@inproceedings {285375, author = {Anthony Gavazzi and Ryan Williams and Engin Kirda and Long Lu and Andre King and Andy Davis and Tim Leek}, title = {A Study of {Multi-Factor} and {Risk-Based} Authentication Availability}, booktitle = {32nd USENIX Security Symposium (USENIX Security 23)}, year = {2023}, isbn = {978-1-939133-37-3}, address = {Anaheim, CA}, pages = {2043--2060}, url = {https://www.usenix.org/conference/usenixsecurity23/presentation/gavazzi}, publisher = {USENIX Association}, month = aug } @inproceedings {281398, author = {Bahruz Jabiyev and Steven Sprecher and Anthony Gavazzi and Tommaso Innocenti and Kaan Onarlioglu and Engin Kirda}, title = {{FRAMESHIFTER}: Security Implications of {HTTP/2-to-HTTP/1} Conversion Anomalies}, booktitle = {31st USENIX Security Symposium (USENIX Security 22)}, year = {2022}, isbn = {978-1-939133-31-1}, address = {Boston, MA}, pages = {1061--1075}, url = {https://www.usenix.org/conference/usenixsecurity22/presentation/jabiyev}, publisher = {USENIX Association}, month = aug } @inproceedings {277152, author = {Seyed Ali Mirheidari and Matteo Golinelli and Kaan Onarlioglu and Engin Kirda and Bruno Crispo}, title = {Web Cache Deception Escalates!}, booktitle = {31st USENIX Security Symposium (USENIX Security 22)}, year = {2022}, isbn = {978-1-939133-31-1}, address = {Boston, MA}, pages = {179--196}, url = {https://www.usenix.org/conference/usenixsecurity22/presentation/mirheidari}, publisher = {USENIX Association}, month = aug } @inproceedings {247680, author = {Seyed Ali Mirheidari and Sajjad Arshad and Kaan Onarlioglu and Bruno Crispo and Engin Kirda and William Robertson}, title = {Cached and Confused: Web Cache Deception in the Wild}, booktitle = {29th USENIX Security Symposium (USENIX Security 20)}, year = {2020}, isbn = {978-1-939133-17-5}, pages = {665--682}, url = {https://www.usenix.org/conference/usenixsecurity20/presentation/mirheidari}, publisher = {USENIX Association}, month = aug } @inproceedings {259695, author = {Ahmet Salih Buyukkayhan and Can Gemicioglu and Tobias Lauinger and Alina Oprea and William Robertson and Engin Kirda}, title = {What{\textquoteright}s in an Exploit? An Empirical Analysis of Reflected Server {XSS} Exploitation Techniques}, booktitle = {23rd International Symposium on Research in Attacks, Intrusions and Defenses (RAID 2020)}, year = {2020}, isbn = {978-1-939133-18-2}, address = {San Sebastian}, pages = {107--120}, url = {https://www.usenix.org/conference/raid2020/presentation/buyukkayhan}, publisher = {USENIX Association}, month = oct } @inproceedings {242022, author = {Amin Kharraz and Brandon L. Daley and Graham Z. Baker and William Robertson and Engin Kirda}, title = {{USBESAFE}: An {End-Point} Solution to Protect Against {USB-Based} Attacks}, booktitle = {22nd International Symposium on Research in Attacks, Intrusions and Defenses (RAID 2019)}, year = {2019}, isbn = {978-1-939133-07-6}, address = {Chaoyang District, Beijing}, pages = {89--103}, url = {https://www.usenix.org/conference/raid2019/presentation/kharraz}, publisher = {USENIX Association}, month = sep } @inproceedings {197235, author = {Amin Kharaz and Sajjad Arshad and Collin Mulliner and William Robertson and Engin Kirda}, title = {{UNVEIL}: A {Large-Scale}, Automated Approach to Detecting Ransomware}, booktitle = {25th USENIX Security Symposium (USENIX Security 16)}, year = {2016}, isbn = {978-1-931971-32-4}, address = {Austin, TX}, pages = {757--772}, url = {https://www.usenix.org/conference/usenixsecurity16/technical-sessions/presentation/kharaz}, publisher = {USENIX Association}, month = aug } @inproceedings {190994, author = {Michael Weissbacher and William Robertson and Engin Kirda and Christopher Kruegel and Giovanni Vigna}, title = {{ZigZag}: Automatically Hardening Web Applications Against Client-side Validation Vulnerabilities}, booktitle = {24th USENIX Security Symposium (USENIX Security 15)}, year = {2015}, isbn = {978-1-939133-11-3}, address = {Washington, D.C.}, pages = {737--752}, url = {https://www.usenix.org/conference/usenixsecurity15/technical-sessions/presentation/weissbacher}, publisher = {USENIX Association}, month = aug } @inproceedings {184407, author = {Stevens Le Blond and Adina Uritesc and C{\'e}dric Gilbert and Zheng Leong Chua and Prateek Saxena and Engin Kirda}, title = {A Look at Targeted Attacks Through the Lense of an {NGO}}, booktitle = {23rd USENIX Security Symposium (USENIX Security 14)}, year = {2014}, isbn = {978-1-931971-15-7}, address = {San Diego, CA}, pages = {543--558}, url = {https://www.usenix.org/conference/usenixsecurity14/technical-sessions/presentation/le-blond}, publisher = {USENIX Association}, month = aug } @inproceedings {180233, author = {Gregoire Jacob and Engin Kirda and Christopher Kruegel and Giovanni Vigna}, title = {{PUBCRAWL}: Protecting Users and Businesses from {CRAWLers}}, booktitle = {21st USENIX Security Symposium (USENIX Security 12)}, year = {2012}, isbn = {978-931971-95-9}, address = {Bellevue, WA}, pages = {507--522}, url = {https://www.usenix.org/conference/usenixsecurity12/technical-sessions/presentation/jacob}, publisher = {USENIX Association}, month = aug } @inproceedings {267451, author = {Tobias Lauinger and Veikko Pankakoski and Davide Balzarotti and Engin Kirda}, title = {Honeybot, Your Man in the Middle for Automated Social Engineering}, booktitle = {3rd USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET 10)}, year = {2010}, address = {San Jose, CA }, url = {https://www.usenix.org/conference/leet-10/honeybot-your-man-middle-automated-social-engineering}, publisher = {USENIX Association}, month = apr } @inproceedings {267812, author = {Ulrich Bayer and Imam Habibi and Davide Balzarotti and Engin Kirda}, title = {A View on Current Malware Behaviors}, booktitle = {2nd USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET 09)}, year = {2009}, address = {Boston, MA}, url = {https://www.usenix.org/conference/leet-09/view-current-malware-behaviors}, publisher = {USENIX Association}, month = apr } @inproceedings {268580, author = {Manuel Egele and Christopher Kruegel and Engin Kirda and Heng Yin and Dawn Song}, title = {Dynamic Spyware Analysis}, booktitle = {2007 USENIX Annual Technical Conference (USENIX ATC 07)}, year = {2007}, address = {Santa Clara, CA}, url = {https://www.usenix.org/conference/2007-usenix-annual-technical-conference/dynamic-spyware-analysis}, publisher = {USENIX Association}, month = jun } @inproceedings {268548, author = {Christoph Karlberger and G{\"u}nther Bayler and Christopher Kruegel and Engin Kirda}, title = {Exploiting Redundancy in Natural Language to Penetrate Bayesian Spam Filters}, booktitle = {First USENIX Workshop on Offensive Technologies (WOOT 07)}, year = {2007}, address = {Boston, MA}, url = {https://www.usenix.org/conference/woot-07/exploiting-redundancy-natural-language-penetrate-bayesian-spam-filters}, publisher = {USENIX Association}, month = aug } @inproceedings {268875, author = {Engin Kirda and Christopher Kruegel}, title = {Behavior-based Spyware Detection}, booktitle = {15th USENIX Security Symposium (USENIX Security 06)}, year = {2006}, address = {Vancouver, B.C. Canada}, url = {https://www.usenix.org/conference/15th-usenix-security-symposium/behavior-based-spyware-detection}, publisher = {USENIX Association}, month = jul } @inproceedings {269250, author = {Christopher Kruegel and Engin Kirda and Darren Mutz and William Robertson and Giovanni Vigna}, title = {Automating Mimicry Attacks Using Static Binary Analysis}, booktitle = {14th USENIX Security Symposium (USENIX Security 05)}, year = {2005}, address = {Baltimore, MD}, url = {https://www.usenix.org/conference/14th-usenix-security-symposium/automating-mimicry-attacks-using-static-binary-analysis}, publisher = {USENIX Association}, month = jul }