@inproceedings {291291, author = {Marius Fleischer and Dipanjan Das and Priyanka Bose and Weiheng Bai and Kangjie Lu and Mathias Payer and Christopher Kruegel and Giovanni Vigna}, title = {{ACTOR}: {Action-Guided} Kernel Fuzzing}, booktitle = {32nd USENIX Security Symposium (USENIX Security 23)}, year = {2023}, isbn = {978-1-939133-37-3}, address = {Anaheim, CA}, pages = {5003--5020}, url = {https://www.usenix.org/conference/usenixsecurity23/presentation/fleischer}, publisher = {USENIX Association}, month = aug } @inproceedings {291283, author = {Fabio Gritti and Nicola Ruaro and Robert McLaughlin and Priyanka Bose and Dipanjan Das and Ilya Grishchenko and Christopher Kruegel and Giovanni Vigna}, title = {Confusum Contractum: Confused Deputy Vulnerabilities in Ethereum Smart Contracts}, booktitle = {32nd USENIX Security Symposium (USENIX Security 23)}, year = {2023}, isbn = {978-1-939133-37-3}, address = {Anaheim, CA}, pages = {1793--1810}, url = {https://www.usenix.org/conference/usenixsecurity23/presentation/gritti}, publisher = {USENIX Association}, month = aug } @inproceedings {287358, author = {Robert McLaughlin and Christopher Kruegel and Giovanni Vigna}, title = {A Large Scale Study of the Ethereum Arbitrage Ecosystem}, booktitle = {32nd USENIX Security Symposium (USENIX Security 23)}, year = {2023}, isbn = {978-1-939133-37-3}, address = {Anaheim, CA}, pages = {3295--3312}, url = {https://www.usenix.org/conference/usenixsecurity23/presentation/mclaughlin}, publisher = {USENIX Association}, month = aug } @inproceedings {281430, author = {Kevin Burk and Fabio Pagani and Christopher Kruegel and Giovanni Vigna}, title = {Decomperson: How Humans Decompile and What We Can Learn From It}, booktitle = {31st USENIX Security Symposium (USENIX Security 22)}, year = {2022}, isbn = {978-1-939133-31-1}, address = {Boston, MA}, pages = {2765--2782}, url = {https://www.usenix.org/conference/usenixsecurity22/presentation/burk}, publisher = {USENIX Association}, month = aug } @inproceedings {277252, author = {Tobias Scharnowski and Nils Bars and Moritz Schloegel and Eric Gustafson and Marius Muench and Giovanni Vigna and Christopher Kruegel and Thorsten Holz and Ali Abbasi}, title = {Fuzzware: Using Precise {MMIO} Modeling for Effective Firmware Fuzzing}, booktitle = {31st USENIX Security Symposium (USENIX Security 22)}, year = {2022}, isbn = {978-1-939133-31-1}, address = {Boston, MA}, pages = {1239--1256}, url = {https://www.usenix.org/conference/usenixsecurity22/presentation/scharnowski}, publisher = {USENIX Association}, month = aug } @inproceedings {277200, author = {Robert McLaughlin and Fabio Pagani and Noah Spahn and Christopher Kruegel and Giovanni Vigna}, title = {Regulator: Dynamic Analysis to Detect {ReDoS}}, booktitle = {31st USENIX Security Symposium (USENIX Security 22)}, year = {2022}, isbn = {978-1-939133-31-1}, address = {Boston, MA}, pages = {4219--4235}, url = {https://www.usenix.org/conference/usenixsecurity22/presentation/mclaughlin}, publisher = {USENIX Association}, month = aug } @inproceedings {274551, author = {Christopher Salls and Chani Jindal and Jake Corina and Christopher Kruegel and Giovanni Vigna}, title = {{Token-Level} Fuzzing}, booktitle = {30th USENIX Security Symposium (USENIX Security 21)}, year = {2021}, isbn = {978-1-939133-24-3}, pages = {2795--2809}, url = {https://www.usenix.org/conference/usenixsecurity21/presentation/salls}, publisher = {USENIX Association}, month = aug } @inproceedings {247646, author = {Abraham A Clements and Eric Gustafson and Tobias Scharnowski and Paul Grosen and David Fritz and Christopher Kruegel and Giovanni Vigna and Saurabh Bagchi and Mathias Payer}, title = {{HALucinator}: Firmware Re-hosting Through Abstraction Layer Emulation}, booktitle = {29th USENIX Security Symposium (USENIX Security 20)}, year = {2020}, isbn = {978-1-939133-17-5}, pages = {1201--1218}, url = {https://www.usenix.org/conference/usenixsecurity20/presentation/clements}, publisher = {USENIX Association}, month = aug } @inproceedings {259743, author = {Takeshi Takahashi and Christopher Kruegel and Giovanni Vigna and Katsunari Yoshioka and Daisuke Inoue}, title = {Tracing and Analyzing Web Access Paths Based on {User-Side} Data Collection: How Do Users Reach Malicious {URLs}?}, booktitle = {23rd International Symposium on Research in Attacks, Intrusions and Defenses (RAID 2020)}, year = {2020}, isbn = {978-1-939133-18-2}, address = {San Sebastian}, pages = {93--106}, url = {https://www.usenix.org/conference/raid2020/presentation/takahashi}, publisher = {USENIX Association}, month = oct } @inproceedings {217488, author = {Moritz Eckert and Antonio Bianchi and Ruoyu Wang and Yan Shoshitaishvili and Christopher Kruegel and Giovanni Vigna}, title = {{HeapHopper}: Bringing Bounded Model Checking to Heap Implementation Security}, booktitle = {27th USENIX Security Symposium (USENIX Security 18)}, year = {2018}, isbn = {978-1-931971-46-1}, address = {Baltimore, MD}, pages = {99--116}, url = {https://www.usenix.org/conference/usenixsecurity18/presentation/eckert}, publisher = {USENIX Association}, month = aug } @inproceedings {217507, author = {Wei Meng and Chenxiong Qian and Shuang Hao and Kevin Borgolte and Giovanni Vigna and Christopher Kruegel and Wenke Lee}, title = {Rampart: Protecting Web Applications from {CPU-Exhaustion} {Denial-of-Service} Attacks}, booktitle = {27th USENIX Security Symposium (USENIX Security 18)}, year = {2018}, isbn = {978-1-939133-04-5}, address = {Baltimore, MD}, pages = {393--410}, url = {https://www.usenix.org/conference/usenixsecurity18/presentation/meng}, publisher = {USENIX Association}, month = aug } @inproceedings {203844, author = {Nilo Redini and Aravind Machiry and Dipanjan Das and Yanick Fratantonio and Antonio Bianchi and Eric Gustafson and Yan Shoshitaishvili and Christopher Kruegel and Giovanni Vigna}, title = {{BootStomp}: On the Security of Bootloaders in Mobile Devices}, booktitle = {26th USENIX Security Symposium (USENIX Security 17)}, year = {2017}, isbn = {978-1-931971-40-9}, address = {Vancouver, BC}, pages = {781--798}, url = {https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/redini}, publisher = {USENIX Association}, month = aug } @inproceedings {203708, author = {Aravind Machiry and Chad Spensky and Jake Corina and Nick Stephens and Christopher Kruegel and Giovanni Vigna}, title = {{DR}. {CHECKER}: A Soundy Analysis for Linux Kernel Drivers}, booktitle = {26th USENIX Security Symposium (USENIX Security 17)}, year = {2017}, isbn = {978-1-931971-40-9}, address = {Vancouver, BC}, pages = {1007--1024}, url = {https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/machiry}, publisher = {USENIX Association}, month = aug } @inproceedings {190846, author = {Gianluca Stringhini and Pierre Mourlanne and Gregoire Jacob and Manuel Egele and Christopher Kruegel and Giovanni Vigna}, title = {{EVILCOHORT}: Detecting Communities of Malicious Accounts on Online Services}, booktitle = {24th USENIX Security Symposium (USENIX Security 15)}, year = {2015}, isbn = {978-1-939133-11-3}, address = {Washington, D.C.}, pages = {563--578}, url = {https://www.usenix.org/conference/usenixsecurity15/technical-sessions/presentation/stringhini}, publisher = {USENIX Association}, month = aug } @inproceedings {190922, author = {Alessandro Di Federico and Amat Cama and Yan Shoshitaishvili and Christopher Kruegel and Giovanni Vigna}, title = {How the {ELF} Ruined Christmas}, booktitle = {24th USENIX Security Symposium (USENIX Security 15)}, year = {2015}, isbn = {978-1-939133-11-3}, address = {Washington, D.C.}, pages = {643--658}, url = {https://www.usenix.org/conference/usenixsecurity15/technical-sessions/presentation/di-frederico}, publisher = {USENIX Association}, month = aug } @inproceedings {190987, author = {Kevin Borgolte and Christopher Kruegel and Giovanni Vigna}, title = {Meerkat: Detecting Website Defacements through Image-based Object Recognition}, booktitle = {24th USENIX Security Symposium (USENIX Security 15)}, year = {2015}, isbn = {978-1-939133-11-3}, address = {Washington, D.C.}, pages = {595--610}, url = {https://www.usenix.org/conference/usenixsecurity15/technical-sessions/presentation/borgolte}, publisher = {USENIX Association}, month = aug } @inproceedings {190994, author = {Michael Weissbacher and William Robertson and Engin Kirda and Christopher Kruegel and Giovanni Vigna}, title = {{ZigZag}: Automatically Hardening Web Applications Against Client-side Validation Vulnerabilities}, booktitle = {24th USENIX Security Symposium (USENIX Security 15)}, year = {2015}, isbn = {978-1-939133-11-3}, address = {Washington, D.C.}, pages = {737--752}, url = {https://www.usenix.org/conference/usenixsecurity15/technical-sessions/presentation/weissbacher}, publisher = {USENIX Association}, month = aug } @inproceedings {184519, author = {Dhilung Kirat and Giovanni Vigna and Christopher Kruegel}, title = {{BareCloud}: Bare-metal Analysis-based Evasive Malware Detection}, booktitle = {23rd USENIX Security Symposium (USENIX Security 14)}, year = {2014}, isbn = {978-1-931971-15-7}, address = {San Diego, CA}, pages = {287--301}, url = {https://www.usenix.org/conference/usenixsecurity14/technical-sessions/presentation/kirat}, publisher = {USENIX Association}, month = aug } @inproceedings {184485, author = {Alexandros Kapravelos and Chris Grier and Neha Chachra and Christopher Kruegel and Giovanni Vigna and Vern Paxson}, title = {Hulk: Eliciting Malicious Behavior in Browser Extensions}, booktitle = {23rd USENIX Security Symposium (USENIX Security 14)}, year = {2014}, isbn = {978-1-931971-15-7}, address = {San Diego, CA}, pages = {641--654}, url = {https://www.usenix.org/conference/usenixsecurity14/technical-sessions/presentation/kapravelos}, publisher = {USENIX Association}, month = aug } @inproceedings {180386, author = {Alexandros Kapravelos and Yan Shoshitaishvili and Marco Cova and Christopher Kruegel and Giovanni Vigna}, title = {Revolver: An Automated Approach to the Detection of Evasive Web-based Malware}, booktitle = {22nd USENIX Security Symposium (USENIX Security 13)}, year = {2013}, isbn = {978-1-931971-03-4}, address = {Washington, D.C.}, pages = {637--652}, url = {https://www.usenix.org/conference/usenixsecurity13/technical-sessions/presentation/kapravelos}, publisher = {USENIX Association}, month = aug } @inproceedings {182951, author = {Ruoyu Wang and Yan Shoshitaishvili and Christopher Kruegel and Giovanni Vigna}, title = {Steal This Movie: Automatically Bypassing {DRM} Protection in Streaming Media Services}, booktitle = {22nd USENIX Security Symposium (USENIX Security 13)}, year = {2013}, isbn = {978-1-931971-03-4}, address = {Washington, D.C.}, pages = {687--702}, url = {https://www.usenix.org/conference/usenixsecurity13/technical-sessions/paper/wang_ruoyu}, publisher = {USENIX Association}, month = aug } @inproceedings {180234, author = {Adam Doup{\'e} and Ludovico Cavedon and Christopher Kruegel and Giovanni Vigna}, title = {Enemy of the State: A {State-Aware} {Black-Box} Web Vulnerability Scanner}, booktitle = {21st USENIX Security Symposium (USENIX Security 12)}, year = {2012}, isbn = {978-931971-95-9}, address = {Bellevue, WA}, pages = {523--538}, url = {https://www.usenix.org/conference/usenixsecurity12/technical-sessions/presentation/doupe}, publisher = {USENIX Association}, month = aug } @inproceedings {180233, author = {Gregoire Jacob and Engin Kirda and Christopher Kruegel and Giovanni Vigna}, title = {{PUBCRAWL}: Protecting Users and Businesses from {CRAWLers}}, booktitle = {21st USENIX Security Symposium (USENIX Security 12)}, year = {2012}, isbn = {978-931971-95-9}, address = {Bellevue, WA}, pages = {507--522}, url = {https://www.usenix.org/conference/usenixsecurity12/technical-sessions/presentation/jacob}, publisher = {USENIX Association}, month = aug } @inproceedings {266509, author = {Gianluca Stringhini and Thorsten Holz and Brett Stone-Gross and Christopher Kruegel and Giovanni Vigna}, title = {{BOTMAGNIFIER}: Locating Spambots on the Internet}, booktitle = {20th USENIX Security Symposium (USENIX Security 11)}, year = {2011}, address = {San Francisco, CA}, url = {https://www.usenix.org/conference/usenix-security-11/botmagnifier-locating-spambots-internet}, publisher = {USENIX Association}, month = aug } @inproceedings {266510, author = {Gregoire Jacob and Ralf Hund and Christopher Kruegel and Thorsten Holz}, title = {{JACKSTRAWS}: Picking Command and Control Connections from Bot Traffic}, booktitle = {20th USENIX Security Symposium (USENIX Security 11)}, year = {2011}, address = {San Francisco, CA}, url = {https://www.usenix.org/conference/usenix-security-11/jackstraws-picking-command-and-control-connections-bot-traffic}, publisher = {USENIX Association}, month = aug } @inproceedings {266998, author = {Christopher Kruegel}, title = {Opening Remarks}, booktitle = {4th USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET 11)}, year = {2011}, address = {Boston, MA}, url = {https://www.usenix.org/conference/leet11/opening-remarks}, publisher = {USENIX Association}, month = mar } @inproceedings {267429, author = {Krishna P.N. Puttaswamy and Christopher Kruegel}, title = {Silverline: Toward Confidentiality in {Third-Party} Clouds}, booktitle = {7th USENIX Symposium on Networked Systems Design and Implementation (NSDI 10)}, year = {2010}, address = {San Jose, CA}, url = {https://www.usenix.org/conference/nsdi-10/silverline-toward-confidentiality-third-party-clouds}, publisher = {USENIX Association}, month = apr } @inproceedings {267223, author = {Viktoria Felmetsger and Ludovico Cavedon and Christopher Kruegel and Giovanni Vigna}, title = {Toward Automated Detection of Logic Vulnerabilities in Web Applications}, booktitle = {19th USENIX Security Symposium (USENIX Security 10)}, year = {2010}, address = {Washington, DC}, url = {https://www.usenix.org/conference/usenixsecurity10/toward-automated-detection-logic-vulnerabilities-web-applications}, publisher = {USENIX Association}, month = aug } @inproceedings {268173, author = {Marco Cova and Christopher Kruegel and Giovanni Vigna}, title = {There Is No Free Phish: An Analysis of "Free" and Live Phishing Kits}, booktitle = {2nd USENIX Workshop on Offensive Technologies (WOOT 08)}, year = {2008}, address = {San Jose, CA}, url = {https://www.usenix.org/conference/woot-08/there-no-free-phish-analysis-free-and-live-phishing-kits}, publisher = {USENIX Association}, month = jul } @inproceedings {268580, author = {Manuel Egele and Christopher Kruegel and Engin Kirda and Heng Yin and Dawn Song}, title = {Dynamic Spyware Analysis}, booktitle = {2007 USENIX Annual Technical Conference (USENIX ATC 07)}, year = {2007}, address = {Santa Clara, CA}, url = {https://www.usenix.org/conference/2007-usenix-annual-technical-conference/dynamic-spyware-analysis}, publisher = {USENIX Association}, month = jun } @inproceedings {268548, author = {Christoph Karlberger and G{\"u}nther Bayler and Christopher Kruegel and Engin Kirda}, title = {Exploiting Redundancy in Natural Language to Penetrate Bayesian Spam Filters}, booktitle = {First USENIX Workshop on Offensive Technologies (WOOT 07)}, year = {2007}, address = {Boston, MA}, url = {https://www.usenix.org/conference/woot-07/exploiting-redundancy-natural-language-penetrate-bayesian-spam-filters}, publisher = {USENIX Association}, month = aug } @inproceedings {268875, author = {Engin Kirda and Christopher Kruegel}, title = {Behavior-based Spyware Detection}, booktitle = {15th USENIX Security Symposium (USENIX Security 06)}, year = {2006}, address = {Vancouver, B.C. Canada}, url = {https://www.usenix.org/conference/15th-usenix-security-symposium/behavior-based-spyware-detection}, publisher = {USENIX Association}, month = jul } @inproceedings {269250, author = {Christopher Kruegel and Engin Kirda and Darren Mutz and William Robertson and Giovanni Vigna}, title = {Automating Mimicry Attacks Using Static Binary Analysis}, booktitle = {14th USENIX Security Symposium (USENIX Security 05)}, year = {2005}, address = {Baltimore, MD}, url = {https://www.usenix.org/conference/14th-usenix-security-symposium/automating-mimicry-attacks-using-static-binary-analysis}, publisher = {USENIX Association}, month = jul } @inproceedings {269586, author = {Christopher Kruegel and William Robertson and Fredrik Valeur and Giovanni Vigna}, title = {Static Disassembly of Obfuscated Binaries}, booktitle = {13th USENIX Security Symposium (USENIX Security 04)}, year = {2004}, address = {San Diego, CA}, url = {https://www.usenix.org/conference/13th-usenix-security-symposium/static-disassembly-obfuscated-binaries}, publisher = {USENIX Association}, month = aug } @inproceedings {270085, author = {William Robertson and Christopher Kruegel and Darren Mutz and Fredrik Valeur}, title = {Run-time Detection of Heap-based Overflows}, booktitle = {17th Large Installation Systems Administration Conference (LISA 03)}, year = {2003}, address = {San Diego, CA }, url = {https://www.usenix.org/conference/lisa-03/run-time-detection-heap-based-overflows}, publisher = {USENIX Association}, month = oct }