differ diff --git a/aixcc/publications/2000_dossantos_vigna_kemmerer_wspec00.bib b/aixcc/publications/2000_dossantos_vigna_kemmerer_wspec00.bib new file mode 100644 index 0000000..78cb6f4 --- /dev/null +++ b/aixcc/publications/2000_dossantos_vigna_kemmerer_wspec00.bib @@ -0,0 +1,9 @@ +@InProceedings{santos00:testing, + author = {Andre dos Santos and Giovanni Vigna and Richard Kemmerer}, + title = {{Security Testing of the Online Banking Service of a Large International Bank}}, + booktitle = {Proceedings of the ACM Workshop on Security and Privacy in E-Commerce (WSPEC)}, + year = 2000, + address = {Athens, Greece}, + pages = {1--13}, + month = {November} +} diff --git a/aixcc/publications/2000_dossantos_vigna_kemmerer_wspec00.pdf b/aixcc/publications/2000_dossantos_vigna_kemmerer_wspec00.pdf new file mode 100644 index 0000000..fbdaeba Binary files /dev/null and b/aixcc/publications/2000_dossantos_vigna_kemmerer_wspec00.pdf differ diff --git a/aixcc/publications/2000_eckmann_vigna_kemmerer_statl.bib b/aixcc/publications/2000_eckmann_vigna_kemmerer_statl.bib new file mode 100644 index 0000000..66511ca --- /dev/null +++ b/aixcc/publications/2000_eckmann_vigna_kemmerer_statl.bib @@ -0,0 +1,8 @@ +@InProceedings{eckmann00:statl, + author = {Steve Eckmann and Giovanni Vigna and Richard Kemmerer}, + title = {{STATL: An Attack Language for State-based Intrusion Detection}}, + booktitle = {Proceedings of the ACM Workshop on Intrusion Detection Systems}, + year = 2000, + address = {Athens, Greece}, + month = {November} +} diff --git a/aixcc/publications/2000_eckmann_vigna_kemmerer_statl.pdf b/aixcc/publications/2000_eckmann_vigna_kemmerer_statl.pdf new file mode 100644 index 0000000..a131626 Binary files /dev/null and b/aixcc/publications/2000_eckmann_vigna_kemmerer_statl.pdf differ diff --git a/aixcc/publications/2000_vigna_eckmann_kemmerer_attacklanguages.bib b/aixcc/publications/2000_vigna_eckmann_kemmerer_attacklanguages.bib new file mode 100644 index 0000000..9c97d00 --- /dev/null +++ b/aixcc/publications/2000_vigna_eckmann_kemmerer_attacklanguages.bib @@ -0,0 +1,10 @@ +@InProceedings{vigna00:attacklanguages, + author = {Giovanni Vigna and Steve Eckmann and Richard Kemmerer}, + title = {{Attack Languages}}, + booktitle = {Proceedings of the IEEE Information Survivability Workshop (ISW)}, + pages = {163--166}, + year = 2000, + address = {Boston, MA}, + month = {October} +} + diff --git a/aixcc/publications/2000_vigna_eckmann_kemmerer_attacklanguages.pdf b/aixcc/publications/2000_vigna_eckmann_kemmerer_attacklanguages.pdf new file mode 100644 index 0000000..4a5994a Binary files /dev/null and b/aixcc/publications/2000_vigna_eckmann_kemmerer_attacklanguages.pdf differ diff --git a/aixcc/publications/2000_vigna_eckmann_kemmerer_discex00.bib b/aixcc/publications/2000_vigna_eckmann_kemmerer_discex00.bib new file mode 100644 index 0000000..ef1822d --- /dev/null +++ b/aixcc/publications/2000_vigna_eckmann_kemmerer_discex00.bib @@ -0,0 +1,10 @@ +@InProceedings{vigna00:stat, + author = {Giovanni Vigna and Steve Eckmann and Richard Kemmerer}, + title = {{The STAT Tool Suite}}, + booktitle = {Proceedings of DISCEX}, + address = {Hilton Head, SC}, + pages = {46--55}, + month = {January}, + year = 2000, + publisher = {IEEE Press} +} diff --git a/aixcc/publications/2000_vigna_eckmann_kemmerer_discex00.pdf b/aixcc/publications/2000_vigna_eckmann_kemmerer_discex00.pdf new file mode 100644 index 0000000..d77f73a Binary files /dev/null and b/aixcc/publications/2000_vigna_eckmann_kemmerer_discex00.pdf differ diff --git a/aixcc/publications/2001_dossantos_vigna_kemmerer_ecomm01.bib b/aixcc/publications/2001_dossantos_vigna_kemmerer_ecomm01.bib new file mode 100644 index 0000000..1c8c064 --- /dev/null +++ b/aixcc/publications/2001_dossantos_vigna_kemmerer_ecomm01.bib @@ -0,0 +1,12 @@ +@InCollection{santos01:ecomm, + author = {Andre dos Santos and Giovanni Vigna and Richard Kemmerer}, + title = {{Security Testing of an Online Banking Service}}, + booktitle = {E-Commerce Security and Privacy}, + pages = {3--15}, + publisher = {Kluwer Academic Publishers}, + month = {January}, + year = 2001, + editor = {A. Ghosh}, + series = {Advances in Information Security} +} + diff --git a/aixcc/publications/2001_fischmeister_vigna_kemmerer_ma01.bib b/aixcc/publications/2001_fischmeister_vigna_kemmerer_ma01.bib new file mode 100644 index 0000000..3103a8a --- /dev/null +++ b/aixcc/publications/2001_fischmeister_vigna_kemmerer_ma01.bib @@ -0,0 +1,15 @@ +@InProceedings{fischmeister01:evaluating, + author = {Sebastian Fischmeister and Giovanni Vigna and Richard Kemmerer}, + title = {{Evaluating the Security Of Three Java-Based Mobile Agent Systems}}, + booktitle = {Proceedings of the International Conference on Mobile Agents (MA)}, + editor = {Gian Pietro Picco}, + year = 2001, + address = {Atlanta, GA}, + series = {LNCS}, + volume = {2240}, + pages = {31--41}, + month = {December}, + publisher = {Springer-Verlag} +} + + diff --git a/aixcc/publications/2001_fischmeister_vigna_kemmerer_ma01.pdf b/aixcc/publications/2001_fischmeister_vigna_kemmerer_ma01.pdf new file mode 100644 index 0000000..bfa8248 Binary files /dev/null and b/aixcc/publications/2001_fischmeister_vigna_kemmerer_ma01.pdf differ diff --git a/aixcc/publications/2001_orso_harrold_vigna_wsem01.bib b/aixcc/publications/2001_orso_harrold_vigna_wsem01.bib new file mode 100644 index 0000000..1fe0203 --- /dev/null +++ b/aixcc/publications/2001_orso_harrold_vigna_wsem01.bib @@ -0,0 +1,8 @@ +@InProceedings{orso01:massa, + author = {Alessandro Orso and Mary Jean Harrold and Giovanni Vigna}, + title = {{MASSA: Mobile Agents Security through Static/Dynamic Analysis}}, + booktitle = {Proceedings of the ICSE Workshop on Software Engineering and Mobility (WSEM)}, + address = {Toronto, Canada}, + year = 2001, + month = {April} +} diff --git a/aixcc/publications/2001_orso_harrold_vigna_wsem01.pdf b/aixcc/publications/2001_orso_harrold_vigna_wsem01.pdf new file mode 100644 index 0000000..139e689 Binary files /dev/null and b/aixcc/publications/2001_orso_harrold_vigna_wsem01.pdf differ diff --git a/aixcc/publications/2001_vigna_kemmerer_blix_raid01.bib b/aixcc/publications/2001_vigna_kemmerer_blix_raid01.bib new file mode 100644 index 0000000..959c69e --- /dev/null +++ b/aixcc/publications/2001_vigna_kemmerer_blix_raid01.bib @@ -0,0 +1,14 @@ +@InProceedings{vigna01:designing, + author = {Giovanni Vigna and Richard Kemmerer and Per Blix}, + title = {{Designing a Web of Highly-Configurable Intrusion Detection Sensors}}, + booktitle = {Proceedings of the International Symposium on Recent Advances in Intrusion Detection (RAID)}, + pages = {69--84}, + year = 2001, + editor = {Wenke Lee and L. Me and A. Wespi}, + volume = 2212, + series = {LNCS}, + address = {Davis, CA}, + month = {October}, + publisher = {Springer-Verlag} +} + diff --git a/aixcc/publications/2001_vigna_kemmerer_blix_raid01.pdf b/aixcc/publications/2001_vigna_kemmerer_blix_raid01.pdf new file mode 100644 index 0000000..81c66d8 Binary files /dev/null and b/aixcc/publications/2001_vigna_kemmerer_blix_raid01.pdf differ diff --git a/aixcc/publications/2002_eckmann_vigna_kemmerer_jcs02.bib b/aixcc/publications/2002_eckmann_vigna_kemmerer_jcs02.bib new file mode 100644 index 0000000..a55d455 --- /dev/null +++ b/aixcc/publications/2002_eckmann_vigna_kemmerer_jcs02.bib @@ -0,0 +1,11 @@ +@Article{eckmann02:statl, + author = {Steve Eckmann and Giovanni Vigna and Richard Kemmerer}, + title = {{STATL: An Attack Language for State-based Intrusion Detection}}, + journal = {Journal of Computer Security}, + publisher = {IOS Press}, + volume = 10, + month = {January}, + number = {1/2}, + pages = {71-104}, + year = 2002 +} diff --git a/aixcc/publications/2002_eckmann_vigna_kemmerer_jcs02.pdf b/aixcc/publications/2002_eckmann_vigna_kemmerer_jcs02.pdf new file mode 100644 index 0000000..40b7c6f Binary files /dev/null and b/aixcc/publications/2002_eckmann_vigna_kemmerer_jcs02.pdf differ diff --git a/aixcc/publications/2002_kemmerer_vigna_IntrusionDetection.bib b/aixcc/publications/2002_kemmerer_vigna_IntrusionDetection.bib new file mode 100644 index 0000000..d08c17f --- /dev/null +++ b/aixcc/publications/2002_kemmerer_vigna_IntrusionDetection.bib @@ -0,0 +1,11 @@ +@Article{kemmerer02:intrusion, + author = {Richard Kemmerer and Giovanni Vigna}, + title = {{Intrusion Detection: A Brief History and Overview}}, + journal = {IEEE Computer}, + month = {April}, + volume = 1, + number = 1, + pages = {27--30}, + year = 2002, + note = {Special publication on Security and Privacy} +} diff --git a/aixcc/publications/2002_kemmerer_vigna_IntrusionDetection.pdf b/aixcc/publications/2002_kemmerer_vigna_IntrusionDetection.pdf new file mode 100644 index 0000000..8a61da5 Binary files /dev/null and b/aixcc/publications/2002_kemmerer_vigna_IntrusionDetection.pdf differ diff --git a/aixcc/publications/2002_kemmerer_vigna_IntrusionDetection_russian.pdf b/aixcc/publications/2002_kemmerer_vigna_IntrusionDetection_russian.pdf new file mode 100644 index 0000000..952ab0b Binary files /dev/null and b/aixcc/publications/2002_kemmerer_vigna_IntrusionDetection_russian.pdf differ diff --git a/aixcc/publications/2002_kruegel_valeur_vigna_kemmerer_secpriv02.bib b/aixcc/publications/2002_kruegel_valeur_vigna_kemmerer_secpriv02.bib new file mode 100644 index 0000000..96df98e --- /dev/null +++ b/aixcc/publications/2002_kruegel_valeur_vigna_kemmerer_secpriv02.bib @@ -0,0 +1,10 @@ +@InProceedings{kruegel02:stateful, + author = {Christopher Kruegel and Fredrik Valeur and Giovanni Vigna and Richard Kemmerer}, + title = {{Stateful Intrusion Detection for High-Speed Networks}}, + booktitle = {Proceedings of the IEEE Symposium on Security and Privacy}, + year = 2002, + address = {Oakland, CA}, + pages = {285--293}, + month = {May}, + publisher = {IEEE Press} +} diff --git a/aixcc/publications/2002_kruegel_valeur_vigna_kemmerer_secpriv02.pdf b/aixcc/publications/2002_kruegel_valeur_vigna_kemmerer_secpriv02.pdf new file mode 100644 index 0000000..afe8513 Binary files /dev/null and b/aixcc/publications/2002_kruegel_valeur_vigna_kemmerer_secpriv02.pdf differ diff --git a/aixcc/publications/2002_mittal_vigna_ccs02.bib b/aixcc/publications/2002_mittal_vigna_ccs02.bib new file mode 100644 index 0000000..5a7fbc3 --- /dev/null +++ b/aixcc/publications/2002_mittal_vigna_ccs02.bib @@ -0,0 +1,11 @@ +@InProceedings{mittal02:sensor, + author = {Vishal Mittal and Giovanni Vigna}, + title = {{Sensor-Based Intrusion Detection for Intra-Domain Distance-Vector Routing}}, + booktitle = {Proceedings of the ACM Conference on Computer and Communications Security (CCS)}, + year = 2002, + editor = {R. Sandhu}, + pages = {127--137}, + address = {Washington, DC}, + month = {November}, + publisher = {ACM Press} +} diff --git a/aixcc/publications/2002_mittal_vigna_ccs02.pdf b/aixcc/publications/2002_mittal_vigna_ccs02.pdf new file mode 100644 index 0000000..6c4a1f7 Binary files /dev/null and b/aixcc/publications/2002_mittal_vigna_ccs02.pdf differ diff --git a/aixcc/publications/2002_vigna_cassell_fayram_ma02.bib b/aixcc/publications/2002_vigna_cassell_fayram_ma02.bib new file mode 100644 index 0000000..04303b9 --- /dev/null +++ b/aixcc/publications/2002_vigna_cassell_fayram_ma02.bib @@ -0,0 +1,14 @@ +@InProceedings{vigna02:agletsids, + author = {Giovanni Vigna and Bryan Cassell and Dave Fayram}, + title = {{An Intrusion Detection System for Aglets}}, + booktitle = {Proceedings of the International Conference on Mobile Agents (MA)}, + year = 2002, + address = {Barcelona, Spain}, + editor = {N. Suri}, + series = {LNCS}, + volume = {2535}, + pages = {64--77}, + month = {October}, + publisher = {Springer-Verlag} +} + diff --git a/aixcc/publications/2002_vigna_cassell_fayram_ma02.pdf b/aixcc/publications/2002_vigna_cassell_fayram_ma02.pdf new file mode 100644 index 0000000..c0ce1d5 Binary files /dev/null and b/aixcc/publications/2002_vigna_cassell_fayram_ma02.pdf differ diff --git a/aixcc/publications/2002_vigna_mitchell_iceccs02.bib b/aixcc/publications/2002_vigna_mitchell_iceccs02.bib new file mode 100644 index 0000000..9e3a133 --- /dev/null +++ b/aixcc/publications/2002_vigna_mitchell_iceccs02.bib @@ -0,0 +1,11 @@ +@InProceedings{vigna02:designing, + author = {Giovanni Vigna and Andrew Mitchell}, + title = {{Mnemosyne: Designing and Implementing Network Short-Term Memory}}, + booktitle = {Proceedings of the IEEE International Conference on Engineering of Complex Computer Systems (ICECCS)}, + year = 2002, + pages = {91--100}, + address = {Greenbelt, MD}, + month = {December}, + publisher = {IEEE Press} +} + diff --git a/aixcc/publications/2002_vigna_mitchell_iceccs02.pdf b/aixcc/publications/2002_vigna_mitchell_iceccs02.pdf new file mode 100644 index 0000000..55861c7 Binary files /dev/null and b/aixcc/publications/2002_vigna_mitchell_iceccs02.pdf differ diff --git a/aixcc/publications/2002_vigna_valeur_zhou_kemmerer_acsac02.bib b/aixcc/publications/2002_vigna_valeur_zhou_kemmerer_acsac02.bib new file mode 100644 index 0000000..534925c --- /dev/null +++ b/aixcc/publications/2002_vigna_valeur_zhou_kemmerer_acsac02.bib @@ -0,0 +1,11 @@ +@InProceedings{vigna02:composable, + author = {Giovanni Vigna and Fredrik Valeur and Jingyu Zhou and Richard Kemmerer}, + title = {{Composable Tools For Network Discovery and Security Analysis}}, + booktitle = {Proceedings of the Annual Computer Security Applications Conference (ACSAC)}, + year = 2002, + publisher = {IEEE Press}, + address = {Las Vegas, NV}, + pages = {14--24}, + month = {December} +} + diff --git a/aixcc/publications/2002_vigna_valeur_zhou_kemmerer_acsac02.pdf b/aixcc/publications/2002_vigna_valeur_zhou_kemmerer_acsac02.pdf new file mode 100644 index 0000000..6c7d592 Binary files /dev/null and b/aixcc/publications/2002_vigna_valeur_zhou_kemmerer_acsac02.pdf differ diff --git a/aixcc/publications/2002_wespi_vigna_deri_raid2002.bib b/aixcc/publications/2002_wespi_vigna_deri_raid2002.bib new file mode 100644 index 0000000..e01bb47 --- /dev/null +++ b/aixcc/publications/2002_wespi_vigna_deri_raid2002.bib @@ -0,0 +1,12 @@ +@Proceedings{wespi02:raid_proceedings, + title = {Proceedings of the International Symposium on Recent Advances in Intrusion Detection (RAID)}, + year = 2002, + editor = {Andreas Wespi and Giovanni Vigna and Luca Deri}, + volume = 2516, + series = {LNCS}, + address = {Zurich, Switzerland}, + isbn = {978-3-540-00020-4}, + month = {October}, + publisher = {Springer-Verlag}, + url = {http://www.springer.com/computer/book/978-3-540-00020-4} +} diff --git a/aixcc/publications/2003_kruegel_mutz_valeur_vigna_esorics03.bib b/aixcc/publications/2003_kruegel_mutz_valeur_vigna_esorics03.bib new file mode 100644 index 0000000..01a677a --- /dev/null +++ b/aixcc/publications/2003_kruegel_mutz_valeur_vigna_esorics03.bib @@ -0,0 +1,11 @@ +@InProceedings{kruegel03:syscall, + author = {Christopher Kruegel and Darren Mutz and Fredrik Valeur and Giovanni Vigna}, + title = {{On the Detection of Anomalous System Call Arguments}}, + booktitle = {Proceedings of the European Symposium on Research in Computer Security (ESORICS)}, + year = 2003, + series = {LNCS}, + pages = {326--343}, + address = {Gjovik, Norway}, + month = {October}, + publisher = {Springer-Verlag} +} diff --git a/aixcc/publications/2003_kruegel_mutz_valeur_vigna_esorics03.pdf b/aixcc/publications/2003_kruegel_mutz_valeur_vigna_esorics03.pdf new file mode 100644 index 0000000..a08335f Binary files /dev/null and b/aixcc/publications/2003_kruegel_mutz_valeur_vigna_esorics03.pdf differ diff --git a/aixcc/publications/2003_kruegel_vigna_ccs03.bib b/aixcc/publications/2003_kruegel_vigna_ccs03.bib new file mode 100644 index 0000000..b71bffa --- /dev/null +++ b/aixcc/publications/2003_kruegel_vigna_ccs03.bib @@ -0,0 +1,10 @@ +@InProceedings{kruegel03:webanomaly, + author = {Christopher Kruegel and Giovanni Vigna}, + title = {{Anomaly Detection of Web-based Attacks}}, + booktitle = {Proceedings of the ACM Conference on Computer and Communications Security (CCS)}, + year = 2003, + address = {Washington, DC}, + pages = {251--261}, + month = {October}, + publisher = {ACM Press} +} diff --git a/aixcc/publications/2003_kruegel_vigna_ccs03.pdf b/aixcc/publications/2003_kruegel_vigna_ccs03.pdf new file mode 100644 index 0000000..ce390c9 Binary files /dev/null and b/aixcc/publications/2003_kruegel_vigna_ccs03.pdf differ diff --git a/aixcc/publications/2003_mutz_vigna_kemmerer_ACSAC03.bib b/aixcc/publications/2003_mutz_vigna_kemmerer_ACSAC03.bib new file mode 100644 index 0000000..effaef2 --- /dev/null +++ b/aixcc/publications/2003_mutz_vigna_kemmerer_ACSAC03.bib @@ -0,0 +1,10 @@ +@InProceedings{mutz03:mucus, + author = {Darren Mutz and Giovanni Vigna and Richard Kemmerer}, + title = {{An Experience Developing an IDS Stimulator for the Black-Box Testing of Network Intrusion Detection Systems}}, + booktitle = {Proceedings of the 2003 Annual Computer Security Applications Conference (ACSAC)}, + pages = {374--383}, + year = 2003, + address = {Las Vegas, Nevada}, + month = {December} +} + diff --git a/aixcc/publications/2003_mutz_vigna_kemmerer_ACSAC03.pdf b/aixcc/publications/2003_mutz_vigna_kemmerer_ACSAC03.pdf new file mode 100644 index 0000000..7b4edac Binary files /dev/null and b/aixcc/publications/2003_mutz_vigna_kemmerer_ACSAC03.pdf differ diff --git a/aixcc/publications/2003_soman_krintz_vigna_usenix03.bib b/aixcc/publications/2003_soman_krintz_vigna_usenix03.bib new file mode 100644 index 0000000..402862a --- /dev/null +++ b/aixcc/publications/2003_soman_krintz_vigna_usenix03.bib @@ -0,0 +1,11 @@ +@InProceedings{soman03:jvm_auditing, + author = {Sunil Soman and Chandra Krintz and Giovanni Vigna}, + title = {{Detecting Malicious Java Code Using Virtual Machine Auditing}}, + booktitle = {Proceedings of the USENIX Security Symposium}, + year = 2003, + pages = {153--167}, + editor = {V. Paxson}, + address = {Washington, DC}, + month = {August}, + organization = {USENIX} +} diff --git a/aixcc/publications/2003_soman_krintz_vigna_usenix03.pdf b/aixcc/publications/2003_soman_krintz_vigna_usenix03.pdf new file mode 100644 index 0000000..d5fcfa6 Binary files /dev/null and b/aixcc/publications/2003_soman_krintz_vigna_usenix03.pdf differ diff --git a/aixcc/publications/2003_vigna_fme03.bib b/aixcc/publications/2003_vigna_fme03.bib new file mode 100644 index 0000000..59031d0 --- /dev/null +++ b/aixcc/publications/2003_vigna_fme03.bib @@ -0,0 +1,15 @@ +@InProceedings{vigna03:hypergraphs, + author = {Giovanni Vigna}, + title = {{A Topological Characterization of TCP/IP Security}}, + booktitle = {Proceedings of the International Symposium of Formal Methods Europe (FME)}, + year = 2003, + series = {LNCS}, + number = {2805}, + address = {Pisa, Italy}, + pages = {914--940}, + month = {September}, + publisher = {Springer-Verlag} +} + + + diff --git a/aixcc/publications/2003_vigna_fme03.pdf b/aixcc/publications/2003_vigna_fme03.pdf new file mode 100644 index 0000000..8be9ee3 Binary files /dev/null and b/aixcc/publications/2003_vigna_fme03.pdf differ diff --git a/aixcc/publications/2003_vigna_jiw03.bib b/aixcc/publications/2003_vigna_jiw03.bib new file mode 100644 index 0000000..f0b9b13 --- /dev/null +++ b/aixcc/publications/2003_vigna_jiw03.bib @@ -0,0 +1,10 @@ +@Article{vigna03:teaching, + author = {Giovanni Vigna}, + title = {{Teaching Hands-On Network Security: Testbeds and Live Exercises}}, + journal = {Journal of Information Warfare}, + year = 2003, + month = {February}, + volume = 3, + number = 2, + pages = {8--25} +} diff --git a/aixcc/publications/2003_vigna_jiw03.pdf b/aixcc/publications/2003_vigna_jiw03.pdf new file mode 100644 index 0000000..024ae70 Binary files /dev/null and b/aixcc/publications/2003_vigna_jiw03.pdf differ diff --git a/aixcc/publications/2003_vigna_jonsson_kruegel_raid03.bib b/aixcc/publications/2003_vigna_jonsson_kruegel_raid03.bib new file mode 100644 index 0000000..966b44b --- /dev/null +++ b/aixcc/publications/2003_vigna_jonsson_kruegel_raid03.bib @@ -0,0 +1,12 @@ +@Proceedings{vigna03:raid_proceedings, + title = {Proceedings of the International Symposium on Recent Advances in Intrusion Detection (RAID)}, + year = 2003, + editor = {Giovanni Vigna and Erland Jonnson and Christopher Kruegel}, + volume = 2820, + isbn = {978-3-540-40878-9}, + series = {LNCS}, + address = {Pittsburgh, PA}, + month = {September}, + publisher = {Springer-Verlag}, + url = {http://www.springer.com/computer/swe/book/978-3-540-40878-9} +} diff --git a/aixcc/publications/2003_vigna_robertson_kher_kemmerer_ACSAC03.bib b/aixcc/publications/2003_vigna_robertson_kher_kemmerer_ACSAC03.bib new file mode 100644 index 0000000..8138016 --- /dev/null +++ b/aixcc/publications/2003_vigna_robertson_kher_kemmerer_ACSAC03.bib @@ -0,0 +1,10 @@ +@InProceedings{vigna03:webstat, + author = {Giovanni Vigna and Wil Robertson and Vishal Kher and Richard Kemmerer}, + title = {{A Stateful Intrusion Detection System for World-Wide Web Servers}}, + booktitle = {Proceedings of the Annual Computer Security Applications Conference (ACSAC)}, + pages = {34--43}, + year = 2003, + address = {Las Vegas, NV}, + month = {December} +} + diff --git a/aixcc/publications/2003_vigna_robertson_kher_kemmerer_ACSAC03.pdf b/aixcc/publications/2003_vigna_robertson_kher_kemmerer_ACSAC03.pdf new file mode 100644 index 0000000..b138f59 Binary files /dev/null and b/aixcc/publications/2003_vigna_robertson_kher_kemmerer_ACSAC03.pdf differ diff --git a/aixcc/publications/2003_vigna_valeur_kemmerer_esec03.bib b/aixcc/publications/2003_vigna_valeur_kemmerer_esec03.bib new file mode 100644 index 0000000..4c523b4 --- /dev/null +++ b/aixcc/publications/2003_vigna_valeur_kemmerer_esec03.bib @@ -0,0 +1,10 @@ +@InProceedings{vigna03:family, + author = {Giovanni Vigna and Fredrik Valeur and Richard Kemmerer}, + title = {{Designing and Implementing a Family of Intrusion Detection Systems}}, + booktitle = {Proceedings of the European Software Engineering Conference and ACM SIGSOFT Symposium on the Foundations of Software Engineering (ESEC/FSE)}, + year = 2003, + pages = {88--97}, + address = {Helsinki, Finland}, + month = {September} +} + diff --git a/aixcc/publications/2003_vigna_valeur_kemmerer_esec03.pdf b/aixcc/publications/2003_vigna_valeur_kemmerer_esec03.pdf new file mode 100644 index 0000000..89a7c6a Binary files /dev/null and b/aixcc/publications/2003_vigna_valeur_kemmerer_esec03.pdf differ diff --git a/aixcc/publications/2003_vigna_wise03.bib b/aixcc/publications/2003_vigna_wise03.bib new file mode 100644 index 0000000..53c4436 --- /dev/null +++ b/aixcc/publications/2003_vigna_wise03.bib @@ -0,0 +1,13 @@ +@InProceedings{vigna03:exercises, + author = {Giovanni Vigna}, + title = {{Teaching Network Security Through Live Exercises}}, + booktitle = {Proceedings of the Third Annual World Conference on Information Security Education (WISE)}, + pages = {3--18}, + year = 2003, + editor = {C. Irvine and H. Armstrong}, + address = {Monterey, CA}, + month = {June}, + publisher = {Kluwer Academic Publishers} +} + + diff --git a/aixcc/publications/2003_vigna_wise03.pdf b/aixcc/publications/2003_vigna_wise03.pdf new file mode 100644 index 0000000..0080a9c Binary files /dev/null and b/aixcc/publications/2003_vigna_wise03.pdf differ diff --git a/aixcc/publications/2004_kruegel_robertson_valeur_vigna_USENIX04.bib b/aixcc/publications/2004_kruegel_robertson_valeur_vigna_USENIX04.bib new file mode 100644 index 0000000..345a22e --- /dev/null +++ b/aixcc/publications/2004_kruegel_robertson_valeur_vigna_USENIX04.bib @@ -0,0 +1,10 @@ +@InProceedings{kruegel04:disassembly, + author = {Christopher Kruegel and Wil Robertson and Fredrik Valeur and Giovanni Vigna}, + title = {Static Disassembly of Obfuscated Binaries}, + booktitle = {Proceedings of the USENIX Security Symposium}, + pages = {255--270}, + year = 2004, + address = {San Diego, CA}, + month = {August} +} + diff --git a/aixcc/publications/2004_kruegel_robertson_valeur_vigna_USENIX04.pdf b/aixcc/publications/2004_kruegel_robertson_valeur_vigna_USENIX04.pdf new file mode 100644 index 0000000..6897a39 Binary files /dev/null and b/aixcc/publications/2004_kruegel_robertson_valeur_vigna_USENIX04.pdf differ diff --git a/aixcc/publications/2004_kruegel_robertson_vigna_ACSAC04.bib b/aixcc/publications/2004_kruegel_robertson_vigna_ACSAC04.bib new file mode 100644 index 0000000..513430c --- /dev/null +++ b/aixcc/publications/2004_kruegel_robertson_vigna_ACSAC04.bib @@ -0,0 +1,10 @@ +@InProceedings{kruegel04:rootkits, + author = {Christopher Kruegel and Wil Robertson and Giovanni Vigna}, + title = {{Detecting Kernel-Level Rootkits Through Binary Analysis}}, + booktitle = {Proceedings of the Annual Computer Security Applications Conference (ACSAC)}, + pages = {91-100}, + year = 2004, + address = {Tucson, AZ}, + month = {December} +} + diff --git a/aixcc/publications/2004_kruegel_robertson_vigna_ACSAC04.pdf b/aixcc/publications/2004_kruegel_robertson_vigna_ACSAC04.pdf new file mode 100644 index 0000000..0950a61 Binary files /dev/null and b/aixcc/publications/2004_kruegel_robertson_vigna_ACSAC04.pdf differ diff --git a/aixcc/publications/2004_kruegel_robertson_vigna_PIK_AlertVerification.bib b/aixcc/publications/2004_kruegel_robertson_vigna_PIK_AlertVerification.bib new file mode 100644 index 0000000..ef72ac3 --- /dev/null +++ b/aixcc/publications/2004_kruegel_robertson_vigna_PIK_AlertVerification.bib @@ -0,0 +1,10 @@ +@Article{kruegel04:verification, + author = {Christopher Kruegel and Wil Robertson and Giovanni Vigna}, + title = {{Using Alert Verification to Identify Successful Intrusion Attempts}}, + journal = {Practice in Information Processing and Communication (PIK)}, + year = {2004}, + volume = {27}, + number = {4}, + pages = {219 -- 227}, + month = {October -- December} +} diff --git a/aixcc/publications/2004_kruegel_robertson_vigna_PIK_AlertVerification.pdf b/aixcc/publications/2004_kruegel_robertson_vigna_PIK_AlertVerification.pdf new file mode 100644 index 0000000..af1280f Binary files /dev/null and b/aixcc/publications/2004_kruegel_robertson_vigna_PIK_AlertVerification.pdf differ diff --git a/aixcc/publications/2004_valeur_vigna_kruegel_kemmerer_TDSC_Correlation.bib b/aixcc/publications/2004_valeur_vigna_kruegel_kemmerer_TDSC_Correlation.bib new file mode 100644 index 0000000..35c4067 --- /dev/null +++ b/aixcc/publications/2004_valeur_vigna_kruegel_kemmerer_TDSC_Correlation.bib @@ -0,0 +1,11 @@ +@Article{valeur04:correlation, + author = {Fredrik Valeur and Giovanni Vigna and Christopher Kruegel and Richard Kemmerer}, + title = {{A Comprehensive Approach to Intrusion Detection Alert Correlation}}, + journal = {IEEE Transactions on Dependable and Secure Computing}, + year = 2004, + volume = {1}, + number = {3}, + pages = {146--169}, + month = {July-September} +} + diff --git a/aixcc/publications/2004_valeur_vigna_kruegel_kemmerer_TDSC_Correlation.pdf b/aixcc/publications/2004_valeur_vigna_kruegel_kemmerer_TDSC_Correlation.pdf new file mode 100644 index 0000000..7315565 Binary files /dev/null and b/aixcc/publications/2004_valeur_vigna_kruegel_kemmerer_TDSC_Correlation.pdf differ diff --git a/aixcc/publications/2004_vigna_MDM04.bib b/aixcc/publications/2004_vigna_MDM04.bib new file mode 100644 index 0000000..fcef696 --- /dev/null +++ b/aixcc/publications/2004_vigna_MDM04.bib @@ -0,0 +1,11 @@ +@InProceedings{vigna04:ten_reasons, + author = {Giovanni Vigna}, + title = {{Mobile Agents: Ten Reasons For Failure}}, + booktitle = {Proceedings of the IEEE International Conference on Mobile Data Management (MDM)}, + pages = {298-299}, + year = 2004, + address = {Berkeley, CA}, + month = {January}, + note = {Position Paper} +} + diff --git a/aixcc/publications/2004_vigna_MDM04.pdf b/aixcc/publications/2004_vigna_MDM04.pdf new file mode 100644 index 0000000..8023106 Binary files /dev/null and b/aixcc/publications/2004_vigna_MDM04.pdf differ diff --git a/aixcc/publications/2004_vigna_gwalani_srinivasan_royer_kemmerer_ACSAC04.bib b/aixcc/publications/2004_vigna_gwalani_srinivasan_royer_kemmerer_ACSAC04.bib new file mode 100644 index 0000000..40d2f70 --- /dev/null +++ b/aixcc/publications/2004_vigna_gwalani_srinivasan_royer_kemmerer_ACSAC04.bib @@ -0,0 +1,10 @@ +@InProceedings{vigna04:aodvstat, + author = {Giovanni Vigna and Sumit Gwalani and Kavitha Srinivasan and Elizabeth Belding-Royer and Richard Kemmerer}, + title = {{An Intrusion Detection Tool for AODV-based Ad Hoc Wireless Networks}}, + booktitle = {Proceedings of the Annual Computer Security Applications Conference (ACSAC)}, + pages = {16--27}, + year = 2004, + address = {Tucson, AZ}, + month = {December} +} + diff --git a/aixcc/publications/2004_vigna_gwalani_srinivasan_royer_kemmerer_ACSAC04.pdf b/aixcc/publications/2004_vigna_gwalani_srinivasan_royer_kemmerer_ACSAC04.pdf new file mode 100644 index 0000000..43435e8 Binary files /dev/null and b/aixcc/publications/2004_vigna_gwalani_srinivasan_royer_kemmerer_ACSAC04.pdf differ diff --git a/aixcc/publications/2004_vigna_robertson_balzarotti_CCS04.bib b/aixcc/publications/2004_vigna_robertson_balzarotti_CCS04.bib new file mode 100644 index 0000000..5592493 --- /dev/null +++ b/aixcc/publications/2004_vigna_robertson_balzarotti_CCS04.bib @@ -0,0 +1,10 @@ +@InProceedings{vigna04:sploit, + author = {Giovanni Vigna and Wil Robertson and Davide Balzarotti}, + title = {{Testing Network-based Intrusion Detection Signatures Using Mutant Exploits}}, + booktitle = {Proceedings of the ACM Conference on Computer and Communications Security (CCS)}, + pages = {21--30}, + year = 2004, + address = {Washington, DC}, + month = {October} +} + diff --git a/aixcc/publications/2004_vigna_robertson_balzarotti_CCS04.pdf b/aixcc/publications/2004_vigna_robertson_balzarotti_CCS04.pdf new file mode 100644 index 0000000..8775de4 Binary files /dev/null and b/aixcc/publications/2004_vigna_robertson_balzarotti_CCS04.pdf differ diff --git a/aixcc/publications/2004_zhou_vigna_ACSAC04.bib b/aixcc/publications/2004_zhou_vigna_ACSAC04.bib new file mode 100644 index 0000000..cdda3c7 --- /dev/null +++ b/aixcc/publications/2004_zhou_vigna_ACSAC04.bib @@ -0,0 +1,10 @@ +@InProceedings{zhou04:instrumentation, + author = {Jingyu Zhou and Giovanni Vigna}, + title = {{Detecting Attacks That Exploit Application-Logic Errors Through Application-Level Auditing}}, + booktitle = {Proceedings of the Annual Computer Security Applications Conference (ACSAC)}, + pages = {168--178}, + year = 2004, + address = {Tucson, AZ}, + month = {December} +} + diff --git a/aixcc/publications/2004_zhou_vigna_ACSAC04.pdf b/aixcc/publications/2004_zhou_vigna_ACSAC04.pdf new file mode 100644 index 0000000..e6c92b1 Binary files /dev/null and b/aixcc/publications/2004_zhou_vigna_ACSAC04.pdf differ diff --git a/aixcc/publications/2005_felmetsger_vigna_ICECCS05.bib b/aixcc/publications/2005_felmetsger_vigna_ICECCS05.bib new file mode 100644 index 0000000..4a41f23 --- /dev/null +++ b/aixcc/publications/2005_felmetsger_vigna_ICECCS05.bib @@ -0,0 +1,10 @@ +@InProceedings{felmetsger05:dago, + author = {Vika Felmetsger and Giovanni Vigna}, + title = {Exploiting OS-level Mechanisms to Implement Mobile Code Security}, + booktitle = {Proceedings of the IEEE International Conference on Engineering of Complex Computer Systems (ICECCS)}, + page = {234--243}, + year = 2005, + address = {Shanghai, China}, + month = {June} +} + diff --git a/aixcc/publications/2005_felmetsger_vigna_ICECCS05.pdf b/aixcc/publications/2005_felmetsger_vigna_ICECCS05.pdf new file mode 100644 index 0000000..e921494 Binary files /dev/null and b/aixcc/publications/2005_felmetsger_vigna_ICECCS05.pdf differ diff --git a/aixcc/publications/2005_hallaraker_vigna_ICECCS05.bib b/aixcc/publications/2005_hallaraker_vigna_ICECCS05.bib new file mode 100644 index 0000000..1b218d5 --- /dev/null +++ b/aixcc/publications/2005_hallaraker_vigna_ICECCS05.bib @@ -0,0 +1,10 @@ +@InProceedings{hallaraker05:javascript, + author = {Oystein Hallaraker and Giovanni Vigna}, + title = {{Detecting Malicious JavaScript Code in Mozilla}}, + booktitle = {Proceedings of the IEEE International Conference on Engineering of Complex Computer Systems (ICECCS)}, + year = 2005, + pages = {85--94}, + address = {Shanghai, China}, + month = {June} +} + diff --git a/aixcc/publications/2005_hallaraker_vigna_ICECCS05.pdf b/aixcc/publications/2005_hallaraker_vigna_ICECCS05.pdf new file mode 100644 index 0000000..e6841e7 Binary files /dev/null and b/aixcc/publications/2005_hallaraker_vigna_ICECCS05.pdf differ diff --git a/aixcc/publications/2005_kemmerer_vigna_IEEEProc.bib b/aixcc/publications/2005_kemmerer_vigna_IEEEProc.bib new file mode 100644 index 0000000..b07b642 --- /dev/null +++ b/aixcc/publications/2005_kemmerer_vigna_IEEEProc.bib @@ -0,0 +1,11 @@ +@Article{kemmerer05:hidra, + author = {Richard Kemmerer and Giovanni Vigna}, + title = {{Hi-DRA: Intrusion Detection for Internet Security}}, + journal = {IEEE Proceedings}, + year = 2005, + volume = 93, + number = 10, + pages = {1848-1857}, + month = {October} +} + diff --git a/aixcc/publications/2005_kemmerer_vigna_IEEEProc.pdf b/aixcc/publications/2005_kemmerer_vigna_IEEEProc.pdf new file mode 100644 index 0000000..7828421 Binary files /dev/null and b/aixcc/publications/2005_kemmerer_vigna_IEEEProc.pdf differ diff --git a/aixcc/publications/2005_kemmerer_vigna_cyberthreats.bib b/aixcc/publications/2005_kemmerer_vigna_cyberthreats.bib new file mode 100644 index 0000000..b9bc3f7 --- /dev/null +++ b/aixcc/publications/2005_kemmerer_vigna_cyberthreats.bib @@ -0,0 +1,13 @@ +@InCollection{kemmerer05:cyberthreats, + author = {Richard Kemmerer and Giovanni Vigna}, + title = {{Sensor Families for Intrusion Detection Infrastructures}}, + booktitle = {Managing Cyber Threats: Issues, Approaches and Challenges}, + publisher = {Springer-Verlag}, + series = {Massive Computing}, + volume = {5}, + editor = {V. Kumar and J. Srivastava and A. Lazarevic}, + month = {January}, + year = 2005 +} + + diff --git a/aixcc/publications/2005_kemmerer_vigna_cyberthreats.pdf b/aixcc/publications/2005_kemmerer_vigna_cyberthreats.pdf new file mode 100644 index 0000000..3a103a9 Binary files /dev/null and b/aixcc/publications/2005_kemmerer_vigna_cyberthreats.pdf differ diff --git a/aixcc/publications/2005_kruegel_kirda_mutz_robertson_vigna_RAID05.bib b/aixcc/publications/2005_kruegel_kirda_mutz_robertson_vigna_RAID05.bib new file mode 100644 index 0000000..55422f7 --- /dev/null +++ b/aixcc/publications/2005_kruegel_kirda_mutz_robertson_vigna_RAID05.bib @@ -0,0 +1,13 @@ +@InProceedings{kruegel05:polyworm, + author = {Christopher Kruegel and Engin Kirda and Darren Mutz and Wil Robertson and Giovanni Vigna}, + title = {{Polymorphic Worm Detection Using Structural Information of Executables}}, + booktitle = {Proceedings of the International Symposium on Recent Advances in Intrusion Detection (RAID)}, + year = 2005, + series = {LNCS}, + volume = {3858}, + pages = {207--226}, + address = {Seattle, WA}, + month = {September}, + publisher = {Springer-Verlag} +} + diff --git a/aixcc/publications/2005_kruegel_kirda_mutz_robertson_vigna_RAID05.pdf b/aixcc/publications/2005_kruegel_kirda_mutz_robertson_vigna_RAID05.pdf new file mode 100644 index 0000000..7e3a0bf Binary files /dev/null and b/aixcc/publications/2005_kruegel_kirda_mutz_robertson_vigna_RAID05.pdf differ diff --git a/aixcc/publications/2005_kruegel_kirda_robertson_mutz_vigna_USENIX05.bib b/aixcc/publications/2005_kruegel_kirda_robertson_mutz_vigna_USENIX05.bib new file mode 100644 index 0000000..1d68342 --- /dev/null +++ b/aixcc/publications/2005_kruegel_kirda_robertson_mutz_vigna_USENIX05.bib @@ -0,0 +1,9 @@ +@InProceedings{kruegel05:mimicry, + author = {Christopher Kruegel and Engin Kirda and Darren Mutz and Wil Robertson and Giovanni Vigna}, + title = {Automating Mimicry Attacks Using Static Binary Analysis}, + booktitle = {Proceedings of the USENIX Security Symposium}, + year = 2005, + address = {Baltimore, MD}, + month = {August} +} + diff --git a/aixcc/publications/2005_kruegel_kirda_robertson_mutz_vigna_USENIX05.pdf b/aixcc/publications/2005_kruegel_kirda_robertson_mutz_vigna_USENIX05.pdf new file mode 100644 index 0000000..c9a14c3 Binary files /dev/null and b/aixcc/publications/2005_kruegel_kirda_robertson_mutz_vigna_USENIX05.pdf differ diff --git a/aixcc/publications/2005_kruegel_mutz_robertson_vigna_kemmerer_auscert05.bib b/aixcc/publications/2005_kruegel_mutz_robertson_vigna_kemmerer_auscert05.bib new file mode 100644 index 0000000..a3b36e9 --- /dev/null +++ b/aixcc/publications/2005_kruegel_mutz_robertson_vigna_kemmerer_auscert05.bib @@ -0,0 +1,9 @@ +@InProceedings{kruegel05:reveng, + author = {Christopher Kruegel and Darren Mutz and Wil Robertson and Giovanni Vigna and Richard Kemmerer}, + title = {{Reverse Engineering of Network Signatures}}, + booktitle = {Proceedings of the AusCERT Asia Pacific Information Technology Security Conference}, + year = 2005, + address = {Gold Coast, Australia}, + month = {May} +} + diff --git a/aixcc/publications/2005_kruegel_mutz_robertson_vigna_kemmerer_auscert05.pdf b/aixcc/publications/2005_kruegel_mutz_robertson_vigna_kemmerer_auscert05.pdf new file mode 100644 index 0000000..70c6ed2 Binary files /dev/null and b/aixcc/publications/2005_kruegel_mutz_robertson_vigna_kemmerer_auscert05.pdf differ diff --git a/aixcc/publications/2005_kruegel_valeur_vigna_correlationbook.bib b/aixcc/publications/2005_kruegel_valeur_vigna_correlationbook.bib new file mode 100644 index 0000000..f09203c --- /dev/null +++ b/aixcc/publications/2005_kruegel_valeur_vigna_correlationbook.bib @@ -0,0 +1,10 @@ +@Book{kruegel05:correlation, + author = {Christopher Kruegel and Fredrik Valeur and Giovanni Vigna}, + title = {Intrusion Detection and Correlation: Challenges and Solutions}, + publisher = {Springer}, + year = 2005, + month = {June}, + volume = 14, + series = {Advances in Information Security} +} + diff --git a/aixcc/publications/2005_kruegel_vigna_robertson_CN05.bib b/aixcc/publications/2005_kruegel_vigna_robertson_CN05.bib new file mode 100644 index 0000000..13e917e --- /dev/null +++ b/aixcc/publications/2005_kruegel_vigna_robertson_CN05.bib @@ -0,0 +1,11 @@ +@Article{kruegel05:multimodel, + author = {Christopher Kruegel and Giovanni Vigna and Wil Robertson}, + title = {{A Multi-model Approach to the Detection of Web-based Attacks}}, + journal = {Computer Networks}, + year = 2005, + volume = 48, + number = 5, + pages = {717--738}, + month = {August} +} + diff --git a/aixcc/publications/2005_kruegel_vigna_robertson_CN05.pdf b/aixcc/publications/2005_kruegel_vigna_robertson_CN05.pdf new file mode 100644 index 0000000..84eb54f Binary files /dev/null and b/aixcc/publications/2005_kruegel_vigna_robertson_CN05.pdf differ diff --git a/aixcc/publications/2005_valeur_mutz_vigna_dimva05.bib b/aixcc/publications/2005_valeur_mutz_vigna_dimva05.bib new file mode 100644 index 0000000..f2538d9 --- /dev/null +++ b/aixcc/publications/2005_valeur_mutz_vigna_dimva05.bib @@ -0,0 +1,10 @@ +@InProceedings{valeur05:sqlanomaly, + author = {Fredrik Valeur and Darren Mutz and Giovanni Vigna}, + title = {{A Learning-Based Approach to the Detection of SQL Attacks}}, + booktitle = {Proceedings of the Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA)}, + pages = {123-140}, + year = 2005, + address = {Vienna, Austria}, + month = {July} +} + diff --git a/aixcc/publications/2005_valeur_mutz_vigna_dimva05.pdf b/aixcc/publications/2005_valeur_mutz_vigna_dimva05.pdf new file mode 100644 index 0000000..2d6db8c Binary files /dev/null and b/aixcc/publications/2005_valeur_mutz_vigna_dimva05.pdf differ diff --git a/aixcc/publications/2005_vigna_kruegel_HandbookInfosec.bib b/aixcc/publications/2005_vigna_kruegel_HandbookInfosec.bib new file mode 100644 index 0000000..6822e9a --- /dev/null +++ b/aixcc/publications/2005_vigna_kruegel_HandbookInfosec.bib @@ -0,0 +1,10 @@ +@InCollection{vigna05:hids, + author = {Giovanni Vigna and Christopher Kruegel}, + editor = {H. Bigdoli}, + booktitle = {Handbook of Information Security}, + title = {{Host-based Intrusion Detection Systems}}, + publisher = {Wiley}, + year = 2005, + month = {December} +} + diff --git a/aixcc/publications/2005_vigna_kruegel_HandbookInfosec.pdf b/aixcc/publications/2005_vigna_kruegel_HandbookInfosec.pdf new file mode 100644 index 0000000..66f597b Binary files /dev/null and b/aixcc/publications/2005_vigna_kruegel_HandbookInfosec.pdf differ diff --git a/aixcc/publications/2006_arnes_haas_vigna_kemmerer_DIMVA.bib b/aixcc/publications/2006_arnes_haas_vigna_kemmerer_DIMVA.bib new file mode 100644 index 0000000..2f15e83 --- /dev/null +++ b/aixcc/publications/2006_arnes_haas_vigna_kemmerer_DIMVA.bib @@ -0,0 +1,8 @@ +@InProceedings{arnes06:vise, + author = {Andre Arnes and Paul Haas and Giovanni Vigna and Richard Kemmerer}, + title = {{Digital Forensic Reconstruction and the Virtual Security Testbed ViSe}}, + booktitle = {Proceedings of the Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA)}, + year = 2006, + address = {Berlin, Germany}, + month = {June}} + diff --git a/aixcc/publications/2006_arnes_haas_vigna_kemmerer_DIMVA.pdf b/aixcc/publications/2006_arnes_haas_vigna_kemmerer_DIMVA.pdf new file mode 100644 index 0000000..7b5c69c Binary files /dev/null and b/aixcc/publications/2006_arnes_haas_vigna_kemmerer_DIMVA.pdf differ diff --git a/aixcc/publications/2006_arnes_valeur_vigna_kemmerer_RAID.bib b/aixcc/publications/2006_arnes_valeur_vigna_kemmerer_RAID.bib new file mode 100644 index 0000000..3a571ca --- /dev/null +++ b/aixcc/publications/2006_arnes_valeur_vigna_kemmerer_RAID.bib @@ -0,0 +1,8 @@ +@InProceedings{arnes06:hidden_markov, + author = {Andre Arnes and Fredrik Valeur and Giovanni Vigna and Richard Kemmerer}, + title = {{Using Hidden Markov Models to Evaluate the Risks of Intrusions: System Architecture and Model Validation}}, + booktitle = {Proceedings of the International Symposium on Recent Advances in Intrusion Detection (RAID)}, + year = 2006, + address = {Hamburg, Germany}, + month = {September} +} diff --git a/aixcc/publications/2006_arnes_valeur_vigna_kemmerer_RAID.pdf b/aixcc/publications/2006_arnes_valeur_vigna_kemmerer_RAID.pdf new file mode 100644 index 0000000..e48e1d6 Binary files /dev/null and b/aixcc/publications/2006_arnes_valeur_vigna_kemmerer_RAID.pdf differ diff --git a/aixcc/publications/2006_banks_cova_felmetsger_almeroth_kemmerer_vigna_ISC.bib b/aixcc/publications/2006_banks_cova_felmetsger_almeroth_kemmerer_vigna_ISC.bib new file mode 100644 index 0000000..3e663f0 --- /dev/null +++ b/aixcc/publications/2006_banks_cova_felmetsger_almeroth_kemmerer_vigna_ISC.bib @@ -0,0 +1,11 @@ +@InProceedings{banks06:snooze, + author = {Greg Banks and Marco Cova and Vika Felmetsger and Kevin Almeroth and Richard Kemmerer and Giovanni Vigna}, + title = {{SNOOZE: toward a Stateful NetwOrk prOtocol fuzZEr}}, + booktitle = {Proceedings of the Information Security Conference (ISC)}, + year = 2006, + series = {LNCS}, + address = {Samos, Greece}, + month = {August}, + publisher = {Springer} +} + diff --git a/aixcc/publications/2006_banks_cova_felmetsger_almeroth_kemmerer_vigna_ISC.pdf b/aixcc/publications/2006_banks_cova_felmetsger_almeroth_kemmerer_vigna_ISC.pdf new file mode 100644 index 0000000..fb4f863 Binary files /dev/null and b/aixcc/publications/2006_banks_cova_felmetsger_almeroth_kemmerer_vigna_ISC.pdf differ diff --git a/aixcc/publications/2006_cova_felmetsger_banks_vigna_ACSAC.bib b/aixcc/publications/2006_cova_felmetsger_banks_vigna_ACSAC.bib new file mode 100644 index 0000000..a1c02bb --- /dev/null +++ b/aixcc/publications/2006_cova_felmetsger_banks_vigna_ACSAC.bib @@ -0,0 +1,9 @@ +@InProceedings{cova06:static_binary, + author = {Marco Cova and Vika Felmetsger and Greg Banks and Giovanni Vigna}, + title = {{Static Detection of Vulnerabilities in x86 Executables}}, + booktitle = {Proceedings of the Annual Computer Security Applications Conference (ACSAC)}, + year = 2006, + address = {Miami, FL}, + month = {December} +} + diff --git a/aixcc/publications/2006_cova_felmetsger_banks_vigna_ACSAC.pdf b/aixcc/publications/2006_cova_felmetsger_banks_vigna_ACSAC.pdf new file mode 100644 index 0000000..5864863 Binary files /dev/null and b/aixcc/publications/2006_cova_felmetsger_banks_vigna_ACSAC.pdf differ diff --git a/aixcc/publications/2006_kirda_kruegel_banks_vigna_kemmerer_USENIX.bib b/aixcc/publications/2006_kirda_kruegel_banks_vigna_kemmerer_USENIX.bib new file mode 100644 index 0000000..83356aa --- /dev/null +++ b/aixcc/publications/2006_kirda_kruegel_banks_vigna_kemmerer_USENIX.bib @@ -0,0 +1,9 @@ +@InProceedings{kirda06:spyware, + author = {Engin Kirda and Christopher Kruegel and Greg Banks and Giovanni Vigna and Richard Kemmerer}, + title = {{Behavior-based Spyware Detection}}, + booktitle = {Proceedings of the USENIX Security Symposium}, + year = 2006, + address = {Vancouver, Canada}, + month = {August} +} + diff --git a/aixcc/publications/2006_kirda_kruegel_banks_vigna_kemmerer_USENIX.pdf b/aixcc/publications/2006_kirda_kruegel_banks_vigna_kemmerer_USENIX.pdf new file mode 100644 index 0000000..eb0c756 Binary files /dev/null and b/aixcc/publications/2006_kirda_kruegel_banks_vigna_kemmerer_USENIX.pdf differ diff --git a/aixcc/publications/2006_kirda_kruegel_vigna_jovanovic_SAC.bib b/aixcc/publications/2006_kirda_kruegel_vigna_jovanovic_SAC.bib new file mode 100644 index 0000000..bd6b11b --- /dev/null +++ b/aixcc/publications/2006_kirda_kruegel_vigna_jovanovic_SAC.bib @@ -0,0 +1,9 @@ +@InProceedings{kirda06:noxes, + author = {Engin Kirda and Christopher Kruegel and Giovanni Vigna and Nenad Jovanovic}, + title = {{Noxes: A Client-Side Solution for Mitigating Cross Site Scripting Attacks}}, + booktitle = {Proceedings of the ACM Symposium on Applied Computing (SAC)}, + year = 2006, + address = {Dijon, France}, + month = {April} +} + diff --git a/aixcc/publications/2006_kirda_kruegel_vigna_jovanovic_SAC.pdf b/aixcc/publications/2006_kirda_kruegel_vigna_jovanovic_SAC.pdf new file mode 100644 index 0000000..28dc4af Binary files /dev/null and b/aixcc/publications/2006_kirda_kruegel_vigna_jovanovic_SAC.pdf differ diff --git a/aixcc/publications/2006_klinkoff_kirda_kruegel_vigna_ISC.bib b/aixcc/publications/2006_klinkoff_kirda_kruegel_vigna_ISC.bib new file mode 100644 index 0000000..e756dff --- /dev/null +++ b/aixcc/publications/2006_klinkoff_kirda_kruegel_vigna_ISC.bib @@ -0,0 +1,11 @@ +@InProceedings{klinkoff06:unmanaged, + author = {Patrick Klinkoff and Christopher Kruegel and Engin Kirda and Giovanni Vigna}, + title = {{Extending .NET Security to Unmanaged Code}}, + booktitle = {Proceedings of the Information Security Conference (ISC)}, + year = 2006, + series = {LNCS}, + address = {Samos, Greece}, + month = {August}, + publisher = {Springer} +} + diff --git a/aixcc/publications/2006_klinkoff_kirda_kruegel_vigna_ISC.pdf b/aixcc/publications/2006_klinkoff_kirda_kruegel_vigna_ISC.pdf new file mode 100644 index 0000000..24780de Binary files /dev/null and b/aixcc/publications/2006_klinkoff_kirda_kruegel_vigna_ISC.pdf differ diff --git a/aixcc/publications/2006_mulliner_vigna_ACSAC.bib b/aixcc/publications/2006_mulliner_vigna_ACSAC.bib new file mode 100644 index 0000000..61fd119 --- /dev/null +++ b/aixcc/publications/2006_mulliner_vigna_ACSAC.bib @@ -0,0 +1,9 @@ +@InProceedings{mulliner06:vuln_mms, + author = {Colin Mulliner and Giovanni Vigna}, + title = {{Vulnerability Analysis of MMS User Agents}}, + booktitle = {Proceedings of the Annual Computer Security Applications Conference (ACSAC)}, + year = 2006, + address = {Miami, FL}, + month = {December} +} + diff --git a/aixcc/publications/2006_mulliner_vigna_ACSAC.pdf b/aixcc/publications/2006_mulliner_vigna_ACSAC.pdf new file mode 100644 index 0000000..fac0bc7 Binary files /dev/null and b/aixcc/publications/2006_mulliner_vigna_ACSAC.pdf differ diff --git a/aixcc/publications/2006_mulliner_vigna_dagon_lee_DIMVA.bib b/aixcc/publications/2006_mulliner_vigna_dagon_lee_DIMVA.bib new file mode 100644 index 0000000..58c7b63 --- /dev/null +++ b/aixcc/publications/2006_mulliner_vigna_dagon_lee_DIMVA.bib @@ -0,0 +1,13 @@ +@InProceedings{mulliner06:crossservice, + author = {Colin Mulliner and Giovanni Vigna and David Dagon and Wenke Lee}, + title = {{Using Labeling to Prevent Cross-Service Attacks Against Smart Phones}}, + booktitle = {Proceedings of the Conference on Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA)}, + pages = {91--108}, + year = 2006, + volume = 4064, + series = {LNCS}, + address = {Berlin, Germany}, + month = {July}, + publisher = {Springer} +} + diff --git a/aixcc/publications/2006_mulliner_vigna_dagon_lee_DIMVA.pdf b/aixcc/publications/2006_mulliner_vigna_dagon_lee_DIMVA.pdf new file mode 100644 index 0000000..064f173 Binary files /dev/null and b/aixcc/publications/2006_mulliner_vigna_dagon_lee_DIMVA.pdf differ diff --git a/aixcc/publications/2006_mutz_valeur_kruegel_vigna_TISSEC06.bib b/aixcc/publications/2006_mutz_valeur_kruegel_vigna_TISSEC06.bib new file mode 100644 index 0000000..528658d --- /dev/null +++ b/aixcc/publications/2006_mutz_valeur_kruegel_vigna_TISSEC06.bib @@ -0,0 +1,11 @@ +@Article{mutz06:syscalls, + author = {Darren Mutz and Fredrik Valeur and Christopher Kruegel and Giovanni Vigna}, + title = {{Anomalous System Call Detection}}, + journal = {ACM Transactions on Information and System Security}, + year = 2006, + volume = {9}, + number = {1}, + pages = {61-93}, + month = {February} +} + diff --git a/aixcc/publications/2006_mutz_valeur_kruegel_vigna_TISSEC06.pdf b/aixcc/publications/2006_mutz_valeur_kruegel_vigna_TISSEC06.pdf new file mode 100644 index 0000000..fd922de Binary files /dev/null and b/aixcc/publications/2006_mutz_valeur_kruegel_vigna_TISSEC06.pdf differ diff --git a/aixcc/publications/2006_robertson_vigna_kruegel_kemmerer_NDSS.bib b/aixcc/publications/2006_robertson_vigna_kruegel_kemmerer_NDSS.bib new file mode 100644 index 0000000..c641329 --- /dev/null +++ b/aixcc/publications/2006_robertson_vigna_kruegel_kemmerer_NDSS.bib @@ -0,0 +1,9 @@ +@InProceedings{robertson06:generalization, + author = {Wil Robertson and Giovanni Vigna and Christopher Kruegel and Richard Kemmerer}, + title = {{Using Generalization and Characterization Techniques in the Anomaly-based Detection of Web Attacks}}, + booktitle = {Proceeding of the Network and Distributed System Security Symposium (NDSS)}, + year = 2006, + address = {San Diego, CA}, + month = {February} +} + diff --git a/aixcc/publications/2006_robertson_vigna_kruegel_kemmerer_NDSS.pdf b/aixcc/publications/2006_robertson_vigna_kruegel_kemmerer_NDSS.pdf new file mode 100644 index 0000000..0c25078 Binary files /dev/null and b/aixcc/publications/2006_robertson_vigna_kruegel_kemmerer_NDSS.pdf differ diff --git a/aixcc/publications/2006_valeur_vigna_kruegel_kirda_SAC.bib b/aixcc/publications/2006_valeur_vigna_kruegel_kirda_SAC.bib new file mode 100644 index 0000000..ca5c7f1 --- /dev/null +++ b/aixcc/publications/2006_valeur_vigna_kruegel_kirda_SAC.bib @@ -0,0 +1,9 @@ +@InProceedings{valeur06:reverseproxy, + author = {Fredrik Valeur and Giovanni Vigna and Christopher Kruegel and Engin Kirda}, + title = {{An Anomaly-driven Reverse Proxy for Web Applications}}, + booktitle = {Proceedings of the ACM Symposium on Applied Computing (SAC)}, + year = 2006, + address = {Dijon, France}, + month = {April} +} + diff --git a/aixcc/publications/2006_valeur_vigna_kruegel_kirda_SAC.pdf b/aixcc/publications/2006_valeur_vigna_kruegel_kirda_SAC.pdf new file mode 100644 index 0000000..ffad6ad Binary files /dev/null and b/aixcc/publications/2006_valeur_vigna_kruegel_kirda_SAC.pdf differ diff --git a/aixcc/publications/2007_arnes_haas_vigna_kemmerer_vise.bib b/aixcc/publications/2007_arnes_haas_vigna_kemmerer_vise.bib new file mode 100644 index 0000000..282ed97 --- /dev/null +++ b/aixcc/publications/2007_arnes_haas_vigna_kemmerer_vise.bib @@ -0,0 +1,10 @@ +@Article{arnes07:vise, + author = {Andre Arnes and Paul Haas and Giovanni Vigna and Richard Kemmerer}, + title = {{Using a Virtual Security Testbed for Digital Forensic Reconstruction}}, + journal = {Journal in Computer Virology}, + volume = 2, + number = 4, + month = {February}, + year = 2007 +} + diff --git a/aixcc/publications/2007_arnes_haas_vigna_kemmerer_vise.pdf b/aixcc/publications/2007_arnes_haas_vigna_kemmerer_vise.pdf new file mode 100644 index 0000000..02ce4c4 Binary files /dev/null and b/aixcc/publications/2007_arnes_haas_vigna_kemmerer_vise.pdf differ diff --git a/aixcc/publications/2007_balzarotti_cova_felmetsger_vigna_multimodule.bib b/aixcc/publications/2007_balzarotti_cova_felmetsger_vigna_multimodule.bib new file mode 100644 index 0000000..cc7c9df --- /dev/null +++ b/aixcc/publications/2007_balzarotti_cova_felmetsger_vigna_multimodule.bib @@ -0,0 +1,9 @@ +@InProceedings{balzarotti07:mimosa, + author = {Davide Balzarotti and Marco Cova and Vika Felmetsger and Giovanni Vigna}, + title = {{Multi-Module Vulnerability Analysis of Web-based Applications}}, + booktitle = {Proceedings of the ACM Conference on Computer and Communications Security (CCS)}, + address = {Alexandria, VA}, + month = {October}, + pages = {25--35}, + year = 2007, +} \ No newline at end of file diff --git a/aixcc/publications/2007_balzarotti_cova_felmetsger_vigna_multimodule.pdf b/aixcc/publications/2007_balzarotti_cova_felmetsger_vigna_multimodule.pdf new file mode 100644 index 0000000..dcda25e Binary files /dev/null and b/aixcc/publications/2007_balzarotti_cova_felmetsger_vigna_multimodule.pdf differ diff --git a/aixcc/publications/2007_carzaniga_picco_vigna_ICSE.bib b/aixcc/publications/2007_carzaniga_picco_vigna_ICSE.bib new file mode 100644 index 0000000..2d4d225 --- /dev/null +++ b/aixcc/publications/2007_carzaniga_picco_vigna_ICSE.bib @@ -0,0 +1,9 @@ +@InProceedings{carzaniga07:lookingback, + author = {Antonio Carzaniga and Gian Pietro Picco and Giovanni Vigna}, + title = {{Is Code Still Moving Around? Looking Back at a Decade of Code Mobility}}, + booktitle = {Proceedings of the International Conference on Software Engineering (ICSE)}, + address = {Minneapolis, MN}, + pages = {9-20}, + year = 2007, + month = {May} +} diff --git a/aixcc/publications/2007_carzaniga_picco_vigna_ICSE.pdf b/aixcc/publications/2007_carzaniga_picco_vigna_ICSE.pdf new file mode 100644 index 0000000..c9a5572 Binary files /dev/null and b/aixcc/publications/2007_carzaniga_picco_vigna_ICSE.pdf differ diff --git a/aixcc/publications/2007_cova_balzarotti_felmetsger_vigna_swaddler.bib b/aixcc/publications/2007_cova_balzarotti_felmetsger_vigna_swaddler.bib new file mode 100644 index 0000000..58c74a5 --- /dev/null +++ b/aixcc/publications/2007_cova_balzarotti_felmetsger_vigna_swaddler.bib @@ -0,0 +1,10 @@ +@InProceedings{cova07:swaddler, + author = {Marco Cova and Davide Balzarotti and Vika Felmetsger and Giovanni Vigna}, + title = {{Swaddler: An Approach for the Anomaly-based Detection of State Violations in Web Applications}}, + booktitle = {Proceedings of the International Symposium on Recent Advances in Intrusion Detection (RAID)}, + address = {Gold Coast, Australia}, + month = {September}, + year = 2007, + pages = {63--86} +} + diff --git a/aixcc/publications/2007_cova_balzarotti_felmetsger_vigna_swaddler.pdf b/aixcc/publications/2007_cova_balzarotti_felmetsger_vigna_swaddler.pdf new file mode 100644 index 0000000..c6eaab6 Binary files /dev/null and b/aixcc/publications/2007_cova_balzarotti_felmetsger_vigna_swaddler.pdf differ diff --git a/aixcc/publications/2007_cova_felmetsger_vigna_webvuln.bib b/aixcc/publications/2007_cova_felmetsger_vigna_webvuln.bib new file mode 100644 index 0000000..29a9ff7 --- /dev/null +++ b/aixcc/publications/2007_cova_felmetsger_vigna_webvuln.bib @@ -0,0 +1,10 @@ +@InCollection{cova07:webvuln, + author = {Marco Cova and Vika Felmetsger and Giovanni Vigna}, + title = {{Vulnerability Analysis of Web Applications}}, + booktitle = {Testing and Analysis of Web Services}, + publisher = {Springer}, + year = 2007, + month = {July}, + editor = {L. Baresi and E. Dinitto} +} + diff --git a/aixcc/publications/2007_cova_felmetsger_vigna_webvuln.pdf b/aixcc/publications/2007_cova_felmetsger_vigna_webvuln.pdf new file mode 100644 index 0000000..2d44d0e Binary files /dev/null and b/aixcc/publications/2007_cova_felmetsger_vigna_webvuln.pdf differ diff --git a/aixcc/publications/2007_klinkoff_kirda_kruegel_vigna_dotnetsec.bib b/aixcc/publications/2007_klinkoff_kirda_kruegel_vigna_dotnetsec.bib new file mode 100644 index 0000000..19716cb --- /dev/null +++ b/aixcc/publications/2007_klinkoff_kirda_kruegel_vigna_dotnetsec.bib @@ -0,0 +1,11 @@ +@Article{klinkoff07:dotnetsec, + author = {Patrick Klinkoff and Engin Kirda and Christopher Kruegel and Giovanni Vigna}, + title = {{Extending .NET Security to Unmanaged Code}}, + journal = {International Journal of Information Security}, + volume = 6, + number = 6, + month = {October}, + pages = {417--428}, + year = 2007 +} + diff --git a/aixcc/publications/2007_klinkoff_kirda_kruegel_vigna_dotnetsec.pdf b/aixcc/publications/2007_klinkoff_kirda_kruegel_vigna_dotnetsec.pdf new file mode 100644 index 0000000..3d8d3e8 Binary files /dev/null and b/aixcc/publications/2007_klinkoff_kirda_kruegel_vigna_dotnetsec.pdf differ diff --git a/aixcc/publications/2007_kruegel_balzarotti_robertson_vigna_sploitation.bib b/aixcc/publications/2007_kruegel_balzarotti_robertson_vigna_sploitation.bib new file mode 100644 index 0000000..b658f02 --- /dev/null +++ b/aixcc/publications/2007_kruegel_balzarotti_robertson_vigna_sploitation.bib @@ -0,0 +1,10 @@ +@InProceedings{kruegel07:sploitation, + author = {Christopher Kruegel and Davide Balzarotti and Wil Robertson and Giovanni Vigna}, + title = {{Improving Signature Testing Through Dynamic Data Flow Analysis}}, + booktitle = {Proceedings of the Annual Computer Security Applications Conference (ACSAC)}, + year = 2007, + pages = {53--63}, + address = {Miami, FL}, + month = {December} +} + diff --git a/aixcc/publications/2007_kruegel_balzarotti_robertson_vigna_sploitation.pdf b/aixcc/publications/2007_kruegel_balzarotti_robertson_vigna_sploitation.pdf new file mode 100644 index 0000000..e04c962 Binary files /dev/null and b/aixcc/publications/2007_kruegel_balzarotti_robertson_vigna_sploitation.pdf differ diff --git a/aixcc/publications/2007_mcdaniel_blaze_vigna_voting.bib b/aixcc/publications/2007_mcdaniel_blaze_vigna_voting.bib new file mode 100644 index 0000000..bce049d --- /dev/null +++ b/aixcc/publications/2007_mcdaniel_blaze_vigna_voting.bib @@ -0,0 +1,8 @@ +@Misc{mcdaniel07:voting, + author = {Patrick McDaniel and Matt Blaze and Giovanni Vigna}, + title = {{EVEREST: Evaluation and Validation of Election-Related Equipment, Standards and Testing}}, + howpublished = {Ohio Secretary of State's EVEREST Project Report}, + month = {December}, + year = 2007 +} + diff --git a/aixcc/publications/2007_mcdaniel_blaze_vigna_voting.pdf b/aixcc/publications/2007_mcdaniel_blaze_vigna_voting.pdf new file mode 100644 index 0000000..ce6b2ca Binary files /dev/null and b/aixcc/publications/2007_mcdaniel_blaze_vigna_voting.pdf differ diff --git a/aixcc/publications/2007_mutz_robertson_vigna_kemmerer_context.bib b/aixcc/publications/2007_mutz_robertson_vigna_kemmerer_context.bib new file mode 100644 index 0000000..b5ab819 --- /dev/null +++ b/aixcc/publications/2007_mutz_robertson_vigna_kemmerer_context.bib @@ -0,0 +1,10 @@ +@InProceedings{mutz07:context, + author = {Darren Mutz and Wil Robertson and Giovanni Vigna and Richard Kemmerer}, + title = {{Exploiting Execution Context for the Detection of Anomalous System Calls}}, + booktitle = {Proceedings of the International Symposium on Recent Advances in Intrusion Detection (RAID)}, + address = {Gold Coast, Australia}, + month = {September}, + pages = {1--20}, + year = 2007 +} + diff --git a/aixcc/publications/2007_mutz_robertson_vigna_kemmerer_context.pdf b/aixcc/publications/2007_mutz_robertson_vigna_kemmerer_context.pdf new file mode 100644 index 0000000..c8dceb3 Binary files /dev/null and b/aixcc/publications/2007_mutz_robertson_vigna_kemmerer_context.pdf differ diff --git a/aixcc/publications/2007_vangundy_balzarotti_vigna_pholyp.bib b/aixcc/publications/2007_vangundy_balzarotti_vigna_pholyp.bib new file mode 100644 index 0000000..5cc2c61 --- /dev/null +++ b/aixcc/publications/2007_vangundy_balzarotti_vigna_pholyp.bib @@ -0,0 +1,9 @@ +@InProceedings{gundy07:pholyp, + author = {Matt Van Gundy and Davide Balzarotti and Giovanni Vigna}, + title = {Catch Me, If You Can: Evading Network Signatures with Web-based Polymorphic Worms}, + booktitle = {Proceedings of the First USENIX Workshop on Offensive Technologies (WOOT)}, + year = 2007, + address = {Boston, MA}, + month = {August} +} + diff --git a/aixcc/publications/2007_vangundy_balzarotti_vigna_pholyp.pdf b/aixcc/publications/2007_vangundy_balzarotti_vigna_pholyp.pdf new file mode 100644 index 0000000..9edfa63 Binary files /dev/null and b/aixcc/publications/2007_vangundy_balzarotti_vigna_pholyp.pdf differ diff --git a/aixcc/publications/2007_vangundy_chen_su_vigna_featureomission.bib b/aixcc/publications/2007_vangundy_chen_su_vigna_featureomission.bib new file mode 100644 index 0000000..7ca35c7 --- /dev/null +++ b/aixcc/publications/2007_vangundy_chen_su_vigna_featureomission.bib @@ -0,0 +1,9 @@ +@InProceedings{gundy07:omission, + author = {Matt Van Gundy and Hao Chen and Zhendong Su and Giovanni Vigna}, + title = {{Feature Omission Vulnerabilities: Thwarting Signature Generation for Polymorphic Worms}}, + booktitle = {Proceedings of the Annual Computer Security Applications Conference (ACSAC)}, + year = 2007, + pages = {74--83}, + address = {Miami, FL}, + month = {December} +} diff --git a/aixcc/publications/2007_vangundy_chen_su_vigna_featureomission.pdf b/aixcc/publications/2007_vangundy_chen_su_vigna_featureomission.pdf new file mode 100644 index 0000000..94885b4 Binary files /dev/null and b/aixcc/publications/2007_vangundy_chen_su_vigna_featureomission.pdf differ diff --git a/aixcc/publications/2007_vigna_kemmerer_balzarotti_banks_cova_felmetsger_robertson_valeur_sequoia.bib b/aixcc/publications/2007_vigna_kemmerer_balzarotti_banks_cova_felmetsger_robertson_valeur_sequoia.bib new file mode 100644 index 0000000..9b5dd2f --- /dev/null +++ b/aixcc/publications/2007_vigna_kemmerer_balzarotti_banks_cova_felmetsger_robertson_valeur_sequoia.bib @@ -0,0 +1,7 @@ +@Misc{vigna07:sequoia, + author = {Giovanni Vigna and Richard Kemmerer and Davide Balzarotti and Greg Banks and Marco Cova and Vika Felmetsger and Wil Robertson and Fredrik Valeur}, + title = {{Security Evaluation of the Sequoia Voting System}}, + howpublished = {Top-To-Bottom Review of the California Voting Machines}, + month = {July}, + year = 2007 +} diff --git a/aixcc/publications/2007_vigna_kemmerer_balzarotti_banks_cova_felmetsger_robertson_valeur_sequoia.pdf b/aixcc/publications/2007_vigna_kemmerer_balzarotti_banks_cova_felmetsger_robertson_valeur_sequoia.pdf new file mode 100644 index 0000000..5f9ad87 Binary files /dev/null and b/aixcc/publications/2007_vigna_kemmerer_balzarotti_banks_cova_felmetsger_robertson_valeur_sequoia.pdf differ diff --git a/aixcc/publications/2007_vigna_malware.bib b/aixcc/publications/2007_vigna_malware.bib new file mode 100644 index 0000000..7e6e65d --- /dev/null +++ b/aixcc/publications/2007_vigna_malware.bib @@ -0,0 +1,11 @@ +@incollection{vigna07:malware, + author = {Giovanni Vigna}, + editor = {M. Christodorescu and S. Jha and D. Maughan and D. Song and C. Wang}, + booktitle = {Malware Detection}, + title = {Static Disassembly and Code Analysis}, + publisher = {Springer}, + year = 2007, + month = {June}, + series = {Advances in Information Security} +} + diff --git a/aixcc/publications/2007_vigna_malware.pdf b/aixcc/publications/2007_vigna_malware.pdf new file mode 100644 index 0000000..8555e7e Binary files /dev/null and b/aixcc/publications/2007_vigna_malware.pdf differ diff --git a/aixcc/publications/2007_vogt_nentwich_jovanovic_kirda_kruegel_vigna_NDSS07.bib b/aixcc/publications/2007_vogt_nentwich_jovanovic_kirda_kruegel_vigna_NDSS07.bib new file mode 100644 index 0000000..692906e --- /dev/null +++ b/aixcc/publications/2007_vogt_nentwich_jovanovic_kirda_kruegel_vigna_NDSS07.bib @@ -0,0 +1,9 @@ +@InProceedings{vogt07:xss, + author = {Philipp Vogt and Florian Nentwich and Nenad Jovanovic and Engin Kirda and Christopher Kruegel and Giovanni Vigna}, + title = {{Cross-Site Scripting Prevention with Dynamic Data Tainting and Static Analysis}}, + booktitle = {Proceeding of the Network and Distributed System Security Symposium (NDSS)}, + year = 2007, + address = {San Diego, CA}, + month = {February} +} + diff --git a/aixcc/publications/2007_vogt_nentwich_jovanovic_kirda_kruegel_vigna_NDSS07.pdf b/aixcc/publications/2007_vogt_nentwich_jovanovic_kirda_kruegel_vigna_NDSS07.pdf new file mode 100644 index 0000000..7bdce97 Binary files /dev/null and b/aixcc/publications/2007_vogt_nentwich_jovanovic_kirda_kruegel_vigna_NDSS07.pdf differ diff --git a/aixcc/publications/2008_balzarotti_banks_cova_felmetsger_kemmerer_roberson_valeur_vigna_issta_voting.bib b/aixcc/publications/2008_balzarotti_banks_cova_felmetsger_kemmerer_roberson_valeur_vigna_issta_voting.bib new file mode 100644 index 0000000..414d50e --- /dev/null +++ b/aixcc/publications/2008_balzarotti_banks_cova_felmetsger_kemmerer_roberson_valeur_vigna_issta_voting.bib @@ -0,0 +1,9 @@ +@InProceedings{balzarotti08:voting, + author = {Davide Balzarotti and Greg Banks and Marco Cova and Vika Felmetsger and Richard Kemmerer and Wil Robertson and Fredrik Valeur and Giovanni Vigna}, + title = {{Are Your Votes Really Counted? Testing the Security of Real-world Electronic Voting Systems}}, + booktitle = {Proceedings of he International Symposium on Software Testing and Analysis (ISSTA)}, + year = 2008, + address = {Seattle, WA}, + month = {July} +} + diff --git a/aixcc/publications/2008_balzarotti_banks_cova_felmetsger_kemmerer_roberson_valeur_vigna_issta_voting.pdf b/aixcc/publications/2008_balzarotti_banks_cova_felmetsger_kemmerer_roberson_valeur_vigna_issta_voting.pdf new file mode 100644 index 0000000..397147f Binary files /dev/null and b/aixcc/publications/2008_balzarotti_banks_cova_felmetsger_kemmerer_roberson_valeur_vigna_issta_voting.pdf differ diff --git a/aixcc/publications/2008_balzarotti_cova_felmetsger_jovanovic_kirda_kruegel_vigna_saner.bib b/aixcc/publications/2008_balzarotti_cova_felmetsger_jovanovic_kirda_kruegel_vigna_saner.bib new file mode 100644 index 0000000..b6aec9b --- /dev/null +++ b/aixcc/publications/2008_balzarotti_cova_felmetsger_jovanovic_kirda_kruegel_vigna_saner.bib @@ -0,0 +1,9 @@ +@InProceedings{balzarotti08:saner, + author = {Davide Balzarotti and Marco Cova and Vika Felmetsger and Nenad Jovanovic and Engin Kirda and Christopher Kruegel and Giovanni Vigna}, + title = {{Saner: Composing Static and Dynamic Analysis to Validate Sanitization in Web Applications}}, + booktitle = {Proceedings of the IEEE Symposium on Security and Privacy}, + year = 2008, + address = {Oakland, CA}, + month = {May} +} + diff --git a/aixcc/publications/2008_balzarotti_cova_felmetsger_jovanovic_kirda_kruegel_vigna_saner.pdf b/aixcc/publications/2008_balzarotti_cova_felmetsger_jovanovic_kirda_kruegel_vigna_saner.pdf new file mode 100644 index 0000000..7abe403 Binary files /dev/null and b/aixcc/publications/2008_balzarotti_cova_felmetsger_jovanovic_kirda_kruegel_vigna_saner.pdf differ diff --git a/aixcc/publications/2008_balzarotti_cova_vigna_clearshot.bib b/aixcc/publications/2008_balzarotti_cova_vigna_clearshot.bib new file mode 100644 index 0000000..2ad9686 --- /dev/null +++ b/aixcc/publications/2008_balzarotti_cova_vigna_clearshot.bib @@ -0,0 +1,9 @@ +@InProceedings{balzarotti08:clearshot, + author = {Davide Balzarotti and Marco Cova and Giovanni Vigna}, + title = {{ClearShot: Eavesdropping on Keyboard Input from Video}}, + booktitle = {Proceedings of the IEEE Symposium on Security and Privacy}, + year = 2008, + address = {Oakland, CA}, + month = {May} +} + diff --git a/aixcc/publications/2008_balzarotti_cova_vigna_clearshot.pdf b/aixcc/publications/2008_balzarotti_cova_vigna_clearshot.pdf new file mode 100644 index 0000000..950fa41 Binary files /dev/null and b/aixcc/publications/2008_balzarotti_cova_vigna_clearshot.pdf differ diff --git a/aixcc/publications/2008_cova_kruegel_vigna_freephish.bib b/aixcc/publications/2008_cova_kruegel_vigna_freephish.bib new file mode 100644 index 0000000..9e72560 --- /dev/null +++ b/aixcc/publications/2008_cova_kruegel_vigna_freephish.bib @@ -0,0 +1,9 @@ +@InProceedings{cova08:phishing, + author = {Marco Cova and Christopher Kruegel and Giovanni Vigna}, + title = {{There is No Free Phish: An Analysis of Free and Live Phishing Kits}}, + booktitle = {Proceedings of the USENIX Workshop On Offensive Technologies (WOOT)}, + year = 2008, + address = {San Jose, CA}, + month = {August} +} + diff --git a/aixcc/publications/2008_cova_kruegel_vigna_freephish.pdf b/aixcc/publications/2008_cova_kruegel_vigna_freephish.pdf new file mode 100644 index 0000000..45fc3b3 Binary files /dev/null and b/aixcc/publications/2008_cova_kruegel_vigna_freephish.pdf differ diff --git a/aixcc/publications/2008_foschini_thapliyal_cavallaro_vigna_distrulematch.bib b/aixcc/publications/2008_foschini_thapliyal_cavallaro_vigna_distrulematch.bib new file mode 100644 index 0000000..eaa0f2a --- /dev/null +++ b/aixcc/publications/2008_foschini_thapliyal_cavallaro_vigna_distrulematch.bib @@ -0,0 +1,11 @@ +@InProceedings{foschini08:parallel, + author = {Luca Foschini and Ashish Thapliyal and Lorenzo Cavallaro and Christopher Kruegel and Giovanni Vigna}, + title = {{A Parallel Architecture for Stateful, High-Speed Intrusion Detection}}, + booktitle = {Proceedings of the International Conference on Information Systems Security (ICISS)}, + year = 2008, + pages = {203--220}, + address = {Hyderabad, India}, + month = {December}, + publisher = {Springer} +} + diff --git a/aixcc/publications/2008_foschini_thapliyal_cavallaro_vigna_distrulematch.pdf b/aixcc/publications/2008_foschini_thapliyal_cavallaro_vigna_distrulematch.pdf new file mode 100644 index 0000000..0eec368 Binary files /dev/null and b/aixcc/publications/2008_foschini_thapliyal_cavallaro_vigna_distrulematch.pdf differ diff --git a/aixcc/publications/2009_NDSS_proceedings.bib b/aixcc/publications/2009_NDSS_proceedings.bib new file mode 100644 index 0000000..41e0793 --- /dev/null +++ b/aixcc/publications/2009_NDSS_proceedings.bib @@ -0,0 +1,10 @@ +@Proceedings{2009:ndss, + title = {Proceedings of the 16th Annual Network & Distributed System Security Symposium}, + year = 2009, + editor = {Giovanni Vigna}, + address = {San Diego, CA}, + month = {February}, + organization = {Internet Society}, + url = {http://www.isoc.org/isoc/conferences/ndss/09/proceedings.shtml} +} + diff --git a/aixcc/publications/2009_ford_cova_kruegel_vigna_FlashAds.bib b/aixcc/publications/2009_ford_cova_kruegel_vigna_FlashAds.bib new file mode 100644 index 0000000..88ad55a --- /dev/null +++ b/aixcc/publications/2009_ford_cova_kruegel_vigna_FlashAds.bib @@ -0,0 +1,9 @@ +@InProceedings{ford09:flash_ads, + author = {Sean Ford and Marco Cova and Christopher Kruegel and Giovanni Vigna}, + title = {{Analyzing and Detecting Malicious Flash Advertisements}}, + booktitle = {Proceedings of the Annual Computer Security Applications Conference (ACSAC)}, + year = 2009, + address = {Honolulu, HI}, + month = {December} +} + diff --git a/aixcc/publications/2009_ford_cova_kruegel_vigna_FlashAds.pdf b/aixcc/publications/2009_ford_cova_kruegel_vigna_FlashAds.pdf new file mode 100644 index 0000000..fb9b6e2 Binary files /dev/null and b/aixcc/publications/2009_ford_cova_kruegel_vigna_FlashAds.pdf differ diff --git a/aixcc/publications/2009_kirda_jovanovic_kruegel_vigna_compsec_xss.bib b/aixcc/publications/2009_kirda_jovanovic_kruegel_vigna_compsec_xss.bib new file mode 100644 index 0000000..8983a6e --- /dev/null +++ b/aixcc/publications/2009_kirda_jovanovic_kruegel_vigna_compsec_xss.bib @@ -0,0 +1,10 @@ +@Article{kirda09:xss, + author = {Engin Kirda and Nenad Jovanovic and Christopher Kruegel and Giovanni Vigna}, + title = {{Client-Side Cross-Site Scripting Protection}}, + journal = {Computers and Security}, + year = 2009, + volume = 28, + number = 7, + month = {July}, + pages = "592--604"} + diff --git a/aixcc/publications/2009_kirda_jovanovic_kruegel_vigna_compsec_xss.pdf b/aixcc/publications/2009_kirda_jovanovic_kruegel_vigna_compsec_xss.pdf new file mode 100644 index 0000000..5c49ab9 Binary files /dev/null and b/aixcc/publications/2009_kirda_jovanovic_kruegel_vigna_compsec_xss.pdf differ diff --git a/aixcc/publications/2009_maggi_robertson_kruegel_vigna_conceptdrift.bib b/aixcc/publications/2009_maggi_robertson_kruegel_vigna_conceptdrift.bib new file mode 100644 index 0000000..eacda49 --- /dev/null +++ b/aixcc/publications/2009_maggi_robertson_kruegel_vigna_conceptdrift.bib @@ -0,0 +1,8 @@ +@InProceedings{maggi09:conceptdrift, + author = {Federico Maggi and Wil Robertson and Christopher Kruegel and Giovanni Vigna}, + title = {{Protecting a Moving Target: Addressing Web Application Concept Drift}}, + booktitle = {Proceedings of the International Symposium on Recent Advances in Intrusion Detection (RAID)}, + year = 2009, + address = {Saint-Malo, France}, + month = {September}} + diff --git a/aixcc/publications/2009_maggi_robertson_kruegel_vigna_conceptdrift.pdf b/aixcc/publications/2009_maggi_robertson_kruegel_vigna_conceptdrift.pdf new file mode 100644 index 0000000..63c5461 Binary files /dev/null and b/aixcc/publications/2009_maggi_robertson_kruegel_vigna_conceptdrift.pdf differ diff --git a/aixcc/publications/2009_robertson_vigna_WebTyping.bib b/aixcc/publications/2009_robertson_vigna_WebTyping.bib new file mode 100644 index 0000000..4762644 --- /dev/null +++ b/aixcc/publications/2009_robertson_vigna_WebTyping.bib @@ -0,0 +1,8 @@ +@InProceedings{robertson09:web_typing, + author = {Wil Robertson and Giovanni Vigna}, + title = {{Static Enforcement of Web Application Integrity Through Strong Typing}}, + booktitle = {Proceedings of the USENIX Security Symposium}, + year = 2009, + address = {Montreal, Canada}, + month = {August}} + diff --git a/aixcc/publications/2009_robertson_vigna_WebTyping.pdf b/aixcc/publications/2009_robertson_vigna_WebTyping.pdf new file mode 100644 index 0000000..29588a6 Binary files /dev/null and b/aixcc/publications/2009_robertson_vigna_WebTyping.pdf differ diff --git a/aixcc/publications/2009_stamminger_kruegel_vigna_kirda_spyware.bib b/aixcc/publications/2009_stamminger_kruegel_vigna_kirda_spyware.bib new file mode 100644 index 0000000..160fe3c --- /dev/null +++ b/aixcc/publications/2009_stamminger_kruegel_vigna_kirda_spyware.bib @@ -0,0 +1,8 @@ +@InProceedings{stamminger09:automated, + author = {Andreas Stamminger and Christopher Kruegel and Giovanni Vigna and Engin Kirda}, + title = {{Automated Spyware Collection and Analysis}}, + booktitle = {Proceedings of the Information Security Conference (ISC)}, + year = 2009, + address = {Pisa, Italy}, + month = {September}} + diff --git a/aixcc/publications/2009_stamminger_kruegel_vigna_kirda_spyware.pdf b/aixcc/publications/2009_stamminger_kruegel_vigna_kirda_spyware.pdf new file mode 100644 index 0000000..857efbc Binary files /dev/null and b/aixcc/publications/2009_stamminger_kruegel_vigna_kirda_spyware.pdf differ diff --git a/aixcc/publications/2009_stone-gross_cova_cavallaro_gilbert_szydlowski_kemmerer_kruegel_vigna_Torpig.bib b/aixcc/publications/2009_stone-gross_cova_cavallaro_gilbert_szydlowski_kemmerer_kruegel_vigna_Torpig.bib new file mode 100644 index 0000000..d297da9 --- /dev/null +++ b/aixcc/publications/2009_stone-gross_cova_cavallaro_gilbert_szydlowski_kemmerer_kruegel_vigna_Torpig.bib @@ -0,0 +1,8 @@ +@InProceedings{stone-gross09:torpig, + author = {Brett Stone-Gross and Marco Cova and Lorenzo Cavallaro and Bob Gilbert and Martin Szydlowski and Richard Kemmerer and Christopher Kruegel and Giovanni Vigna}, + title = {{Your Botnet is My Botnet: Analysis of a Botnet Takeover}}, + booktitle = {Proceedings of the ACM Conference on Computer and Communications Security (CCS)}, + year = 2009, + address = {Chicago, IL}, + month = {November}} + diff --git a/aixcc/publications/2009_stone-gross_cova_cavallaro_gilbert_szydlowski_kemmerer_kruegel_vigna_Torpig.pdf b/aixcc/publications/2009_stone-gross_cova_cavallaro_gilbert_szydlowski_kemmerer_kruegel_vigna_Torpig.pdf new file mode 100644 index 0000000..27658cc Binary files /dev/null and b/aixcc/publications/2009_stone-gross_cova_cavallaro_gilbert_szydlowski_kemmerer_kruegel_vigna_Torpig.pdf differ diff --git a/aixcc/publications/2009_vigna_valeur_balzarotti_robertson_kruegel_kirda_websql.bib b/aixcc/publications/2009_vigna_valeur_balzarotti_robertson_kruegel_kirda_websql.bib new file mode 100644 index 0000000..e0225c2 --- /dev/null +++ b/aixcc/publications/2009_vigna_valeur_balzarotti_robertson_kruegel_kirda_websql.bib @@ -0,0 +1,9 @@ +@Article{vigna09:sqlweb, + author = {Giovanni Vigna and Fredrik Valeur and Davide Balzarotti and William Robertson and Christopher Kruegel and Engin Kirda}, + title = {{Reducing Errors in the Anomaly-based Detection of Web-Based Attacks through the Combined Analysis of Web Requests and SQL Queries}}, + journal = {Journal of Computer Security}, + year = 2009, + volume = 17, + month = {March}, + number = 3} + diff --git a/aixcc/publications/2009_vigna_valeur_balzarotti_robertson_kruegel_kirda_websql.pdf b/aixcc/publications/2009_vigna_valeur_balzarotti_robertson_kruegel_kirda_websql.pdf new file mode 100644 index 0000000..d4390c7 Binary files /dev/null and b/aixcc/publications/2009_vigna_valeur_balzarotti_robertson_kruegel_kirda_websql.pdf differ diff --git a/aixcc/publications/2010_IEEESecurityAndPrivacy_proceedings.bib b/aixcc/publications/2010_IEEESecurityAndPrivacy_proceedings.bib new file mode 100644 index 0000000..e378f33 --- /dev/null +++ b/aixcc/publications/2010_IEEESecurityAndPrivacy_proceedings.bib @@ -0,0 +1,11 @@ +@Proceedings{2010:secpriv, + title = {Proceedings of the IEEE Symposium on Security and Privacy}, + year = 2010, + editor = {David Evans and Giovanni Vigna}, + address = {Oakland, CA}, + month = {May}, + organization = {IEEE}, + isbn = {978-0-7695-4035-1}, + url = {http://www.ieee-security.org/TC/SP2011/sp11-toc.html} +} + diff --git a/aixcc/publications/2010_balzarotti_banks_cova_felmetsger_kemmerer_robertson_valeur_vigna_TSEVoting.bib b/aixcc/publications/2010_balzarotti_banks_cova_felmetsger_kemmerer_robertson_valeur_vigna_TSEVoting.bib new file mode 100644 index 0000000..4084de2 --- /dev/null +++ b/aixcc/publications/2010_balzarotti_banks_cova_felmetsger_kemmerer_robertson_valeur_vigna_TSEVoting.bib @@ -0,0 +1,10 @@ +@Article{balzarotti10:voting, + author = {Davide Balzarotti and Greg Banks and Marco Cova and Vika Felmetsger and Richard Kemmerer and Wil Robertson and Fredrik Valeur and Giovanni Vigna}, + title = {{An Experience in Testing the Security of Real-world Electronic Voting Systems}}, + journal = {IEEE Transactions on Software Engineering}, + volume = 36, + number = 4, + month = {July/August}, + year = 2010 +} + diff --git a/aixcc/publications/2010_balzarotti_banks_cova_felmetsger_kemmerer_robertson_valeur_vigna_TSEVoting.pdf b/aixcc/publications/2010_balzarotti_banks_cova_felmetsger_kemmerer_robertson_valeur_vigna_TSEVoting.pdf new file mode 100644 index 0000000..333e5f8 Binary files /dev/null and b/aixcc/publications/2010_balzarotti_banks_cova_felmetsger_kemmerer_robertson_valeur_vigna_TSEVoting.pdf differ diff --git a/aixcc/publications/2010_balzarotti_cova_karlberger_kruegel_kirda_vigna_SplitPersonality.bib b/aixcc/publications/2010_balzarotti_cova_karlberger_kruegel_kirda_vigna_SplitPersonality.bib new file mode 100644 index 0000000..26a6269 --- /dev/null +++ b/aixcc/publications/2010_balzarotti_cova_karlberger_kruegel_kirda_vigna_SplitPersonality.bib @@ -0,0 +1,8 @@ +@InProceedings{balzarotti10:split_personality, + author = {Davide Balzarotti and Marco Cova and Christoph Karlberger and Christopher Kruegel and Engin Kirda and Giovanni Vigna}, + title = {{Efficient Detection of Split Personalities in Malware}}, + booktitle = {Proceedings of the Network and Distributed System Security Symposium (NDSS)}, + year = 2010, + address = {San Diego, CA}, + month = {February}} + diff --git a/aixcc/publications/2010_balzarotti_cova_karlberger_kruegel_kirda_vigna_SplitPersonality.pdf b/aixcc/publications/2010_balzarotti_cova_karlberger_kruegel_kirda_vigna_SplitPersonality.pdf new file mode 100644 index 0000000..e58302a Binary files /dev/null and b/aixcc/publications/2010_balzarotti_cova_karlberger_kruegel_kirda_vigna_SplitPersonality.pdf differ diff --git a/aixcc/publications/2010_cavedon_kruegel_vigna_bgp.bib b/aixcc/publications/2010_cavedon_kruegel_vigna_bgp.bib new file mode 100644 index 0000000..af6e6f2 --- /dev/null +++ b/aixcc/publications/2010_cavedon_kruegel_vigna_bgp.bib @@ -0,0 +1,8 @@ +@InProceedings{cavedon10:bgp, + author = {Ludovico Cavedon and Christopher Kruegel and Giovanni Vigna}, + title = {{Are BGP Routers Open To Attack? An Experiment}}, + booktitle = {Proceedings of the iNetSec Conference}, + year = 2010, + address = {Sophia, Bulgaria}, + month = {March}} + diff --git a/aixcc/publications/2010_cavedon_kruegel_vigna_bgp.pdf b/aixcc/publications/2010_cavedon_kruegel_vigna_bgp.pdf new file mode 100644 index 0000000..5d56105 Binary files /dev/null and b/aixcc/publications/2010_cavedon_kruegel_vigna_bgp.pdf differ diff --git a/aixcc/publications/2010_childers_boe_cavallaro_cavedon_cova_egele_vigna_dimva10.bib b/aixcc/publications/2010_childers_boe_cavallaro_cavedon_cova_egele_vigna_dimva10.bib new file mode 100644 index 0000000..8eb19d9 --- /dev/null +++ b/aixcc/publications/2010_childers_boe_cavallaro_cavedon_cova_egele_vigna_dimva10.bib @@ -0,0 +1,8 @@ +@InProceedings{childers10:ictf, + author = {Nicholas Childers and Bryce Boe and Lorenzo Cavallaro and Ludovico Cavedon and Marco Cova and Manuel Egele and Giovanni Vigna}, + title = {{Organizing Large Scale Hacking Competitions}}, + booktitle = {Proceedings of the Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA)}, + year = 2010, + address = {Bonn, Germany}, + month = {July}} + diff --git a/aixcc/publications/2010_childers_boe_cavallaro_cavedon_cova_egele_vigna_dimva10.pdf b/aixcc/publications/2010_childers_boe_cavallaro_cavedon_cova_egele_vigna_dimva10.pdf new file mode 100644 index 0000000..28c1407 Binary files /dev/null and b/aixcc/publications/2010_childers_boe_cavallaro_cavedon_cova_egele_vigna_dimva10.pdf differ diff --git a/aixcc/publications/2010_cova_kruegel_vigna_Wepawet.bib b/aixcc/publications/2010_cova_kruegel_vigna_Wepawet.bib new file mode 100644 index 0000000..523ee01 --- /dev/null +++ b/aixcc/publications/2010_cova_kruegel_vigna_Wepawet.bib @@ -0,0 +1,8 @@ +@InProceedings{cova10:wepawet, + author = {Marco Cova and Christopher Kruegel and Giovanni Vigna}, + title = {{Detection and Analysis of Drive-by-Download Attacks and Malicious JavaScript Code}}, + booktitle = {Proceedings of the World Wide Web Conference (WWW)}, + year = 2010, + address = {Raleigh, NC}, + month = {April}} + diff --git a/aixcc/publications/2010_cova_kruegel_vigna_Wepawet.pdf b/aixcc/publications/2010_cova_kruegel_vigna_Wepawet.pdf new file mode 100644 index 0000000..926e30e Binary files /dev/null and b/aixcc/publications/2010_cova_kruegel_vigna_Wepawet.pdf differ diff --git a/aixcc/publications/2010_doupe_cova_vigna_dimva10.bib b/aixcc/publications/2010_doupe_cova_vigna_dimva10.bib new file mode 100644 index 0000000..4f57044 --- /dev/null +++ b/aixcc/publications/2010_doupe_cova_vigna_dimva10.bib @@ -0,0 +1,8 @@ +@InProceedings{doupe10:blackbox, + author = {Adam Doupe and Marco Cova and Giovanni Vigna}, + title = {{Why Johnny Can't Pentest: An Analysis of Black-box Web Vulnerability Scanners}}, + booktitle = {Proceedings of the Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA)}, + year = 2010, + address = {Bonn, Germany}, + month = {July}} + diff --git a/aixcc/publications/2010_doupe_cova_vigna_dimva10.pdf b/aixcc/publications/2010_doupe_cova_vigna_dimva10.pdf new file mode 100644 index 0000000..31ae7cb Binary files /dev/null and b/aixcc/publications/2010_doupe_cova_vigna_dimva10.pdf differ diff --git a/aixcc/publications/2010_felmetsger_cavedon_kruegel_vigna_logicflaws.bib b/aixcc/publications/2010_felmetsger_cavedon_kruegel_vigna_logicflaws.bib new file mode 100644 index 0000000..d1f30ba --- /dev/null +++ b/aixcc/publications/2010_felmetsger_cavedon_kruegel_vigna_logicflaws.bib @@ -0,0 +1,8 @@ +@InProceedings{felmetsger10:logic, + author = {Vika Felmetsger and Ludovico Cavedon and Christopher Kruegel and Giovanni Vigna}, + title = {{Toward Automated Detection of Logic Vulnerabilities in Web Applications}}, + booktitle = {Proceedings of the USENIX Security Symposium}, + address = {Washington, DC}, + year = 2010, + month = {August}} + diff --git a/aixcc/publications/2010_felmetsger_cavedon_kruegel_vigna_logicflaws.pdf b/aixcc/publications/2010_felmetsger_cavedon_kruegel_vigna_logicflaws.pdf new file mode 100644 index 0000000..388dde2 Binary files /dev/null and b/aixcc/publications/2010_felmetsger_cavedon_kruegel_vigna_logicflaws.pdf differ diff --git a/aixcc/publications/2010_robertson_maggi_kruegel_vigna_ScarceTraining.bib b/aixcc/publications/2010_robertson_maggi_kruegel_vigna_ScarceTraining.bib new file mode 100644 index 0000000..74def20 --- /dev/null +++ b/aixcc/publications/2010_robertson_maggi_kruegel_vigna_ScarceTraining.bib @@ -0,0 +1,8 @@ +@InProceedings{robertson10:scarce_training, + author = {William Robertson and Federico Maggi and Christopher Kruegel and Giovanni Vigna}, + title = {{Effective Anomaly Detection with Scarce Training Data}}, + booktitle = {Proceedings of the Network and Distributed System Security Symposium (NDSS)}, + year = 2010, + address = {San Diego, CA}, + month = {February}} + diff --git a/aixcc/publications/2010_robertson_maggi_kruegel_vigna_ScarceTraining.pdf b/aixcc/publications/2010_robertson_maggi_kruegel_vigna_ScarceTraining.pdf new file mode 100644 index 0000000..ecd1d5c Binary files /dev/null and b/aixcc/publications/2010_robertson_maggi_kruegel_vigna_ScarceTraining.pdf differ diff --git a/aixcc/publications/2010_stringhini_kruegel_vigna_socialspam.bib b/aixcc/publications/2010_stringhini_kruegel_vigna_socialspam.bib new file mode 100644 index 0000000..c6607cb --- /dev/null +++ b/aixcc/publications/2010_stringhini_kruegel_vigna_socialspam.bib @@ -0,0 +1,8 @@ +@InProceedings{stringhini10:socialspam, + author = {Gianluca Stringhini and Christopher Kruegel and Giovanni Vigna}, + title = {{Detecting Spammers on Social Networks}}, + booktitle = {Proceedings of the Annual Computer Security Applications Conference (ACSAC)}, + year = 2010, + address = {Austin, TX}, + month = {December}} + diff --git a/aixcc/publications/2010_stringhini_kruegel_vigna_socialspam.pdf b/aixcc/publications/2010_stringhini_kruegel_vigna_socialspam.pdf new file mode 100644 index 0000000..4c87b5e Binary files /dev/null and b/aixcc/publications/2010_stringhini_kruegel_vigna_socialspam.pdf differ diff --git a/aixcc/publications/2010_vigna_classic.bib b/aixcc/publications/2010_vigna_classic.bib new file mode 100644 index 0000000..ee55e78 --- /dev/null +++ b/aixcc/publications/2010_vigna_classic.bib @@ -0,0 +1,8 @@ +@InProceedings{vigna10:nids_dead_alive, + author = {Giovanni Vigna}, + title = {{Network Intrusion Detection: Dead or Alive?}}, + booktitle = {Proceedings of the Annual Computer Security Applications Conference (ACSAC)}, + year = 2010, + address = {Austin, TX}, + month = {December}} + diff --git a/aixcc/publications/2010_vigna_classic.pdf b/aixcc/publications/2010_vigna_classic.pdf new file mode 100644 index 0000000..0fd937f Binary files /dev/null and b/aixcc/publications/2010_vigna_classic.pdf differ diff --git a/aixcc/publications/2011_ACSAC_barebox.bib b/aixcc/publications/2011_ACSAC_barebox.bib new file mode 100644 index 0000000..175cd31 --- /dev/null +++ b/aixcc/publications/2011_ACSAC_barebox.bib @@ -0,0 +1,8 @@ +@InProceedings{kirat11:barebox, + author = {Dhilung Kirat and Giovanni Vigna and Christopher Kruegel}, + title = {{BareBox: Efficient Malware Analysis on Bare Metal}}, + booktitle = {Proceedings of the Annual Computer Security Applications Conference (ACSAC)}, + address = {Orlando, FL}, + year = 2011, + month = {December} +} \ No newline at end of file diff --git a/aixcc/publications/2011_ACSAC_barebox.pdf b/aixcc/publications/2011_ACSAC_barebox.pdf new file mode 100644 index 0000000..310b049 Binary files /dev/null and b/aixcc/publications/2011_ACSAC_barebox.pdf differ diff --git a/aixcc/publications/2011_ACSAC_iCTF.bib b/aixcc/publications/2011_ACSAC_iCTF.bib new file mode 100644 index 0000000..975f49d --- /dev/null +++ b/aixcc/publications/2011_ACSAC_iCTF.bib @@ -0,0 +1,8 @@ +@InProceedings{doupe11:hit-em-where-it-hurts, + author = {Adam Doupe and Manuel Egele and Benjamin Caillat and Gianluca Stringhini and Gorkem Yakin and Ali Zand and Ludovico Cavedon and Giovanni Vigna}, + title = {{Hit 'em Where it Hurts: A Live Security Exercise on Cyber Situational Awareness}}, + booktitle = {Proceedings of the Annual Computer Security Applications Conference (ACSAC)}, + year = 2011, + address = {Orlando, FL}, + month = {December} +} diff --git a/aixcc/publications/2011_ACSAC_iCTF.pdf b/aixcc/publications/2011_ACSAC_iCTF.pdf new file mode 100644 index 0000000..8620305 Binary files /dev/null and b/aixcc/publications/2011_ACSAC_iCTF.pdf differ diff --git a/aixcc/publications/2011_ACSAC_nexat.bib b/aixcc/publications/2011_ACSAC_nexat.bib new file mode 100644 index 0000000..d8dc598 --- /dev/null +++ b/aixcc/publications/2011_ACSAC_nexat.bib @@ -0,0 +1,8 @@ +@InProceedings{zand11:nexat-history-based-approach-to-predict-attacker-actions, + author = {Casey Cipriano and Ali Zand and Amir Houmansadr and Christopher Kruegel and Giovanni Vigna}, + title = {{Nexat: A History-Based Approach to Predict Attacker Actions}}, + booktitle = {Proceedings of the Annual Computer Security Applications Conference (ACSAC)}, + year = 2011, + address = {Orlando, FL}, + month = {December} +} \ No newline at end of file diff --git a/aixcc/publications/2011_ACSAC_nexat.pdf b/aixcc/publications/2011_ACSAC_nexat.pdf new file mode 100644 index 0000000..10f4d32 Binary files /dev/null and b/aixcc/publications/2011_ACSAC_nexat.pdf differ diff --git a/aixcc/publications/2011_CCS_EAR.bib b/aixcc/publications/2011_CCS_EAR.bib new file mode 100644 index 0000000..3d7e748 --- /dev/null +++ b/aixcc/publications/2011_CCS_EAR.bib @@ -0,0 +1,8 @@ +@InProceedings{doupe11:fear-the-ear, + author = {Adam Doupe and Bryce Boe and Christopher Kruegel and Giovanni Vigna}, + title = {{Fear the EAR: Discovering and Mitigating Execution After Redirect Vulnerabilities}}, + booktitle = {Proceeding of the ACM Conference on Computer and Communications Security (CCS)}, + address = {Chicago, IL}, + year = 2011, + month = {October} +} \ No newline at end of file diff --git a/aixcc/publications/2011_CCS_EAR.pdf b/aixcc/publications/2011_CCS_EAR.pdf new file mode 100644 index 0000000..00ea638 Binary files /dev/null and b/aixcc/publications/2011_CCS_EAR.pdf differ diff --git a/aixcc/publications/2011_DIMVA_Mishima.bib b/aixcc/publications/2011_DIMVA_Mishima.bib new file mode 100644 index 0000000..7d30d00 --- /dev/null +++ b/aixcc/publications/2011_DIMVA_Mishima.bib @@ -0,0 +1,7 @@ +@InProceedings{banks11:mishima, + author = {Greg Banks and Aristide Fattori and Richard Kemmerer and Christopher Kruegel and Giovanni Vigna}, + title = {{MISHIMA: Multilateration of Internet hosts hidden using malicious fast-flux agents}}, + booktitle = {Proceedings of Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA)}, + year = 2011, + address = {Amsterdam, The Netherlands}, + month = {July}} diff --git a/aixcc/publications/2011_DIMVA_Mishima.pdf b/aixcc/publications/2011_DIMVA_Mishima.pdf new file mode 100644 index 0000000..4c83967 Binary files /dev/null and b/aixcc/publications/2011_DIMVA_Mishima.pdf differ diff --git a/aixcc/publications/2011_DIMVA_MonkeyIsland.bib b/aixcc/publications/2011_DIMVA_MonkeyIsland.bib new file mode 100644 index 0000000..dcc9f3f --- /dev/null +++ b/aixcc/publications/2011_DIMVA_MonkeyIsland.bib @@ -0,0 +1,7 @@ +@InProceedings{kapravelos11:monkeyisland, + author = {Alexandros Kapravelos and Marco Cova and Christopher Kruegel and Giovanni Vigna}, + title = {{Escape from Monkey Island: Evading High-Interaction Honeyclients}}, + booktitle = {Proceedings of Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA)}, + year = 2011, + address = {Amsterdam, The Netherlands}, + month = {July}} diff --git a/aixcc/publications/2011_DIMVA_MonkeyIsland.pdf b/aixcc/publications/2011_DIMVA_MonkeyIsland.pdf new file mode 100644 index 0000000..8ab78c9 Binary files /dev/null and b/aixcc/publications/2011_DIMVA_MonkeyIsland.pdf differ diff --git a/aixcc/publications/2011_IEEESecurityAndPrivacy_proceedings.bib b/aixcc/publications/2011_IEEESecurityAndPrivacy_proceedings.bib new file mode 100644 index 0000000..b8b3c0f --- /dev/null +++ b/aixcc/publications/2011_IEEESecurityAndPrivacy_proceedings.bib @@ -0,0 +1,11 @@ +@Proceedings{2011:secpriv, + title = {Proceedings of the IEEE Symposium on Security and Privacy}, + year = 2011, + editor = {Giovanni Vigna and Somesh Jha}, + address = {Oakland, CA}, + month = {May}, + organization = {IEEE}, + isbn = {978-0-7695-4402-1}, + url = {http://www.ieee-security.org/TC/SP2011/sp11-toc.html} +} + diff --git a/aixcc/publications/2011_IMC_clickfraud.bib b/aixcc/publications/2011_IMC_clickfraud.bib new file mode 100644 index 0000000..85f8300 --- /dev/null +++ b/aixcc/publications/2011_IMC_clickfraud.bib @@ -0,0 +1,8 @@ +@InProceedings{stone-gross11:clickfraud, + author = {Brett Stone-Gross and Ryan Stevens and Richard Kemmerer and Christopher Kruegel and Giovanni Vigna and Apostolis Zarras}, + title = {{Understanding Fraudulent Activities in Online Ad Exchanges}}, + booktitle = {Proceedings of the Internet Measurement Conference (IMC)}, + year = 2011, + address = {Berlin, Germany}, + month = {November}} + diff --git a/aixcc/publications/2011_IMC_clickfraud.pdf b/aixcc/publications/2011_IMC_clickfraud.pdf new file mode 100644 index 0000000..ccbcb1c Binary files /dev/null and b/aixcc/publications/2011_IMC_clickfraud.pdf differ diff --git a/aixcc/publications/2011_INFOCOM_iframe.bib b/aixcc/publications/2011_INFOCOM_iframe.bib new file mode 100644 index 0000000..8078bd0 --- /dev/null +++ b/aixcc/publications/2011_INFOCOM_iframe.bib @@ -0,0 +1,8 @@ +@InProceedings{peering_iframe, + author = {Brett Stone-Gross and Marco Cova and Christopher Kruegel and Giovanni Vigna}, + title = {{Peering Through the iFrame}}, + booktitle = {Proceedings of the International Conference on Computer Communications (INFOCOM) Mini Conference}, + year = 2011, + address = {Shanghai, China}, + month = {April} +} \ No newline at end of file diff --git a/aixcc/publications/2011_INFOCOM_iframe.pdf b/aixcc/publications/2011_INFOCOM_iframe.pdf new file mode 100644 index 0000000..f52bb2b Binary files /dev/null and b/aixcc/publications/2011_INFOCOM_iframe.pdf differ diff --git a/aixcc/publications/2011_LEET_Cutwail.bib b/aixcc/publications/2011_LEET_Cutwail.bib new file mode 100644 index 0000000..dc035f1 --- /dev/null +++ b/aixcc/publications/2011_LEET_Cutwail.bib @@ -0,0 +1,8 @@ +@InProceedings{stone11:cutwail, + author = {Brett Stone-Gross and Thorsten Holz and Gianluca Stringhini and Giovanni Vigna}, + title = {{The Underground Economy of Spam: A Botmaster's Perspective of Coordinating Large-Scale Spam Campaigns}}, + booktitle = {USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET)}, + address = {Boston, MA}, + month = {March}, + year = 2011 +} diff --git a/aixcc/publications/2011_LEET_Cutwail.pdf b/aixcc/publications/2011_LEET_Cutwail.pdf new file mode 100644 index 0000000..3dc8734 Binary files /dev/null and b/aixcc/publications/2011_LEET_Cutwail.pdf differ diff --git a/aixcc/publications/2011_NDSS_PiOS.bib b/aixcc/publications/2011_NDSS_PiOS.bib new file mode 100644 index 0000000..c9442a3 --- /dev/null +++ b/aixcc/publications/2011_NDSS_PiOS.bib @@ -0,0 +1,8 @@ +@InProceedings{egele11:pios, + author = {Manuel Egele and Christopher Kruegel and Engin Kirda and Giovanni Vigna}, + title = {{PiOS: Detecting Privacy Leaks in iOS Applications}}, + booktitle = {Proceedings of the Network and Distributed System Security Symposium (NDSS)}, + year = 2011, + address = {San Diego, CA}, + month = {February}} + diff --git a/aixcc/publications/2011_NDSS_PiOS.pdf b/aixcc/publications/2011_NDSS_PiOS.pdf new file mode 100644 index 0000000..0e3a092 Binary files /dev/null and b/aixcc/publications/2011_NDSS_PiOS.pdf differ diff --git a/aixcc/publications/2011_RAID_Shellzer.bib b/aixcc/publications/2011_RAID_Shellzer.bib new file mode 100644 index 0000000..47f27b3 --- /dev/null +++ b/aixcc/publications/2011_RAID_Shellzer.bib @@ -0,0 +1,8 @@ +@InProceedings{fratantonio11:shellzer, + author = {Yanick Fratantonio and Christopher Kruegel and Giovanni Vigna}, + title = {{Shellzer: a tool for the dynamic analysis of malicious shellcode}}, + booktitle = {Proceedings of the Symposium on Recent Advances in Intrusion Detection (RAID)}, + year = 2011, + month = {September}, + address = {S. Francisco, CA}} + diff --git a/aixcc/publications/2011_RAID_Shellzer.pdf b/aixcc/publications/2011_RAID_Shellzer.pdf new file mode 100644 index 0000000..430ebba Binary files /dev/null and b/aixcc/publications/2011_RAID_Shellzer.pdf differ diff --git a/aixcc/publications/2011_RAID_dymo.bib b/aixcc/publications/2011_RAID_dymo.bib new file mode 100644 index 0000000..78383ac --- /dev/null +++ b/aixcc/publications/2011_RAID_dymo.bib @@ -0,0 +1,8 @@ +@InProceedings{gilbert11:dymo, + author = {Bob Gilbert and Richard Kemmerer and Christopher Kruegel and Giovanni Vigna}, + title = {{Dymo: Tracking Dynamic Code Identity}}, + booktitle = {Proceedings of the Symposium on Recent Advances in Intrusion Detection (RAID)}, + year = 2011, + month = {September}, + address = {S. Francisco, CA}} + diff --git a/aixcc/publications/2011_RAID_dymo.pdf b/aixcc/publications/2011_RAID_dymo.pdf new file mode 100644 index 0000000..b11b8b9 Binary files /dev/null and b/aixcc/publications/2011_RAID_dymo.pdf differ diff --git a/aixcc/publications/2011_SPMagazine_torpig.bib b/aixcc/publications/2011_SPMagazine_torpig.bib new file mode 100644 index 0000000..c2500f9 --- /dev/null +++ b/aixcc/publications/2011_SPMagazine_torpig.bib @@ -0,0 +1,10 @@ +@Article{stone-gross11:torpig, + author = {Brett Stone-Gross and Marco Cova and Bob Gilbert and Richard Kemmerer and Christopher Kruegel and Giovanni Vigna}, + title = {{Analysis of a Botnet Takeover}}, + journal = {IEEE Security and Privacy Magazine}, + volume = {9}, + number = {1}, + pages = {64--72}, + month = {January}, + year = 2011 +} \ No newline at end of file diff --git a/aixcc/publications/2011_SPMagazine_torpig.pdf b/aixcc/publications/2011_SPMagazine_torpig.pdf new file mode 100644 index 0000000..48663a7 Binary files /dev/null and b/aixcc/publications/2011_SPMagazine_torpig.pdf differ diff --git a/aixcc/publications/2011_USENIX_BotMagnifier.bib b/aixcc/publications/2011_USENIX_BotMagnifier.bib new file mode 100644 index 0000000..8e0c297 --- /dev/null +++ b/aixcc/publications/2011_USENIX_BotMagnifier.bib @@ -0,0 +1,8 @@ +@InProceedings{stringhini11:botmagnifier, + author = {Gianluca Stringhini and Thorsten Holz and Brett Stone-Gross and Christopher Kruegel and Giovanni Vigna}, + title = {{BotMagnifier: Locating Spambots on the Internet}}, + booktitle = {Proceedings of the USENIX Security Symposium}, + year = 2011, + address = {S. Francisco, CA}, + month = {August}} + diff --git a/aixcc/publications/2011_USENIX_BotMagnifier.pdf b/aixcc/publications/2011_USENIX_BotMagnifier.pdf new file mode 100644 index 0000000..60e680a Binary files /dev/null and b/aixcc/publications/2011_USENIX_BotMagnifier.pdf differ diff --git a/aixcc/publications/2011_WEIS_FakeAV.bib b/aixcc/publications/2011_WEIS_FakeAV.bib new file mode 100644 index 0000000..a02dae8 --- /dev/null +++ b/aixcc/publications/2011_WEIS_FakeAV.bib @@ -0,0 +1,8 @@ +@InProceedings{stones11:fakeav, + author = {Brett Stone-Gross and Ryan Abman and Richard Kemmerer and Christopher Kruegel and Doug Steigerwald and Giovanni Vigna}, + title = {{The Underground Economy of Fake Antivirus Software}}, + booktitle = {Proceedings of the Workshop on Economics of Information Security (WEIS)}, + year = 2011, + address = {Washington, DC}, + month = {June}} + diff --git a/aixcc/publications/2011_WEIS_FakeAV.pdf b/aixcc/publications/2011_WEIS_FakeAV.pdf new file mode 100644 index 0000000..63108db Binary files /dev/null and b/aixcc/publications/2011_WEIS_FakeAV.pdf differ diff --git a/aixcc/publications/2011_WOOT_Pixelization.bib b/aixcc/publications/2011_WOOT_Pixelization.bib new file mode 100644 index 0000000..a52d540 --- /dev/null +++ b/aixcc/publications/2011_WOOT_Pixelization.bib @@ -0,0 +1,8 @@ +@InProceedings{cavedon11:pixelization, + author = {Ludovico Cavedon and Luca Foschini and Giovanni Vigna}, + title = {{Getting the Face Behind the Squares: Reconstructing Pixelized Video Streams}}, + booktitle = {Proceedings of the USENIX Workshop On Offensive Technologies (WOOT)}, + year = 2011, + address = {San Francisco, CA}, + month = {August}} + diff --git a/aixcc/publications/2011_WOOT_Pixelization.pdf b/aixcc/publications/2011_WOOT_Pixelization.pdf new file mode 100644 index 0000000..63af59b Binary files /dev/null and b/aixcc/publications/2011_WOOT_Pixelization.pdf differ diff --git a/aixcc/publications/2011_WWW_Prophiler.bib b/aixcc/publications/2011_WWW_Prophiler.bib new file mode 100644 index 0000000..eed697e --- /dev/null +++ b/aixcc/publications/2011_WWW_Prophiler.bib @@ -0,0 +1,8 @@ +@InProceedings{canali11:prophiler, + author = {Davide Canali and Marco Cova and Christopher Kruegel and Giovanni Vigna}, + title = {{Prophiler: A Fast Filter for the Large-Scale Detection of Malicious Web Pages}}, + booktitle = {Proceedings of the World Wide Web Conference (WWW)}, + year = 2011, + address = {Hiderabad, India}, + month = {March}} + diff --git a/aixcc/publications/2011_WWW_Prophiler.pdf b/aixcc/publications/2011_WWW_Prophiler.pdf new file mode 100644 index 0000000..b7d68cb Binary files /dev/null and b/aixcc/publications/2011_WWW_Prophiler.pdf differ diff --git a/aixcc/publications/2011_iNetSec_iOSApps.bib b/aixcc/publications/2011_iNetSec_iOSApps.bib new file mode 100644 index 0000000..ae3d987 --- /dev/null +++ b/aixcc/publications/2011_iNetSec_iOSApps.bib @@ -0,0 +1,8 @@ +@InProceedings{szydlowski11:challenges, + author = {Martin Szydlowski and Manuel Egele and Christopher Kruegel and Giovanni Vigna}, + title = {{Challenges for Dynamic Analysis of iOS Applications}}, + booktitle = {Proceedings of the Workshop on Open Research Problems in Network Security (iNetSec)}, + year = 2011, + address = {Luzerne, Switzerland}, + month = {June}} + diff --git a/aixcc/publications/2011_iNetSec_iOSApps.pdf b/aixcc/publications/2011_iNetSec_iOSApps.pdf new file mode 100644 index 0000000..8907df5 Binary files /dev/null and b/aixcc/publications/2011_iNetSec_iOSApps.pdf differ diff --git a/aixcc/publications/2012_ACSAC_Jarhead.bib b/aixcc/publications/2012_ACSAC_Jarhead.bib new file mode 100644 index 0000000..9dd9367 --- /dev/null +++ b/aixcc/publications/2012_ACSAC_Jarhead.bib @@ -0,0 +1,8 @@ +@InProceedings{schlumberger12:jarhead, + author = {Johannes Schlumberger and Christopher Kruegel and Giovanni Vigna}, + title = {{Jarhead: Analysis and Detection of Malicious Java Applets}}, + booktitle = {Proceedings of the Annual Computer Security Applications Conference (ACSAC)}, + year = 2012, + address = {Orlando, FL}, + month = {December}} + diff --git a/aixcc/publications/2012_ACSAC_Jarhead.pdf b/aixcc/publications/2012_ACSAC_Jarhead.pdf new file mode 100644 index 0000000..b1c41f0 Binary files /dev/null and b/aixcc/publications/2012_ACSAC_Jarhead.pdf differ diff --git a/aixcc/publications/2012_CCS_blacksheep.bib b/aixcc/publications/2012_CCS_blacksheep.bib new file mode 100644 index 0000000..4fded01 --- /dev/null +++ b/aixcc/publications/2012_CCS_blacksheep.bib @@ -0,0 +1,8 @@ +@InProceedings{bianchi12:blacksheep, + author = {Antonio Bianchi and Yan Shoshitaishvili and Christopher Kruegel and Giovanni Vigna}, + title = {{Blacksheep: Detecting Compromised Hosts in Homogeneous Crowds}}, + booktitle = {Proceedings of the ACM Conference on Computer and Communications Security (CCS)}, + year = 2012, + address = {USA}, + month = {October}} + diff --git a/aixcc/publications/2012_CCS_blacksheep.pdf b/aixcc/publications/2012_CCS_blacksheep.pdf new file mode 100644 index 0000000..53d7516 Binary files /dev/null and b/aixcc/publications/2012_CCS_blacksheep.pdf differ diff --git a/aixcc/publications/2012_CCS_jsinlcude.bib b/aixcc/publications/2012_CCS_jsinlcude.bib new file mode 100644 index 0000000..ff73415 --- /dev/null +++ b/aixcc/publications/2012_CCS_jsinlcude.bib @@ -0,0 +1,8 @@ +@inproceedings{nikiforakis2012jsinclusions, + title={You Are What You Include: Large-scale Evaluation of Remote JavaScript Inclusions}, + author={Nick Nikiforakis and Luca Invernizzi and Alexandros Kapravelos and Steven Van Acker and Wouter Joosen and Christopher Kruegel and Frank Piessens and Giovanni Vigna}, + booktitle={Proceedings of the ACM Conference on Computer and Communications Security (CCS)}, + year={2012}, + address={Raleigh, NC}, + month={October} +} diff --git a/aixcc/publications/2012_CCS_jsinlcude.pdf b/aixcc/publications/2012_CCS_jsinlcude.pdf new file mode 100644 index 0000000..23111e3 Binary files /dev/null and b/aixcc/publications/2012_CCS_jsinlcude.pdf differ diff --git a/aixcc/publications/2012_CoNEXT_BotFinder.bib b/aixcc/publications/2012_CoNEXT_BotFinder.bib new file mode 100644 index 0000000..0e6c9a0 --- /dev/null +++ b/aixcc/publications/2012_CoNEXT_BotFinder.bib @@ -0,0 +1,8 @@ +@InProceedings{tegeler12:botfinder, + author = {Florian Tegeler and Xiaoming Fu and Giovanni Vigna and Christopher Kruegel}, + title = {{BotFinder: Finding Bots in Network Traffic Without Deep Packet Inspection}}, + booktitle = {Proceedings of the ACM Conference on emerging Networking EXperiments and Technologies (CoNEXT)}, + year = 2012, + address = {Nice, France}, + month = {December}} + diff --git a/aixcc/publications/2012_CoNEXT_BotFinder.pdf b/aixcc/publications/2012_CoNEXT_BotFinder.pdf new file mode 100644 index 0000000..00dabb4 Binary files /dev/null and b/aixcc/publications/2012_CoNEXT_BotFinder.pdf differ diff --git a/aixcc/publications/2012_DIMVA_memwrite.bib b/aixcc/publications/2012_DIMVA_memwrite.bib new file mode 100644 index 0000000..306be3e --- /dev/null +++ b/aixcc/publications/2012_DIMVA_memwrite.bib @@ -0,0 +1,11 @@ +@InProceedings{gregio12:writes, + author = {Andre Ricardo Abed Gregio and Paulo Licio de Geus and Christopher Kruegel and Giovanni Vigna}, + title = {{Tracking Memory Writes for Malware Classification and Code Reuse Identification}}, + booktitle = {Proceedings of the Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA)}, + year = 2012, + series = {Lecture Notes in Computer Science}, + address = {Crete, Greece}, + month = {July}, + publisher = {Springer Verlag}} + + diff --git a/aixcc/publications/2012_DIMVA_memwrite.pdf b/aixcc/publications/2012_DIMVA_memwrite.pdf new file mode 100644 index 0000000..e8f065d Binary files /dev/null and b/aixcc/publications/2012_DIMVA_memwrite.pdf differ diff --git a/aixcc/publications/2012_DIMVA_packedmalware.bib b/aixcc/publications/2012_DIMVA_packedmalware.bib new file mode 100644 index 0000000..47d9bbe --- /dev/null +++ b/aixcc/publications/2012_DIMVA_packedmalware.bib @@ -0,0 +1,10 @@ +@InProceedings{jacob12:packer, + author = {Gregoire Jacob and Paolo Milani Comparetti and Matthias Neugschwandtner and Christopher Kruegel and Giovanni Vigna}, + title = {{A Static, Packer-agnostic Filter to Detect Similar Malware Samples}}, + booktitle = {Proceedings of the Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA)}, + year = 2012, + series = {Lecture Notes in Computer Science}, + address = {Crete, Greece}, + month = {July}, + publisher = {Springer Verlag}} + diff --git a/aixcc/publications/2012_DIMVA_packedmalware.pdf b/aixcc/publications/2012_DIMVA_packedmalware.pdf new file mode 100644 index 0000000..b437545 Binary files /dev/null and b/aixcc/publications/2012_DIMVA_packedmalware.pdf differ diff --git a/aixcc/publications/2012_HotPETS_MIAB.bib b/aixcc/publications/2012_HotPETS_MIAB.bib new file mode 100644 index 0000000..0682907 --- /dev/null +++ b/aixcc/publications/2012_HotPETS_MIAB.bib @@ -0,0 +1,7 @@ +@InProceedings{invernizzi2012:miab, + author = {Luca Invernizzi and Christopher Kruegel and Giovanni Vigna}, + title = {{Message In A Bottle: Sailing Past Censorship}}, + booktitle = {Workshop on Hot Topics in Privacy Enhancing Technologies (HotPETS)}, + year = 2012, + address = {Vigo, Spain}, + month = {July}} diff --git a/aixcc/publications/2012_HotPETS_MIAB.pdf b/aixcc/publications/2012_HotPETS_MIAB.pdf new file mode 100644 index 0000000..eae4870 Binary files /dev/null and b/aixcc/publications/2012_HotPETS_MIAB.pdf differ diff --git a/aixcc/publications/2012_RAID_flashdetect.bib b/aixcc/publications/2012_RAID_flashdetect.bib new file mode 100644 index 0000000..72bfaf4 --- /dev/null +++ b/aixcc/publications/2012_RAID_flashdetect.bib @@ -0,0 +1,8 @@ +@InProceedings{overveldt12:flash, + author = {Timon Van Overveldt and Christopher Kruegel and Giovanni Vigna}, + title = {{FlashDetect: ActionScript 3 malware detection }}, + booktitle = {Proceedings of the Symposium on Research in Attacks, Intrusions and Defenses (RAID)}, + year = 2012, + address = {The Netherlands}, + month = {September}} + diff --git a/aixcc/publications/2012_RAID_flashdetect.pdf b/aixcc/publications/2012_RAID_flashdetect.pdf new file mode 100644 index 0000000..08e2019 Binary files /dev/null and b/aixcc/publications/2012_RAID_flashdetect.pdf differ diff --git a/aixcc/publications/2012_SP_Evilseed.bib b/aixcc/publications/2012_SP_Evilseed.bib new file mode 100644 index 0000000..d1af40e --- /dev/null +++ b/aixcc/publications/2012_SP_Evilseed.bib @@ -0,0 +1,7 @@ +@InProceedings{invernizzi12:evilseed, + author = {Luca Invernizzi and Stefano Benvenuti and Marco Cova and Paolo Milani-Comparetti and Christopher Kruegel and Giovanni Vigna}, + title = {{EvilSeed: A Guided Approach to Finding Malicious Web Pages}}, + booktitle = {Proceedings of the IEEE Symposium on Security and Privacy}, + year = 2012, + address = {S. Francisco, CA}, + month = {May}} diff --git a/aixcc/publications/2012_SP_Evilseed.pdf b/aixcc/publications/2012_SP_Evilseed.pdf new file mode 100644 index 0000000..f5b94e5 Binary files /dev/null and b/aixcc/publications/2012_SP_Evilseed.pdf differ diff --git a/aixcc/publications/2012_USENIX_WebState.bib b/aixcc/publications/2012_USENIX_WebState.bib new file mode 100644 index 0000000..f33ee48 --- /dev/null +++ b/aixcc/publications/2012_USENIX_WebState.bib @@ -0,0 +1,8 @@ +@InProceedings{doupe12:enemy-of-the-state, + author = {Adam Doupe and Ludovico Cavedon and Christopher Kruegel and Giovanni Vigna}, + title = {{Enemy of the State: A State-Aware Black-Box Vulnerability Scanner}}, + booktitle = {Proceedings of the USENIX Security Symposium}, + year = 2012, + address = {Bellevue, WA}, + month = {August} +} \ No newline at end of file diff --git a/aixcc/publications/2012_USENIX_WebState.pdf b/aixcc/publications/2012_USENIX_WebState.pdf new file mode 100644 index 0000000..8a53af0 Binary files /dev/null and b/aixcc/publications/2012_USENIX_WebState.pdf differ diff --git a/aixcc/publications/2012_USENIX_babel.bib b/aixcc/publications/2012_USENIX_babel.bib new file mode 100644 index 0000000..c412e3a --- /dev/null +++ b/aixcc/publications/2012_USENIX_babel.bib @@ -0,0 +1,8 @@ +@inproceedings{stringhini12:usenix, + author = {Gianluca Stringhini and Manuel Egele and Apostolis Zarras and Thorsten Holz and Christopher Kruegel and Giovanni Vigna}, + title = {{B@bel: Leveraging Email Delivery for Spam Mitigation}}, + booktitle = {Proceedings of the USENIX Security Symposium}, + address = {Bellevue, WA}, + month = {August}, + year = 2012 +} \ No newline at end of file diff --git a/aixcc/publications/2012_USENIX_babel.pdf b/aixcc/publications/2012_USENIX_babel.pdf new file mode 100644 index 0000000..dd2ccf9 Binary files /dev/null and b/aixcc/publications/2012_USENIX_babel.pdf differ diff --git a/aixcc/publications/2012_USENIX_pubcrawl.bib b/aixcc/publications/2012_USENIX_pubcrawl.bib new file mode 100644 index 0000000..1435814 --- /dev/null +++ b/aixcc/publications/2012_USENIX_pubcrawl.bib @@ -0,0 +1,8 @@ +@InProceedings{jacob12:pubcrawl, + author = {Gregoire Jacob and Engin Kirda and Christopher Kruegel and Giovanni Vigna}, + title = {{PUBCRAWL: Protecting Users and Businesses from CRAWLers}}, + booktitle = {Proceedings of the USENIX Security Symposium}, + year = 2012, + address = {Bellevue, WA}, + month = {August}} + diff --git a/aixcc/publications/2012_USENIX_pubcrawl.pdf b/aixcc/publications/2012_USENIX_pubcrawl.pdf new file mode 100644 index 0000000..93e3c0e Binary files /dev/null and b/aixcc/publications/2012_USENIX_pubcrawl.pdf differ diff --git a/aixcc/publications/2012_WSON_twittermarkets.bib b/aixcc/publications/2012_WSON_twittermarkets.bib new file mode 100644 index 0000000..635e610 --- /dev/null +++ b/aixcc/publications/2012_WSON_twittermarkets.bib @@ -0,0 +1,8 @@ +@inproceedings{stringhini12:poultry, + title={{Poultry Markets: On the Underground Economy of Twitter Followers}}, + author={Gianluca Stringhini and Manuel Egele and Christopher Kruegel and Giovanni Vigna}, + booktitle={Proceedings of the Workshop on Online Social Networks (WOSN)}, + address={Helsinki, Finland}, + month={August}, + year={2012} +} diff --git a/aixcc/publications/2012_WSON_twittermarkets.pdf b/aixcc/publications/2012_WSON_twittermarkets.pdf new file mode 100644 index 0000000..0455872 Binary files /dev/null and b/aixcc/publications/2012_WSON_twittermarkets.pdf differ diff --git a/aixcc/publications/2013_ACSAC_MITB.bib b/aixcc/publications/2013_ACSAC_MITB.bib new file mode 100644 index 0000000..cc21988 --- /dev/null +++ b/aixcc/publications/2013_ACSAC_MITB.bib @@ -0,0 +1,9 @@ +@InProceedings{invernizzi13:mitb, + author = {Luca Invernizzi and Christopher Kruegel and Giovanni Vigna}, + title = {{Message In A Bottle: Sailing Past Censorship}}, + booktitle = {Proceedings of the Annual Computer Security Applications Conference (ACSAC)}, + year = 2013, + address = {New Orleans, USA}, + month = {December} +} + diff --git a/aixcc/publications/2013_ACSAC_MITB.pdf b/aixcc/publications/2013_ACSAC_MITB.pdf new file mode 100644 index 0000000..149616d Binary files /dev/null and b/aixcc/publications/2013_ACSAC_MITB.pdf differ diff --git a/aixcc/publications/2013_ACSAC_SigMal.bib b/aixcc/publications/2013_ACSAC_SigMal.bib new file mode 100644 index 0000000..61f847c --- /dev/null +++ b/aixcc/publications/2013_ACSAC_SigMal.bib @@ -0,0 +1,8 @@ +@InProceedings{kirat13:sigmal, + author = {Dhilung Kirat and Lakshmanan Nataraj and Giovanni Vigna and B.S. Manjunath}, + title = {{SigMal: A Static Signal Processing Based Malware Triage}}, + booktitle = {Proceedings of the Annual Computer Security Applications Conference (ACSAC)}, + year = 2013, + address = {New Orleans, USA}, + month = {December}} + diff --git a/aixcc/publications/2013_ACSAC_SigMal.pdf b/aixcc/publications/2013_ACSAC_SigMal.pdf new file mode 100644 index 0000000..ac45634 Binary files /dev/null and b/aixcc/publications/2013_ACSAC_SigMal.pdf differ diff --git a/aixcc/publications/2013_CCS_Delta.bib b/aixcc/publications/2013_CCS_Delta.bib new file mode 100644 index 0000000..09de2bb --- /dev/null +++ b/aixcc/publications/2013_CCS_Delta.bib @@ -0,0 +1,7 @@ +@InProceedings{borgolte13:delta, + author = {Kevin Borgolte and Christopher Kruegel and Giovanni Vigna}, + title = {{Delta: Automatic Identification of Unknown Web-based Infection Campaigns}}, + booktitle = {Proceedings of the ACM Conference on Computer and Communications Security (CCS)}, + year = 2013, + address = {Berlin, Germany}, + month = {November}} diff --git a/aixcc/publications/2013_CCS_Delta.pdf b/aixcc/publications/2013_CCS_Delta.pdf new file mode 100644 index 0000000..876b2e3 Binary files /dev/null and b/aixcc/publications/2013_CCS_Delta.pdf differ diff --git a/aixcc/publications/2013_CCS_ShadyPaths.bib b/aixcc/publications/2013_CCS_ShadyPaths.bib new file mode 100644 index 0000000..fd74b6f --- /dev/null +++ b/aixcc/publications/2013_CCS_ShadyPaths.bib @@ -0,0 +1,7 @@ +@InProceedings{stringhini13:shady_paths, + author = {Gianluca Stringhini and Christopher Kruegel and Giovanni Vigna}, + title = {{Shady Paths: Leveraging Surfing Crowds to Detect Malicious Web Pages}}, + booktitle = {Proceedings of the ACM Conference on Computer and Communications Security (CCS)}, + year = 2013, + address = {Berlin, Germany}, + month = {November}} diff --git a/aixcc/publications/2013_CCS_ShadyPaths.pdf b/aixcc/publications/2013_CCS_ShadyPaths.pdf new file mode 100644 index 0000000..637518f Binary files /dev/null and b/aixcc/publications/2013_CCS_ShadyPaths.pdf differ diff --git a/aixcc/publications/2013_CCS_deDacota.bib b/aixcc/publications/2013_CCS_deDacota.bib new file mode 100644 index 0000000..7249e4a --- /dev/null +++ b/aixcc/publications/2013_CCS_deDacota.bib @@ -0,0 +1,7 @@ +@InProceedings{doupe13:dedacota, + author = {Adam Doupe and Weidong Cui and Mariusz Jakubowski and Marcus Peinado and Christopher Kruegel and Giovanni Vigna}, + title = {{deDacota: Toward Preventing Server-Side XSS via Automatic Code and Data Separation}}, + booktitle = {Proceedings of the ACM Conference on Computer and Communications Security (CCS)}, + year = 2013, + address = {Berlin, Germany}, + month = {November}} diff --git a/aixcc/publications/2013_CCS_deDacota.pdf b/aixcc/publications/2013_CCS_deDacota.pdf new file mode 100644 index 0000000..67740bf Binary files /dev/null and b/aixcc/publications/2013_CCS_deDacota.pdf differ diff --git a/aixcc/publications/2013_ControlBook_iCTFModel.bib b/aixcc/publications/2013_ControlBook_iCTFModel.bib new file mode 100644 index 0000000..1476378 --- /dev/null +++ b/aixcc/publications/2013_ControlBook_iCTFModel.bib @@ -0,0 +1,11 @@ +@InCollection{vamvoudakis13:convex, + author = {Kyriakos Vamvoudakis and Joao Hespanha and Richard Kemmerer and Giovanni Vigna}, + title = {{Formulating Cyber-Security as Convex Optimization Problems}}, + booktitle = {Control of Cyber-Physical Systems}, + pages = {85-100}, + publisher = {Springer}, + year = 2013, + volume = 449, + series = {Lecture Notes in Control and Information Sciences}, + month = {July}} + diff --git a/aixcc/publications/2013_ControlBook_iCTFModel.pdf b/aixcc/publications/2013_ControlBook_iCTFModel.pdf new file mode 100644 index 0000000..cae929d Binary files /dev/null and b/aixcc/publications/2013_ControlBook_iCTFModel.pdf differ diff --git a/aixcc/publications/2013_IMC_TitterMarkets.bib b/aixcc/publications/2013_IMC_TitterMarkets.bib new file mode 100644 index 0000000..5185cb1 --- /dev/null +++ b/aixcc/publications/2013_IMC_TitterMarkets.bib @@ -0,0 +1,8 @@ +@InProceedings{stringhini13:follow_green, + author = {Gianluca Stringhini and Gang Wang and Manuel Egele and Christopher Kruegel and Giovanni Vigna and Haitao Zheng and Ben Zhao}, + title = {{Follow the Green: Growth and Dynamics in Twitter Follower Markets}}, + booktitle = {Proceedings of the Internet Measurement Conference (IMC)}, + year = 2013, + address = {Barcelona, Spain}, + month = {October}} + diff --git a/aixcc/publications/2013_IMC_TitterMarkets.pdf b/aixcc/publications/2013_IMC_TitterMarkets.pdf new file mode 100644 index 0000000..2af9406 Binary files /dev/null and b/aixcc/publications/2013_IMC_TitterMarkets.pdf differ diff --git a/aixcc/publications/2013_NDSS_compa.bib b/aixcc/publications/2013_NDSS_compa.bib new file mode 100644 index 0000000..70fe8d7 --- /dev/null +++ b/aixcc/publications/2013_NDSS_compa.bib @@ -0,0 +1,8 @@ +@InProceedings{egele13:compa, + author = {Manuel Egele and Gianluca Stringhini and Christopher Kruegel and Giovanni Vigna}, + title = {{COMPA: Detecting Compromised Accounts on Social Networks}}, + booktitle = {Proceedings of the ISOC Network and Distributed Systems Symposium (NDSS)}, + year = 2013, + address = {San Diego, CA}, + month = {February}} + diff --git a/aixcc/publications/2013_NDSS_compa.pdf b/aixcc/publications/2013_NDSS_compa.pdf new file mode 100644 index 0000000..29becb1 Binary files /dev/null and b/aixcc/publications/2013_NDSS_compa.pdf differ diff --git a/aixcc/publications/2013_NGMAD_SARVAM.bib b/aixcc/publications/2013_NGMAD_SARVAM.bib new file mode 100644 index 0000000..2c48587 --- /dev/null +++ b/aixcc/publications/2013_NGMAD_SARVAM.bib @@ -0,0 +1,8 @@ +@inproceedings{nataraj13:sarvam, + author = {Lakshmnanan Nataraj and Dhilung Kirat and B.S. Manjunath and Giovanni Vigna}, + title = {{SARVAM: Search And RetrieVAl of Malware}}, + booktitle = {Annual Computer Security Applications Conference (ACSAC) Workshop on Next Generation Malware Attacks and Defense (NGMAD)}, + address = {New Orleans, USA}, + month = {December}, + year = {2013} +} diff --git a/aixcc/publications/2013_NGMAD_SARVAM.pdf b/aixcc/publications/2013_NGMAD_SARVAM.pdf new file mode 100644 index 0000000..1864b09 Binary files /dev/null and b/aixcc/publications/2013_NGMAD_SARVAM.pdf differ diff --git a/aixcc/publications/2013_RAID_i2p.bib b/aixcc/publications/2013_RAID_i2p.bib new file mode 100644 index 0000000..c884107 --- /dev/null +++ b/aixcc/publications/2013_RAID_i2p.bib @@ -0,0 +1,10 @@ +@InProceedings{egger13:i2p, + author = {Christoph Egger and Johannes Schlumberger and Christopher Kruegel and Giovanni Vigna}, + title = {{Practical Attacks Against The I2P Network}}, + booktitle = {Proceedings of the International Symposium on Research in Attacks, Intrusions and Defenses (RAID)}, + year = 2013, + series = {LNCS}, + address = {St. Lucia}, + month = {October}, + publisher = {Springer}} + diff --git a/aixcc/publications/2013_RAID_i2p.pdf b/aixcc/publications/2013_RAID_i2p.pdf new file mode 100644 index 0000000..30ca663 Binary files /dev/null and b/aixcc/publications/2013_RAID_i2p.pdf differ diff --git a/aixcc/publications/2013_SAC_EARdetect.bib b/aixcc/publications/2013_SAC_EARdetect.bib new file mode 100644 index 0000000..8b94179 --- /dev/null +++ b/aixcc/publications/2013_SAC_EARdetect.bib @@ -0,0 +1,8 @@ +@InProceedings{payet13:ears_wild, + author = {Pierre Payet and Adam Doupe and Christopher Kruegel and Giovanni Vigna}, + title = {{EARs in the Wild: Large-Scale Analysis of Execution After Redirect Vulnerabilities}}, + booktitle = {Proceedings of the Symposium On Applied Computing (SAC)}, + year = 2013, + address = {Coimbra, Portugal}, + month = {March}} + diff --git a/aixcc/publications/2013_SAC_EARdetect.pdf b/aixcc/publications/2013_SAC_EARdetect.pdf new file mode 100644 index 0000000..d7d95aa Binary files /dev/null and b/aixcc/publications/2013_SAC_EARdetect.pdf differ diff --git a/aixcc/publications/2013_SP_cookieless.bib b/aixcc/publications/2013_SP_cookieless.bib new file mode 100644 index 0000000..8332325 --- /dev/null +++ b/aixcc/publications/2013_SP_cookieless.bib @@ -0,0 +1,8 @@ +@inproceedings{nikiforakis13:cookieless, + author = {Nick Nikiforakis and Alexandros Kapravelos and Wouter Joosen and Christopher Kruegel and Frank Piessens and Giovanni Vigna}, + title = {{Cookieless Monster: Exploring the Ecosystem of Web-based Device Fingerprinting}}, + booktitle = {Proceedings of the IEEE Symposium on Security and Privacy}, + year = 2013, + address = {S. Francisco, CA}, + month = {May} +} diff --git a/aixcc/publications/2013_SP_cookieless.pdf b/aixcc/publications/2013_SP_cookieless.pdf new file mode 100644 index 0000000..fa51c73 Binary files /dev/null and b/aixcc/publications/2013_SP_cookieless.pdf differ diff --git a/aixcc/publications/2013_USENIX_MovieStealer.bib b/aixcc/publications/2013_USENIX_MovieStealer.bib new file mode 100644 index 0000000..11b0783 --- /dev/null +++ b/aixcc/publications/2013_USENIX_MovieStealer.bib @@ -0,0 +1,8 @@ +@inproceedings{wang13:steal, + author = {Ruoyu Wang and Yan Shoshitaishvili and Christopher Kruegel and Giovanni Vigna}, + title = {{Steal This Movie - Automatically Bypassing DRM Protection in Streaming Media Services }}, + booktitle = {Proceedings of the USENIX Security Symposium}, + year = 2013, + address = {Washington, D.C.}, + month = {August} +} diff --git a/aixcc/publications/2013_USENIX_MovieStealer.pdf b/aixcc/publications/2013_USENIX_MovieStealer.pdf new file mode 100644 index 0000000..40595be Binary files /dev/null and b/aixcc/publications/2013_USENIX_MovieStealer.pdf differ diff --git a/aixcc/publications/2013_USENIX_revolver.bib b/aixcc/publications/2013_USENIX_revolver.bib new file mode 100644 index 0000000..d889da7 --- /dev/null +++ b/aixcc/publications/2013_USENIX_revolver.bib @@ -0,0 +1,9 @@ +@inproceedings{kapravelos2013revolver, + title={{Revolver: An Automated Approach to the Detection of Evasive Web-based Malware}}, + author={Alexandros Kapravelos and Yan Shoshitaishvili and Marco Cova and Christopher Kruegel and Giovanni Vigna}, + booktitle={Proceedings of the USENIX Security Symposium}, + month = {August}, + address = {Washington, D.C.}, + year={2013} +} + diff --git a/aixcc/publications/2013_USENIX_revolver.pdf b/aixcc/publications/2013_USENIX_revolver.pdf new file mode 100644 index 0000000..1415240 Binary files /dev/null and b/aixcc/publications/2013_USENIX_revolver.pdf differ diff --git a/aixcc/publications/2013_WWW_Longshore.bib b/aixcc/publications/2013_WWW_Longshore.bib new file mode 100644 index 0000000..31e8c0e --- /dev/null +++ b/aixcc/publications/2013_WWW_Longshore.bib @@ -0,0 +1,9 @@ +@inproceedings{maggi2013:longshore, + author = "Federico Maggi and Alessandro Frossi and Stefano Zanero and Gianluca Stringhini and Brett Stone-Gross and Christopher Kruegel and Giovanni Vigna", + title = "Two Years of Short URLs Internet Measurement: Security Threats and Countermeasures", + booktitle = "Proceedings of the International World Wide Web Conference (WWW)", + month = "May", + year = 2013, + address = "Rio de Janeiro, Brazil"} + + diff --git a/aixcc/publications/2013_WWW_Longshore.pdf b/aixcc/publications/2013_WWW_Longshore.pdf new file mode 100644 index 0000000..eb9d7ec Binary files /dev/null and b/aixcc/publications/2013_WWW_Longshore.pdf differ diff --git a/aixcc/publications/2014_3GSE_iCTF.bib b/aixcc/publications/2014_3GSE_iCTF.bib new file mode 100644 index 0000000..6e02094 --- /dev/null +++ b/aixcc/publications/2014_3GSE_iCTF.bib @@ -0,0 +1,8 @@ +@INPROCEEDINGS{vigna2014:ictf, + title = {{Ten Years of iCTF: The Good, The Bad, and The Ugly}}, + author = {Giovanni Vigna and Borgolte, Kevin and Corbetta, Jacopo and Doupe, Adam and Fratantonio, Yanick and Luca Invernizzi and Kirat, Dhilung and Shoshitaishvili, Yan}, + booktitle = {Proceedings of the USENIX Summit on Gaming, Games and Gamification in Security Education (3GSE)}, + address = {San Diego, CA}, + month = {August}, + year = {2014} +} \ No newline at end of file diff --git a/aixcc/publications/2014_3GSE_iCTF.pdf b/aixcc/publications/2014_3GSE_iCTF.pdf new file mode 100644 index 0000000..ca8983e Binary files /dev/null and b/aixcc/publications/2014_3GSE_iCTF.pdf differ diff --git a/aixcc/publications/2014_ASIACCS_harvester.bib b/aixcc/publications/2014_ASIACCS_harvester.bib new file mode 100644 index 0000000..8f9fa92 --- /dev/null +++ b/aixcc/publications/2014_ASIACCS_harvester.bib @@ -0,0 +1,8 @@ +@inproceedings{stringhini2014harvesters, +author = {Gianluca Stringhini and Hohlfeld, Oliver and Christopher Kruegel and Giovanni Vigna}, +booktitle = {Proceedings of the ACM Symposium on Information, Computer and Communications Security (ASIACCS)}, +title = {{The Harvester, the Botmaster, and the Spammer: On the Relations Between the Different Actors in the Spam Landscape}}, +address = {Kyoto, Japan}, +month = {June}, +year = {2014} +} diff --git a/aixcc/publications/2014_ASIACCS_harvester.pdf b/aixcc/publications/2014_ASIACCS_harvester.pdf new file mode 100644 index 0000000..612a41d Binary files /dev/null and b/aixcc/publications/2014_ASIACCS_harvester.pdf differ diff --git a/aixcc/publications/2014_DIMVA_PExy.bib b/aixcc/publications/2014_DIMVA_PExy.bib new file mode 100644 index 0000000..f38807f --- /dev/null +++ b/aixcc/publications/2014_DIMVA_PExy.bib @@ -0,0 +1,7 @@ +@InProceedings{maio14:pexy, + author = {Giancarlo De Maio and Alexandros Kapravelos and Yan Shoshitaishvili and Christopher Kruegel and Giovanni Vigna}, + title = {{PExy: The other side of Exploit Kits}}, + booktitle = {Proceedings of the Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA)}, + year = 2014, + address = {London, UK}, + month = {July}} diff --git a/aixcc/publications/2014_DIMVA_PExy.pdf b/aixcc/publications/2014_DIMVA_PExy.pdf new file mode 100644 index 0000000..a756fad Binary files /dev/null and b/aixcc/publications/2014_DIMVA_PExy.pdf differ diff --git a/aixcc/publications/2014_IMC_Malvertise.bib b/aixcc/publications/2014_IMC_Malvertise.bib new file mode 100644 index 0000000..c59ecad --- /dev/null +++ b/aixcc/publications/2014_IMC_Malvertise.bib @@ -0,0 +1,8 @@ +@inproceedings{zarras14:malvertisement, + title={{The Dark Alleys of Madison Avenue: Understanding Malicious Advertisements (short paper)}}, + author={Apostolis Zarras and Alexandros Kapravelos and Gianluca Strighini and Thorsten Holz and Christopher Kruegel and Giovanni Vigna}, + booktitle={Proceedings of the ACM SIGCOMM Conference on Internet Measurement Conference (IMC)}, + address={Vancouver, Canada}, + month={November}, + year={2014} + } \ No newline at end of file diff --git a/aixcc/publications/2014_IMC_Malvertise.pdf b/aixcc/publications/2014_IMC_Malvertise.pdf new file mode 100644 index 0000000..bbaf492 Binary files /dev/null and b/aixcc/publications/2014_IMC_Malvertise.pdf differ diff --git a/aixcc/publications/2014_INFOCOM_Rippler.bib b/aixcc/publications/2014_INFOCOM_Rippler.bib new file mode 100644 index 0000000..9a4adbc --- /dev/null +++ b/aixcc/publications/2014_INFOCOM_Rippler.bib @@ -0,0 +1,8 @@ +@inproceedings{zandi14:rippler, + author = {Ali Zand and Giovanni Vigna and Richard Kemmerer and Christopher Kruegel}, + title = {{Rippler: Delay Injection for Service Dependency Detection}}, + booktitle = {Proceedings of IEEE INFOCOM Conference}, + month = {April}, + address = {Toronto, Canada}, + year = {2014}, +} diff --git a/aixcc/publications/2014_INFOCOM_Rippler.pdf b/aixcc/publications/2014_INFOCOM_Rippler.pdf new file mode 100644 index 0000000..4d35b2b Binary files /dev/null and b/aixcc/publications/2014_INFOCOM_Rippler.pdf differ diff --git a/aixcc/publications/2014_IWCC_tricks.bib b/aixcc/publications/2014_IWCC_tricks.bib new file mode 100644 index 0000000..2fbffd0 --- /dev/null +++ b/aixcc/publications/2014_IWCC_tricks.bib @@ -0,0 +1,8 @@ +@inproceedings{iedemska14:trade, +author = {Iedemska, Jane and Gianluca Stringhini and Kemmerer, Richard and Christopher Kruegel and Giovanni Vigna}, +booktitle = {Proceedings of the International Workshop on Cyber Crime (IWCC)}, +title = {{The Tricks of the Trade: What Makes Spam Campaigns Successful?}}, +address = {San Jose, CA}, +month = {May}, +year = {2014} +} diff --git a/aixcc/publications/2014_IWCC_tricks.pdf b/aixcc/publications/2014_IWCC_tricks.pdf new file mode 100644 index 0000000..bf055e1 Binary files /dev/null and b/aixcc/publications/2014_IWCC_tricks.pdf differ diff --git a/aixcc/publications/2014_NDSS_ExecuteThis.bib b/aixcc/publications/2014_NDSS_ExecuteThis.bib new file mode 100644 index 0000000..7fb9a8d --- /dev/null +++ b/aixcc/publications/2014_NDSS_ExecuteThis.bib @@ -0,0 +1,8 @@ +@InProceedings{poeplau14:android-rce, + author = {Sebastian Poeplau and Yanick Fratantonio and Antonio Bianchi and Christopher Kruegel and Giovanni Vigna}, + title = {{Execute This! Analyzing Unsafe and Malicious Dynamic Code Loading in Android Applications}}, + booktitle = {Proceedings of the ISOC Network and Distributed System Security Symposium (NDSS)}, + year = 2014, + month = {February}, + address = {San Diego, CA} +} diff --git a/aixcc/publications/2014_NDSS_ExecuteThis.pdf b/aixcc/publications/2014_NDSS_ExecuteThis.pdf new file mode 100644 index 0000000..27a5e21 Binary files /dev/null and b/aixcc/publications/2014_NDSS_ExecuteThis.pdf differ diff --git a/aixcc/publications/2014_NDSS_Nazca.bib b/aixcc/publications/2014_NDSS_Nazca.bib new file mode 100644 index 0000000..07c5d3b --- /dev/null +++ b/aixcc/publications/2014_NDSS_Nazca.bib @@ -0,0 +1,9 @@ +@inproceedings{invernizzi2014:nazca, + author = {Luca Invernizzi and Stanislav Miskovic and Ruben Torres and Sabyaschi Saha and Sung-Ju Lee and Christopher Kruegel and Giovanni Vigna}, + title = {{Nazca: Detecting Malware Distribution in Large-Scale Networks}}, + booktitle = {Proceedings of the ISOC Network and Distributed System Security Symposium (NDSS)}, + address = {San Diego, CA}, + month = {February}, + year = {2014} + +} \ No newline at end of file diff --git a/aixcc/publications/2014_NDSS_Nazca.pdf b/aixcc/publications/2014_NDSS_Nazca.pdf new file mode 100644 index 0000000..ddedfb4 Binary files /dev/null and b/aixcc/publications/2014_NDSS_Nazca.pdf differ diff --git a/aixcc/publications/2014_RAID_EagleEye.bib b/aixcc/publications/2014_RAID_EagleEye.bib new file mode 100644 index 0000000..5d9f7e5 --- /dev/null +++ b/aixcc/publications/2014_RAID_EagleEye.bib @@ -0,0 +1,8 @@ +@INPROCEEDINGS{corbetta2014:eagleeye, + title = {{Eyes of a Human, Eyes of a Program: Leveraging different views of the web for analysis and detection}}, + author = {Jacopo Corbetta and Luca Invernizzi and Christopher Kruegel and Giovanni Vigna}, + booktitle = {Proceedings of the International Symposium on Research in Attacks, Intrusions and Defense (RAID)}, + address = {Gothenburgh, Sweden}, + month = {September}, + year = {2014} +} diff --git a/aixcc/publications/2014_RAID_EagleEye.pdf b/aixcc/publications/2014_RAID_EagleEye.pdf new file mode 100644 index 0000000..964354c Binary files /dev/null and b/aixcc/publications/2014_RAID_EagleEye.pdf differ diff --git a/aixcc/publications/2014_RAID_WebSSO.bib b/aixcc/publications/2014_RAID_WebSSO.bib new file mode 100644 index 0000000..eb8db7b --- /dev/null +++ b/aixcc/publications/2014_RAID_WebSSO.bib @@ -0,0 +1,8 @@ +@INPROCEEDINGS{cao2014:websso, + title = {{Protecting Web Single Sign-on against Relying party Impersonation Attacks through a Bi-directional Secure Channel with Authentication}}, + author = {Cao, Yinzhi and Shoshitaishvili, Yan and Borgolte, Kevin and Christopher Kruegel and Giovanni Vigna and Chen, Yan}, + booktitle = {Proceedings of the International Symposium on Research in Attacks, Intrusions and Defense (RAID)}, + address = {Gothenburgh, Sweden}, + month = {September}, + year = {2014} +} diff --git a/aixcc/publications/2014_RAID_WebSSO.pdf b/aixcc/publications/2014_RAID_WebSSO.pdf new file mode 100644 index 0000000..3d4c9f3 Binary files /dev/null and b/aixcc/publications/2014_RAID_WebSSO.pdf differ diff --git a/aixcc/publications/2014_SAC_ExtractCandC.bib b/aixcc/publications/2014_SAC_ExtractCandC.bib new file mode 100644 index 0000000..62e2b37 --- /dev/null +++ b/aixcc/publications/2014_SAC_ExtractCandC.bib @@ -0,0 +1,8 @@ +@inproceedings{zand:sac2014, + title={{Extracting Probable Command and Control Signatures for Detecting Botnets}}, + author={Ali Zand and Giovanni Vigna and Xifeng Yan and Christopher Kruegel}, + booktitle={Proceedings of the ACM Symposium on Applied Computing (SAC)}, + year={2014}, + month = {March}, + address = {Gyeongju, Korea} +} \ No newline at end of file diff --git a/aixcc/publications/2014_SAC_ExtractCandC.pdf b/aixcc/publications/2014_SAC_ExtractCandC.pdf new file mode 100644 index 0000000..5e0be4d Binary files /dev/null and b/aixcc/publications/2014_SAC_ExtractCandC.pdf differ diff --git a/aixcc/publications/2014_SAC_iCTF.bib b/aixcc/publications/2014_SAC_iCTF.bib new file mode 100644 index 0000000..482a99e --- /dev/null +++ b/aixcc/publications/2014_SAC_iCTF.bib @@ -0,0 +1,8 @@ +@inproceedings{shoshistashvili14:ictf, + title={{Do You Feel Lucky? A Large-Scale Analysis of Risk-Rewards Trade-Offs in Cyber Security}}, + author={Yan Shoshitaishvili and Luca Invernizzi and Adam Doupe and Giovanni Vigna}, + booktitle={Proceedings of the ACM Symposium on Applied Computing (SAC)}, + year={2014}, + month = {March}, + address = {Gyeongju, Korea} +} \ No newline at end of file diff --git a/aixcc/publications/2014_SAC_iCTF.pdf b/aixcc/publications/2014_SAC_iCTF.pdf new file mode 100644 index 0000000..6e8a12b Binary files /dev/null and b/aixcc/publications/2014_SAC_iCTF.pdf differ diff --git a/aixcc/publications/2014_USENIX_BareCloud.bib b/aixcc/publications/2014_USENIX_BareCloud.bib new file mode 100644 index 0000000..737d4f3 --- /dev/null +++ b/aixcc/publications/2014_USENIX_BareCloud.bib @@ -0,0 +1,8 @@ +@inproceedings{kirat2014:barecloud, + title = {{BareCloud: Bare-metal Analysis-based Evasive Malware Detection}}, + author = {Kirat, Dhilung and Giovanni Vigna and Christopher Kruegel}, + booktitle = {Proceedings of the USENIX Security Symposium}, + address = {San Diego, CA}, + month = {August}, + year = {2014} +} \ No newline at end of file diff --git a/aixcc/publications/2014_USENIX_BareCloud.pdf b/aixcc/publications/2014_USENIX_BareCloud.pdf new file mode 100644 index 0000000..634149f Binary files /dev/null and b/aixcc/publications/2014_USENIX_BareCloud.pdf differ diff --git a/aixcc/publications/2014_USENIX_Hulk.bib b/aixcc/publications/2014_USENIX_Hulk.bib new file mode 100644 index 0000000..f20f2b7 --- /dev/null +++ b/aixcc/publications/2014_USENIX_Hulk.bib @@ -0,0 +1,7 @@ +@InProceedings{kapravelos14:hulk, + author = {Alexandros Kapravelos and Chris Grier and Neha Chachra and Christopher Kruegel and Giovanni Vigna and Vern Paxson}, + title = {{Hulk: Eliciting Malicious Behavior in Browser Extensions}}, + booktitle = {Proceedings of the USENIX Security Symposium}, + year = 2014, + address = {San Diego, USA}, + month = {August}} diff --git a/aixcc/publications/2014_USENIX_Hulk.pdf b/aixcc/publications/2014_USENIX_Hulk.pdf new file mode 100644 index 0000000..39cefcf Binary files /dev/null and b/aixcc/publications/2014_USENIX_Hulk.pdf differ diff --git a/aixcc/publications/2014_WWW_StrangerDanger.bib b/aixcc/publications/2014_WWW_StrangerDanger.bib new file mode 100644 index 0000000..71df389 --- /dev/null +++ b/aixcc/publications/2014_WWW_StrangerDanger.bib @@ -0,0 +1,9 @@ +@InProceedings{nikiforakis14:stranger_danger, + author = {Nick Nikiforakis and Federico Maggi and Gianluca Stringhini and M Zubair Rafique and Wouter Joosen and Christopher Kruegel and Frank Piessens and Giovanni Vigna and Stefano Zanero +}, + title = {{Stranger Danger: Exploring the Ecosystem of Ad-based URL Shortening Services}}, + booktitle = {Proceedings of the International World Wide Web Conference (WWW)}, + year = 2014, + address = {Seoul, South Korea}, + month = {April}} + diff --git a/aixcc/publications/2014_WWW_StrangerDanger.pdf b/aixcc/publications/2014_WWW_StrangerDanger.pdf new file mode 100644 index 0000000..7b7a0f5 Binary files /dev/null and b/aixcc/publications/2014_WWW_StrangerDanger.pdf differ diff --git a/aixcc/publications/2014_WWWdev_ChangeDetection.bib b/aixcc/publications/2014_WWWdev_ChangeDetection.bib new file mode 100644 index 0000000..caa8342 --- /dev/null +++ b/aixcc/publications/2014_WWWdev_ChangeDetection.bib @@ -0,0 +1,8 @@ +@INPROCEEDINGS{borgolte2014:relevantchangedetection, + title = {{Relevant Change Detection: A Framework for the Precise Extraction of Modified and Novel Web-based Content as a Filtering Technique for Analysis Engines}}, + author = {Borgolte, Kevin and Christopher Kruegel and Giovanni Vigna}, + booktitle = {Proceedings of the Developers' Track of the International World Wide Web Conference (WWWdev)}, + address = {Seoul, Korea}, + month = {April}, + year = {2014} +} \ No newline at end of file diff --git a/aixcc/publications/2014_WWWdev_ChangeDetection.pdf b/aixcc/publications/2014_WWWdev_ChangeDetection.pdf new file mode 100644 index 0000000..e2905a4 Binary files /dev/null and b/aixcc/publications/2014_WWWdev_ChangeDetection.pdf differ diff --git a/aixcc/publications/2015_ACSAC_Achilles.bib b/aixcc/publications/2015_ACSAC_Achilles.bib new file mode 100644 index 0000000..763dbcb --- /dev/null +++ b/aixcc/publications/2015_ACSAC_Achilles.bib @@ -0,0 +1,8 @@ +@inproceedings{zand15:achilles, +title={{Know Your Achilles' Heel: Automatic Detection of Network Critical Services}}, +author={Ali Zand and Amir Houmansadr and Giovanni Vigna and Richard Kemmerer and Christopher Kruegel}, +booktitle={Proceedings of the Annual Computer Security Application Conference (ACSAC)}, +address={Los Angeles, CA}, +month={December}, +year={2015} +} diff --git a/aixcc/publications/2015_ACSAC_Achilles.pdf b/aixcc/publications/2015_ACSAC_Achilles.pdf new file mode 100644 index 0000000..3b1635a Binary files /dev/null and b/aixcc/publications/2015_ACSAC_Achilles.pdf differ diff --git a/aixcc/publications/2015_ACSAC_Baredroid.bib b/aixcc/publications/2015_ACSAC_Baredroid.bib new file mode 100644 index 0000000..822ba1b --- /dev/null +++ b/aixcc/publications/2015_ACSAC_Baredroid.bib @@ -0,0 +1,8 @@ +@inproceedings{mutti15:baredroid, +title={{BareDroid: Large-Scale Analysis of Android Apps on Real Devices}}, +author={Simone Mutti and Yanick Fratantonio and Antonio Bianchi and Luca Invernizzi and Jacopo Corbetta and Dhilung Kirat and Christopher Kruegel and Giovanni Vigna}, +booktitle={Proceedings of the Annual Computer Security Application Conference (ACSAC)}, +address={Los Angeles, CA}, +month={December}, +year={2015} +} diff --git a/aixcc/publications/2015_ACSAC_Baredroid.pdf b/aixcc/publications/2015_ACSAC_Baredroid.pdf new file mode 100644 index 0000000..0741ddc Binary files /dev/null and b/aixcc/publications/2015_ACSAC_Baredroid.pdf differ diff --git a/aixcc/publications/2015_ACSAC_GrabNRun.bib b/aixcc/publications/2015_ACSAC_GrabNRun.bib new file mode 100644 index 0000000..e7afb35 --- /dev/null +++ b/aixcc/publications/2015_ACSAC_GrabNRun.bib @@ -0,0 +1,8 @@ +@inproceedings{falsina15:grabnrun, +title={{Grab 'n Run: Secure and Practical Dynamic Code Loading for Android Applications}}, +author={Luca Falsina and Yanick Fratantonio and Stefano Zanero and Christopher Kruegel and Giovanni Vigna and Federico Maggi}, +booktitle={Proceedings of the Annual Computer Security Application Conference (ACSAC)}, +address={Los Angeles, CA}, +month={December}, +year={2015} +} \ No newline at end of file diff --git a/aixcc/publications/2015_ACSAC_GrabNRun.pdf b/aixcc/publications/2015_ACSAC_GrabNRun.pdf new file mode 100644 index 0000000..b25c46a Binary files /dev/null and b/aixcc/publications/2015_ACSAC_GrabNRun.pdf differ diff --git a/aixcc/publications/2015_CCS_MalGene.bib b/aixcc/publications/2015_CCS_MalGene.bib new file mode 100644 index 0000000..0ace5d2 --- /dev/null +++ b/aixcc/publications/2015_CCS_MalGene.bib @@ -0,0 +1,8 @@ +@INPROCEEDINGS{kirat2015malgene, + title = {{MalGene: Automatic Extraction of Malware Analysis Evasion Signature}}, + author = {Dhilung Kirat and Giovanni Vigna}, + booktitle = {Proceedings of the ACM Conference on Computer and Communications Security (CCS)}, + month = {October}, + address = {Denver, CO}, + year = {2015} +} \ No newline at end of file diff --git a/aixcc/publications/2015_CCS_MalGene.pdf b/aixcc/publications/2015_CCS_MalGene.pdf new file mode 100644 index 0000000..9ad727b Binary files /dev/null and b/aixcc/publications/2015_CCS_MalGene.pdf differ diff --git a/aixcc/publications/2015_CCS_ShippingMules.bib b/aixcc/publications/2015_CCS_ShippingMules.bib new file mode 100644 index 0000000..7d8fba2 --- /dev/null +++ b/aixcc/publications/2015_CCS_ShippingMules.bib @@ -0,0 +1,8 @@ +@INPROCEEDINGS{hao15:shippingmules, + title = {{Drops for Stuff: An Analysis of Reshipping Mule Scams}}, + author = {Shuang Hao and Kevin Borgolte and Nick Nikiforakis and Gianluca Stringhini and Manuel Egele and Michael Eubanks and Brian Krebs and Giovanni Vigna}, + booktitle = {Proceedings of the ACM Conference on Computer and Communications Security (CCS)}, + month = {October}, + address = {Denver, CO}, + year = {2015} +} \ No newline at end of file diff --git a/aixcc/publications/2015_CCS_ShippingMules.pdf b/aixcc/publications/2015_CCS_ShippingMules.pdf new file mode 100644 index 0000000..26aac02 Binary files /dev/null and b/aixcc/publications/2015_CCS_ShippingMules.pdf differ diff --git a/aixcc/publications/2015_CSS_Prison.bib b/aixcc/publications/2015_CSS_Prison.bib new file mode 100644 index 0000000..1329c59 --- /dev/null +++ b/aixcc/publications/2015_CSS_Prison.bib @@ -0,0 +1,8 @@ +@inproceedings{caillat15:prison, + title={{Prison: Tracking Process Interactions to Contain Malware}}, + author={Benjamin Caillat and Bob Gilbert and Richard Kemmerer and Christopher Kruegel and Giovanni Vigna}, + booktitle={Proceedings of the International Symposium on Cyberspace Safety and Security (CSS)} , + address={New York, USA}, + month={August}, + year={2015} +} \ No newline at end of file diff --git a/aixcc/publications/2015_CSS_Prison.pdf b/aixcc/publications/2015_CSS_Prison.pdf new file mode 100644 index 0000000..1883b03 Binary files /dev/null and b/aixcc/publications/2015_CSS_Prison.pdf differ diff --git a/aixcc/publications/2015_DIMVA_AndroidAccess.bib b/aixcc/publications/2015_DIMVA_AndroidAccess.bib new file mode 100644 index 0000000..a7ee2c8 --- /dev/null +++ b/aixcc/publications/2015_DIMVA_AndroidAccess.bib @@ -0,0 +1,8 @@ +@inproceedings{fratantonio15:androacl, + title={{On the Security and Engineering Implications of Finer-Grained Access Controls for Android Developers and Users}}, + author={Fratantonio, Yanick and Bianchi, Antonio and Robertson, William and Egele, Manuel and Christopher Kruegel and Kirda, Engin and Giovanni Vigna}, + booktitle={Proceedings of the Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA)}, + address={Milan, Italy}, + month={July}, + year={2015} +} \ No newline at end of file diff --git a/aixcc/publications/2015_DIMVA_AndroidAccess.pdf b/aixcc/publications/2015_DIMVA_AndroidAccess.pdf new file mode 100644 index 0000000..6051c3a Binary files /dev/null and b/aixcc/publications/2015_DIMVA_AndroidAccess.pdf differ diff --git a/aixcc/publications/2015_FSE_CLAPP.bib b/aixcc/publications/2015_FSE_CLAPP.bib new file mode 100644 index 0000000..88975f5 --- /dev/null +++ b/aixcc/publications/2015_FSE_CLAPP.bib @@ -0,0 +1,9 @@ +@inproceedings{fratantonio2015:clapp, + title={{CLAPP: Characterizing Loops in Android Applications}}, + author={Yanick Fratantonio and Aravind Machiry and Antonio Bianchi and Christopher Kruegel and Giovanni Vigna}, + booktitle={Proceedings of the ACM Symposium on the Foundations of Software Engineering (FSE)}, + month={September}, + address={Bergamo, Italy}, + year={2015} +} + diff --git a/aixcc/publications/2015_FSE_CLAPP.pdf b/aixcc/publications/2015_FSE_CLAPP.pdf new file mode 100644 index 0000000..502dd61 Binary files /dev/null and b/aixcc/publications/2015_FSE_CLAPP.pdf differ diff --git a/aixcc/publications/2015_MoST_MobileWebApps.bib b/aixcc/publications/2015_MoST_MobileWebApps.bib new file mode 100644 index 0000000..ecb31e7 --- /dev/null +++ b/aixcc/publications/2015_MoST_MobileWebApps.bib @@ -0,0 +1,9 @@ +@InProceedings{mutchler15:mobile_web_apps, + author = {Patrick Mutchler and Adam Doupe and John Mitchell and Christopher Kruegel and Giovanni Vigna}, + title = {{A Large-Scale Study of Mobile Web App Security}}, + booktitle = {Proceedings of the IEEE Workshop Mobile Security Technology (MoST)}, + year = 2015, + address = {San Jose}, + month = {May}, + comment = {Best Paper Award}} + diff --git a/aixcc/publications/2015_MoST_MobileWebApps.pdf b/aixcc/publications/2015_MoST_MobileWebApps.pdf new file mode 100644 index 0000000..c988746 Binary files /dev/null and b/aixcc/publications/2015_MoST_MobileWebApps.pdf differ diff --git a/aixcc/publications/2015_NDSS_Edgeminer.bib b/aixcc/publications/2015_NDSS_Edgeminer.bib new file mode 100644 index 0000000..aa25901 --- /dev/null +++ b/aixcc/publications/2015_NDSS_Edgeminer.bib @@ -0,0 +1,8 @@ +@inproceedings{cao2015:edgeminer, + title={{EdgeMiner: Automatically Detecting Implicit Control Flow Transitions through the Android Framework}}, + author={Cao, Yinzhi and Fratantonio, Yanick and Bianchi, Antonio and Egele, Manuel and Christopher Kruegel and Giovanni Vigna and Chen, Yan}, + booktitle={Proceedings of the Network and Distributed System Security Symposium (NDSS)}, + month={February}, + address={San Diego, CA}, + year={2015} +} \ No newline at end of file diff --git a/aixcc/publications/2015_NDSS_Edgeminer.pdf b/aixcc/publications/2015_NDSS_Edgeminer.pdf new file mode 100644 index 0000000..8302862 Binary files /dev/null and b/aixcc/publications/2015_NDSS_Edgeminer.pdf differ diff --git a/aixcc/publications/2015_NDSS_Firmalice.bib b/aixcc/publications/2015_NDSS_Firmalice.bib new file mode 100644 index 0000000..9913f17 --- /dev/null +++ b/aixcc/publications/2015_NDSS_Firmalice.bib @@ -0,0 +1,8 @@ +@inproceedings{shoshitaishvili2015:firmalice, + title={{Firmalice - Automatic Detection of Authentication Bypass Vulnerabilities in Binary Firmware}}, + author={Yan Shoshitaishvili and Ruoyu Wang and Christophe Hauser and Christopher Kruegel and Giovanni Vigna}, + booktitle={Proceedings of the Network and Distributed System Security Symposium (NDSS)}, + month={February}, + address={San Diego, CA}, + year={2015} +} \ No newline at end of file diff --git a/aixcc/publications/2015_NDSS_Firmalice.pdf b/aixcc/publications/2015_NDSS_Firmalice.pdf new file mode 100644 index 0000000..521c658 Binary files /dev/null and b/aixcc/publications/2015_NDSS_Firmalice.pdf differ diff --git a/aixcc/publications/2015_PETS_Creepic.bib b/aixcc/publications/2015_PETS_Creepic.bib new file mode 100644 index 0000000..ddf4c91 --- /dev/null +++ b/aixcc/publications/2015_PETS_Creepic.bib @@ -0,0 +1,8 @@ +@InProceedings{shoshitaishvili15:creepic, + author = {Yan Shoshitaishvili and Christopher Kruegel and Giovanni Vigna}, + title = {{Portrait of a Privacy Invasion: Detecting Relationships Through Large-scale Photo Analysis}}, + booktitle = {Proceedings on Privacy Enhancing Technologies Symposium (PETS)}, + address = {Philadelphia, PA}, + month = {June}, + year = 2015} + diff --git a/aixcc/publications/2015_PETS_Creepic.pdf b/aixcc/publications/2015_PETS_Creepic.pdf new file mode 100644 index 0000000..d94466a Binary files /dev/null and b/aixcc/publications/2015_PETS_Creepic.pdf differ diff --git a/aixcc/publications/2015_SPSM_NJAS.bib b/aixcc/publications/2015_SPSM_NJAS.bib new file mode 100644 index 0000000..c2e9cdd --- /dev/null +++ b/aixcc/publications/2015_SPSM_NJAS.bib @@ -0,0 +1,8 @@ +@InProceedings{bianchi15:sandbox, + author = {Antonio Bianchi and Yanick Fratantonio and Christopher Kruegel and Giovanni Vigna}, + title = {{NJAS: Sandboxing Unmodified Applications in non-rooted Devices Running Stock Android}}, + booktitle = {Proceedings of the ACM Workshop on Security and Privacy in Smartphones and Mobile Devices (SPSM)}, + month = {October}, + year = {2015}, + address = {Denver, CO} +} \ No newline at end of file diff --git a/aixcc/publications/2015_SPSM_NJAS.pdf b/aixcc/publications/2015_SPSM_NJAS.pdf new file mode 100644 index 0000000..f7def84 Binary files /dev/null and b/aixcc/publications/2015_SPSM_NJAS.pdf differ diff --git a/aixcc/publications/2015_SP_UIDeception.bib b/aixcc/publications/2015_SP_UIDeception.bib new file mode 100644 index 0000000..574797c --- /dev/null +++ b/aixcc/publications/2015_SP_UIDeception.bib @@ -0,0 +1,8 @@ +@INPROCEEDINGS{bianchi15:deception, + title = {{What the App is That? Deception and Countermeasures in the Android User Interface}}, + author = {Bianchi, Antonio and Corbetta, Jacopo and Luca Invernizzi and Fratantonio, Yanick and Christopher Kruegel and Giovanni Vigna}, + booktitle = {Proceedings of the IEEE Symposium on Security and Privacy}, + address = {San Jose, CA}, + month={May}, + year = {2015} +} \ No newline at end of file diff --git a/aixcc/publications/2015_SP_UIDeception.pdf b/aixcc/publications/2015_SP_UIDeception.pdf new file mode 100644 index 0000000..68b7ec3 Binary files /dev/null and b/aixcc/publications/2015_SP_UIDeception.pdf differ diff --git a/aixcc/publications/2015_USENIX_ELF.bib b/aixcc/publications/2015_USENIX_ELF.bib new file mode 100644 index 0000000..e8bc53b --- /dev/null +++ b/aixcc/publications/2015_USENIX_ELF.bib @@ -0,0 +1,8 @@ +@inproceedings {difederico15:elf, +author = {Alessandro Di Federico and Amat Cama and Yan Shoshitaishvili and Christopher Kruegel and Giovanni Vigna}, +title = {{How the ELF Ruined Christmas}}, +booktitle = {Proceedings of the USENIX Security Symposium}, +year = {2015}, +month = Aug, +address = {Washington, D.C.} +} diff --git a/aixcc/publications/2015_USENIX_ELF.pdf b/aixcc/publications/2015_USENIX_ELF.pdf new file mode 100644 index 0000000..cc9352a Binary files /dev/null and b/aixcc/publications/2015_USENIX_ELF.pdf differ diff --git a/aixcc/publications/2015_USENIX_EvilCohort.bib b/aixcc/publications/2015_USENIX_EvilCohort.bib new file mode 100644 index 0000000..4b7fc3d --- /dev/null +++ b/aixcc/publications/2015_USENIX_EvilCohort.bib @@ -0,0 +1,8 @@ +@inproceedings{stringhini15:evilcohort, + title={{EvilCohort: Detecting Communities Of Malicious Accounts On Online Services}}, + author={Gianluca Stringhini and Pierre Mourlanne and Gregoire Jacob and Manuel Egele and Christopher Kruegel and Giovanni Vigna}, + booktitle={Proceedings of the USENIX Security Symposium}, + address={Washington, DC}, + month={August}, + year={2015} +} \ No newline at end of file diff --git a/aixcc/publications/2015_USENIX_EvilCohort.pdf b/aixcc/publications/2015_USENIX_EvilCohort.pdf new file mode 100644 index 0000000..6be86fa Binary files /dev/null and b/aixcc/publications/2015_USENIX_EvilCohort.pdf differ diff --git a/aixcc/publications/2015_USENIX_Meerkat.bib b/aixcc/publications/2015_USENIX_Meerkat.bib new file mode 100644 index 0000000..a1c089f --- /dev/null +++ b/aixcc/publications/2015_USENIX_Meerkat.bib @@ -0,0 +1,8 @@ +@inproceedings{borgolte15:meerkat, + title = {{Meerkat: Detecting Website Defacements through Image-based Object Recognition}}, + author = {Borgolte, Kevin and Christopher Kruegel and Giovanni Vigna}, + booktitle = {Proceedings of the USENIX Security Symposium}, + address = {Washington, D.C.}, + month = Aug, + year = {2015} +} \ No newline at end of file diff --git a/aixcc/publications/2015_USENIX_Meerkat.pdf b/aixcc/publications/2015_USENIX_Meerkat.pdf new file mode 100644 index 0000000..e759152 Binary files /dev/null and b/aixcc/publications/2015_USENIX_Meerkat.pdf differ diff --git a/aixcc/publications/2015_USENIX_ZigZag.bib b/aixcc/publications/2015_USENIX_ZigZag.bib new file mode 100644 index 0000000..5045ca1 --- /dev/null +++ b/aixcc/publications/2015_USENIX_ZigZag.bib @@ -0,0 +1,8 @@ +@inproceedings {weissbacher15:zigzag, +author = {Michael Weissbacher and William Robertson and Engin Kirda and Christopher Kruegel and Giovanni Vigna}, +title = {ZigZag: Automatically Hardening Web Applications Against Client-side Validation Vulnerabilities}, +booktitle = {Proceedings of the USENIX Security Symposium}, +year = {2015}, +month = Aug, +address = {Washington, D.C.} +} \ No newline at end of file diff --git a/aixcc/publications/2015_USENIX_ZigZag.pdf b/aixcc/publications/2015_USENIX_ZigZag.pdf new file mode 100644 index 0000000..33fa988 Binary files /dev/null and b/aixcc/publications/2015_USENIX_ZigZag.pdf differ diff --git a/aixcc/publications/2015_WEIS_UndergroundEconomy.bib b/aixcc/publications/2015_WEIS_UndergroundEconomy.bib new file mode 100644 index 0000000..46e9a92 --- /dev/null +++ b/aixcc/publications/2015_WEIS_UndergroundEconomy.bib @@ -0,0 +1,8 @@ +@inproceedings{thomas15:underground, + title={{Framing Dependencies Introduced by Underground Commoditization}}, + author={Kurt Thomas and Danny Yuxing Huang and David Wang and Elie Bursztein and Chris Grier and Thomas J Holt and Christopher Kruegel and Damon McCoy and Stefan Savage and Giovanni Vigna}, + address={The Netherlands}, + booktitle = {Proceedings of the Workshop on the Economics of Information Security (WEIS)}, + month={June}, + year={2015} +} \ No newline at end of file diff --git a/aixcc/publications/2015_WEIS_UndergroundEconomy.pdf b/aixcc/publications/2015_WEIS_UndergroundEconomy.pdf new file mode 100644 index 0000000..6b2e087 Binary files /dev/null and b/aixcc/publications/2015_WEIS_UndergroundEconomy.pdf differ diff --git a/aixcc/publications/2016_CCS_drammer.bib b/aixcc/publications/2016_CCS_drammer.bib new file mode 100644 index 0000000..99ab011 --- /dev/null +++ b/aixcc/publications/2016_CCS_drammer.bib @@ -0,0 +1,10 @@ +@inproceedings{vanderVeen:2016, + author = {van der Veen, Victor and Fratantonio, Yanick and Lindorfer, Martina and Gruss, Daniel and Maurice, Clementine and Giovanni Vigna and Bos, Herbert and Razavi, Kaveh and Giuffrida, Cristiano}, + title = {{Drammer: Deterministic Rowhammer Attacks on Mobile Platforms}}, + booktitle = {Proceedings of the ACM Conference on Computer and Communications Security (CCS)}, + year = {2016}, + month = {October}, + address = {Vienna, Austria}, + pages = {1675--1689}, + numpages = {15}, +} diff --git a/aixcc/publications/2016_CCS_drammer.pdf b/aixcc/publications/2016_CCS_drammer.pdf new file mode 100644 index 0000000..2231863 Binary files /dev/null and b/aixcc/publications/2016_CCS_drammer.pdf differ diff --git a/aixcc/publications/2016_NDSS_Driller.bib b/aixcc/publications/2016_NDSS_Driller.bib new file mode 100644 index 0000000..184ad4a --- /dev/null +++ b/aixcc/publications/2016_NDSS_Driller.bib @@ -0,0 +1,8 @@ +@inproceedings{stephens2016:driller, + title={{Driller: Augmenting Fuzzing Through Selective Symbolic Execution}}, + author={Nick Stephens and John Grosen and Christopher Salls and Audrey Dutcher and Ruoyu Wang and Jacopo Corbetta and Yan Shoshitaishvili and Christopher Kruegel and Giovanni Vigna}, + booktitle={Proceedings of the Network and Distributed System Security Symposium (NDSS)}, + month={February}, + address={San Diego, CA}, + year={2016} +} \ No newline at end of file diff --git a/aixcc/publications/2016_NDSS_Driller.pdf b/aixcc/publications/2016_NDSS_Driller.pdf new file mode 100644 index 0000000..119bf87 Binary files /dev/null and b/aixcc/publications/2016_NDSS_Driller.pdf differ diff --git a/aixcc/publications/2016_NDSS_NativeCode.bib b/aixcc/publications/2016_NDSS_NativeCode.bib new file mode 100644 index 0000000..8b9a227 --- /dev/null +++ b/aixcc/publications/2016_NDSS_NativeCode.bib @@ -0,0 +1,8 @@ +@inproceedings{afonso2016:native, + title={{Going Native: Using a Large-Scale Analysis of Android Apps to Create a Practical Native-Code Sandboxing Policy}}, + author={Vitor Afonso and Antonio Bianchi and Yanick Fratantonio and Adam Doupe and Mario Polino and Paulo de Geus and Christopher Kruegel and Giovanni Vigna}, + booktitle={Proceedings of the Network and Distributed System Security Symposium (NDSS)}, + month={February}, + address={San Diego, CA}, + year={2016} +} \ No newline at end of file diff --git a/aixcc/publications/2016_NDSS_NativeCode.pdf b/aixcc/publications/2016_NDSS_NativeCode.pdf new file mode 100644 index 0000000..0c69f95 Binary files /dev/null and b/aixcc/publications/2016_NDSS_NativeCode.pdf differ diff --git a/aixcc/publications/2016_RAID_Transactional.bib b/aixcc/publications/2016_RAID_Transactional.bib new file mode 100644 index 0000000..12e7989 --- /dev/null +++ b/aixcc/publications/2016_RAID_Transactional.bib @@ -0,0 +1,8 @@ +@INPROCEEDINGS{muench16:transactional, + title = {{Taming Transactions: Towards Hardware-Assisted Control Flow Integrity Using Transactional Memory}}, + author = {Marius Muench and Fabio Pagani and Yan Shoshitaishvili and Christopher Kruegel and Giovanni Vigna and Davide Balzarotti}, + booktitle = {Proceedings of the International Symposium on Research in Attacks, Intrusions and Defense (RAID)}, + address = {Evry, France}, + month = {September}, + year = {2016} +} diff --git a/aixcc/publications/2016_RAID_Transactional.pdf b/aixcc/publications/2016_RAID_Transactional.pdf new file mode 100644 index 0000000..bc66edd Binary files /dev/null and b/aixcc/publications/2016_RAID_Transactional.pdf differ diff --git a/aixcc/publications/2016_SP_Triggerscope.bib b/aixcc/publications/2016_SP_Triggerscope.bib new file mode 100644 index 0000000..e7085ad --- /dev/null +++ b/aixcc/publications/2016_SP_Triggerscope.bib @@ -0,0 +1,9 @@ +@INPROCEEDINGS{fratantonio16:triggerscope, + title = {{TriggerScope: Towards Detecting Logic Bombs in Android Apps}}, + author = {Yanick Fratantonio and Antonio Bianchi and William Robertson and Engin Kirda and Christopher Kruegel and Giovanni Vigna}, + booktitle = {Proceedings of the IEEE Symposium on Security and Privacy}, + address = {San Jose, CA}, + month={May}, + year = {2016} +} + diff --git a/aixcc/publications/2016_SP_Triggerscope.pdf b/aixcc/publications/2016_SP_Triggerscope.pdf new file mode 100644 index 0000000..90786b3 Binary files /dev/null and b/aixcc/publications/2016_SP_Triggerscope.pdf differ diff --git a/aixcc/publications/2016_SP_angrSoK.bib b/aixcc/publications/2016_SP_angrSoK.bib new file mode 100644 index 0000000..40ea212 --- /dev/null +++ b/aixcc/publications/2016_SP_angrSoK.bib @@ -0,0 +1,9 @@ +@INPROCEEDINGS{shoshitaishvili16:angr, + title = {{(State of) The Art of War: Offensive Techniques in Binary Analysis}}, + author = {Yan Shoshitaishvili and Ruoyu Wang and Christopher Salls and Nick Stephens and Mario Polino and Audrey Dutcher and John Grosen and Siji Feng and Christophe Hauser and Christopher Kruegel and Giovanni Vigna}, + booktitle = {Proceedings of the IEEE Symposium on Security and Privacy}, + address = {San Jose, CA}, + month={May}, + year = {2016} +} + diff --git a/aixcc/publications/2016_SP_angrSoK.pdf b/aixcc/publications/2016_SP_angrSoK.pdf new file mode 100644 index 0000000..e778d11 Binary files /dev/null and b/aixcc/publications/2016_SP_angrSoK.pdf differ diff --git a/aixcc/publications/2017_ACSAC_AuthPublic.bib b/aixcc/publications/2017_ACSAC_AuthPublic.bib new file mode 100644 index 0000000..a674862 --- /dev/null +++ b/aixcc/publications/2017_ACSAC_AuthPublic.bib @@ -0,0 +1,8 @@ +@inproceedings{bianchi17:authpubid, +title={{Exploitation and Mitigation of Authentication Schemes Based on Device-Public Information}}, +author={Antonio Bianchi and Eric Gustafson and Yanick Fratantonio and Christopher Kruegel and Giovanni Vigna}, +booktitle={Proceedings of the Annual Computer Security Application Conference (ACSAC)}, +address={Orlando, FL}, +month={December}, +year={2017} +} \ No newline at end of file diff --git a/aixcc/publications/2017_ACSAC_AuthPublic.pdf b/aixcc/publications/2017_ACSAC_AuthPublic.pdf new file mode 100644 index 0000000..2ece7f0 Binary files /dev/null and b/aixcc/publications/2017_ACSAC_AuthPublic.pdf differ diff --git a/aixcc/publications/2017_ACSAC_Piston.bib b/aixcc/publications/2017_ACSAC_Piston.bib new file mode 100644 index 0000000..0dab382 --- /dev/null +++ b/aixcc/publications/2017_ACSAC_Piston.bib @@ -0,0 +1,8 @@ +@inproceedings{salls2017piston, + title={{Piston: Uncooperative Remote Runtime Patching}}, + author={Salls, Christopher and Shoshitaishvili, Yan and Stephens, Nick and Christopher Kruegel and Giovanni Vigna}, + booktitle={Proceedings of the Annual Computer Security Applications Conference (ACSAC)}, + address={Orlando, FL}, + month={December}, + year={2017} +} diff --git a/aixcc/publications/2017_ACSAC_Piston.pdf b/aixcc/publications/2017_ACSAC_Piston.pdf new file mode 100644 index 0000000..75a043c Binary files /dev/null and b/aixcc/publications/2017_ACSAC_Piston.pdf differ diff --git a/aixcc/publications/2017_ASE_SWPAG.bib b/aixcc/publications/2017_ASE_SWPAG.bib new file mode 100644 index 0000000..4ad7092 --- /dev/null +++ b/aixcc/publications/2017_ASE_SWPAG.bib @@ -0,0 +1,7 @@ +@inproceedings{trickel17:shell-we-play-a-game, + author = {Erik Trickel and Francesco Disperati and Eric Gustafson and Faezeh Kalantari and Mike Mabey and Naveen Tiwari and Yeganeh Safaei and Adam Doupe and Giovanni Vigna}, + title = {{Shell We Play A Game? CTF-as-a-service for Security Education}}, + booktitle = {Proceedings of the USENIX Workshop on Advances in Security Education (ASE)}, + address = {Vancouver, BC}, + month = {August}, + year = 2017} \ No newline at end of file diff --git a/aixcc/publications/2017_ASE_SWPAG.pdf b/aixcc/publications/2017_ASE_SWPAG.pdf new file mode 100644 index 0000000..36d4402 Binary files /dev/null and b/aixcc/publications/2017_ASE_SWPAG.pdf differ diff --git a/aixcc/publications/2017_AsiaCCS_gossip.bib b/aixcc/publications/2017_AsiaCCS_gossip.bib new file mode 100644 index 0000000..eb574fb --- /dev/null +++ b/aixcc/publications/2017_AsiaCCS_gossip.bib @@ -0,0 +1,8 @@ +@INPROCEEDINGS{huang17:gossip, + title = {{Gossip: Automatically Identifying Malicious Domains from Mailing List Discussions}}, + author = {Cheng Huang and Shuang Hao and Luca Invernizzi and Jiayong Liu and Yong Fang and Christopher Kruegel and Giovanni Vigna}, + booktitle = {Proceedings of the ACM Asia Conference on Computer and Communications Security (AsiaCCS)}, + address = {Abu Dhabi, UAE}, + month={April}, + year = {2017} +} diff --git a/aixcc/publications/2017_AsiaCCS_gossip.pdf b/aixcc/publications/2017_AsiaCCS_gossip.pdf new file mode 100644 index 0000000..2faf299 Binary files /dev/null and b/aixcc/publications/2017_AsiaCCS_gossip.pdf differ diff --git a/aixcc/publications/2017_CCS_Difuze.bib b/aixcc/publications/2017_CCS_Difuze.bib new file mode 100644 index 0000000..0d71abd --- /dev/null +++ b/aixcc/publications/2017_CCS_Difuze.bib @@ -0,0 +1,8 @@ +@inproceedings{corina17:difuze, + title={{DIFUZE: Interface Aware Fuzzing for Kernel Drivers}}, + author={Jake Corina and Aravind Machiry and Christopher Salls and Yan Shoshitaishvili and Shuang Hao and Christopher Kruegel and Giovanni Vigna}, + booktitle={Proceedings of the ACM Conference on Computer and Communications Security (CCS)}, + address={Dallas, TX}, + month={October}, + year=2017 +} \ No newline at end of file diff --git a/aixcc/publications/2017_CCS_Difuze.pdf b/aixcc/publications/2017_CCS_Difuze.pdf new file mode 100644 index 0000000..1f50105 Binary files /dev/null and b/aixcc/publications/2017_CCS_Difuze.pdf differ diff --git a/aixcc/publications/2017_CCS_HaCRS.bib b/aixcc/publications/2017_CCS_HaCRS.bib new file mode 100644 index 0000000..ae2033b --- /dev/null +++ b/aixcc/publications/2017_CCS_HaCRS.bib @@ -0,0 +1,8 @@ +@inproceedings{shoshitaishvili17:hacrs, + title={{Rise of the HaCRS: Augmenting Autonomous Cyber Reasoning Systems with Human Assistance}}, + author={Yan Shoshitaishvili and Michael Weissbacher and Lukas Dresel and Christopher Salls and Ruoyu Wang and Christopher Kruegel and Giovanni Vigna}, + booktitle={Proceedings of the ACM Conference on Computer and Communications Security (CCS)}, + address={Dallas, TX}, + month={October}, + year=2017 +} \ No newline at end of file diff --git a/aixcc/publications/2017_CCS_HaCRS.pdf b/aixcc/publications/2017_CCS_HaCRS.pdf new file mode 100644 index 0000000..b8509ce Binary files /dev/null and b/aixcc/publications/2017_CCS_HaCRS.pdf differ diff --git a/aixcc/publications/2017_CCS_HaCRS_PDFA.pdf b/aixcc/publications/2017_CCS_HaCRS_PDFA.pdf new file mode 100644 index 0000000..dad0df1 Binary files /dev/null and b/aixcc/publications/2017_CCS_HaCRS_PDFA.pdf differ diff --git a/aixcc/publications/2017_CCS_POISED.bib b/aixcc/publications/2017_CCS_POISED.bib new file mode 100644 index 0000000..77d8e3a --- /dev/null +++ b/aixcc/publications/2017_CCS_POISED.bib @@ -0,0 +1,8 @@ +@inproceedings{nilizadeh17:poised, + title={{POISED: Spotting Twitter Spam Off the Beaten Paths}}, + author={Shirin Nilizadeh and Francois Labreche and Alireza Sadighian and Ali Zand and Jose Fernandez and Christopher Kruegel and Gianluca Stringhini and Giovanni Vigna}, + booktitle={Proceedings of the ACM Conference on Computer and Communications Security (CCS)}, + address={Dallas, TX}, + month={October}, + year=2017 +} \ No newline at end of file diff --git a/aixcc/publications/2017_CCS_POISED.pdf b/aixcc/publications/2017_CCS_POISED.pdf new file mode 100644 index 0000000..d88b766 Binary files /dev/null and b/aixcc/publications/2017_CCS_POISED.pdf differ diff --git a/aixcc/publications/2017_CSF_CTFTheory.bib b/aixcc/publications/2017_CSF_CTFTheory.bib new file mode 100644 index 0000000..59bb82d --- /dev/null +++ b/aixcc/publications/2017_CSF_CTFTheory.bib @@ -0,0 +1,8 @@ +@inproceedings{bao17:ctftheory, + title={{How Shall We Play a Game: A Game-Theoretical Model for Cyber-warfare Games}}, + author={Tiffany Bao and Yan Shoshitaishvili and Ruoyu Wang and Christopher Kruegel and Giovanni Vigna and David Brumley}, + booktitle={Proceedings of the IEEE Computer Security Foundations Symposium (CSF)}, + address={Santa Barbara, CA}, + month={August}, + year=2017 +} diff --git a/aixcc/publications/2017_CSF_CTFTheory.pdf b/aixcc/publications/2017_CSF_CTFTheory.pdf new file mode 100644 index 0000000..537bee0 Binary files /dev/null and b/aixcc/publications/2017_CSF_CTFTheory.pdf differ diff --git a/aixcc/publications/2017_NDSS_Agrigento.bib b/aixcc/publications/2017_NDSS_Agrigento.bib new file mode 100644 index 0000000..6f93334 --- /dev/null +++ b/aixcc/publications/2017_NDSS_Agrigento.bib @@ -0,0 +1,8 @@ +@InProceedings{continella17:agrigento, + author = {Andrea Continella and Yanick Fratantonio and Martina Lindorfer and Alessandro Puccetti and Ali Zand and Christopher Kruegel and Giovanni Vigna}, + title = {{Obfuscation-Resilient Privacy Leak Detection for Mobile Apps Through Differential Analysis}}, + booktitle = {Proceedings of the Network and Distributed System Security Symposium (NDSS)}, + month = {February}, + year = {2017}, + address = {San Diego, CA} +} \ No newline at end of file diff --git a/aixcc/publications/2017_NDSS_Agrigento.pdf b/aixcc/publications/2017_NDSS_Agrigento.pdf new file mode 100644 index 0000000..edada58 Binary files /dev/null and b/aixcc/publications/2017_NDSS_Agrigento.pdf differ diff --git a/aixcc/publications/2017_NDSS_Boomerang.bib b/aixcc/publications/2017_NDSS_Boomerang.bib new file mode 100644 index 0000000..3edd429 --- /dev/null +++ b/aixcc/publications/2017_NDSS_Boomerang.bib @@ -0,0 +1,8 @@ +@inproceedings{machiry2017boomerang, + title={{BOOMERANG: Exploiting the Semantic Gap in Trusted Execution Environments}}, + author={Machiry, Aravind and Gustafson, Eric and Spensky, Chad and Salls, Christopher and Stephens, Nick and Wang, Ruoyu and Bianchi, Antonio and Choe, Yung Ryn and Christopher Kruegel and Giovanni Vigna}, + booktitle={Proceedings of the Network and Distributed System Security Symposium (NDSS)}, + month = {February}, + address = {San Diego, CA}, + year={2017} +} \ No newline at end of file diff --git a/aixcc/publications/2017_NDSS_Boomerang.pdf b/aixcc/publications/2017_NDSS_Boomerang.pdf new file mode 100644 index 0000000..b3ec1f5 Binary files /dev/null and b/aixcc/publications/2017_NDSS_Boomerang.pdf differ diff --git a/aixcc/publications/2017_NDSS_Ramblr.bib b/aixcc/publications/2017_NDSS_Ramblr.bib new file mode 100644 index 0000000..53791f5 --- /dev/null +++ b/aixcc/publications/2017_NDSS_Ramblr.bib @@ -0,0 +1,8 @@ +@inproceedings{wang2017ramblr, + title={{Ramblr: Making Reassembly Great Again}}, + author={Wang, Ruoyu and Shoshitaishvili, Yan and Bianchi, Antonio and Machiry, Aravind and Grosen, John and Grosen, Paul and Christopher Kruegel and Giovanni Vigna}, + booktitle={Proceedings of the Network and Distributed System Security Symposium (NDSS)}, + month = {February}, + address = {San Diego, CA}, + year={2017} +} \ No newline at end of file diff --git a/aixcc/publications/2017_NDSS_Ramblr.pdf b/aixcc/publications/2017_NDSS_Ramblr.pdf new file mode 100644 index 0000000..446c6c9 Binary files /dev/null and b/aixcc/publications/2017_NDSS_Ramblr.pdf differ diff --git a/aixcc/publications/2017_PAM_CollectingIPv6.bib b/aixcc/publications/2017_PAM_CollectingIPv6.bib new file mode 100644 index 0000000..8305b05 --- /dev/null +++ b/aixcc/publications/2017_PAM_CollectingIPv6.bib @@ -0,0 +1,11 @@ +@INPROCEEDINGS{fiebig2017nxd, + title = {{Something From Nothing (There): Collecting Global IPv6 Datasets From DNS}}, + author = {Fiebig, Tobias and Borgolte, Kevin and Hao, Shuang and Christopher Kruegel and Giovanni Vigna}, + booktitle = {Proceedings of the Passive Active Measurement Conference (PAM)}, + edition = {12}, + publisher = {Springer}, + series = {PAM}, + month = {March}, + address = {Sydney, Australia}, + year = {2017} + } \ No newline at end of file diff --git a/aixcc/publications/2017_PAM_CollectingIPv6.pdf b/aixcc/publications/2017_PAM_CollectingIPv6.pdf new file mode 100644 index 0000000..ca7abf0 Binary files /dev/null and b/aixcc/publications/2017_PAM_CollectingIPv6.pdf differ diff --git a/aixcc/publications/2017_PETS_Ultrasound.bib b/aixcc/publications/2017_PETS_Ultrasound.bib new file mode 100644 index 0000000..77a9dd8 --- /dev/null +++ b/aixcc/publications/2017_PETS_Ultrasound.bib @@ -0,0 +1,8 @@ +@INPROCEEDINGS{mavroudis17:ultrasound, + title = {{On the Privacy and Security of the Ultrasound Ecosystem}}, + author = {Vasilios Mavroudis and Shuang Hao and Yanick Fratantonio and Federico Maggi and Christopher Kruegel and Giovanni Vigna}, + booktitle = {Proceedings of the Privacy Enhancing Technologies Symposium (PETS)}, + address = {Minneapolis, MN}, + month={July}, + year = {2016} +} diff --git a/aixcc/publications/2017_PETS_Ultrasound.pdf b/aixcc/publications/2017_PETS_Ultrasound.pdf new file mode 100644 index 0000000..9514553 Binary files /dev/null and b/aixcc/publications/2017_PETS_Ultrasound.pdf differ diff --git a/aixcc/publications/2017_Phrack_CyberGrandShellphish.bib b/aixcc/publications/2017_Phrack_CyberGrandShellphish.bib new file mode 100644 index 0000000..f8a7ec2 --- /dev/null +++ b/aixcc/publications/2017_Phrack_CyberGrandShellphish.bib @@ -0,0 +1,8 @@ +@inproceedings{shellphish:mechaphish17, + author = {Shellphish Group}, + title = {{Cyber Grand Shellphish}}, + booktitle = {Phrack Magazine}, + address = {Online Publication}, + month = {January}, + year = {2017} +} diff --git a/aixcc/publications/2017_Phrack_CyberGrandShellphish.pdf b/aixcc/publications/2017_Phrack_CyberGrandShellphish.pdf new file mode 100644 index 0000000..3d246c3 Binary files /dev/null and b/aixcc/publications/2017_Phrack_CyberGrandShellphish.pdf differ diff --git a/aixcc/publications/2017_TDSC_CompromisedAccounts.bib b/aixcc/publications/2017_TDSC_CompromisedAccounts.bib new file mode 100644 index 0000000..f3f9e2c --- /dev/null +++ b/aixcc/publications/2017_TDSC_CompromisedAccounts.bib @@ -0,0 +1,10 @@ +@Article{egele17:compa, + author = {Manuel Egele and Gianluca Stringhini and Christopher Kruegel and Giovanni Vigna}, + title = {{Towards Detecting Compromised Accounts on Social Networks}}, + journal = {IEEE Transactions on Dependable and Secure Computing}, + volume = 14, + number = 4, + month = {July/August}, + year = 2017 +} + diff --git a/aixcc/publications/2017_TDSC_CompromisedAccounts.pdf b/aixcc/publications/2017_TDSC_CompromisedAccounts.pdf new file mode 100644 index 0000000..3698173 Binary files /dev/null and b/aixcc/publications/2017_TDSC_CompromisedAccounts.pdf differ diff --git a/aixcc/publications/2017_USENIXSecurity_Bootstomp.bib b/aixcc/publications/2017_USENIXSecurity_Bootstomp.bib new file mode 100644 index 0000000..3fdd9c9 --- /dev/null +++ b/aixcc/publications/2017_USENIXSecurity_Bootstomp.bib @@ -0,0 +1,8 @@ +@inproceedings {redini17:bootstomp, +author = {Nilo Redini and Aravind Machiry and Dipanjan Das and Yanick Fratantonio and Antonio Bianchi and Eric Gustafson and Yan Shoshitaishvili and Christopher Kruegel and Giovanni Vigna}, +title = {{BootStomp: On the Security of Bootloaders in Mobile Devices}}, +booktitle = {Proceedings of the USENIX Security Symposium}, +year = {2017}, +month = {August}, +address = {Vancouver, BC}, +} \ No newline at end of file diff --git a/aixcc/publications/2017_USENIXSecurity_Bootstomp.pdf b/aixcc/publications/2017_USENIXSecurity_Bootstomp.pdf new file mode 100644 index 0000000..6d41523 Binary files /dev/null and b/aixcc/publications/2017_USENIXSecurity_Bootstomp.pdf differ diff --git a/aixcc/publications/2017_USENIXSecurity_DrChecker.bib b/aixcc/publications/2017_USENIXSecurity_DrChecker.bib new file mode 100644 index 0000000..57749e2 --- /dev/null +++ b/aixcc/publications/2017_USENIXSecurity_DrChecker.bib @@ -0,0 +1,8 @@ +@inproceedings {machiry17:drchecker, +author = {Aravind Machiry and Chad Spensky and Jake Corina and Nick Stephens and Christopher Kruegel and Giovanni Vigna}, +title = {{DR.CHECKER: A Soundy Analysis for Linux Kernel Drivers}}, +booktitle = {Proceedings of the USENIX Security Symposium}, +month = {August}, +year = {2017}, +address = {Vancouver, BC}, +} \ No newline at end of file diff --git a/aixcc/publications/2017_USENIXSecurity_DrChecker.pdf b/aixcc/publications/2017_USENIXSecurity_DrChecker.pdf new file mode 100644 index 0000000..bc28e8e Binary files /dev/null and b/aixcc/publications/2017_USENIXSecurity_DrChecker.pdf differ diff --git a/aixcc/publications/2018_ACSAC_LoopMC.bib b/aixcc/publications/2018_ACSAC_LoopMC.bib new file mode 100644 index 0000000..cb58c03 --- /dev/null +++ b/aixcc/publications/2018_ACSAC_LoopMC.bib @@ -0,0 +1,8 @@ +@inproceedings{machiry2018:loopmc, + title={{Using Loops For Malware Classification Resilient to Feature-unaware Perturbations}}, + author={Aravind Machiry and Nilo Redini and Eric Gustafson and Yanick Fratantonio and Yung Ryn Choe and Christopher Kruegel and Giovanni Vigna}, + booktitle={Proceedings of the Annual Computer Security Applications Conference (ACSAC)}, + year={2018}, + month = {December}, + address={San Juan, Puerto Rico} +} \ No newline at end of file diff --git a/aixcc/publications/2018_ACSAC_LoopMC.pdf b/aixcc/publications/2018_ACSAC_LoopMC.pdf new file mode 100644 index 0000000..6662973 Binary files /dev/null and b/aixcc/publications/2018_ACSAC_LoopMC.pdf differ diff --git a/aixcc/publications/2018_CCS_Minesweeper.bib b/aixcc/publications/2018_CCS_Minesweeper.bib new file mode 100644 index 0000000..16b1991 --- /dev/null +++ b/aixcc/publications/2018_CCS_Minesweeper.bib @@ -0,0 +1,8 @@ +@inproceedings{krishnan18_minesweeper, + title = {{MineSweeper: An In-depth Look into Drive-by Cryptocurrency Mining and Its Defense}}, + author = {Radhesh Krishnan Konoth and Emanuele Vineti and Veelasha Moonsamy and Martina Lindorfer and Christopher Kruegel and Herbert Bos and Giovanni Vigna}, + booktitle = {Proceedings of the ACM Conference on Computer and Communications Security (CCS)}, + address = {Toronto, Canada}, + month = {October}, + year = {2018} +} \ No newline at end of file diff --git a/aixcc/publications/2018_CCS_Minesweeper.pdf b/aixcc/publications/2018_CCS_Minesweeper.pdf new file mode 100644 index 0000000..e14ed3f Binary files /dev/null and b/aixcc/publications/2018_CCS_Minesweeper.pdf differ diff --git a/aixcc/publications/2018_DIMVA_Guardion.bib b/aixcc/publications/2018_DIMVA_Guardion.bib new file mode 100644 index 0000000..85efa65 --- /dev/null +++ b/aixcc/publications/2018_DIMVA_Guardion.bib @@ -0,0 +1,8 @@ +@inproceedings{derveen18:guardion, + author = {Victor van der Veen and Martina Lindorfer and Yanick Fratantonio and Harikrishnan Padmanabha Pillai and Giovanni Vigna and Christopher Kruegel and Herbert Bos and Kaveh Razavi}, + title = {{GuardION: Practical Mitigation of DMA-based Rowhammer Attacks on ARM}}, + booktitle = {Proceedings of the Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA)}, + month = {June}, + address = {Paris, France}, + year = {2018} +} \ No newline at end of file diff --git a/aixcc/publications/2018_DIMVA_Guardion.pdf b/aixcc/publications/2018_DIMVA_Guardion.pdf new file mode 100644 index 0000000..bc38338 Binary files /dev/null and b/aixcc/publications/2018_DIMVA_Guardion.pdf differ diff --git a/aixcc/publications/2018_DLSW_FakeGAN.bib b/aixcc/publications/2018_DLSW_FakeGAN.bib new file mode 100644 index 0000000..17ae7ca --- /dev/null +++ b/aixcc/publications/2018_DLSW_FakeGAN.bib @@ -0,0 +1,9 @@ +@inproceedings{aghakhani18:fakegan, + author = {Hojjat Aghakhani and Aravind Machiry and Shirin Nilizadeh and Christopher Kruegel and Giovanni Vigna}, + booktitle = {Proceedings of the Deep Learning and Security Workshop}, + month = {May}, + address = {San Francisco, CA}, + title = {{Detecting Deceptive Reviews using Generative Adversarial Networks}}, + year = {2018} +} + diff --git a/aixcc/publications/2018_DLSW_FakeGAN.pdf b/aixcc/publications/2018_DLSW_FakeGAN.pdf new file mode 100644 index 0000000..1479547 Binary files /dev/null and b/aixcc/publications/2018_DLSW_FakeGAN.pdf differ diff --git a/aixcc/publications/2018_ICWSM_PeerHate.bib b/aixcc/publications/2018_ICWSM_PeerHate.bib new file mode 100644 index 0000000..945f46a --- /dev/null +++ b/aixcc/publications/2018_ICWSM_PeerHate.bib @@ -0,0 +1,8 @@ +@inproceedings{elsherief18:peerhate, + author = {May ElSherif and Shirin Nilizadeh and Dana Nguyen and Giovanni Vigna and Elizabeth Belding}, + booktitle = {Proceedings of the International AAAI Conference on Web and Social Media (ICWSM)}, + month = {June}, + address = {Stanford, CA}, + title = {{Peer to Peer Hate: Hate Speech Instigators and Their Targets}}, + year = {2018} +} diff --git a/aixcc/publications/2018_ICWSM_PeerHate.pdf b/aixcc/publications/2018_ICWSM_PeerHate.pdf new file mode 100644 index 0000000..390ffc5 Binary files /dev/null and b/aixcc/publications/2018_ICWSM_PeerHate.pdf differ diff --git a/aixcc/publications/2018_NDSS_BrokenFingers.bib b/aixcc/publications/2018_NDSS_BrokenFingers.bib new file mode 100644 index 0000000..8018072 --- /dev/null +++ b/aixcc/publications/2018_NDSS_BrokenFingers.bib @@ -0,0 +1,8 @@ +@inproceedings{bianchi18:brokenfingers, + title={{Broken Fingers: On the Usage of the Fingerprint API in Android}}, + author={Antonio Bianchi and Yanick Fratantonio and Aravind Machiry and Christopher Kruegel and Giovanni Vigna and Pak Chung and Wenke Lee}, + booktitle={Proceedings of the Network and Distributed System Security Symposium (NDSS)}, + month = {February}, + address = {San Diego, CA}, + year={2018} +} \ No newline at end of file diff --git a/aixcc/publications/2018_NDSS_BrokenFingers.pdf b/aixcc/publications/2018_NDSS_BrokenFingers.pdf new file mode 100644 index 0000000..cc42497 Binary files /dev/null and b/aixcc/publications/2018_NDSS_BrokenFingers.pdf differ diff --git a/aixcc/publications/2018_NDSS_CloudStrife.bib b/aixcc/publications/2018_NDSS_CloudStrife.bib new file mode 100644 index 0000000..69d30dc --- /dev/null +++ b/aixcc/publications/2018_NDSS_CloudStrife.bib @@ -0,0 +1,8 @@ +@inproceedings{borgolte18:cloudstrife, + title={{Cloud Strife: Mitigating the Security Risks of Domain-Validated Certificates}}, + author={Kevin Borgolte and Tobias Fiebig and Shuang Hao and Christopher Kruegel and Giovanni Vigna}, + booktitle={Proceedings of the Network and Distributed System Security Symposium (NDSS)}, + month = {February}, + address = {San Diego, CA}, + year={2018} +} \ No newline at end of file diff --git a/aixcc/publications/2018_NDSS_CloudStrife.pdf b/aixcc/publications/2018_NDSS_CloudStrife.pdf new file mode 100644 index 0000000..e25cb84 Binary files /dev/null and b/aixcc/publications/2018_NDSS_CloudStrife.pdf differ diff --git a/aixcc/publications/2018_PAM_rDNS.bib b/aixcc/publications/2018_PAM_rDNS.bib new file mode 100644 index 0000000..08a2770 --- /dev/null +++ b/aixcc/publications/2018_PAM_rDNS.bib @@ -0,0 +1,8 @@ +@inproceedings{pam2018-rdns, + author = {Fiebig, Tobias and Borgolte, Kevin and Hao, Shuang and Christopher Kruegel and Giovanni Vigna and Feldmann, Anja}, + booktitle = {Proceedings of the Passive and Active Measurement Conference (PAM)}, + month = {March}, + address = {Berlin, Germany}, + title = {{In rDNS We Trust: Revisiting a Common Data-Source's Reliability}}, + year = {2018} +} \ No newline at end of file diff --git a/aixcc/publications/2018_PAM_rDNS.pdf b/aixcc/publications/2018_PAM_rDNS.pdf new file mode 100644 index 0000000..98477da Binary files /dev/null and b/aixcc/publications/2018_PAM_rDNS.pdf differ diff --git a/aixcc/publications/2018_SAC_MailHeaderInjection.bib b/aixcc/publications/2018_SAC_MailHeaderInjection.bib new file mode 100644 index 0000000..8cc1c53 --- /dev/null +++ b/aixcc/publications/2018_SAC_MailHeaderInjection.bib @@ -0,0 +1,8 @@ +@INPROCEEDINGS{chandramouli18:headers, + title = {{Measuring E-Mail Header Injections on the World Wide Web}}, + author = {Sai Prashanth Chandramouli and Pierre-Marie Bajan and Christopher Kruegel and Giovanni Vigna and Ziming Zhao and Adam Doupe and Gail-Joon Ahn}, + booktitle = {Proceedings of the ACM Symposium on Applied Computing (SAC)}, + address = {Pau, France}, + month={April}, + year = {2018} +} diff --git a/aixcc/publications/2018_SAC_MailHeaderInjection.pdf b/aixcc/publications/2018_SAC_MailHeaderInjection.pdf new file mode 100644 index 0000000..872c265 Binary files /dev/null and b/aixcc/publications/2018_SAC_MailHeaderInjection.pdf differ diff --git a/aixcc/publications/2018_SPMag_MechPhish.bib b/aixcc/publications/2018_SPMag_MechPhish.bib new file mode 100644 index 0000000..80ed8ed --- /dev/null +++ b/aixcc/publications/2018_SPMag_MechPhish.bib @@ -0,0 +1,9 @@ +@Article{shellphish18:mecphish, + author = {Yan Shoshitaishvili and Antonio Bianchi and Kevin Borgolte and Amat Cama and Jacopo Corbetta and Francesco Disperati and Audrey Dutcher and John Grosen and Paul Grosen and Aravind Machiry and Chris Salls and Nick Stephens and Ruoyu Wang and Giovanni Vigna}, + title = {{Mechanical Phish: Resilient Autonomous Hacking}}, + journal = {IEEE Security and Privacy Magazine}, + volume = {16}, + number = {2}, + month = {March}, + year = 2018 +} \ No newline at end of file diff --git a/aixcc/publications/2018_SPMag_MechPhish.pdf b/aixcc/publications/2018_SPMag_MechPhish.pdf new file mode 100644 index 0000000..1510a1d Binary files /dev/null and b/aixcc/publications/2018_SPMag_MechPhish.pdf differ diff --git a/aixcc/publications/2018_SPMag_MechPhish_PDFA.pdf b/aixcc/publications/2018_SPMag_MechPhish_PDFA.pdf new file mode 100644 index 0000000..6259d1a Binary files /dev/null and b/aixcc/publications/2018_SPMag_MechPhish_PDFA.pdf differ diff --git a/aixcc/publications/2018_SP_DNSSECIPv6.bib b/aixcc/publications/2018_SP_DNSSECIPv6.bib new file mode 100644 index 0000000..a05691d --- /dev/null +++ b/aixcc/publications/2018_SP_DNSSECIPv6.bib @@ -0,0 +1,8 @@ +@inproceedings{sp2018-dnssec-ipv6, + author = {Borgolte, Kevin and Hao, Shuang and Fiebig, Tobias and Giovanni Vigna}, + booktitle = {Proceedings of the IEEE Symposium on Security and Privacy}, + month = {May}, + address = {San Francisco, CA}, + title = {{Enumerating Active IPv6 Hosts for Large-scale Security Scans via DNSSEC-signed Reverse Zones}}, + year = {2018} +} diff --git a/aixcc/publications/2018_SP_DNSSECIPv6.pdf b/aixcc/publications/2018_SP_DNSSECIPv6.pdf new file mode 100644 index 0000000..3c1812d Binary files /dev/null and b/aixcc/publications/2018_SP_DNSSECIPv6.pdf differ diff --git a/aixcc/publications/2018_USENIXSecurity_HeapHopper.bib b/aixcc/publications/2018_USENIXSecurity_HeapHopper.bib new file mode 100644 index 0000000..387213a --- /dev/null +++ b/aixcc/publications/2018_USENIXSecurity_HeapHopper.bib @@ -0,0 +1,8 @@ +@inproceedings{eckert18_heaphopper, + title = {{HeapHopper: Bringing Bounded Model Checking to Heap Implementation Security}}, + author = {Eckert, Moritz and Bianchi, Antonio and Wang, Ruoyu and Shoshitaishvili, Yan and Kruegel, Christopher and Vigna, Giovanni}, + booktitle = {Proceedings of the USENIX Security Symposium}, + address = "Baltimore, MD", + month = {August}, + year = {2018} +} \ No newline at end of file diff --git a/aixcc/publications/2018_USENIXSecurity_HeapHopper.pdf b/aixcc/publications/2018_USENIXSecurity_HeapHopper.pdf new file mode 100644 index 0000000..22646d1 Binary files /dev/null and b/aixcc/publications/2018_USENIXSecurity_HeapHopper.pdf differ diff --git a/aixcc/publications/2018_USENIXSecurity_Rampart.bib b/aixcc/publications/2018_USENIXSecurity_Rampart.bib new file mode 100644 index 0000000..4dcbae8 --- /dev/null +++ b/aixcc/publications/2018_USENIXSecurity_Rampart.bib @@ -0,0 +1,8 @@ +@inproceedings{wei18_rampart, + title = {{Rampart: Protecting Web Applications from CPU-Exhaustion Denial-of-Service Attacks}}, + author = {Meng, Wei and Qian, Chenxiong and Hao, Shuang and Borgolte, Kevin and Vigna, Giovanni and Kruegel, Christopher and Lee, Wenke}, + booktitle = {Proceedings of the USENIX Security Symposium}, + address = {Baltimore, MD}, + month = {August}, + year = {2018} +} \ No newline at end of file diff --git a/aixcc/publications/2018_USENIXSecurity_Rampart.pdf b/aixcc/publications/2018_USENIXSecurity_Rampart.pdf new file mode 100644 index 0000000..b099467 Binary files /dev/null and b/aixcc/publications/2018_USENIXSecurity_Rampart.pdf differ diff --git a/aixcc/publications/2019_ACSAC_Neurlux.bib b/aixcc/publications/2019_ACSAC_Neurlux.bib new file mode 100644 index 0000000..0484f4f --- /dev/null +++ b/aixcc/publications/2019_ACSAC_Neurlux.bib @@ -0,0 +1,8 @@ +@inproceedings{jindal2019:neurlux, + title={{Neurlux: Dynamic Malware Analysis Without Feature Engineering}}, + author={Chani Jindal and Christopher Salls and Hojjat Aghakhani and Keith Long and Christopher Kruegel and Giovanni Vigna}, + booktitle={Proceedings of the Annual Computer Security Applications Conference (ACSAC)}, + year={2019}, + month = {December}, + address={San Juan, Puerto Rico} +} \ No newline at end of file diff --git a/aixcc/publications/2019_ACSAC_Neurlux.pdf b/aixcc/publications/2019_ACSAC_Neurlux.pdf new file mode 100644 index 0000000..7c56dee Binary files /dev/null and b/aixcc/publications/2019_ACSAC_Neurlux.pdf differ diff --git a/aixcc/publications/2019_ACSAC_Sleak.bib b/aixcc/publications/2019_ACSAC_Sleak.bib new file mode 100644 index 0000000..89d962e --- /dev/null +++ b/aixcc/publications/2019_ACSAC_Sleak.bib @@ -0,0 +1,8 @@ +@inproceedings{hauser2019:sleak, + title={{Sleak: Automating Address Space Layout Derandomization}}, + author={Christophe Hauser and Jayakrishna Menon and Yan Shoshitaishvili and Ruoyu Wang and Giovanni Vigna and Christopher Kruegel}, + booktitle={Proceedings of the Annual Computer Security Applications Conference (ACSAC)}, + year={2019}, + month = {December}, + address={San Juan, Puerto Rico} +} \ No newline at end of file diff --git a/aixcc/publications/2019_ACSAC_Sleak.pdf b/aixcc/publications/2019_ACSAC_Sleak.pdf new file mode 100644 index 0000000..e0eaf7f Binary files /dev/null and b/aixcc/publications/2019_ACSAC_Sleak.pdf differ diff --git a/aixcc/publications/2019_BAR_Dataset.bib b/aixcc/publications/2019_BAR_Dataset.bib new file mode 100644 index 0000000..5caa7f0 --- /dev/null +++ b/aixcc/publications/2019_BAR_Dataset.bib @@ -0,0 +1,8 @@ +@inproceedings{machiry19:dataset, +author = {Aravind Machiry and Nilo Redini and Eric Gustafson and Hojjat Aghakhani and Christopher Kruegel and Giovanni Vigna}, +title = {{Towards Automatically Generating a Sound and Complete Dataset for Evaluating Static Analysis Tools}}, +booktitle = {Proceedings of the Workshop on Binary Analysis Research (BAR)}, +address = {San Diego, USA}, +month = {February}, +year = 2019 +} \ No newline at end of file diff --git a/aixcc/publications/2019_BAR_Dataset.pdf b/aixcc/publications/2019_BAR_Dataset.pdf new file mode 100644 index 0000000..f2f9d12 Binary files /dev/null and b/aixcc/publications/2019_BAR_Dataset.pdf differ diff --git a/aixcc/publications/2019_CODASPY_Bootkeeper.bib b/aixcc/publications/2019_CODASPY_Bootkeeper.bib new file mode 100644 index 0000000..9036189 --- /dev/null +++ b/aixcc/publications/2019_CODASPY_Bootkeeper.bib @@ -0,0 +1,8 @@ +@inproceedings{chevalier19:bootkeeper, +author = {Ronny Chevalier and Stefano Cristalli and Christophe Hauser and Yan Shoshitaishvili and Ruoyu Wang and Christopher Kruegel and Giovanni Vigna and Danilo Bruschi and Andrea Lanzi}, +title = {{BootKeeper: Validating Software Integrity Properties on Boot Firmware Images}}, +booktitle = {Proceedings of the ACM Conference on Data and Application Security and Privacy (CODASPY)}, +year = 2019, +month = {March}, +address = {Dallas, USA} +} diff --git a/aixcc/publications/2019_CODASPY_Bootkeeper.pdf b/aixcc/publications/2019_CODASPY_Bootkeeper.pdf new file mode 100644 index 0000000..6064c87 Binary files /dev/null and b/aixcc/publications/2019_CODASPY_Bootkeeper.pdf differ diff --git a/aixcc/publications/2019_DIMVA_Bintrimmer.bib b/aixcc/publications/2019_DIMVA_Bintrimmer.bib new file mode 100644 index 0000000..5493f21 --- /dev/null +++ b/aixcc/publications/2019_DIMVA_Bintrimmer.bib @@ -0,0 +1,10 @@ +@inproceedings{redini19:bintrimmer, +title = {{BinTrimmer: Towards Static Binary Debloating Through Abstract Interpretation}}, +author = {Nilo Redini and Ruoyu Wang and Aravind Machiry and Yan Shoshitaishvili and Giovanni Vigna and Christopher Kruegel}, +year = 2019, +month = {June}, +address = {Gothenburg, Sweden}, +series = {Lecture Notes in Computer Science}, +publisher = {Springer Verlag}, +booktitle = {Proceedings of the International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA)}, +} \ No newline at end of file diff --git a/aixcc/publications/2019_DIMVA_Bintrimmer.pdf b/aixcc/publications/2019_DIMVA_Bintrimmer.pdf new file mode 100644 index 0000000..5b7ac0d Binary files /dev/null and b/aixcc/publications/2019_DIMVA_Bintrimmer.pdf differ diff --git a/aixcc/publications/2019_NDSS_Periscope.bib b/aixcc/publications/2019_NDSS_Periscope.bib new file mode 100644 index 0000000..c9d0107 --- /dev/null +++ b/aixcc/publications/2019_NDSS_Periscope.bib @@ -0,0 +1,8 @@ +@inproceedings{song2019:periscope, + title={{PeriScope: An Effective Probing and Fuzzing Framework for the Hardware-OS Boundary}}, + author={Song, Dokyung and Hetzelt, Felicitas and Das, Dipanjan and Spensky, Chad and Na, Yeoul and Volckaert, Stijn and Vigna, Giovanni and Kruegel, Christopher and Seifert, Jean-Pierre and Franz, Michael}, + booktitle={Proceedings of the Network and Distributed Systems Security Symposium (NDSS)}, + year={2019}, + month = {February}, + address={San Diego, USA} +} \ No newline at end of file diff --git a/aixcc/publications/2019_NDSS_Periscope.pdf b/aixcc/publications/2019_NDSS_Periscope.pdf new file mode 100644 index 0000000..71897b0 Binary files /dev/null and b/aixcc/publications/2019_NDSS_Periscope.pdf differ diff --git a/aixcc/publications/2019_RAID_Pretender.bib b/aixcc/publications/2019_RAID_Pretender.bib new file mode 100644 index 0000000..bf71767 --- /dev/null +++ b/aixcc/publications/2019_RAID_Pretender.bib @@ -0,0 +1,10 @@ +@inproceedings{gustafson2019:pretender, + title={{Toward the Analysis of Embedded Firmware Through Automated Re-hosting}}, + author={Gustafson, Eric and Muench, Marius and Spensky, Chad and and Redini, Nilo and Machiry, Aravind and Francillon, Aurelien and Balzarotti, Davide and Choe, Yung Ryn and Kruegel, Christopher and Vigna, Giovanni}, + booktitle={Proceedings of the International Symposium on Research in Attacks, Intrusions, and Defenses (RAID)}, + year={2019}, + month={September}, + address={Beijing, China}, + organization={USENIX Association} +} + diff --git a/aixcc/publications/2019_RAID_Pretender.pdf b/aixcc/publications/2019_RAID_Pretender.pdf new file mode 100644 index 0000000..ed8c5df Binary files /dev/null and b/aixcc/publications/2019_RAID_Pretender.pdf differ diff --git a/aixcc/publications/2019_WWW_Dataset.bib b/aixcc/publications/2019_WWW_Dataset.bib new file mode 100644 index 0000000..a341d86 --- /dev/null +++ b/aixcc/publications/2019_WWW_Dataset.bib @@ -0,0 +1,8 @@ +@inproceedings{nilizadeh19:dataset, + title = {{Think Outside the Dataset: Finding Fraudulent Reviews using Cross-Dataset Analysis}}, + author = {Shirin Nilizadeh and Hojjat Aghakhani and Eric Gustafson and Christopher Kruegel and Giovanni Vigna}, + booktitle = {Proceedings of the Web Conference (WWW)}, + year = 2019, + month = {May}, + address = {San Francisco, USA} +} diff --git a/aixcc/publications/2019_WWW_Dataset.pdf b/aixcc/publications/2019_WWW_Dataset.pdf new file mode 100644 index 0000000..631ab66 Binary files /dev/null and b/aixcc/publications/2019_WWW_Dataset.pdf differ diff --git a/aixcc/publications/2020_ACM_CCS_proceedings.bib b/aixcc/publications/2020_ACM_CCS_proceedings.bib new file mode 100644 index 0000000..f674b26 --- /dev/null +++ b/aixcc/publications/2020_ACM_CCS_proceedings.bib @@ -0,0 +1,11 @@ +@Proceedings{2020:acmccs, + title = {Proceedings of the ACM Conference on Computer and Communications Security (CCS)}, + year = 2020, + editor = {Jonathan Katz and Giovanni Vigna}, + address = {Virtual Conference}, + month = {November}, + organization = {ACM}, + isbn = {978-1-4503-7089-9}, + url = {https://dl.acm.org/doi/proceedings/10.1145/3372297} +} + diff --git a/aixcc/publications/2020_CNS_FuzzSense.bib b/aixcc/publications/2020_CNS_FuzzSense.bib new file mode 100644 index 0000000..4756010 --- /dev/null +++ b/aixcc/publications/2020_CNS_FuzzSense.bib @@ -0,0 +1,8 @@ +@inproceedings{salls20:fuzzsense, + title = {{Exploring Abstraction Functions in Fuzzing}}, + author = {Christopher Salls and Aravind Machiry and Adam Doupe and Yan Shoshitaishvili and Christopher Kruegel and Giovanni Vigna}, + booktitle = {Proceedings of the IEEE Conference on Communications and Network Security (CNS)}, + month = {June}, + address = {Avignon, France}, + year = {2020} + } \ No newline at end of file diff --git a/aixcc/publications/2020_CNS_FuzzSense.pdf b/aixcc/publications/2020_CNS_FuzzSense.pdf new file mode 100644 index 0000000..1e4f7be Binary files /dev/null and b/aixcc/publications/2020_CNS_FuzzSense.pdf differ diff --git a/aixcc/publications/2020_CNS_Symbion.bib b/aixcc/publications/2020_CNS_Symbion.bib new file mode 100644 index 0000000..2dd998b --- /dev/null +++ b/aixcc/publications/2020_CNS_Symbion.bib @@ -0,0 +1,8 @@ +@inproceedings{gritti2020:symbion, + title = {{SYMBION: Interleaving Symbolic with Concrete Execution}}, + author = {Gritti, Fabio and Fontana, Lorenzo and Gustafson, Eric and Pagani, Fabio and Continella, Andrea and Kruegel, Christopher and Vigna, Giovanni}, + booktitle = {Proceedings of the IEEE Conference on Communications and Network Security (CNS)}, + month = {June}, + address = {Avignon, France}, + year = {2020} +} \ No newline at end of file diff --git a/aixcc/publications/2020_CNS_Symbion.pdf b/aixcc/publications/2020_CNS_Symbion.pdf new file mode 100644 index 0000000..0b0a0d9 Binary files /dev/null and b/aixcc/publications/2020_CNS_Symbion.pdf differ diff --git a/aixcc/publications/2020_CNS_TrustIO.bib b/aixcc/publications/2020_CNS_TrustIO.bib new file mode 100644 index 0000000..f7bdb06 --- /dev/null +++ b/aixcc/publications/2020_CNS_TrustIO.bib @@ -0,0 +1,8 @@ +@inproceedings{spensky2020:trustio, + title = {{TRUST.IO: Protecting Physical Interfaces on Cyber-physical Systems}}, + author = {Spensky, Chad and Machiry, Aravind and Busch, Marcel and Leach, Kevin and Housley, Rick and Kruegel, Christopher and Vigna, Giovanni}, + booktitle = {IEEE Conference on Communications and Network Security (CNS)}, + month = {June}, + year = {2020}, + address = {Avignon, France} +} \ No newline at end of file diff --git a/aixcc/publications/2020_CNS_TrustIO.pdf b/aixcc/publications/2020_CNS_TrustIO.pdf new file mode 100644 index 0000000..87f8987 Binary files /dev/null and b/aixcc/publications/2020_CNS_TrustIO.pdf differ diff --git a/aixcc/publications/2020_DIMVA_SWRepos.bib b/aixcc/publications/2020_DIMVA_SWRepos.bib new file mode 100644 index 0000000..1ebaacf --- /dev/null +++ b/aixcc/publications/2020_DIMVA_SWRepos.bib @@ -0,0 +1,11 @@ + +@inproceedings{botacin20:malinstall, +title = {{On the Security of Application Installers and Online Software Repositories}}, +author = {Marcus Botacin and Giovanni Bertao and Paulo de Geus and Andre Gregio and Christopher Kruegel and Giovanni Vigna}, +year = 2020, +month = {July}, +address = {Lisboa, Portugal}, +series = {Lecture Notes in Computer Science}, +publisher = {Springer Verlag}, +booktitle = {Proceedings of the International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA)}, +} \ No newline at end of file diff --git a/aixcc/publications/2020_DIMVA_SWRepos.pdf b/aixcc/publications/2020_DIMVA_SWRepos.pdf new file mode 100644 index 0000000..38696ae Binary files /dev/null and b/aixcc/publications/2020_DIMVA_SWRepos.pdf differ diff --git a/aixcc/publications/2020_NDSS_PackingHeat.bib b/aixcc/publications/2020_NDSS_PackingHeat.bib new file mode 100644 index 0000000..7089482 --- /dev/null +++ b/aixcc/publications/2020_NDSS_PackingHeat.bib @@ -0,0 +1,8 @@ +@inproceedings{aghakhani2020:packing, + title={{When Malware is Packin' Heat; Limits of Machine Learning Classifiers Based on Static Analysis Features}}, + author={Hojjat Aghakhani and Fabio Gritti and Francesco Mecca and Martina Lindorfer and Stefano Ortolani and Davide Balzarotti and Giovanni Vigna and Christopher Kruegel}, + booktitle={Proceedings of the Network and Distributed System Security Symposium (NDSS)}, + month = {February}, + address = {San Diego, CA}, + year={2020} +} \ No newline at end of file diff --git a/aixcc/publications/2020_NDSS_PackingHeat.pdf b/aixcc/publications/2020_NDSS_PackingHeat.pdf new file mode 100644 index 0000000..fda4539 Binary files /dev/null and b/aixcc/publications/2020_NDSS_PackingHeat.pdf differ diff --git a/aixcc/publications/2020_RAID_TracingWeb.bib b/aixcc/publications/2020_RAID_TracingWeb.bib new file mode 100644 index 0000000..72d4a72 --- /dev/null +++ b/aixcc/publications/2020_RAID_TracingWeb.bib @@ -0,0 +1,8 @@ +@inproceedings {takahashi20, +author = {Takeshi Takahashi and Christopher Kruegel and Giovanni Vigna and Katsunari Yoshioka and Daisuke Inoue}, +title = {{Tracing and Analyzing Web Access Paths Based on User-Side Data Collection: How Do Users Reach Malicious URLs?}}, +booktitle = {International Symposium on Research in Attacks, Intrusions and Defenses (RAID)}, +year = {2020}, +address = {San Sebastian, Spain}, +month = {October}, +} \ No newline at end of file diff --git a/aixcc/publications/2020_RAID_TracingWeb.pdf b/aixcc/publications/2020_RAID_TracingWeb.pdf new file mode 100644 index 0000000..79bd4c2 Binary files /dev/null and b/aixcc/publications/2020_RAID_TracingWeb.pdf differ diff --git a/aixcc/publications/2020_SP_Karonte.bib b/aixcc/publications/2020_SP_Karonte.bib new file mode 100644 index 0000000..e356396 --- /dev/null +++ b/aixcc/publications/2020_SP_Karonte.bib @@ -0,0 +1,8 @@ +@inproceedings{redini20:karonte, + author = {Nilo Redini and Aravind Machiry and Ruoyu Wang and Chad Spensky and Andrea Continella and Yan Shoshitaishvili and Christopher Kruegel and Giovanni Vigna}, + booktitle = {Proceedings of the IEEE Symposium on Security and Privacy}, + month = {May}, + address = {San Francisco, CA}, + title = {{KARONTE: Detecting Insecure Multi-binary Interactions in Embedded Firmware}}, + year = {2020} +} \ No newline at end of file diff --git a/aixcc/publications/2020_SP_Karonte.pdf b/aixcc/publications/2020_SP_Karonte.pdf new file mode 100644 index 0000000..3da6add Binary files /dev/null and b/aixcc/publications/2020_SP_Karonte.pdf differ diff --git a/aixcc/publications/2020_SP_Spider.bib b/aixcc/publications/2020_SP_Spider.bib new file mode 100644 index 0000000..bcbf246 --- /dev/null +++ b/aixcc/publications/2020_SP_Spider.bib @@ -0,0 +1,8 @@ +@inproceedings{machiry20:spider, + author = {Aravind Machiry and Nilo Redini and Eric Camellini and Christopher Kruegel and Giovanni Vigna}, + booktitle = {Proceedings of the IEEE Symposium on Security and Privacy}, + month = {May}, + address = {San Francisco, CA}, + title = {{SPIDER: Enabling Fast Patch Propagation in Related Software Repositories}}, + year = {2020} +} diff --git a/aixcc/publications/2020_SP_Spider.pdf b/aixcc/publications/2020_SP_Spider.pdf new file mode 100644 index 0000000..82a435e Binary files /dev/null and b/aixcc/publications/2020_SP_Spider.pdf differ diff --git a/aixcc/publications/2020_USENIXSecurity_HALucinator.bib b/aixcc/publications/2020_USENIXSecurity_HALucinator.bib new file mode 100644 index 0000000..153b6d4 --- /dev/null +++ b/aixcc/publications/2020_USENIXSecurity_HALucinator.bib @@ -0,0 +1,8 @@ +@inproceedings{gustafson2020:halucinator, + title = {{HALucinator: Firmware Re-hosting through Abstraction Layer Emulation}}, + author = {Clements, Abraham and Gustafson, Eric and Scharnowski, Tobias and Grosen, Paul and Fritz, David and Kruegel, Christopher and Vigna, Giovanni and Bagchi, Saurabh and Payer, Mathias}, + booktitle = {Proceedings of the USENIX Security Symposium}, + month = {August}, + address = {Boston, MA}, + year = {2020} +} \ No newline at end of file diff --git a/aixcc/publications/2020_USENIXSecurity_HALucinator.pdf b/aixcc/publications/2020_USENIXSecurity_HALucinator.pdf new file mode 100644 index 0000000..8038443 Binary files /dev/null and b/aixcc/publications/2020_USENIXSecurity_HALucinator.pdf differ diff --git a/aixcc/publications/2020_WWW_DirtyClicks.bib b/aixcc/publications/2020_WWW_DirtyClicks.bib new file mode 100644 index 0000000..51270f3 --- /dev/null +++ b/aixcc/publications/2020_WWW_DirtyClicks.bib @@ -0,0 +1,8 @@ +@inproceedings{rola20:dirtyclicks, + title = {{Dirty Clicks: A Study of the Usability and Security Implications of Click-related Behaviors on the Web}}, + author = {Iskander Sanchez-Rola and Davide Balzarotti and Christopher Kruegel and Giovanni Vigna and Igor Santos}, + booktitle = {Proceedings of The Web Conference (WWW)}, + year = 2020, + month = {April}, + address = {Taipei, Taiwan} +} diff --git a/aixcc/publications/2020_WWW_DirtyClicks.pdf b/aixcc/publications/2020_WWW_DirtyClicks.pdf new file mode 100644 index 0000000..21801c2 Binary files /dev/null and b/aixcc/publications/2020_WWW_DirtyClicks.pdf differ diff --git a/aixcc/publications/2021_ACM_CCS_proceedings.bib b/aixcc/publications/2021_ACM_CCS_proceedings.bib new file mode 100644 index 0000000..3c881fb --- /dev/null +++ b/aixcc/publications/2021_ACM_CCS_proceedings.bib @@ -0,0 +1,11 @@ +@Proceedings{2021:acmccs, + title = {Proceedings of the ACM Conference on Computer and Communications Security (CCS)}, + year = 2021, + editor = {Giovanni Vigna and Elaine Shi}, + address = {Virtual Conference}, + month = {November}, + organization = {ACM}, + isbn = {978-1-4503-8454-4}, + url = {https://dl.acm.org/doi/proceedings/10.1145/3460120} +} + diff --git a/aixcc/publications/2021_AsiaCCS_Bran.bib b/aixcc/publications/2021_AsiaCCS_Bran.bib new file mode 100644 index 0000000..100046d --- /dev/null +++ b/aixcc/publications/2021_AsiaCCS_Bran.bib @@ -0,0 +1,8 @@ +@inproceedings{meng2021:Bran, + title = {{Bran: Reduce Vulnerability Search Space in Large Open-Source Repositories by Learning Bug Symptoms}}, + author = {Meng, Dongyu and Guerriero, Michele and Machiry, Aravind and Aghakhani, Hojjat and Bose, Priyanka and Continella, Andrea and Kruegel, Christopher and Vigna, Giovanni}, + booktitle = {Proceedings of the ACM Asia Conference on Computer and Communications Security (AsiaCCS)}, + address = {Hong Kong, China}, + month = {June}, + year = {2021} +} \ No newline at end of file diff --git a/aixcc/publications/2021_AsiaCCS_Bran.pdf b/aixcc/publications/2021_AsiaCCS_Bran.pdf new file mode 100644 index 0000000..8411cd5 Binary files /dev/null and b/aixcc/publications/2021_AsiaCCS_Bran.pdf differ diff --git a/aixcc/publications/2021_AsiaCCS_Conware.bib b/aixcc/publications/2021_AsiaCCS_Conware.bib new file mode 100644 index 0000000..09f58cf --- /dev/null +++ b/aixcc/publications/2021_AsiaCCS_Conware.bib @@ -0,0 +1,8 @@ +@inproceedings{spensky2021:Conware, + title = {{Conware: Automated Modeling of Hardware Peripherals}}, + author = {Chad Spensky and Aravind Machiry and Nilo Redini and Colin Unger and Graham Foster and Evan Blasband and Hamed Okhravi and Christopher Kruegel and Giovanni Vigna}, + booktitle = {Proceedings of the ACM Asia Conference on Computer and Communications Security (AsiaCCS)}, + address = {Hong Kong, China}, + month = {June}, + year = {2021} +} \ No newline at end of file diff --git a/aixcc/publications/2021_AsiaCCS_Conware.pdf b/aixcc/publications/2021_AsiaCCS_Conware.pdf new file mode 100644 index 0000000..a9b4fbf Binary files /dev/null and b/aixcc/publications/2021_AsiaCCS_Conware.pdf differ diff --git a/aixcc/publications/2021_CheckMate_Tarnhelm.bib b/aixcc/publications/2021_CheckMate_Tarnhelm.bib new file mode 100644 index 0000000..42e5ba9 --- /dev/null +++ b/aixcc/publications/2021_CheckMate_Tarnhelm.bib @@ -0,0 +1,9 @@ +@inproceedings{quarta21:tarnhelm, + author={Davide Quarta and Michele Ianni and Aravind Machiry and Yanick Fratantonio and Eric Gustafson and Davide Balzarotti and Martina Lindorfer and Giovanni Vign and Christopher Kruegel}, + title = {{Tarnhelm: Isolated, Transparent and Confidential Execution of Arbitrary Code in ARM's TrustZone}}, + booktitle = {Proceedings of the ACM Workshop on Research on Offensive and Defensive Techniques in the Context of Man At The End Attacks (CheckMATE)}, + address = {Seoul, South Korea}, + month = {November}, + year = 2021 +} + diff --git a/aixcc/publications/2021_CheckMate_Tarnhelm.pdf b/aixcc/publications/2021_CheckMate_Tarnhelm.pdf new file mode 100644 index 0000000..9bc86d9 Binary files /dev/null and b/aixcc/publications/2021_CheckMate_Tarnhelm.pdf differ diff --git a/aixcc/publications/2021_DSN_Glitching.bib b/aixcc/publications/2021_DSN_Glitching.bib new file mode 100644 index 0000000..11bab3a --- /dev/null +++ b/aixcc/publications/2021_DSN_Glitching.bib @@ -0,0 +1,8 @@ +@inproceedings{spensky21:glitching, + author={Spensky, Chad and Machiry, Aravind and Burow, Nathan and Okhravi, Hamed and Housley, Rick and Gu, Zhongshu and Jamjoom, Hani and Kruegel, Christopher and Vigna, Giovanni}, + booktitle={Proceedings of the IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)}, + title={{Glitching Demystified: Analyzing Control-flow-based Glitching Attacks and Defenses}}, + address={Taipei, Taiwan}, + year={2021}, + month={June} +} \ No newline at end of file diff --git a/aixcc/publications/2021_DSN_Glitching.pdf b/aixcc/publications/2021_DSN_Glitching.pdf new file mode 100644 index 0000000..19e1797 Binary files /dev/null and b/aixcc/publications/2021_DSN_Glitching.pdf differ diff --git a/aixcc/publications/2021_EuroSP_Bullseye.bib b/aixcc/publications/2021_EuroSP_Bullseye.bib new file mode 100644 index 0000000..3f5e417 --- /dev/null +++ b/aixcc/publications/2021_EuroSP_Bullseye.bib @@ -0,0 +1,8 @@ +@inproceedings{aghakhani21:bullseye, + author = {Hojjat Aghakhani and Dongyu Meng and Yu-Xiang Wang and Christopher Kruegel and Giovanni Vigna}, + title = {{Bullseye Polytope: A Scalable Clean-Label Poisoning Attack with Improved Transferability}}, + booktitle = {Proceedings of the IEEE European Symposium on Security and Privacy (Euro SP)}, + address = {Vienna, Austria}, + month = {September}, + year = 2021 +} \ No newline at end of file diff --git a/aixcc/publications/2021_EuroSP_Bullseye.pdf b/aixcc/publications/2021_EuroSP_Bullseye.pdf new file mode 100644 index 0000000..907f9a8 Binary files /dev/null and b/aixcc/publications/2021_EuroSP_Bullseye.pdf differ diff --git a/aixcc/publications/2021_RAID_SyML.bib b/aixcc/publications/2021_RAID_SyML.bib new file mode 100644 index 0000000..25940d6 --- /dev/null +++ b/aixcc/publications/2021_RAID_SyML.bib @@ -0,0 +1,8 @@ +@inproceedings{ruaro21:syml, + author = {Nicola Ruaro and Lukas Dresel and Kyle Zeng and Tiffany Bao and Mario Polino and Andrea Continella and Stefano Zanero and Christopher Kruegel and Giovanni Vigna}, + booktitle = {Proceedings of the International Symposium on Research in Attacks, Intrusions and Defenses (RAID)}, + month = {October}, + address = {San Sebastian, Spain}, + title = {{SyML: Guiding Symbolic Execution Toward Vulnerable States Through Pattern Learning}}, + year = {2021} +} \ No newline at end of file diff --git a/aixcc/publications/2021_RAID_SyML.pdf b/aixcc/publications/2021_RAID_SyML.pdf new file mode 100644 index 0000000..7975370 Binary files /dev/null and b/aixcc/publications/2021_RAID_SyML.pdf differ diff --git a/aixcc/publications/2021_SP_Diane.bib b/aixcc/publications/2021_SP_Diane.bib new file mode 100644 index 0000000..1e465f3 --- /dev/null +++ b/aixcc/publications/2021_SP_Diane.bib @@ -0,0 +1,8 @@ +@inproceedings{redini21:diane, + title = {{DIANE: Identifying Fuzzing Triggers in Apps to Generate Under-constrained Inputs for IoT Devices}}, + author = {Redini, Nilo and Continella, Andrea and Das, Dipanjan and Pasquale, Giulio De and Spahn, Noah and Machiry, Aravind and Bianchi, Antonio and Kruegel, Christopher and Vigna, Giovanni}, + booktitle = {Proceedings of the IEEE Symposium on Security and Privacy}, + address = {Virtual}, + month = {May}, + year = {2021} + } diff --git a/aixcc/publications/2021_SP_Diane.pdf b/aixcc/publications/2021_SP_Diane.pdf new file mode 100644 index 0000000..17d8b35 Binary files /dev/null and b/aixcc/publications/2021_SP_Diane.pdf differ diff --git a/aixcc/publications/2021_TOPAS_Brazilian.bib b/aixcc/publications/2021_TOPAS_Brazilian.bib new file mode 100644 index 0000000..bf181df --- /dev/null +++ b/aixcc/publications/2021_TOPAS_Brazilian.bib @@ -0,0 +1,9 @@ +@Article{botacin21:brazilian, + author = {Marcus Botacin and Hojjat Aghakhani and Stefano Ortolani and Christopher Kruegel and Giovanni Vigna and Daniela Oliveira and Paulo Licio Geus and Andre Ricardo Abed Gregio}, + title = {{One Size Does Not Fit All: A Longitudinal Analysis of Brazilian Financial Malware}}, + journal = {ACM Transactions on Privacy and Security}, + volume = 24, + number = 2, + month = {January}, + year = 2021 +} \ No newline at end of file diff --git a/aixcc/publications/2021_TOPAS_Brazilian.pdf b/aixcc/publications/2021_TOPAS_Brazilian.pdf new file mode 100644 index 0000000..fb71317 Binary files /dev/null and b/aixcc/publications/2021_TOPAS_Brazilian.pdf differ diff --git a/aixcc/publications/2021_USENIXSecurity_JSToken.bib b/aixcc/publications/2021_USENIXSecurity_JSToken.bib new file mode 100644 index 0000000..1bf5f16 --- /dev/null +++ b/aixcc/publications/2021_USENIXSecurity_JSToken.bib @@ -0,0 +1,8 @@ +@inproceedings{salls21:token_Level, + title = {{Token-Level Fuzzing}}, + author = {Salls, Christopher and Jindal, Chani and Corina, Jake and Kruegel, Christopher and Vigna, Giovanni}, + booktitle = {Proceedings of the USENIX Security Symposium}, + address = {Virtual}, + month = {August}, + year = {2021} +} \ No newline at end of file diff --git a/aixcc/publications/2021_USENIXSecurity_JSToken.pdf b/aixcc/publications/2021_USENIXSecurity_JSToken.pdf new file mode 100644 index 0000000..334f21c Binary files /dev/null and b/aixcc/publications/2021_USENIXSecurity_JSToken.pdf differ diff --git a/aixcc/publications/2021_WiSec_Tracker.bib b/aixcc/publications/2021_WiSec_Tracker.bib new file mode 100644 index 0000000..e7a92bf --- /dev/null +++ b/aixcc/publications/2021_WiSec_Tracker.bib @@ -0,0 +1,8 @@ +@inproceedings{garg2021:secrow, + title = {{Toward a Secure Crowdsourced Location Tracking System}}, + author = {Garg, Chinmay and Machiry, Aravind and Continella, Andrea and Kruegel, Christopher and Vigna, Giovanni}, + booktitle = {Proceedings of the ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec)}, + address = {Virtual}, + month = {June}, + year = {2021} +} \ No newline at end of file diff --git a/aixcc/publications/2021_WiSec_Tracker.pdf b/aixcc/publications/2021_WiSec_Tracker.pdf new file mode 100644 index 0000000..fb4af70 Binary files /dev/null and b/aixcc/publications/2021_WiSec_Tracker.pdf differ diff --git a/aixcc/publications/2022_ACSAC_popkorn.bib b/aixcc/publications/2022_ACSAC_popkorn.bib new file mode 100644 index 0000000..769e15d --- /dev/null +++ b/aixcc/publications/2022_ACSAC_popkorn.bib @@ -0,0 +1,8 @@ +@inproceedings{gupta22:popkorn, + author = {Rajat Gupta and Lukas Patrick Dresel and Noah Spahn and Giovanni Vigna and Christopher Kruegel and Taesoo Kim}, + title = {{POPKORN: Popping Windows Kernel Drivers At Scale}}, + booktitle = {Proceedings of the Annual Computer Security Applications Conference, (ACSAC)}, + month = {December}, + year = {2022}, + address = {Austin, TX} +} \ No newline at end of file diff --git a/aixcc/publications/2022_ACSAC_popkorn.pdf b/aixcc/publications/2022_ACSAC_popkorn.pdf new file mode 100644 index 0000000..aa24ae2 Binary files /dev/null and b/aixcc/publications/2022_ACSAC_popkorn.pdf differ diff --git a/aixcc/publications/2022_CCS_StudyNFT.bib b/aixcc/publications/2022_CCS_StudyNFT.bib new file mode 100644 index 0000000..ab7e132 --- /dev/null +++ b/aixcc/publications/2022_CCS_StudyNFT.bib @@ -0,0 +1,8 @@ +@inproceedings{dipanjan_nft_22, + title = {{Understanding Security Issues in the NFT Ecosystem}}, + author = {Dipanjan Das and Priyanka Bose and Nicola Ruaro and Christopher Kruegel and Giovanni Vigna}, + booktitle = {Proceedings of the ACM Conference on Computer and Communications Security (CCS)}, + address = {Los Angeles, CA}, + month = {November}, + year = {2022} +} \ No newline at end of file diff --git a/aixcc/publications/2022_CCS_StudyNFT.pdf b/aixcc/publications/2022_CCS_StudyNFT.pdf new file mode 100644 index 0000000..fbf035c Binary files /dev/null and b/aixcc/publications/2022_CCS_StudyNFT.pdf differ diff --git a/aixcc/publications/2022_DIMVA_HybridPruning.bib b/aixcc/publications/2022_DIMVA_HybridPruning.bib new file mode 100644 index 0000000..654384d --- /dev/null +++ b/aixcc/publications/2022_DIMVA_HybridPruning.bib @@ -0,0 +1,8 @@ +@inproceedings{das22:dynstat, + author = {Dipanjan Das and Priyanka Bose and Aravind Machiry and Sebastiano Mariani and Yan Shoshitaishvili and Giovanni Vigna and Christopher Kruegel}, + title = {{Hybrid Pruning: Towards Precise Pointer and Taint Analysis}}, + booktitle = {Proceedings of the Conference on the Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA)}, + address = {Cagliari, Italy}, + month = {June}, + year = {2022} +} \ No newline at end of file diff --git a/aixcc/publications/2022_DIMVA_HybridPruning.pdf b/aixcc/publications/2022_DIMVA_HybridPruning.pdf new file mode 100644 index 0000000..02079ab Binary files /dev/null and b/aixcc/publications/2022_DIMVA_HybridPruning.pdf differ diff --git a/aixcc/publications/2022_SP_DeepCASE.bib b/aixcc/publications/2022_SP_DeepCASE.bib new file mode 100644 index 0000000..2874f4c --- /dev/null +++ b/aixcc/publications/2022_SP_DeepCASE.bib @@ -0,0 +1,8 @@ +@inproceedings{vanede22:deepcase, + author = {Thijs van Ede and Hojjat Aghakhani and Noah Spahn and Riccardo Bortolameotti and Marco Cova and Andrea Continella and Maarten van Steen and Andreas Peter and Christopher Kruegel and Giovanni Vigna}, + booktitle = {Proceedings of the IEEE Symposium on Security and Privacy (SP)}, + month = {May}, + address = {San Francisco, CA}, + title = {{DEEPCASE: Semi-Supervised Contextual Analysis of Security Events}}, + year = {2022} +} diff --git a/aixcc/publications/2022_SP_DeepCASE.pdf b/aixcc/publications/2022_SP_DeepCASE.pdf new file mode 100644 index 0000000..b98cbbc Binary files /dev/null and b/aixcc/publications/2022_SP_DeepCASE.pdf differ diff --git a/aixcc/publications/2022_SP_Heapster.bib b/aixcc/publications/2022_SP_Heapster.bib new file mode 100644 index 0000000..dbfe418 --- /dev/null +++ b/aixcc/publications/2022_SP_Heapster.bib @@ -0,0 +1,8 @@ +@inproceedings{gritti22:heapster, + title = {{HEAPSTER: Analyzing the Security of Dynamic Allocators for Monolithic Firmware Images}}, + author = {Fabio Gritti and Fabio Pagani and Ilya Grishchenko and Lukas Dresel and Nilo Redini and Christopher Kruegel and Giovanni Vigna}, + booktitle = {Proceedings of the IEEE Symposium on Security and Privacy (SP)}, + address = {San Francisco}, + month = {May}, + year = {2022} +} \ No newline at end of file diff --git a/aixcc/publications/2022_SP_Heapster.pdf b/aixcc/publications/2022_SP_Heapster.pdf new file mode 100644 index 0000000..7333c4c Binary files /dev/null and b/aixcc/publications/2022_SP_Heapster.pdf differ diff --git a/aixcc/publications/2022_SP_Sailfish.bib b/aixcc/publications/2022_SP_Sailfish.bib new file mode 100644 index 0000000..9f35a68 --- /dev/null +++ b/aixcc/publications/2022_SP_Sailfish.bib @@ -0,0 +1,8 @@ +@inproceedings{priyanka22:sailfish, + title = {{SAILFISH: Vetting Smart Contract State-Inconsistency Bugs in Seconds}}, + author = {Bose, Priyanka and Das, Dipanjan and Chen, Yanju and Feng, Yu and Kruegel, Christopher and Vigna, Giovanni}, + booktitle = {Proceedings of the IEEE Symposium on Security and Privacy (SP)}, + address = {San Francisco, CA}, + month = {May}, + year = {2022} +} \ No newline at end of file diff --git a/aixcc/publications/2022_SP_Sailfish.pdf b/aixcc/publications/2022_SP_Sailfish.pdf new file mode 100644 index 0000000..9015408 Binary files /dev/null and b/aixcc/publications/2022_SP_Sailfish.pdf differ diff --git a/aixcc/publications/2022_SP_Symbexcel.bib b/aixcc/publications/2022_SP_Symbexcel.bib new file mode 100644 index 0000000..1c9fd2c --- /dev/null +++ b/aixcc/publications/2022_SP_Symbexcel.bib @@ -0,0 +1,8 @@ +@inproceedings{ruaro22:symbexcel, + title = {{SYMBEXCEL: Automated Analysis and Understanding of Malicious Excel 4.0 Macros}}, + author = {Nicola Ruaro and Fabio Pagani and Stefano Ortolani and Christopher Kruegel and Giovanni Vigna}, + booktitle = {Proceedings of the IEEE Symposium on Security and Privacy (SP)}, + address = {San Francisco}, + month = {May}, + year = {2022} +} \ No newline at end of file diff --git a/aixcc/publications/2022_SP_Symbexcel.pdf b/aixcc/publications/2022_SP_Symbexcel.pdf new file mode 100644 index 0000000..39d47a9 Binary files /dev/null and b/aixcc/publications/2022_SP_Symbexcel.pdf differ diff --git a/aixcc/publications/2022_USENIXSecurity_Decomperson.bib b/aixcc/publications/2022_USENIXSecurity_Decomperson.bib new file mode 100644 index 0000000..bb798d5 --- /dev/null +++ b/aixcc/publications/2022_USENIXSecurity_Decomperson.bib @@ -0,0 +1,8 @@ +@inproceedings{decomperson, + title={{Decomperson: How Humans Decompile and What We Can Learn From It}}, + author={Burk, Kevin and Pagani, Fabio and Kruegel, Christopher and Vigna, Giovanni}, + booktitle={Proceedings of the USENIX Security Symposium}, + address={Boston, MA}, + month={August}, + year={2022} +} \ No newline at end of file diff --git a/aixcc/publications/2022_USENIXSecurity_Decomperson.pdf b/aixcc/publications/2022_USENIXSecurity_Decomperson.pdf new file mode 100644 index 0000000..06e01fd Binary files /dev/null and b/aixcc/publications/2022_USENIXSecurity_Decomperson.pdf differ diff --git a/aixcc/publications/2022_USENIXSecurity_Fuzzware.bib b/aixcc/publications/2022_USENIXSecurity_Fuzzware.bib new file mode 100644 index 0000000..b4c49e3 --- /dev/null +++ b/aixcc/publications/2022_USENIXSecurity_Fuzzware.bib @@ -0,0 +1,8 @@ +@inproceedings{scharnowski22:fuzzware, + title = {{Fuzzware: Using Precise MMIO Modeling for Effective Firmware Fuzzing}}, + author = {Tobias Scharnowski and Nils Bars and Moritz Schloegel and Eric Gustafson and Marius Muench and Giovanni Vigna and Christopher Kruegel and Thorsten Holz and Ali Abbas}, + booktitle = {Proceedings of the USENIX Security Symposium}, + address = {Boston, USA}, + month = {August}, + year = {2022} +} \ No newline at end of file diff --git a/aixcc/publications/2022_USENIXSecurity_Fuzzware.pdf b/aixcc/publications/2022_USENIXSecurity_Fuzzware.pdf new file mode 100644 index 0000000..20f9b8f Binary files /dev/null and b/aixcc/publications/2022_USENIXSecurity_Fuzzware.pdf differ diff --git a/aixcc/publications/2022_USENIXSecurity_Regulator.bib b/aixcc/publications/2022_USENIXSecurity_Regulator.bib new file mode 100644 index 0000000..f4eeec1 --- /dev/null +++ b/aixcc/publications/2022_USENIXSecurity_Regulator.bib @@ -0,0 +1,8 @@ +@inproceedings{mclaughlin22:regulator, + title = {{Regulator: Dynamic Analysis to Detect ReDoS}}, + author = {Robert McLaughlin and Fabio Pagani and Noah Spahn and Christopher Kruegel and Giovanni Vigna}, + booktitle = {Proceedings of the USENIX Security Symposium}, + address = {Boston, USA}, + month = {August}, + year = {2022} +} diff --git a/aixcc/publications/2022_USENIXSecurity_Regulator.pdf b/aixcc/publications/2022_USENIXSecurity_Regulator.pdf new file mode 100644 index 0000000..d331a41 Binary files /dev/null and b/aixcc/publications/2022_USENIXSecurity_Regulator.pdf differ diff --git a/aixcc/publications/2023_DigitalThreats_Emotet.bib b/aixcc/publications/2023_DigitalThreats_Emotet.bib new file mode 100644 index 0000000..22eb489 --- /dev/null +++ b/aixcc/publications/2023_DigitalThreats_Emotet.bib @@ -0,0 +1,10 @@ +@article{boyarchuk23:emotet, +author = {Boyarchuk, Oleg and Mariani, Sebastiano and Ortolani, Stefano and Vigna, Giovanni}, +title = {{Keeping Up with the Emotets: Tracking a Multi-Infrastructure Botnet}}, +year = {2023}, +month = {September}, +journal = {ACM Digital Threats: Resarch and Practice}, +publisher = {Association for Computing Machinery}, +volume = {4}, +number = {3} +} \ No newline at end of file diff --git a/aixcc/publications/2023_DigitalThreats_Emotet.pdf b/aixcc/publications/2023_DigitalThreats_Emotet.pdf new file mode 100644 index 0000000..080a2a3 Binary files /dev/null and b/aixcc/publications/2023_DigitalThreats_Emotet.pdf differ diff --git a/aixcc/publications/2023_EuroSP_Certified.bib b/aixcc/publications/2023_EuroSP_Certified.bib new file mode 100644 index 0000000..abd5d23 --- /dev/null +++ b/aixcc/publications/2023_EuroSP_Certified.bib @@ -0,0 +1,8 @@ +@inproceedings{pletinckx23:certifiably, + title = {{Certifiably Vulnerable: Using Certificate Transparency Logs for Target Reconnaissance}}, + author = {Stijn Pletinckx and Thanh-Dat Nguyen and Tobias Fiebig and Christopher Kruegel and Giovanni Vigna}, + booktitle = {Proceedings of the IEEE European Symposium on Security and Privacy (EuroSP)}, + address = {Delft, the Netherlands}, + month = {July}, + year = {2023} +} \ No newline at end of file diff --git a/aixcc/publications/2023_EuroSP_Certified.pdf b/aixcc/publications/2023_EuroSP_Certified.pdf new file mode 100644 index 0000000..9df64e2 Binary files /dev/null and b/aixcc/publications/2023_EuroSP_Certified.pdf differ diff --git a/aixcc/publications/2023_ICSE_Columbus.bib b/aixcc/publications/2023_ICSE_Columbus.bib new file mode 100644 index 0000000..002605f --- /dev/null +++ b/aixcc/publications/2023_ICSE_Columbus.bib @@ -0,0 +1,8 @@ +@inproceedings{bose23_columbus, +author = {Bose, Priyanka and Das, Dipanjan and Vasan, Saastha and Mariani, Sebastiano and Grishchenko, Ilya and Continella, Andrea and Bianchi, Antonio and Kruegel, Christopher and Vigna, Giovanni}, +title = {{Columbus: Android App Testing through Systematic Callback Exploration}}, +month = {May}, +year = {2023}, +booktitle = {Proceedings of the International Conference on Software Engineering (ICSE)}, +address = {Melbourne, Australia} +} \ No newline at end of file diff --git a/aixcc/publications/2023_ICSE_Columbus.pdf b/aixcc/publications/2023_ICSE_Columbus.pdf new file mode 100644 index 0000000..4f99b48 Binary files /dev/null and b/aixcc/publications/2023_ICSE_Columbus.pdf differ diff --git a/aixcc/publications/2023_RAID_Honeypot.bib b/aixcc/publications/2023_RAID_Honeypot.bib new file mode 100644 index 0000000..06f722f --- /dev/null +++ b/aixcc/publications/2023_RAID_Honeypot.bib @@ -0,0 +1,8 @@ +@inproceedings{spahn23:honeypot, + title = {{Container Orchestration Honeypot: Observing Attacks in the Wild}}, + author = {Spahn, Noah and Hanke, Nils and Holz, Thorsten and Kruegel, Christopher and Vigna, Giovanni}, + booktitle = {Proceedings of the International Symposium on Research in Attacks, Intrusions and Defenses (RAID)}, + address = {Honk Kong}, + month = {October}, + year = {2023} +} \ No newline at end of file diff --git a/aixcc/publications/2023_RAID_Honeypot.pdf b/aixcc/publications/2023_RAID_Honeypot.pdf new file mode 100644 index 0000000..c635b4a Binary files /dev/null and b/aixcc/publications/2023_RAID_Honeypot.pdf differ diff --git a/aixcc/publications/2023_RAID_Shimware.bib b/aixcc/publications/2023_RAID_Shimware.bib new file mode 100644 index 0000000..ddc9a28 --- /dev/null +++ b/aixcc/publications/2023_RAID_Shimware.bib @@ -0,0 +1,8 @@ +@inproceedings{gustafson23:shimware, + author = {Eric Gustafson and Paul Grosen and Nilo Redini and Saagar Jha and Ruoyu Wang and Andrea Continella and Kevin Fu and Sara Rampazzi and Christopher Kruegel and Giovanni Vigna}, + booktitle = {Proceedings of the International Symposium on Research in Attacks, Intrusions and Defenses (RAID)}, + month = {October}, + address = {Hong Kong}, + title = {{Shimware: Toward Practical Security Retrofitting for Monolithic Firmware Images}}, + year = {2023} +} diff --git a/aixcc/publications/2023_RAID_Shimware.pdf b/aixcc/publications/2023_RAID_Shimware.pdf new file mode 100644 index 0000000..602b453 Binary files /dev/null and b/aixcc/publications/2023_RAID_Shimware.pdf differ diff --git a/aixcc/publications/2023_SP_TEEzz.bib b/aixcc/publications/2023_SP_TEEzz.bib new file mode 100644 index 0000000..29db258 --- /dev/null +++ b/aixcc/publications/2023_SP_TEEzz.bib @@ -0,0 +1,8 @@ +@inproceedings{busch23:teezz, + title = {{TEEzz: Fuzzing Trusted Applications on COTS Android Devices}}, + author = {Marcel Busch and Aravind Machiry and Chad Spensky and Giovanni Vigna and Christopher Kruegel and Mathias Payer}, + booktitle = {Proceedings of the IEEE Symposium on Security and Privacy (SP)}, + address = {San Francisco}, + month = {May}, + year = {2023} +} \ No newline at end of file diff --git a/aixcc/publications/2023_SP_TEEzz.pdf b/aixcc/publications/2023_SP_TEEzz.pdf new file mode 100644 index 0000000..cfcced2 Binary files /dev/null and b/aixcc/publications/2023_SP_TEEzz.pdf differ diff --git a/aixcc/publications/2023_SP_Witcher.bib b/aixcc/publications/2023_SP_Witcher.bib new file mode 100644 index 0000000..583a242 --- /dev/null +++ b/aixcc/publications/2023_SP_Witcher.bib @@ -0,0 +1,8 @@ +@inproceedings{trickel23:witcher, + title = {{Toss a Fault to Your Witcher: Applying Grey-box Coverage-Guided Mutational Fuzzing to Detect SQL and Command Injection Vulnerabilities}}, + author = {Erik Trickel and Fabio Pagani and Chang Zhu and Lukas Dresel and Giovanni Vigna and Christopher Kruegel and Ruoyu Wang and Tiffany Bao and Yan Shoshitaishvili and Adam Doupe}, + booktitle = {Proceedings of the IEEE Symposium on Security and Privacy (SP)}, + address = {San Francisco}, + month = {May}, + year = {2023} +} \ No newline at end of file diff --git a/aixcc/publications/2023_SP_Witcher.pdf b/aixcc/publications/2023_SP_Witcher.pdf new file mode 100644 index 0000000..fcf7d55 Binary files /dev/null and b/aixcc/publications/2023_SP_Witcher.pdf differ diff --git a/aixcc/publications/2023_SaTML_venomave.bib b/aixcc/publications/2023_SaTML_venomave.bib new file mode 100644 index 0000000..183b0cd --- /dev/null +++ b/aixcc/publications/2023_SaTML_venomave.bib @@ -0,0 +1,8 @@ +@inproceedings{aghakhani23:venomave, + author = {Hojjat Aghakhani and Lea Schonherr and Thorsten Eisenhofer and Dorothea Kolossa and Thorsten Holz and Christopher Kruegel and Giovanni Vigna}, + title = {{VENOMAVE: Targeted Poisoning Against Speech Recognition}}, + booktitle = {Proceedings of the Conference on Secure and Trustworthy Machine Learning (SaTML)}, + month = {February}, + year = {2023}, + address = {Raleigh, NC} +} \ No newline at end of file diff --git a/aixcc/publications/2023_SaTML_venomave.pdf b/aixcc/publications/2023_SaTML_venomave.pdf new file mode 100644 index 0000000..e364e81 Binary files /dev/null and b/aixcc/publications/2023_SaTML_venomave.pdf differ diff --git a/aixcc/publications/2023_USENIX_Actor.bib b/aixcc/publications/2023_USENIX_Actor.bib new file mode 100644 index 0000000..4eced66 --- /dev/null +++ b/aixcc/publications/2023_USENIX_Actor.bib @@ -0,0 +1,8 @@ +@inproceedings{fleischer23:actor, + title = {{ACTOR: Action-Guided Kernel Fuzzing}}, + author = {Marius Fleischer and Dipanjan Das and Priyanka Bose and Weiheng Bai and Kangjie Lu and Mathias Payer and Christopher Kruegel and Giovanni Vigna}, + booktitle = {Proceedings of the USENIX Security Symposium}, + address = {Los Angeles, USA}, + month = {August}, + year = {2023} +} diff --git a/aixcc/publications/2023_USENIX_Actor.pdf b/aixcc/publications/2023_USENIX_Actor.pdf new file mode 100644 index 0000000..ed3b8dc Binary files /dev/null and b/aixcc/publications/2023_USENIX_Actor.pdf differ diff --git a/aixcc/publications/2023_USENIX_Arbitrage.bib b/aixcc/publications/2023_USENIX_Arbitrage.bib new file mode 100644 index 0000000..3a36fe0 --- /dev/null +++ b/aixcc/publications/2023_USENIX_Arbitrage.bib @@ -0,0 +1,8 @@ +@inproceedings{mclaughlin23:arbitrage, + title = {{A Large Scale Study of the Ethereum Arbitrage Ecosystem}}, + author = {Robert McLaughlin and Christopher Kruegel and Giovanni Vigna}, + booktitle = {Proceedings of the USENIX Security Symposium}, + address = {Los Angeles, USA}, + month = {August}, + year = {2023} +} diff --git a/aixcc/publications/2023_USENIX_Arbitrage.pdf b/aixcc/publications/2023_USENIX_Arbitrage.pdf new file mode 100644 index 0000000..d7d8207 Binary files /dev/null and b/aixcc/publications/2023_USENIX_Arbitrage.pdf differ diff --git a/aixcc/publications/2023_USENIX_Confusum.bib b/aixcc/publications/2023_USENIX_Confusum.bib new file mode 100644 index 0000000..2bb8586 --- /dev/null +++ b/aixcc/publications/2023_USENIX_Confusum.bib @@ -0,0 +1,8 @@ +@inproceedings{gritti23:confusum, + title = {{Confusum Contractum: Confused Deputy Vulnerabilities in Ethereum Smart Contracts}}, + author = {Fabio Gritti and Nicola Ruaro and Robert McLaughlin and Priyanka Bose and Dipanjan Das and Ilya Grishchenko and Christopher Kruegel and Giovanni Vigna}, + booktitle = {Proceedings of the USENIX Security Symposium}, + address = {Los Angeles, USA}, + month = {August}, + year = {2023} +} diff --git a/aixcc/publications/2023_USENIX_Confusum.pdf b/aixcc/publications/2023_USENIX_Confusum.pdf new file mode 100644 index 0000000..91a7148 Binary files /dev/null and b/aixcc/publications/2023_USENIX_Confusum.pdf differ diff --git a/aixcc/publications/2024_FC_Slippage.bib b/aixcc/publications/2024_FC_Slippage.bib new file mode 100644 index 0000000..7bc2be0 --- /dev/null +++ b/aixcc/publications/2024_FC_Slippage.bib @@ -0,0 +1,8 @@ +@inproceedings{mclaughlin2024slippage, + title = {{The Power of Default: Measuring the Effect of Slippage Tolerance in Decentralized Exchanges}}, + author = {Chemaya, Nir and Liu, Dingyue and McLaughlin, Robert and Ruaro, Nicola, and Kruegel, Christopher and Vigna, Giovanni}, + booktitle = {Proceedings of the International Conference on Financial Cryptography and Data Security}, + address = {Willemstad, Curacao}, + month = {March}, + year = {2024} +} \ No newline at end of file diff --git a/aixcc/publications/2024_FC_Slippage.pdf b/aixcc/publications/2024_FC_Slippage.pdf new file mode 100644 index 0000000..f9397f2 Binary files /dev/null and b/aixcc/publications/2024_FC_Slippage.pdf differ diff --git a/aixcc/publications/2024_ICWSM_PhishNFT.bib b/aixcc/publications/2024_ICWSM_PhishNFT.bib new file mode 100644 index 0000000..09aea6e --- /dev/null +++ b/aixcc/publications/2024_ICWSM_PhishNFT.bib @@ -0,0 +1,8 @@ +@inproceedings{roy2024unveiling, + title={{Unveiling the Risks of NFT Promotion Scams}}, + author={Saha Roy, Sayak and Das, Dipanjan and Bose, Priyanka and Kruegel, Christopher and Vigna, Giovanni and Nilizadeh, Shirin}, + booktitle={Proceedings of the International AAAI Conference on Web and Social Media (ICWSM)}, + address = {Buffalo, NY}, + month={June}, + year={2024} +} \ No newline at end of file diff --git a/aixcc/publications/2024_ICWSM_PhishNFT.pdf b/aixcc/publications/2024_ICWSM_PhishNFT.pdf new file mode 100644 index 0000000..15b6d2f Binary files /dev/null and b/aixcc/publications/2024_ICWSM_PhishNFT.pdf differ diff --git a/aixcc/publications/2024_NDSS_Crush.bib b/aixcc/publications/2024_NDSS_Crush.bib new file mode 100644 index 0000000..8a44314 --- /dev/null +++ b/aixcc/publications/2024_NDSS_Crush.bib @@ -0,0 +1,8 @@ +@inproceedings{ruaro24crush, + title = {{Not your Type! Detecting Storage Collision Vulnerabilities in Ethereum Smart Contracts}}, + author = {Ruaro, Nicola and Gritti, Fabio and McLaughlin, Robert and Grishchenko, Ilya and Kruegel, Christopher and Vigna, Giovanni}, + booktitle = {Proceedings Network and Distributed Systems Security Symposium (NDSS)}, + address = {San Diego, USA}, + month = {February}, + year = {2024} +} \ No newline at end of file diff --git a/aixcc/publications/2024_NDSS_Crush.pdf b/aixcc/publications/2024_NDSS_Crush.pdf new file mode 100644 index 0000000..55ba6c7 Binary files /dev/null and b/aixcc/publications/2024_NDSS_Crush.pdf differ diff --git a/aixcc/publications/2024_SP_TrojanPuzzle.bib b/aixcc/publications/2024_SP_TrojanPuzzle.bib new file mode 100644 index 0000000..f5c8ffa --- /dev/null +++ b/aixcc/publications/2024_SP_TrojanPuzzle.bib @@ -0,0 +1,8 @@ +@inproceedings{aghakhani24:trojan, + title = {{TROJANPUZZLE: Covertly Poisoning Code-Suggestion Models}}, + author = {Hojjat Aghakhani and Wei Dai and Andre Manoel and Xavier Fernandes and Anant Kharkar and Christopher Kruegel and Giovanni Vigna and David Evans and Benjamin Zorn and Robert Sim}, + booktitle = {Proceedings of the IEEE Symposium on Security and Privacy}, + address = {San Francisco, CA}, + month = {May}, + year = {2024} +} diff --git a/aixcc/publications/2024_SP_TrojanPuzzle.pdf b/aixcc/publications/2024_SP_TrojanPuzzle.pdf new file mode 100644 index 0000000..92f18e3 Binary files /dev/null and b/aixcc/publications/2024_SP_TrojanPuzzle.pdf differ diff --git a/aixcc/publications/2024_USENIXSec_vrkeylogging.bib b/aixcc/publications/2024_USENIXSec_vrkeylogging.bib new file mode 100644 index 0000000..bda644f --- /dev/null +++ b/aixcc/publications/2024_USENIXSec_vrkeylogging.bib @@ -0,0 +1,8 @@ +@inproceedings{su2024keylog, + title = {{Remote Keylogging Attacks in Multi-user VR Applications}}, + author = {Su, Zihao and Cai, Kunlin and Beeler, Reuben and Dresel, Lukas and Garcia, Allan and Grishchenko, Ilya and Tian, Yuan and Kruegel, Christopher and Vigna, Giovanni}, + booktitle = {Proceedings of the USENIX Security Symposium}, + address = {Philadelphia, PA}, + month = {August}, + year = {2024} +} \ No newline at end of file diff --git a/aixcc/shellphish_aixcc_qualification.html b/aixcc/shellphish_aixcc_qualification.html new file mode 100644 index 0000000..647dde1 --- /dev/null +++ b/aixcc/shellphish_aixcc_qualification.html @@ -0,0 +1,60 @@ + + + + + + + AI Cyber Challenge (AIxCC) | Shellphish + + + + +

Shellphish Qualifies for the AIxCC Final Event with $2 Million Cash Award

+ +

August 13, 2024 - The Shellphish hacker collective is proud to announce that their cutting-edge Cyber Reasoning System (CRS), + ARTIPHISHELL, has successfully qualified for the finals of the prestigious AI Cyber Challenge (AIxCC - https://aicyberchallenge.com/) + sponsored by DARPA and ARPA-H. This remarkable achievement comes with a significant milestone-a $2 million cash award. +The DARPA AIxCC competition brings together the brightest minds in artificial intelligence and cybersecurity, to develop novel +AI-driven systems that can find and repair the software components supporting the nation's critical infrastructure.

+ +

ARTIPHISHELL's qualification for the finals is a testament to the team's dedication, innovative approach, and technical expertise in + developing advanced AI-driven solutions to address critical cybersecurity threats. +"We are thrilled to see ARTIPHISHELL making it to the final round," said Adam Doupe, CEO at Shellphish Support Syndicate +(the company supporting Shellphish's effort) and Director of the Center for Cybersecurity and Trusted Foundations at Arizona State University, +where he is an Associate Professor. "This accomplishment reflects the team's hard work and collaborative spirit. We are eager to +compete in the finals and continue pushing the boundaries of what AI and LLMs can achieve in cybersecurity." +ARTIPHISHELL has demonstrated exceptional capabilities in autonomously identifying, analyzing, and patching complex +vulnerabilities found in real-world software, making it a formidable contender in the DARPA AIxCC competition. +"This is a natural evolution of Mechanical Phish, which is the system that Shellphish developed to participate in the DARPA Cyber Grand Challenge of 2016", +said Giovanni Vigna, Professor at UC Santa Barbara. "Many ideas developed as part of other cutting-edge DARPA programs, such as CHESS, HACCS, AMP, and +HARDEN have contributed to defining the ideas at the basis of ARTIPHISHELL", said Antonio Bianchi, an Assistant Professor at Purdue University.

+ +

Having been the only CRS in the competition to patch one of the identified vulnerabilities in the nginx target, the team + is looking forward to seeing how far they can advance the CRS in the upcoming year. The $2 million cash award will further support the + Shellphish team's efforts to refine and enhance ARTIPHISHELL as they prepare for the final phase of the competition, which is scheduled for + August 2025, where the seven qualifying teams will compete for not only bragging rights but also a portion of the $8.5 million of prize + money reserved for the top three. +The Shellphish team comprises professors and students from Arizona State University, Purdue University, +and UC Santa Barbara who have been collaborators for years. "It's a team with a proven record of collaboration and innovation", said +Fish Wang, an Associate Professor at Arizona State University, "and the success of ARTIPHISHELL shows the effectiveness of multi-university cooperation".

+ +

The Shellphish team extends their gratitude to DARPA and ARPA-H, the competition organizers, and their supporters for this opportunity. + As the finals approach, the team remains focused on advancing their technology and contributing to the broader goal of strengthening global cybersecurity.

+ +

For media inquiries, please contact media@shellphish.net.

+ + +

About Shellphish

+ +

Shellphish was founded in 2005 when it won the prestigious DEF CON Capture the Flag competition. + Since then, the Shellphish team has grown into a team of "hackademics" participating in both security + competitions and producing a substantial corpus of research. Shellphish also competed in the DARPA Cyber Grand Challenge (CGC) in 2016, + ultimately winning 3rd place and $750,000 in prize money with the world's first open-source cyber reasoning system, the Mechanical Phish.

+ + + diff --git a/cgc/index.html b/cgc/index.html index e3ab70a..c04be8a 100644 --- a/cgc/index.html +++ b/cgc/index.html @@ -1,9 +1,9 @@ - - - + + + The Cyber Grand Challenge | Shellphish @@ -11,17 +11,15 @@
  • Home
  • Members
  • CGC
    • +
  • AIxCC
    • -

    The Cyber Grand Challenge

    - - +

    The Cyber Grand Challenge

    Shellphish CGC Logo -
    diff --git a/index.html b/index.html index f6ef78f..5e87244 100644 --- a/index.html +++ b/index.html @@ -1,17 +1,17 @@ - - + - ★ Shellphish ★ + Shellphish

    @@ -20,7 +20,6 @@

    Shellphish - diff --git a/members/index.html b/members/index.html index 1f08f90..b86bc01 100644 --- a/members/index.html +++ b/members/index.html @@ -11,6 +11,7 @@
  • Home
  • Members
  • CGC
    • +
  • AIxCC

    • Members

    diff --git a/shellphish.css b/shellphish.css index 72384e0..8ff9875 100644 --- a/shellphish.css +++ b/shellphish.css @@ -28,3 +28,104 @@ ul#navbar li a { color: black; text-decoration: none; } + + /* Document definitions */ + div.docs { + /* border-style: solid; + border-width: medium; + border-color: darkred;*/ + } + + span.doctitle { + font-weight: bold; + display: block; + } + + span.docauthors { + display: block; + } + + span.docauthors:after { + content: "."; + } + + span.dochowpub:after { + content: ","; + } + + span.docpublisher:after { + content: ","; + } + + span.docisbn:before { + content: "ISBN "; + } + + span.docisbn:after { + content: ","; + } + + span.docproc { + font-style: italic; + } + + /* span.docproc:before { + content: "In "; + } */ + + span.docproc:after { + content: ","; + } + + span.docjournal { + font-style: italic; + } + + span.docjournal:after { + content: ","; + } + + span.docnum:after { + content: ","; + } + + span.docnote { + font-style: italic; + } + + span.docnote:after { + content: "."; + } + + span.docpages:before { + content: "pp. "; + } + + span.docpages:after { + content: ","; + } + + span.docwhere:after { + content: ","; + } + + span.doctype:after { + content: ","; + } + + span.docwhen:after { + content: "."; + } + + span.doclink { + display: block; + } + + span.doclink:before { + content: "["; + } + + span.doclink:after { + content: "]"; + } + \ No newline at end of file