Roberto Perdisci

perdisci [at] uga.edu

415 Boyd GSRC

University of Georgia

Athens, GA 30602

I am a Professor in the School of Computing at the University of Georgia, where I hold the Patty and D.R. Grimes Distinguished Professorship in Computer Science and direct the UGA Institute for Cybersecurity and Privacy. I am also an Adjunct Associate Professor in the Georgia Tech School of Cybersecurity and Privacy and a faculty member of the UGA Institute for Artificial Intelligence. Before joining UGA I was Post-Doctoral Fellow at the College of Computing of the Georgia Institute of Technology, working under the supervision of Prof. Wenke Lee. Before that, I was Research Scholar at the Georgia Tech Information Security Center and PhD candidate at the University of Cagliari, Italy with the Pattern Recognition and Applications Group.

My research focuses on securing networked systems. I am particularly interested in web security, automating the analysis of security incidents, and defending networks from malware. I often combine systems research with machine learning and large-scale data mining techniques to solve challenging computer and network security problems. I am also interested in broader aspects of networked systems, including Internet-scale measurements, analysis and optimization of systems performance, and the design of networking protocols. In 2012, I received an NSF CAREER award on a project titled “Automatic Learning of Adaptive Network-Centric Malware Detection Models.”

recent pc service

ACM Internet Measurements Conference, IMC 2025
Annual Computer Security Applications Conference (ACSAC 2024) - Conference Chair
2024 CAE-R CoP Research Symposium - Program Chair
IEEE European Symposium on Security and Privacy, EuroS&P 2024
ACM Conference on Computer and Communications Security, CCS 2024
The Web Conference, WWW 2024 – Security Track Area Chair
Annual Computer Security Applications Conference (ACSAC 2023) - Program Chair
Usenix Security Symposyum, 2023
ACM Conference on Computer and Communications Security (CCS 2023)
Annual Computer Security Applications Conference (ACSAC 2022) - Program Co-Chair
ACM Conference on Computer and Communications Security (CCS 2022) - Best Reviewer Award
MADWeb@NDSS 2022 - Program Chair
Usenix Security Symposyum, 2022

selected publications

C-Frame: Characterizing and measuring in-the-wild CAPTCHA attacks

Nguyen, Hoang Dai, Subramani, Karthika, Acharya, Bhupendra, Perdisci, Roberto, and Vadrevu, Phani

In IEEE Symposium on Security and Privacy, SP 2024, San Francisco, CA, USA, May 19-23, 2024 2024

Bib

@inproceedings{NguyenSAPV24,
  author = {Nguyen, Hoang Dai and Subramani, Karthika and Acharya, Bhupendra and Perdisci, Roberto and Vadrevu, Phani},
  title = {C-Frame: Characterizing and measuring in-the-wild {CAPTCHA} attacks},
  booktitle = {{IEEE} Symposium on Security and Privacy, {SP} 2024, San Francisco,
                    CA, USA, May 19-23, 2024},
  pages = {277--295},
  publisher = {{IEEE}},
  year = {2024},
  url = {https://doi.org/10.1109/SP54263.2024.00200},
}

Practical Attacks Against DNS Reputation Systems

Galloway, Tillson, Karakolios, Kleanthis, Ma, Zane, Perdisci, Roberto, Keromytis, Angelos, and Antonakakis, Manos

In IEEE Symposium on Security and Privacy, SP 2024, San Francisco, CA, USA, May 19-23, 2024 2024

Bib

@inproceedings{GallowayKMPKA24,
  author = {Galloway, Tillson and Karakolios, Kleanthis and Ma, Zane and Perdisci, Roberto and Keromytis, Angelos and Antonakakis, Manos},
  title = {Practical Attacks Against {DNS} Reputation Systems},
  booktitle = {{IEEE} Symposium on Security and Privacy, {SP} 2024, San Francisco,
                    CA, USA, May 19-23, 2024},
  pages = {4516--4534},
  publisher = {{IEEE}},
  year = {2024},
  url = {https://doi.org/10.1109/SP54263.2024.00266},
}

USENIXSec

WEBRR: A Forensic System for Replaying and Investigating Web-Based Attacks in The Modern Web

Allen, Joey, Yang, Zheng, Xiao, Feng, Landen, Matthew, Perdisci, Roberto, and Lee, Wenke

In 33rd USENIX Security Symposium, USENIX Security 2024, Philadelphia, PA, USA, August 14-16, 2024 2024

Bib

@inproceedings{AllenYXLPL24,
  author = {Allen, Joey and Yang, Zheng and Xiao, Feng and Landen, Matthew and Perdisci, Roberto and Lee, Wenke},
  editor = {Balzarotti, Davide and Xu, Wenyuan},
  title = {{WEBRR:} {A} Forensic System for Replaying and Investigating Web-Based
                    Attacks in The Modern Web},
  booktitle = {33rd {USENIX} Security Symposium, {USENIX} Security 2024, Philadelphia,
                    PA, USA, August 14-16, 2024},
  publisher = {{USENIX} Association},
  year = {2024},
  url = {https://www.usenix.org/conference/usenixsecurity24/presentation/allen},
}

WWW

Discovering and Measuring CDNs Prone to Domain Fronting

Subramani, Karthika, Perdisci, Roberto, Skafidas, Pierros-Christos, and Antonakakis, Manos

In Proceedings of the ACM on Web Conference 2024, WWW 2024, Singapore, May 13-17, 2024 2024

Bib

@inproceedings{SubramaniPSA24,
  author = {Subramani, Karthika and Perdisci, Roberto and Skafidas, Pierros{-}Christos and Antonakakis, Manos},
  editor = {Chua, Tat{-}Seng and Ngo, Chong{-}Wah and Kumar, Ravi and Lauw, Hady W. and Lee, Roy Ka{-}Wei},
  title = {Discovering and Measuring CDNs Prone to Domain Fronting},
  booktitle = {Proceedings of the {ACM} on Web Conference 2024, {WWW} 2024, Singapore,
                    May 13-17, 2024},
  pages = {1859--1867},
  publisher = {{ACM}},
  year = {2024},
  url = {https://doi.org/10.1145/3589334.3645656},
}

EuroSP

Understanding, Measuring, and Detecting Modern Technical Support Scams (to appear)

Liu, Jienan, Pun, Pooja, Vadrevu, Phani, and Perdisci, Roberto

In 8th IEEE European Symposium on Security and Privacy, EuroS&P 2023 2023

USENIXSec

TRIDENT: Towards Detecting and Mitigating Web-based Social Engineering Attacks (to appear)

Yang, Zheng, Allen, Joey, Landen, Matthew, Perdisci, Roberto, and Lee, Wenke

In 32nd USENIX Security Symposium, USENIX Security 23, ANAHEIM, CA, USA, August 9-11, 2023 2023

Bib

@inproceedings{Yang2023,
  author = {Yang, Zheng and Allen, Joey and Landen, Matthew and Perdisci, Roberto and Lee, Wenke},
  title = {TRIDENT: Towards Detecting and Mitigating Web-based Social Engineering Attacks (to appear)},
  booktitle = {32nd {USENIX} Security Symposium, {{USENIX} Security} 23, ANAHEIM, CA, USA, August 9-11, 2023},
  publisher = {{USENIX} Association},
  year = {2023},
}

USENIXSec

Combating Robocalls with Phone Virtual Assistant Mediated Interaction (to appear)

Pandit, Sharbani, Sarker, Krishanu, Perdisci, Roberto, Ahamad, Mustaque, and Yang, Diyi

In 32nd USENIX Security Symposium, USENIX Security 23, ANAHEIM, CA, USA, August 9-11, 2023 2023

Bib

@inproceedings{Pandit2023,
  author = {Pandit, Sharbani and Sarker, Krishanu and Perdisci, Roberto and Ahamad, Mustaque and Yang, Diyi},
  title = {Combating Robocalls with Phone Virtual Assistant Mediated Interaction (to appear)},
  booktitle = {32nd {USENIX} Security Symposium, {{USENIX} Security} 23, ANAHEIM, CA, USA, August 9-11, 2023},
  publisher = {{USENIX} Association},
  year = {2023},
}

IMC

PhishInPatterns: Measuring Elicited User Interactions at Scale on Phishing Websites (to appear)

Subramani, Karthika, Starov, Oleksii, Melicher, William, Vadrevu, Phani, and Perdisci, Roberto

In IMC ’22: ACM Internet Measurement Conference 2022

Bib

@inproceedings{Subramani2022,
  author = {Subramani, Karthika and Starov, Oleksii and Melicher, William and Vadrevu, Phani and Perdisci, Roberto},
  title = {PhishInPatterns: Measuring Elicited User Interactions at Scale on Phishing Websites (to appear)},
  booktitle = {{IMC} '22: {ACM} Internet Measurement Conference},
  publisher = {{ACM}},
  year = {2022},
}

EuroSP

SoK: Workerounds - Categorizing Service Worker Attacks and Mitigations

Subramani, Karthika, Jueckstock, Jordan, Kapravelos, Alexandros, and Perdisci, Roberto

In 7th IEEE European Symposium on Security and Privacy, EuroS&P 2022, Genoa, Italy, June 6-10, 2022 2022

Bib PDF Code

@inproceedings{DBLP:conf/eurosp/SubramaniJKP22,
  author = {Subramani, Karthika and Jueckstock, Jordan and Kapravelos, Alexandros and Perdisci, Roberto},
  title = {SoK: Workerounds - Categorizing Service Worker Attacks and Mitigations},
  booktitle = {7th {IEEE} European Symposium on Security and Privacy, EuroS{\&}P
                 2022, Genoa, Italy, June 6-10, 2022},
  pages = {555--571},
  publisher = {{IEEE}},
  year = {2022},
  url = {https://doi.org/10.1109/EuroSP53844.2022.00041},
  doi = {10.1109/EuroSP53844.2022.00041},
  timestamp = {Wed, 29 Jun 2022 16:03:24 +0200},
  biburl = {https://dblp.org/rec/conf/eurosp/SubramaniJKP22.bib},
  bibsource = {dblp computer science bibliography, https://dblp.org},
}

NDSS

C\^2SR: Cybercrime Scene Reconstruction for Post-mortem Forensic Analysis

Kwon, Yonghwi, Wang, Weihang, Jung, Jinho, Lee, Kyu Hyung, and Perdisci, Roberto

In 28th Annual Network and Distributed System Security Symposium, NDSS 2021, virtually, February 21-25, 2021 2021

Bib

@inproceedings{DBLP:conf/ndss/KwonWJLP21,
  author = {Kwon, Yonghwi and Wang, Weihang and Jung, Jinho and Lee, Kyu Hyung and Perdisci, Roberto},
  title = {C{\^{}}2SR: Cybercrime Scene Reconstruction for Post-mortem Forensic
                 Analysis},
  booktitle = {28th Annual Network and Distributed System Security Symposium, {NDSS}
                 2021, virtually, February 21-25, 2021},
  publisher = {The Internet Society},
  year = {2021},
  url = {https://www.ndss-symposium.org/ndss-paper/c2sr-cybercrime-scene-reconstruction-for-post-mortem-forensic-analysis/},
  timestamp = {Tue, 28 Sep 2021 01:00:00 +0200},
  biburl = {https://dblp.org/rec/conf/ndss/KwonWJLP21.bib},
  bibsource = {dblp computer science bibliography, https://dblp.org},
}

ACSAC

Towards a Practical Differentially Private Collaborative Phone Blacklisting System

Ucci, Daniele, Perdisci, Roberto, Lee, Jaewoo, and Ahamad, Mustaque

In ACSAC ’20: Annual Computer Security Applications Conference, Virtual Event / Austin, TX, USA, 7-11 December, 2020 2020

Bib

@inproceedings{DBLP:conf/acsac/UcciPLA20,
  author = {Ucci, Daniele and Perdisci, Roberto and Lee, Jaewoo and Ahamad, Mustaque},
  title = {Towards a Practical Differentially Private Collaborative Phone Blacklisting
                 System},
  booktitle = {{ACSAC} '20: Annual Computer Security Applications Conference, Virtual
                 Event / Austin, TX, USA, 7-11 December, 2020},
  pages = {100--115},
  publisher = {{ACM}},
  year = {2020},
  url = {https://doi.org/10.1145/3427228.3427239},
  doi = {10.1145/3427228.3427239},
  timestamp = {Tue, 15 Dec 2020 12:22:00 +0100},
  biburl = {https://dblp.org/rec/conf/acsac/UcciPLA20.bib},
  bibsource = {dblp computer science bibliography, https://dblp.org},
}

CCS

Mnemosyne: An Effective and Efficient Postmortem Watering Hole Attack Investigation System

Allen, Joey, Yang, Zheng, Landen, Matthew, Bhat, Raghav, Grover, Harsh, Chang, Andrew, Ji, Yang, Perdisci, Roberto, and Lee, Wenke

In CCS ’20: 2020 ACM SIGSAC Conference on Computer and Communications Security, Virtual Event, USA, November 9-13, 2020 2020

Bib

@inproceedings{DBLP:conf/ccs/AllenYLBGC0PL20,
  author = {Allen, Joey and Yang, Zheng and Landen, Matthew and Bhat, Raghav and Grover, Harsh and Chang, Andrew and Ji, Yang and Perdisci, Roberto and Lee, Wenke},
  editor = {Ligatti, Jay and Ou, Xinming and Katz, Jonathan and Vigna, Giovanni},
  title = {Mnemosyne: An Effective and Efficient Postmortem Watering Hole Attack
                 Investigation System},
  booktitle = {{CCS} '20: 2020 {ACM} {SIGSAC} Conference on Computer and Communications
                 Security, Virtual Event, USA, November 9-13, 2020},
  pages = {787--802},
  publisher = {{ACM}},
  year = {2020},
  url = {https://doi.org/10.1145/3372297.3423355},
  doi = {10.1145/3372297.3423355},
  timestamp = {Tue, 10 Nov 2020 19:56:39 +0100},
  biburl = {https://dblp.org/rec/conf/ccs/AllenYLBGC0PL20.bib},
  bibsource = {dblp computer science bibliography, https://dblp.org},
}

EuroSP

IoTFinder: Efficient Large-Scale Identification of IoT Devices via Passive DNS Traffic Analysis

Perdisci, Roberto, Papastergiou, Thomas, Alrawi, Omar, and Antonakakis, Manos

In IEEE European Symposium on Security and Privacy, EuroS&P 2020, Genoa, Italy, September 7-11, 2020 2020

Bib

@inproceedings{DBLP:conf/eurosp/PerdisciPAA20,
  author = {Perdisci, Roberto and Papastergiou, Thomas and Alrawi, Omar and Antonakakis, Manos},
  title = {IoTFinder: Efficient Large-Scale Identification of IoT Devices via
                 Passive {DNS} Traffic Analysis},
  booktitle = {{IEEE} European Symposium on Security and Privacy, EuroS{\&}P 2020,
                 Genoa, Italy, September 7-11, 2020},
  pages = {474--489},
  publisher = {{IEEE}},
  year = {2020},
  url = {https://doi.org/10.1109/EuroSP48549.2020.00037},
  doi = {10.1109/EuroSP48549.2020.00037},
  timestamp = {Tue, 10 Nov 2020 11:45:04 +0100},
  biburl = {https://dblp.org/rec/conf/eurosp/PerdisciPAA20.bib},
  bibsource = {dblp computer science bibliography, https://dblp.org},
}

IMC

When Push Comes to Ads: Measuring the Rise of (Malicious) Push Advertising

Subramani, Karthika, Yuan, Xingzi, Setayeshfar, Omid, Vadrevu, Phani, Lee, Kyu Hyung, and Perdisci, Roberto

In IMC ’20: ACM Internet Measurement Conference, Virtual Event, USA, October 27-29, 2020 2020

Bib

@inproceedings{SubramaniYSVLP20,
  author = {Subramani, Karthika and Yuan, Xingzi and Setayeshfar, Omid and Vadrevu, Phani and Lee, Kyu Hyung and Perdisci, Roberto},
  title = {When Push Comes to Ads: Measuring the Rise of (Malicious) Push Advertising},
  booktitle = {{IMC} '20: {ACM} Internet Measurement Conference, Virtual Event, USA,
                 October 27-29, 2020},
  pages = {724--737},
  publisher = {{ACM}},
  year = {2020},
  url = {https://doi.org/10.1145/3419394.3423631},
  doi = {10.1145/3419394.3423631},
  timestamp = {Thu, 14 Oct 2021 01:00:00 +0200},
  biburl = {https://dblp.org/rec/conf/imc/SubramaniYSVLP20.bib},
  bibsource = {dblp computer science bibliography, https://dblp.org},
}