publications

2023

1. EuroSP

   Understanding, Measuring, and Detecting Modern Technical Support Scams (to appear)

   Liu, Jienan, Pun, Pooja, Vadrevu, Phani, and Perdisci, Roberto

   In 8th IEEE European Symposium on Security and Privacy, EuroS&P 2023 2023
2. USENIXSec

   TRIDENT: Towards Detecting and Mitigating Web-based Social Engineering Attacks (to appear)

   Yang, Zheng, Allen, Joey, Landen, Matthew,  Perdisci, Roberto, and Lee, Wenke

   In 32nd USENIX Security Symposium, USENIX Security 23, ANAHEIM, CA, USA, August 9-11, 2023 2023
3. USENIXSec

   Combating Robocalls with Phone Virtual Assistant Mediated Interaction (to appear)

   Pandit, Sharbani, Sarker, Krishanu,  Perdisci, Roberto, Ahamad, Mustaque, and Yang, Diyi

   In 32nd USENIX Security Symposium, USENIX Security 23, ANAHEIM, CA, USA, August 9-11, 2023 2023

2022

1. Returning to Port: Efficient Detection of Home Router Devices

   Papastergiou, Thomas,  Perdisci, Roberto, and Antonakakis, Manos

   In 2022 IEEE Conference on Communications and Network Security (CNS) 2022
2. IMC

   PhishInPatterns: Measuring Elicited User Interactions at Scale on Phishing Websites (to appear)

   Subramani, Karthika, Starov, Oleksii, Melicher, William, Vadrevu, Phani, and Perdisci, Roberto

   In IMC ’22: ACM Internet Measurement Conference 2022

   Bib

   @inproceedings{Subramani2022,
     author = {Subramani, Karthika and Starov, Oleksii and Melicher, William and Vadrevu, Phani and Perdisci, Roberto},
     title = {PhishInPatterns: Measuring Elicited User Interactions at Scale on Phishing Websites (to appear)},
     booktitle = {{IMC} '22: {ACM} Internet Measurement Conference},
     publisher = {{ACM}},
     year = {2022},
   }

3. EuroSP

   SoK: Workerounds - Categorizing Service Worker Attacks and Mitigations

   Subramani, Karthika, Jueckstock, Jordan, Kapravelos, Alexandros, and Perdisci, Roberto

   In 7th IEEE European Symposium on Security and Privacy, EuroS&P 2022, Genoa, Italy, June 6-10, 2022 2022

   Bib PDF Code

   @inproceedings{DBLP:conf/eurosp/SubramaniJKP22,
     author = {Subramani, Karthika and Jueckstock, Jordan and Kapravelos, Alexandros and Perdisci, Roberto},
     title = {SoK: Workerounds - Categorizing Service Worker Attacks and Mitigations},
     booktitle = {7th {IEEE} European Symposium on Security and Privacy, EuroS{\&}P
                    2022, Genoa, Italy, June 6-10, 2022},
     pages = {555--571},
     publisher = {{IEEE}},
     year = {2022},
     url = {https://doi.org/10.1109/EuroSP53844.2022.00041},
     doi = {10.1109/EuroSP53844.2022.00041},
     timestamp = {Wed, 29 Jun 2022 16:03:24 +0200},
     biburl = {https://dblp.org/rec/conf/eurosp/SubramaniJKP22.bib},
     bibsource = {dblp computer science bibliography, https://dblp.org},
   }

2021

1. DIMVA

   Detecting and Measuring In-The-Wild DRDoS Attacks at IXPs

   Subramani, Karthika,  Perdisci, Roberto, and Konte, Maria

   In Detection of Intrusions and Malware, and Vulnerability Assessment - 18th International Conference, DIMVA 2021, Virtual Event, July 14-16, 2021, Proceedings 2021

   Bib Code

   @inproceedings{DBLP:conf/dimva/SubramaniPK21,
     author = {Subramani, Karthika and Perdisci, Roberto and Konte, Maria},
     editor = {Bilge, Leyla and Cavallaro, Lorenzo and Pellegrino, Giancarlo and Neves, Nuno},
     title = {Detecting and Measuring In-The-Wild DRDoS Attacks at IXPs},
     booktitle = {Detection of Intrusions and Malware, and Vulnerability Assessment
                    - 18th International Conference, {DIMVA} 2021, Virtual Event, July
                    14-16, 2021, Proceedings},
     series = {Lecture Notes in Computer Science},
     volume = {12756},
     pages = {42--67},
     publisher = {Springer},
     year = {2021},
     url = {https://doi.org/10.1007/978-3-030-80825-9\_3},
     doi = {10.1007/978-3-030-80825-9\_3},
     timestamp = {Tue, 13 Jul 2021 16:53:38 +0200},
     biburl = {https://dblp.org/rec/conf/dimva/SubramaniPK21.bib},
     bibsource = {dblp computer science bibliography, https://dblp.org},
   }

2. NDSS

   C\^2SR: Cybercrime Scene Reconstruction for Post-mortem Forensic Analysis

   Kwon, Yonghwi, Wang, Weihang, Jung, Jinho, Lee, Kyu Hyung, and Perdisci, Roberto

   In 28th Annual Network and Distributed System Security Symposium, NDSS 2021, virtually, February 21-25, 2021 2021

   Bib

   @inproceedings{DBLP:conf/ndss/KwonWJLP21,
     author = {Kwon, Yonghwi and Wang, Weihang and Jung, Jinho and Lee, Kyu Hyung and Perdisci, Roberto},
     title = {C{\^{}}2SR: Cybercrime Scene Reconstruction for Post-mortem Forensic
                    Analysis},
     booktitle = {28th Annual Network and Distributed System Security Symposium, {NDSS}
                    2021, virtually, February 21-25, 2021},
     publisher = {The Internet Society},
     year = {2021},
     url = {https://www.ndss-symposium.org/ndss-paper/c2sr-cybercrime-scene-reconstruction-for-post-mortem-forensic-analysis/},
     timestamp = {Tue, 28 Sep 2021 01:00:00 +0200},
     biburl = {https://dblp.org/rec/conf/ndss/KwonWJLP21.bib},
     bibsource = {dblp computer science bibliography, https://dblp.org},
   }

3. DLS

   Applying Deep Learning to Combat Mass Robocalls

   Pandit, Sharbani, Liu, Jienan,  Perdisci, Roberto, and Ahamad, Mustaque

   In IEEE Security and Privacy Workshops, SP Workshops 2021, San Francisco, CA, USA, May 27, 2021 2021

   Bib

   @inproceedings{DBLP:conf/sp/PanditLPA21,
     author = {Pandit, Sharbani and Liu, Jienan and Perdisci, Roberto and Ahamad, Mustaque},
     title = {Applying Deep Learning to Combat Mass Robocalls},
     booktitle = {{IEEE} Security and Privacy Workshops, {SP} Workshops 2021, San Francisco,
                    CA, USA, May 27, 2021},
     pages = {63--70},
     publisher = {{IEEE}},
     year = {2021},
     url = {https://doi.org/10.1109/SPW53761.2021.00018},
     doi = {10.1109/SPW53761.2021.00018},
     timestamp = {Wed, 14 Jul 2021 16:48:11 +0200},
     biburl = {https://dblp.org/rec/conf/sp/PanditLPA21.bib},
     bibsource = {dblp computer science bibliography, https://dblp.org},
   }

4. arXiv

   Categorizing Service Worker Attacks and Mitigations

   Subramani, Karthika, Jueckstock, Jordan, Kapravelos, Alexandros, and Perdisci, Roberto

   CoRR 2021

   Bib

   @article{DBLP:journals/corr/abs-2111-07153,
     author = {Subramani, Karthika and Jueckstock, Jordan and Kapravelos, Alexandros and Perdisci, Roberto},
     title = {Categorizing Service Worker Attacks and Mitigations},
     journal = {CoRR},
     volume = {abs/2111.07153},
     year = {2021},
     eprinttype = {arXiv},
     eprint = {2111.07153},
     timestamp = {Tue, 16 Nov 2021 00:00:00 +0100},
     biburl = {https://dblp.org/rec/journals/corr/abs-2111-07153.bib},
     bibsource = {dblp computer science bibliography, https://dblp.org},
   }

2020

1. ACSAC

   Towards a Practical Differentially Private Collaborative Phone Blacklisting System

   Ucci, Daniele,  Perdisci, Roberto, Lee, Jaewoo, and Ahamad, Mustaque

   In ACSAC ’20: Annual Computer Security Applications Conference, Virtual Event / Austin, TX, USA, 7-11 December, 2020 2020

   Bib

   @inproceedings{DBLP:conf/acsac/UcciPLA20,
     author = {Ucci, Daniele and Perdisci, Roberto and Lee, Jaewoo and Ahamad, Mustaque},
     title = {Towards a Practical Differentially Private Collaborative Phone Blacklisting
                    System},
     booktitle = {{ACSAC} '20: Annual Computer Security Applications Conference, Virtual
                    Event / Austin, TX, USA, 7-11 December, 2020},
     pages = {100--115},
     publisher = {{ACM}},
     year = {2020},
     url = {https://doi.org/10.1145/3427228.3427239},
     doi = {10.1145/3427228.3427239},
     timestamp = {Tue, 15 Dec 2020 12:22:00 +0100},
     biburl = {https://dblp.org/rec/conf/acsac/UcciPLA20.bib},
     bibsource = {dblp computer science bibliography, https://dblp.org},
   }

2. CCS

   Mnemosyne: An Effective and Efficient Postmortem Watering Hole Attack Investigation System

   Allen, Joey, Yang, Zheng, Landen, Matthew, Bhat, Raghav, Grover, Harsh, Chang, Andrew, Ji, Yang,  Perdisci, Roberto, and Lee, Wenke

   In CCS ’20: 2020 ACM SIGSAC Conference on Computer and Communications Security, Virtual Event, USA, November 9-13, 2020 2020

   Bib

   @inproceedings{DBLP:conf/ccs/AllenYLBGC0PL20,
     author = {Allen, Joey and Yang, Zheng and Landen, Matthew and Bhat, Raghav and Grover, Harsh and Chang, Andrew and Ji, Yang and Perdisci, Roberto and Lee, Wenke},
     editor = {Ligatti, Jay and Ou, Xinming and Katz, Jonathan and Vigna, Giovanni},
     title = {Mnemosyne: An Effective and Efficient Postmortem Watering Hole Attack
                    Investigation System},
     booktitle = {{CCS} '20: 2020 {ACM} {SIGSAC} Conference on Computer and Communications
                    Security, Virtual Event, USA, November 9-13, 2020},
     pages = {787--802},
     publisher = {{ACM}},
     year = {2020},
     url = {https://doi.org/10.1145/3372297.3423355},
     doi = {10.1145/3372297.3423355},
     timestamp = {Tue, 10 Nov 2020 19:56:39 +0100},
     biburl = {https://dblp.org/rec/conf/ccs/AllenYLBGC0PL20.bib},
     bibsource = {dblp computer science bibliography, https://dblp.org},
   }

3. EuroSP

   IoTFinder: Efficient Large-Scale Identification of IoT Devices via Passive DNS Traffic Analysis

   Perdisci, Roberto, Papastergiou, Thomas, Alrawi, Omar, and Antonakakis, Manos

   In IEEE European Symposium on Security and Privacy, EuroS&P 2020, Genoa, Italy, September 7-11, 2020 2020

   Bib

   @inproceedings{DBLP:conf/eurosp/PerdisciPAA20,
     author = {Perdisci, Roberto and Papastergiou, Thomas and Alrawi, Omar and Antonakakis, Manos},
     title = {IoTFinder: Efficient Large-Scale Identification of IoT Devices via
                    Passive {DNS} Traffic Analysis},
     booktitle = {{IEEE} European Symposium on Security and Privacy, EuroS{\&}P 2020,
                    Genoa, Italy, September 7-11, 2020},
     pages = {474--489},
     publisher = {{IEEE}},
     year = {2020},
     url = {https://doi.org/10.1109/EuroSP48549.2020.00037},
     doi = {10.1109/EuroSP48549.2020.00037},
     timestamp = {Tue, 10 Nov 2020 11:45:04 +0100},
     biburl = {https://dblp.org/rec/conf/eurosp/PerdisciPAA20.bib},
     bibsource = {dblp computer science bibliography, https://dblp.org},
   }

4. IMC

   When Push Comes to Ads: Measuring the Rise of (Malicious) Push Advertising

   Subramani, Karthika, Yuan, Xingzi, Setayeshfar, Omid, Vadrevu, Phani, Lee, Kyu Hyung, and Perdisci, Roberto

   In IMC ’20: ACM Internet Measurement Conference, Virtual Event, USA, October 27-29, 2020 2020

   Bib

   @inproceedings{DBLP:conf/imc/SubramaniYSVLP20,
     author = {Subramani, Karthika and Yuan, Xingzi and Setayeshfar, Omid and Vadrevu, Phani and Lee, Kyu Hyung and Perdisci, Roberto},
     title = {When Push Comes to Ads: Measuring the Rise of (Malicious) Push Advertising},
     booktitle = {{IMC} '20: {ACM} Internet Measurement Conference, Virtual Event, USA,
                    October 27-29, 2020},
     pages = {724--737},
     publisher = {{ACM}},
     year = {2020},
     url = {https://doi.org/10.1145/3419394.3423631},
     doi = {10.1145/3419394.3423631},
     timestamp = {Thu, 14 Oct 2021 01:00:00 +0200},
     biburl = {https://dblp.org/rec/conf/imc/SubramaniYSVLP20.bib},
     bibsource = {dblp computer science bibliography, https://dblp.org},
   }

5. arXiv

   Measuring Abuse in Web Push Advertising

   Subramani, Karthika, Yuan, Xingzi, Setayeshfar, Omid, Vadrevu, Phani, Lee, Kyu Hyung, and Perdisci, Roberto

   CoRR 2020

   Bib

   @article{DBLP:journals/corr/abs-2002-06448,
     author = {Subramani, Karthika and Yuan, Xingzi and Setayeshfar, Omid and Vadrevu, Phani and Lee, Kyu Hyung and Perdisci, Roberto},
     title = {Measuring Abuse in Web Push Advertising},
     journal = {CoRR},
     volume = {abs/2002.06448},
     year = {2020},
     eprinttype = {arXiv},
     eprint = {2002.06448},
     timestamp = {Mon, 02 Mar 2020 00:00:00 +0100},
     biburl = {https://dblp.org/rec/journals/corr/abs-2002-06448.bib},
     bibsource = {dblp computer science bibliography, https://dblp.org},
   }

6. arXiv

   Building a Collaborative Phone Blacklisting System with Local Differential Privacy

   Ucci, Daniele,  Perdisci, Roberto, Lee, Jaewoo, and Ahamad, Mustaque

   CoRR 2020

   Bib

   @article{DBLP:journals/corr/abs-2006-09287,
     author = {Ucci, Daniele and Perdisci, Roberto and Lee, Jaewoo and Ahamad, Mustaque},
     title = {Building a Collaborative Phone Blacklisting System with Local Differential
                    Privacy},
     journal = {CoRR},
     volume = {abs/2006.09287},
     year = {2020},
     eprinttype = {arXiv},
     eprint = {2006.09287},
     timestamp = {Wed, 17 Jun 2020 01:00:00 +0200},
     biburl = {https://dblp.org/rec/journals/corr/abs-2006-09287.bib},
     bibsource = {dblp computer science bibliography, https://dblp.org},
   }

7. arXiv

   IXmon: Detecting and Analyzing DRDoS Attacks at Internet Exchange Points

   Subramani, Karthika,  Perdisci, Roberto, and Konte, Maria

   CoRR 2020

   Bib

   @article{DBLP:journals/corr/abs-2006-12555,
     author = {Subramani, Karthika and Perdisci, Roberto and Konte, Maria},
     title = {IXmon: Detecting and Analyzing DRDoS Attacks at Internet Exchange
                    Points},
     journal = {CoRR},
     volume = {abs/2006.12555},
     year = {2020},
     eprinttype = {arXiv},
     eprint = {2006.12555},
     timestamp = {Wed, 01 Jul 2020 01:00:00 +0200},
     biburl = {https://dblp.org/rec/journals/corr/abs-2006-12555.bib},
     bibsource = {dblp computer science bibliography, https://dblp.org},
   }

8. arXiv

   Fighting Voice Spam with a Virtual Assistant Prototype

   Pandit, Sharbani, Liu, Jienan,  Perdisci, Roberto, and Ahamad, Mustaque

   CoRR 2020

   Bib

   @article{DBLP:journals/corr/abs-2008-03554,
     author = {Pandit, Sharbani and Liu, Jienan and Perdisci, Roberto and Ahamad, Mustaque},
     title = {Fighting Voice Spam with a Virtual Assistant Prototype},
     journal = {CoRR},
     volume = {abs/2008.03554},
     year = {2020},
     eprinttype = {arXiv},
     eprint = {2008.03554},
     timestamp = {Fri, 14 Aug 2020 01:00:00 +0200},
     biburl = {https://dblp.org/rec/journals/corr/abs-2008-03554.bib},
     bibsource = {dblp computer science bibliography, https://dblp.org},
   }

2019

1. IMC

   What You See is NOT What You Get: Discovering and Tracking Social Engineering Attack Campaigns

   Vadrevu, Phani, and Perdisci, Roberto

   In Proceedings of the Internet Measurement Conference, IMC 2019, Amsterdam, The Netherlands, October 21-23, 2019 2019

   Bib

   @inproceedings{DBLP:conf/imc/VadrevuP19,
     author = {Vadrevu, Phani and Perdisci, Roberto},
     title = {What You See is {NOT} What You Get: Discovering and Tracking Social
                    Engineering Attack Campaigns},
     booktitle = {Proceedings of the Internet Measurement Conference, {IMC} 2019, Amsterdam,
                    The Netherlands, October 21-23, 2019},
     pages = {308--321},
     publisher = {{ACM}},
     year = {2019},
     url = {https://doi.org/10.1145/3355369.3355600},
     doi = {10.1145/3355369.3355600},
     timestamp = {Fri, 25 Oct 2019 09:51:53 +0200},
     biburl = {https://dblp.org/rec/conf/imc/VadrevuP19.bib},
     bibsource = {dblp computer science bibliography, https://dblp.org},
   }

2. DIMVA

   Detection of Intrusions and Malware, and Vulnerability Assessment - 16th International Conference, DIMVA 2019, Gothenburg, Sweden, June 19-20, 2019, Proceedings

   2019

   Bib

   @proceedings{DBLP:conf/dimva/2019,
     editor = {Perdisci, Roberto and Maurice, Cl{\'{e}}mentine and Giacinto, Giorgio and Almgren, Magnus},
     title = {Detection of Intrusions and Malware, and Vulnerability Assessment
                    - 16th International Conference, {DIMVA} 2019, Gothenburg, Sweden,
                    June 19-20, 2019, Proceedings},
     series = {Lecture Notes in Computer Science},
     volume = {11543},
     publisher = {Springer},
     year = {2019},
     url = {https://doi.org/10.1007/978-3-030-22038-9},
     doi = {10.1007/978-3-030-22038-9},
     isbn = {978-3-030-22037-2},
     timestamp = {Tue, 29 Dec 2020 00:00:00 +0100},
     biburl = {https://dblp.org/rec/conf/dimva/2019.bib},
     bibsource = {dblp computer science bibliography, https://dblp.org},
   }

2018

1. AsiaCCS

   Augmenting Telephone Spam Blacklists by Mining Large CDR Datasets

   Liu, Jienan, Rahbarinia, Babak,  Perdisci, Roberto, Du, Haitao, and Su, Li

   In Proceedings of the 2018 on Asia Conference on Computer and Communications Security, AsiaCCS 2018, Incheon, Republic of Korea, June 04-08, 2018 2018

   Bib

   @inproceedings{DBLP:conf/ccs/LiuRPDS18,
     author = {Liu, Jienan and Rahbarinia, Babak and Perdisci, Roberto and Du, Haitao and Su, Li},
     editor = {Kim, Jong and Ahn, Gail{-}Joon and Kim, Seungjoo and Kim, Yongdae and L{\'{o}}pez, Javier and Kim, Taesoo},
     title = {Augmenting Telephone Spam Blacklists by Mining Large {CDR} Datasets},
     booktitle = {Proceedings of the 2018 on Asia Conference on Computer and Communications
                    Security, AsiaCCS 2018, Incheon, Republic of Korea, June 04-08, 2018},
     pages = {273--284},
     publisher = {{ACM}},
     year = {2018},
     url = {https://doi.org/10.1145/3196494.3196553},
     doi = {10.1145/3196494.3196553},
     timestamp = {Tue, 10 Nov 2020 16:06:16 +0100},
     biburl = {https://dblp.org/rec/conf/ccs/LiuRPDS18.bib},
     bibsource = {dblp computer science bibliography, https://dblp.org},
   }

2. AsiaCCS

   Towards Measuring the Role of Phone Numbers in Twitter-Advertised Spam

   Gupta, Payas,  Perdisci, Roberto, and Ahamad, Mustaque

   In Proceedings of the 2018 on Asia Conference on Computer and Communications Security, AsiaCCS 2018, Incheon, Republic of Korea, June 04-08, 2018 2018

   Bib

   @inproceedings{DBLP:conf/ccs/GuptaPA18,
     author = {Gupta, Payas and Perdisci, Roberto and Ahamad, Mustaque},
     editor = {Kim, Jong and Ahn, Gail{-}Joon and Kim, Seungjoo and Kim, Yongdae and L{\'{o}}pez, Javier and Kim, Taesoo},
     title = {Towards Measuring the Role of Phone Numbers in Twitter-Advertised
                    Spam},
     booktitle = {Proceedings of the 2018 on Asia Conference on Computer and Communications
                    Security, AsiaCCS 2018, Incheon, Republic of Korea, June 04-08, 2018},
     pages = {285--296},
     publisher = {{ACM}},
     year = {2018},
     url = {https://doi.org/10.1145/3196494.3196516},
     doi = {10.1145/3196494.3196516},
     timestamp = {Wed, 21 Nov 2018 00:00:00 +0100},
     biburl = {https://dblp.org/rec/conf/ccs/GuptaPA18.bib},
     bibsource = {dblp computer science bibliography, https://dblp.org},
   }

3. NDSS

   JSgraph: Enabling Reconstruction of Web Attacks via Efficient Tracking of Live In-Browser JavaScript Executions

   Li, Bo, Vadrevu, Phani, Lee, Kyu Hyung, and Perdisci, Roberto

   In 25th Annual Network and Distributed System Security Symposium, NDSS 2018, San Diego, California, USA, February 18-21, 2018 2018

   Bib

   @inproceedings{DBLP:conf/ndss/LiVLP18,
     author = {Li, Bo and Vadrevu, Phani and Lee, Kyu Hyung and Perdisci, Roberto},
     title = {JSgraph: Enabling Reconstruction of Web Attacks via Efficient Tracking
                    of Live In-Browser JavaScript Executions},
     booktitle = {25th Annual Network and Distributed System Security Symposium, {NDSS}
                    2018, San Diego, California, USA, February 18-21, 2018},
     publisher = {The Internet Society},
     year = {2018},
     timestamp = {Thu, 17 Jun 2021 16:04:48 +0200},
     biburl = {https://dblp.org/rec/conf/ndss/LiVLP18.bib},
     bibsource = {dblp computer science bibliography, https://dblp.org},
   }

4. NDSS

   Towards Measuring the Effectiveness of Telephony Blacklists

   Pandit, Sharbani,  Perdisci, Roberto, Ahamad, Mustaque, and Gupta, Payas

   In 25th Annual Network and Distributed System Security Symposium, NDSS 2018, San Diego, California, USA, February 18-21, 2018 2018

   Bib

   @inproceedings{DBLP:conf/ndss/PanditPAG18,
     author = {Pandit, Sharbani and Perdisci, Roberto and Ahamad, Mustaque and Gupta, Payas},
     title = {Towards Measuring the Effectiveness of Telephony Blacklists},
     booktitle = {25th Annual Network and Distributed System Security Symposium, {NDSS}
                    2018, San Diego, California, USA, February 18-21, 2018},
     publisher = {The Internet Society},
     year = {2018},
     timestamp = {Thu, 09 Aug 2018 01:00:00 +0200},
     biburl = {https://dblp.org/rec/conf/ndss/PanditPAG18.bib},
     bibsource = {dblp computer science bibliography, https://dblp.org},
   }

2017

1. TDSC

   Still Beheading Hydras: Botnet Takedowns Then and Now

   Nadji, Yacin,  Perdisci, Roberto, and Antonakakis, Manos

   IEEE Trans. Dependable Secur. Comput. 2017

   Bib

   @article{DBLP:journals/tdsc/NadjiPA17,
     author = {Nadji, Yacin and Perdisci, Roberto and Antonakakis, Manos},
     title = {Still Beheading Hydras: Botnet Takedowns Then and Now},
     journal = {{IEEE} Trans. Dependable Secur. Comput.},
     volume = {14},
     number = {5},
     pages = {535--549},
     year = {2017},
     url = {https://doi.org/10.1109/TDSC.2015.2496176},
     doi = {10.1109/TDSC.2015.2496176},
     timestamp = {Thu, 09 Apr 2020 01:00:00 +0200},
     biburl = {https://dblp.org/rec/journals/tdsc/NadjiPA17.bib},
     bibsource = {dblp computer science bibliography, https://dblp.org},
   }

2. Practical Attacks Against Graph-based Clustering

   Chen, Yizheng, Nadji, Yacin, Kountouras, Athanasios, Monrose, Fabian,  Perdisci, Roberto, Antonakakis, Manos, and Vasiloglou, Nikolaos

   In Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, CCS 2017, Dallas, TX, USA, October 30 - November 03, 2017 2017
3. Exploring the Long Tail of (Malicious) Software Downloads

   Rahbarinia, Babak, Balduzzi, Marco, and Perdisci, Roberto

   In 47th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2017, Denver, CO, USA, June 26-29, 2017 2017
4. Enabling Reconstruction of Attacks on Users via Efficient Browsing Snapshots

   Vadrevu, Phani, Liu, Jienan, Li, Bo, Rahbarinia, Babak, Lee, Kyu Hyung, and Perdisci, Roberto

   In 24th Annual Network and Distributed System Security Symposium, NDSS 2017, San Diego, California, USA, February 26 - March 1, 2017 2017
5. Practical Attacks Against Graph-based Clustering

   Chen, Yizheng, Nadji, Yacin, Kountouras, Athanasios, Monrose, Fabian,  Perdisci, Roberto, Antonakakis, Manos, and Vasiloglou, Nikolaos

   CoRR 2017

2016

1. Efficient and Accurate Behavior-Based Tracking of Malware-Control Domains in Large ISP Networks

   Rahbarinia, Babak,  Perdisci, Roberto, and Antonakakis, Manos

   ACM Trans. Priv. Secur. 2016
2. MAXS: Scaling Malware Execution with Sequential Multi-Hypothesis Testing

   Vadrevu, Phani, and Perdisci, Roberto

   In Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security, AsiaCCS 2016, Xi’an, China, May 30 - June 3, 2016 2016
3. Real-Time Detection of Malware Downloads via Large-Scale URL-\textgreaterFile-\textgreaterMachine Graph Mining

   Rahbarinia, Babak, Balduzzi, Marco, and Perdisci, Roberto

   In Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security, AsiaCCS 2016, Xi’an, China, May 30 - June 3, 2016 2016
4. Towards Measuring and Mitigating Social Engineering Software Download Attacks

   Nelms, Terry,  Perdisci, Roberto, Antonakakis, Manos, and Ahamad, Mustaque

   In 25th USENIX Security Symposium, USENIX Security 16, Austin, TX, USA, August 10-12, 2016 2016

2015

1. WebCapsule: Towards a Lightweight Forensic Engine for Web Browsers

   Neasbitt, Christopher, Li, Bo,  Perdisci, Roberto, Lu, Long, Singh, Kapil, and Li, Kang

   In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, Denver, CO, USA, October 12-16, 2015 2015
2. Segugio: Efficient Behavior-Based Tracking of Malware-Control Domains in Large ISP Networks

   Rahbarinia, Babak,  Perdisci, Roberto, and Antonakakis, Manos

   In 45th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2015, Rio de Janeiro, Brazil, June 22-25, 2015 2015
3. ASwatch: An AS Reputation System to Expose Bulletproof Hosting ASes

   Konte, Maria,  Perdisci, Roberto, and Feamster, Nick

   In Proceedings of the 2015 ACM Conference on Special Interest Group on Data Communication, SIGCOMM 2015, London, United Kingdom, August 17-21, 2015 2015
4. WebWitness: Investigating, Categorizing, and Mitigating Malware Download Paths

   Nelms, Terry,  Perdisci, Roberto, Antonakakis, Manos, and Ahamad, Mustaque

   In 24th USENIX Security Symposium, USENIX Security 15, Washington, D.C., USA, August 12-14, 2015 2015
5. Understanding Malvertising Through Ad-Injecting Browser Extensions

   Xing, Xinyu, Meng, Wei, Lee, Byoungyoung, Weinsberg, Udi, Sheth, Anmol,  Perdisci, Roberto, and Lee, Wenke

   In Proceedings of the 24th International Conference on World Wide Web, WWW 2015, Florence, Italy, May 18-22, 2015 2015

2014

1. PeerRush: Mining for unwanted P2P traffic

   Rahbarinia, Babak,  Perdisci, Roberto, Lanzi, Andrea, and Li, Kang

   J. Inf. Secur. Appl. 2014
2. Building a Scalable System for Stealthy P2P-Botnet Detection

   Zhang, Junjie,  Perdisci, Roberto, Lee, Wenke, Luo, Xiapu, and Sarfraz, Unum

   IEEE Trans. Inf. Forensics Secur. 2014
3. ClickMiner: Towards Forensic Reconstruction of User-Browser Interactions from Network Traces

   Neasbitt, Christopher,  Perdisci, Roberto, Li, Kang, and Nelms, Terry

   In Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, Scottsdale, AZ, USA, November 3-7, 2014 2014
4. DNS Noise: Measuring the Pervasiveness of Disposable Domains in Modern DNS Traffic

   Chen, Yizheng, Antonakakis, Manos,  Perdisci, Roberto, Nadji, Yacin, Dagon, David, and Lee, Wenke

   In 44th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2014, Atlanta, GA, USA, June 23-26, 2014 2014

2013

1. Scalable fine-grained behavioral clustering of HTTP-based malware

   Perdisci, Roberto, Ariu, Davide, and Giacinto, Giorgio

   Comput. Networks 2013
2. Beheading hydras: performing effective botnet takedowns

   Nadji, Yacin, Antonakakis, Manos,  Perdisci, Roberto, Dagon, David, and Lee, Wenke

   In 2013 ACM SIGSAC Conference on Computer and Communications Security, CCS’13, Berlin, Germany, November 4-8, 2013 2013
3. PeerRush: Mining for Unwanted P2P Traffic

   Rahbarinia, Babak,  Perdisci, Roberto, Lanzi, Andrea, and Li, Kang

   In Detection of Intrusions and Malware, and Vulnerability Assessment - 10th International Conference, DIMVA 2013, Berlin, Germany, July 18-19, 2013. Proceedings 2013
4. Measuring and Detecting Malware Downloads in Live Network Traffic

   Vadrevu, Phani, Rahbarinia, Babak,  Perdisci, Roberto, Li, Kang, and Antonakakis, Manos

   In Computer Security - ESORICS 2013 - 18th European Symposium on Research in Computer Security, Egham, UK, September 9-13, 2013. Proceedings 2013
5. SinkMiner: Mining Botnet Sinkholes for Fun and Profit

   Rahbarinia, Babak,  Perdisci, Roberto, Antonakakis, Manos, and Dagon, David

   In 6th USENIX Workshop on Large-Scale Exploits and Emergent Threats, LEET ’13, Washington, D.C., USA, August 12, 2013 2013
6. Connected Colors: Unveiling the Structure of Criminal Networks

   Nadji, Yacin, Antonakakis, Manos,  Perdisci, Roberto, and Lee, Wenke

   In Research in Attacks, Intrusions, and Defenses - 16th International Symposium, RAID 2013, Rodney Bay, St. Lucia, October 23-25, 2013. Proceedings 2013
7. ExecScent: Mining for New C&C Domains in Live Networks with Adaptive Control Protocol Templates

   Nelms, Terry,  Perdisci, Roberto, and Ahamad, Mustaque

   In Proceedings of the 22th USENIX Security Symposium, Washington, DC, USA, August 14-16, 2013 2013

2012

1. Early Detection of Malicious Flux Networks via Large-Scale Passive DNS Traffic Analysis

   Perdisci, Roberto, Corona, Igino, and Giacinto, Giorgio

   IEEE Trans. Dependable Secur. Comput. 2012
2. Detecting and Tracking the Rise of DGA-Based Malware

   Antonakakis, Manos,  Perdisci, Roberto, Vasiloglou, Nikolaos, and Lee, Wenke

   login Usenix Mag. 2012
3. VAMO: towards a fully automated malware clustering validity analysis

   Perdisci, Roberto, and U, Man Chon

   In 28th Annual Computer Security Applications Conference, ACSAC 2012, Orlando, FL, USA, 3-7 December 2012 2012
4. From Throw-Away Traffic to Bots: Detecting the Rise of DGA-Based Malware

   Antonakakis, Manos,  Perdisci, Roberto, Nadji, Yacin, Vasiloglou, Nikolaos, Abu-Nimeh, Saeed, Lee, Wenke, and Dagon, David

   In Proceedings of the 21th USENIX Security Symposium, Bellevue, WA, USA, August 8-10, 2012 2012

2011

1. Understanding the prevalence and use of alternative plans in malware with network games

   Nadji, Yacin, Antonakakis, Manos,  Perdisci, Roberto, and Lee, Wenke

   In Twenty-Seventh Annual Computer Security Applications Conference, ACSAC 2011, Orlando, FL, USA, 5-9 December 2011 2011
2. Exposing invisible timing-based traffic watermarks with BACKLIT

   Luo, Xiapu, Zhou, Peng, Zhang, Junjie,  Perdisci, Roberto, Lee, Wenke, and Chang, Rocky K. C.

   In Twenty-Seventh Annual Computer Security Applications Conference, ACSAC 2011, Orlando, FL, USA, 5-9 December 2011 2011
3. Boosting the scalability of botnet detection using adaptive traffic sampling

   Zhang, Junjie, Luo, Xiapu,  Perdisci, Roberto, Gu, Guofei, Lee, Wenke, and Feamster, Nick

   In Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security, ASIACCS 2011, Hong Kong, China, March 22-24, 2011 2011
4. SURF: detecting and measuring search poisoning

   Lu, Long,  Perdisci, Roberto, and Lee, Wenke

   In Proceedings of the 18th ACM Conference on Computer and Communications Security, CCS 2011, Chicago, Illinois, USA, October 17-21, 2011 2011
5. Detecting stealthy P2P botnets using statistical traffic fingerprints

   Zhang, Junjie,  Perdisci, Roberto, Lee, Wenke, Sarfraz, Unum, and Luo, Xiapu

   In Proceedings of the 2011 IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2011, Hong Kong, China, June 27-30 2011 2011
6. HTTPOS: Sealing Information Leaks with Browser-side Obfuscation of Encrypted Flows

   Luo, Xiapu, Zhou, Peng, Chan, Edmond W. W., Lee, Wenke, Chang, Rocky K. C., and Perdisci, Roberto

   In Proceedings of the Network and Distributed System Security Symposium, NDSS 2011, San Diego, California, USA, 6th February - 9th February 2011 2011
7. Detecting Malware Domains at the Upper DNS Hierarchy

   Antonakakis, Manos,  Perdisci, Roberto, Lee, Wenke, Vasiloglou, Nikolaos, and Dagon, David

   In 20th USENIX Security Symposium, San Francisco, CA, USA, August 8-12, 2011, Proceedings 2011

2010

1. On the Secrecy of Spread-Spectrum Flow Watermarks

   Luo, Xiapu, Zhang, Junjie,  Perdisci, Roberto, and Lee, Wenke

   In Computer Security - ESORICS 2010, 15th European Symposium on Research in Computer Security, Athens, Greece, September 20-22, 2010. Proceedings 2010
2. Behavioral Clustering of HTTP-Based Malware and Signature Generation Using Malicious Network Traces

   Perdisci, Roberto, Lee, Wenke, and Feamster, Nick

   In Proceedings of the 7th USENIX Symposium on Networked Systems Design and Implementation, NSDI 2010, April 28-30, 2010, San Jose, CA, USA 2010
3. A Centralized Monitoring Infrastructure for Improving DNS Security

   Antonakakis, Manos, Dagon, David, Luo, Xiapu,  Perdisci, Roberto, Lee, Wenke, and Bellmor, Justin

   In Recent Advances in Intrusion Detection, 13th International Symposium, RAID 2010, Ottawa, Ontario, Canada, September 15-17, 2010. Proceedings 2010
4. Building a Dynamic Reputation System for DNS

   Antonakakis, Manos,  Perdisci, Roberto, Dagon, David, Lee, Wenke, and Feamster, Nick

   In 19th USENIX Security Symposium, Washington, DC, USA, August 11-13, 2010, Proceedings 2010

2009

1. McPAD: A multiple classifier system for accurate payload-based anomaly detection

   Perdisci, Roberto, Ariu, Davide, Fogla, Prahlad, Giacinto, Giorgio, and Lee, Wenke

   Comput. Networks 2009
2. Detecting Malicious Flux Service Networks through Passive Analysis of Recursive DNS Traces

   Perdisci, Roberto, Corona, Igino, Dagon, David, and Lee, Wenke

   In Twenty-Fifth Annual Computer Security Applications Conference, ACSAC 2009, Honolulu, Hawaii, USA, 7-11 December 2009 2009
3. WSEC DNS: Protecting recursive DNS resolvers from poisoning attacks

   Perdisci, Roberto, Antonakakis, Manos, Luo, Xiapu, and Lee, Wenke

   In Proceedings of the 2009 IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2009, Estoril, Lisbon, Portugal, June 29 - July 2, 2009 2009

2008

1. Intrusion detection in computer networks by a modular ensemble of one-class classifiers

   Giacinto, Giorgio,  Perdisci, Roberto, Rio, Mauro Del, and Roli, Fabio

   Inf. Fusion 2008
2. Classification of packed executables for accurate computer virus detection

   Perdisci, Roberto, Lanzi, Andrea, and Lee, Wenke

   Pattern Recognit. Lett. 2008
3. McBoost: Boosting Scalability in Malware Collection and Analysis Using Statistical Classification of Executables

   Perdisci, Roberto, Lanzi, Andrea, and Lee, Wenke

   In Twenty-Fourth Annual Computer Security Applications Conference, ACSAC 2008, Anaheim, California, USA, 8-12 December 2008 2008
4. BotMiner: Clustering Analysis of Network Traffic for Protocol- and Structure-Independent Botnet Detection

   Gu, Guofei,  Perdisci, Roberto, Zhang, Junjie, and Lee, Wenke

   In Proceedings of the 17th USENIX Security Symposium, July 28-August 1, 2008, San Jose, CA, USA 2008

2007

1. Sensing Attacks in Computers Networks with Hidden Markov Models

   Ariu, Davide, Giacinto, Giorgio, and Perdisci, Roberto

   In Machine Learning and Data Mining in Pattern Recognition, 5th International Conference, MLDM 2007, Leipzig, Germany, July 18-20, 2007, Proceedings 2007

2006

1. Alarm clustering for intrusion detection systems in computer networks

   Perdisci, Roberto, Giacinto, Giorgio, and Roli, Fabio

   Eng. Appl. Artif. Intell. 2006
2. Using an Ensemble of One-Class SVM Classifiers to Harden Payload-based Anomaly Detection Systems

   Perdisci, Roberto, Gu, Guofei, and Lee, Wenke

   In Proceedings of the 6th IEEE International Conference on Data Mining (ICDM 2006), 18-22 December 2006, Hong Kong, China 2006
3. MisleadingWorm Signature Generators Using Deliberate Noise Injection

   Perdisci, Roberto, Dagon, David, Lee, Wenke, Fogla, Prahlad, and Sharif, Monirul I.

   In 2006 IEEE Symposium on Security and Privacy (S&P 2006), 21-24 May 2006, Berkeley, California, USA 2006
4. Polymorphic Blending Attacks

   Fogla, Prahlad, Sharif, Monirul I.,  Perdisci, Roberto, Kolesnikov, Oleg M., and Lee, Wenke

   In Proceedings of the 15th USENIX Security Symposium, Vancouver, BC, Canada, July 31 - August 4, 2006 2006

2005

1. Network Intrusion Detection by Combining One-Class Classifiers

   Giacinto, Giorgio,  Perdisci, Roberto, and Roli, Fabio

   In Image Analysis and Processing - ICIAP 2005, 13th International Conference, Cagliari, Italy, September 6-8, 2005, Proceedings 2005
2. Alarm Clustering for Intrusion Detection Systems in Computer Networks

   Giacinto, Giorgio,  Perdisci, Roberto, and Roli, Fabio

   In Machine Learning and Data Mining in Pattern Recognition, 4th International Conference, MLDM 2005, Leipzig, Germany, July 9-11, 2005, Proceedings 2005