Talks


  • "AMICO - Accurate Behavior-Based Detection of Malware Downloads"
    2015 RSA Conference (DHS Expo Booth \#202)
    San Francisco, CA. April 21-22, 2015

  • "If I Knew Then... TTP Successes and Challenges" -- Panel Discussion (INVITED TALK)
    NSF/DHS Technology Transfer to Practice in Cyber Security Workshop.
    SRI International, Menlo Park, CA. February 25, 2015.

  • "AMICO - Measuring and Detecting Malware Downloads in Live Network Traffic" (INVITED TALK)
    MAAWG -- Messaging Malware and Mobile Anti-Abuse Working Group Technical Conference
    San Francisco, CA. February 19, 2015.

  • "Effective Malware Defense via Network-Centric Behavior-Based Learning" (INVITED TALK)
    Swiss Cyberstorm 2015. 
    Lucerne, Switzerland. Oct. 22, 2014.

  • "Effective Malware Defense via Network-Centric Behavior-Based Learning" (INVITED TALK)
    Security Seminars - College of Computing, Georgia Tech.
    Atlanta, GA. Nov. 1, 2013.

  • "PeerRush: Mining for Unwanted P2P Traffic"
    10th Conference on Detection of Intrusions and Malware & Vulnerability Assessment
    Berlin, Germany. July 18, 2013 [slides]

  • "Show Me All You've Got! Combining Unsupervised, Supervised, and One-Class Pattern Recognition Techniques to Solve Practical Network Security Problems" (INVITED TALK)
    Dept. of Electrical and Electronic Engineering, University of Cagliari
    Cagliari, Italy. June 20, 2013.

  • "Malware Detection at the Network Edge" (INVITED TALK)
    TREND MICRO Italy
    Sesto San Giovanni (MI), Italy. June 5, 2013.

  • "DGA-based Botnets: Discovery, Classification, and Tracking" (INVITED TALK)
    Carnegie Mellon University, CyLab Seminars.
    Pittsburgh, PA, USA. February 25, 2012.

  • "FluxBuster: Early Detection of Malicious Flux Networks" (INVITED TALK)
    13th KOCSEA Technical Symposium.
    Atlanta, GA, USA. December 15, 2012.

  • "VAMO: Towards a Fully Automated Malware Clustering Validity Analysis"
    Annual Computer Security Applications Conference, ACSAC 2008.
    Orlando, FL, USA. December 7, 2012. [slides]

  • "Discovery and Classification of DGA-based Malware" (INVITED TALK)
    Northeastern University, College of Computer and Information Science.
    Boston, MA, USA. November 2, 2012.

  • "FluxBuster: Early Detection of Malicious Flux Networks via Large-Scale Passive DNS Traffic Analysis"
    ISC/CAIDA Data Collaboration Workshop.
    Baltimore, MD. October 22, 2012. [slides]

  • "Learning to Fight Malware" (INVITED TALK)
    AAAI 2010 - Workshop on Intelligent Security
    Atlanta, GA, UGA. July 12, 2010. [slides]
  • "Detecting the Network Behavior of Malware" (INVITED TALK)
    EURECOM - ISEC Lab
    Sophia Antipolis, France, June 1, 2010. [slides]
  • "Behavioral Clustering of HTTP-based Malware and Signature Generation using Malicious Network Traces"
    USENIX Symposium on Networked Systems Design and Implementation, NSDI 2010.
    San Jose, CA, April 30, 2010. [slides]
  • "Detecting Malicious Flux Service Networks through Passive Analysis of Recursive DNS Traces"
    Annual Computer Security Applications Conference, ACSAC 2009.
    Honolulu, Hawaii, December 10, 2009. [slides]
  • "WSEC DNS: Protecting Recursive DNS Resolvers from Poisoning Attacks"
    IEEE/IFIP International Conference on Dependable Systems and Networks - Dependable Computing and Communications Symposium
    , DSN-DCCS 2009.
    Estoril, Lisbon, Portugal - June 30, 2009. [slides]
  • "McBoost : Boosting Scalability in Malware Collection and Analysis Using Statistical Classification of Executables"
    Annual Computer Security Applications Conference, ACSAC 2008.
    Anhaim, CA, USA, December 2008. [slides]
  • "Using an Ensemble of One-Class SVM Classifiers to Harden Payload-based Anomaly Detection Systems"
    IEEE International Conference on Data Mining, ICDM 2006.
    Hong Kong, December 2006 [slides]
  • "Misleading Worm Signature Generators Using Deliberate Noise Injection"
    IEEE Symposium on Security and Privacy 2006.
    Oakland, CA, USA, May 2006. [slides]
  • "The Role of Machine Learning in Network Intrusion Detection" (INVITED TALK)
    Georgia Institute of Technology, College of Computing, Computational Science and Engineering division.
    Atlanta, GA, USA , October 6, 2006. [slides]