Roberto Perdisci, Davide Ariu, Prahlad Fogla, Giorgio Giacinto, Wenke Lee. "McPAD : A Multiple Classifier System for Accurate Payload-based Anomaly Detection." Computer Networks, Special Issue on Traffic Classification and Its Applications to Modern Networks, 5(6), 2009, pp. 864-881. [pdf]

Roberto Perdisci, Andrea Lanzi, Wenke Lee. "Classification of Packed Executables for Accurate Computer Virus Detection." Pattern Recognition Letters, 29(14), 2008, pp. 1941-1946. [pdf]

Giorgio Giacinto, Roberto Perdisci, Mauro Del Rio, Fabio Roli. "Intrusion Detection in Computer Networks by a Modular Ensemble of One-Class Classifiers". Information Fusion, Special Issue on Applications of Ensemble Methods, 9(1), 2008, pp. 69-82. [pdf]

Roberto Perdisci, Giorgio Giacinto, Fabio Roli. "Alarm clustering for intrusion detection systems in computer networks". Engineering Applications of Artificial Intelligence, 19(4), 2006, pp. 429-438. [pdf]

Yacin Nadji, Manos Antonakaki, Roberto Perdisci, Wenke Lee. "Understanding the Prevalence and Use of Alternative Plans in Malware with Network Games". Annual Computer Security Applications Conference, ACSAC 2011 (acceptance rate 18.5% = 36/195) [pdf] 

Xiapu Luo, Peng Zhou, Junjie Zhang, Roberto Perdisci, Wenke Lee, Rocky K.C. Chang. "Exposing Invisible Timing-based Traffic Watermarks with BACKLIT". Annual Computer Security Applications Conference, ACSAC 2011 (acceptance rate 18.5% = 36/195) [pdf] 

Long Lu, Roberto Perdisci, Wenke Lee. "SURF: Detecting and Measuring Search Poisoning". ACM Conference on Computer and Communications Security, ACM CCS 2011 (acceptance rate 14.0% = 60/429) [pdf] 

Manos Antonakakis, Roberto Perdisci, Wenke Lee, Nikolaos Vasiloglou, David Dagon. "Detecting Malware Domains at the Upper DNS Hierarchy". USENIX Security Symposium, 2011 (acceptance rate 17.2% = 35/204) [pdf] 

Junjie Zhang, Roberto Perdisci, Wenke Lee, Unum Sarfraz, Xiapu Luo. "Detecting Stealthy P2P Botnets Using Statistical Traffic Fingerprints". IEEE/IFIP International Conference on Dependable Systems and Networks - Dependable Computing and Communications Symposium, DSN-DCCS 2011 (acceptance rate 17.6% = 26/148) [pdf,slides] 

Junjie Zhang, Xiapu Luo, Roberto Perdisci, Guofei Gu, Wenke Lee, Nick Feamster. "Boosting the scalability of Botnet Detection Using Adaptive Traffic Sampling". 6th ACM Symposium on Information, Computer and Communications Security, ASIACCS 2011. (acceptance rate 16.1% = 35 regular papers out of 217 submissions) [pdf] 

Xiapu Luo, P. Zhou, E. W. W. Chan, Wenke Lee, R. K. C. Chang, Roberto Perdisci. "HTTPOS: Sealing Information Leaks with Browser-side Obfuscation of Encrypted Flows". 18th Annual Network and Distributed System Security Symposium, NDSS 2011. (acceptance rate 20.1% = 28/139) [pdf]

Xiapu Luo, Junjie Zhang, Roberto Perdisci, Wenke Lee. "On the Secrecy of Spread-Spectrum Flow Watermarks". European Symposium on Research in Computer Security, ESORICS 2010. (acceptance rate 20.9% = 42/201) [pdf]

Manos Antonakakis, David Dagon, Xiapu Luo, Roberto Perdisci, W. Lee, J. Bellmor. "Anax: A Monitoring Infrastructure for Improving DNS Security". International Symposium on Recent Advances in Intrusion Detection, RAID 2010. (acceptance rate 23.1% = 24/104) [pdf]

Manos Antonakakis, Roberto Perdisci, David Dagon, Wenke Lee, Nick Feamster. "Building a Dynamic Reputation System for DNS". USENIX Security Symposium 2010 (acceptance rate 14.9% = 30/202) [pdf,slides]

Roberto Perdisci, Wenke Lee, Nick Feamster. "Behavioral Clustering of HTTP-based Malware and Signature Generation using Malicious Network Traces". USENIX Symposium on Networked Systems Design and Implementation, NSDI 2010 (acceptance rate 16.6% = 29/175) [pdf,slides]

Roberto Perdisci, Igino Corona, David Dagon, Wenke Lee. "Detecting Malicious Flux Service Networks through Passive Analysis of Recursive DNS Traces". Annual Computer Security Applications Conference, ACSAC 2009 (acceptance rate 19.6% = 44/224) [pdf,slides]

Roberto Perdisci, Manos Antonakakis, Xiapu Luo, Wenke Lee. "WSEC DNS: Protecting Recursive DNS Resolvers from Poisoning Attacks". IEEE/IFIP International Conference on Dependable Systems and Networks - Dependable Computing and Communications Symposium, DSN-DCCS 2009 (acceptance rate 21% = 37/177 full submissions) [pdf,extended_pdf,slides]

Roberto Perdisci, Andrea Lanzi, Wenke Lee. "McBoost : Boosting Scalability in Malware Collection and Analysis Using Statistical Classification of Executables". Annual Computer Security Applications Conference, ACSAC 2008 (acceptance rate 24.3% = 42/172) [pdf,slides]

Guofei Gu, Roberto Perdisci, Junjie Zhang, Wenke Lee. "BotMiner: Clustering Analysis of Network Traffic for Protocol- and Structure-Independent Botnet Detection". USENIX Security Symposium 2008 (acceptance rate 15.9% = 27/170) [pdf,slides]

Davide Ariu, Giorgio Giacinto, Roberto Perdisci. "Sensing Attacks in Computers Networks with Hidden Markov Models". International Conference on Machine Learning and Data Mining in Pattern recognition, MLDM 2007. [pdf]

Roberto Perdisci, Guofei Gu, Wenke Lee. "Using an Ensemble of One-Class SVM Classifiers to Harden Payload-based Anomaly Detection Systems". IEEE International Conference on Data Mining, ICDM 2006 (acceptance rate 9.4% = 73 regular papers out of 776 submissions) [pdf,slides]

Prahlad Fogla, Monirul Sharif, Roberto Perdisci, Oleg Kolesnikov, Wenke Lee. "Polymorphic Blending Attacks". USENIX Security Symposium 2006 (acceptance rate 12.3% = 22/179) [pdf,slides]

Roberto Perdisci, David Dagon, Wenke Lee, Prahlad Fogla, Monirul Sharif. "Misleading Worm Signature Generators Using Deliberate Noise Injection". IEEE Symposium on Security and Privacy 2006 (acceptance rate 9.2% = 23 regular papers out of 251 submissions) [pdf,slides]

Giorgio Giacinto, Roberto Perdisci, Fabio Roli. "Network Intrusion Detection by Combining One-class Classifiers". International Conference on Image Analysis and Processing, ICIAP 2005, Special Session on Intrusion Detection. [pdf]

Giorgio Giacinto, Roberto Perdisci, and Fabio Roli, "Alarm Clustering for Intrusion Detection Systems in Computer Networks". International Conference on Machine Learning and Data Mining in Pattern recognition, MLDM 2005. [pdf]

R. Perdisci, G. Gu, W. Lee. "Combining Multiple One-Class Classifiers for Hardening Payload-based Anomaly Detection Systems". NIPS 2007, Workshop on Machine Learning in Adversarial Environments for Computer Security [poster].

D. Ariu, I. Corona, G. Giacinto, R. Perdisci, F. Roli, "Intrusion Detection Systems based on anomaly detection techniques", Italian Workshop on Privacy and Security (PRISE), 2007.

R. Perdisci, M. Antonakakis, W. Lee. "Solving the DNS Cache Poisoning Problem Without Changing the Protocol". Tech. Report. GTISC, Georgia Institute of Technology. May 16, 2008. [pdf]. NOTE: this work was published before Dan Kaminsky's talk at Black Hat 2008, where Dan presented a new poisoning attack. Since then, things have changed quite a lot. We have updated this tech report to address Kaminsky's attack. The new work is "WSEC DNS: Protecting Recursive DNS Resolvers from Poisoning Attacks", which was accepted at DSN-DCCS 2009.

Roberto Perdisci. "Statistical Pattern Recognition Techniques for Intrusion Detection in Computer Networks, Challenges and Solutions". Department of Electrical and Electronic Engineering, University of Cagliari, ITALY (2006). [pdf]

Roberto Perdisci, Wenke Lee. "Method and System for Detecting Malicious and/or Botnet-Related Domain Names" (US Patent pending), August 2008.

Manos Antonakakis, Roberto Perdisci, Wenke Lee, Gunter Ollmann. "Method and System for Detecting Malware"  (US Patent pending), January 2010.

Roberto Perdisci, Wenke Lee, Gunter Ollmann. "Method and System for Network-based Detecting of Malware from Behavioral Clustering" (US Patent pending), January 2010.