publications

2023

  1. USENIX Sec
    Combating Robocalls with Phone Virtual Assistant Mediated Interaction (to appear)
    Pandit, Sharbani, Sarker, Krishanu, Perdisci, Roberto, Ahamad, Mustaque, and Yang, Diyi
    In 32nd USENIX Security Symposium, USENIX Security 23, ANAHEIM, CA, USA, August 9-11, 2023 2023

2022

  1. EuroSP
    SoK: Workerounds - Categorizing Service Worker Attacks and Mitigations
    Subramani, Karthika, Jueckstock, Jordan, Kapravelos, Alexandros, and Perdisci, Roberto
    In 7th IEEE European Symposium on Security and Privacy, EuroS&P 2022, Genoa, Italy, June 6-10, 2022 2022

2021

  1. DIMVA
    Detecting and Measuring In-The-Wild DRDoS Attacks at IXPs
    Subramani, Karthika, Perdisci, Roberto, and Konte, Maria
    In Detection of Intrusions and Malware, and Vulnerability Assessment - 18th International Conference, DIMVA 2021, Virtual Event, July 14-16, 2021, Proceedings 2021
  2. NDSS
    C\^2SR: Cybercrime Scene Reconstruction for Post-mortem Forensic Analysis
    Kwon, Yonghwi, Wang, Weihang, Jung, Jinho, Lee, Kyu Hyung, and Perdisci, Roberto
    In 28th Annual Network and Distributed System Security Symposium, NDSS 2021, virtually, February 21-25, 2021 2021
  3. DLS
    Applying Deep Learning to Combat Mass Robocalls
    Pandit, Sharbani, Liu, Jienan, Perdisci, Roberto, and Ahamad, Mustaque
    In IEEE Security and Privacy Workshops, SP Workshops 2021, San Francisco, CA, USA, May 27, 2021 2021
  4. arXiv
    Categorizing Service Worker Attacks and Mitigations
    Subramani, Karthika, Jueckstock, Jordan, Kapravelos, Alexandros, and Perdisci, Roberto
    CoRR 2021

2020

  1. ACSAC
    Towards a Practical Differentially Private Collaborative Phone Blacklisting System
    Ucci, Daniele, Perdisci, Roberto, Lee, Jaewoo, and Ahamad, Mustaque
    In ACSAC ’20: Annual Computer Security Applications Conference, Virtual Event / Austin, TX, USA, 7-11 December, 2020 2020
  2. CCS
    Mnemosyne: An Effective and Efficient Postmortem Watering Hole Attack Investigation System
    Allen, Joey, Yang, Zheng, Landen, Matthew, Bhat, Raghav, Grover, Harsh, Chang, Andrew, Ji, Yang, Perdisci, Roberto, and Lee, Wenke
    In CCS ’20: 2020 ACM SIGSAC Conference on Computer and Communications Security, Virtual Event, USA, November 9-13, 2020 2020
  3. EuroSP
    IoTFinder: Efficient Large-Scale Identification of IoT Devices via Passive DNS Traffic Analysis
    Perdisci, Roberto, Papastergiou, Thomas, Alrawi, Omar, and Antonakakis, Manos
    In IEEE European Symposium on Security and Privacy, EuroS&P 2020, Genoa, Italy, September 7-11, 2020 2020
  4. IMC
    When Push Comes to Ads: Measuring the Rise of (Malicious) Push Advertising
    Subramani, Karthika, Yuan, Xingzi, Setayeshfar, Omid, Vadrevu, Phani, Lee, Kyu Hyung, and Perdisci, Roberto
    In IMC ’20: ACM Internet Measurement Conference, Virtual Event, USA, October 27-29, 2020 2020
  5. arXiv
    Measuring Abuse in Web Push Advertising
    Subramani, Karthika, Yuan, Xingzi, Setayeshfar, Omid, Vadrevu, Phani, Lee, Kyu Hyung, and Perdisci, Roberto
    CoRR 2020
  6. arXiv
    Building a Collaborative Phone Blacklisting System with Local Differential Privacy
    Ucci, Daniele, Perdisci, Roberto, Lee, Jaewoo, and Ahamad, Mustaque
    CoRR 2020
  7. arXiv
    IXmon: Detecting and Analyzing DRDoS Attacks at Internet Exchange Points
    Subramani, Karthika, Perdisci, Roberto, and Konte, Maria
    CoRR 2020
  8. arXiv
    Fighting Voice Spam with a Virtual Assistant Prototype
    Pandit, Sharbani, Liu, Jienan, Perdisci, Roberto, and Ahamad, Mustaque
    CoRR 2020

2019

  1. IMC
    What You See is NOT What You Get: Discovering and Tracking Social Engineering Attack Campaigns
    Vadrevu, Phani, and Perdisci, Roberto
    In Proceedings of the Internet Measurement Conference, IMC 2019, Amsterdam, The Netherlands, October 21-23, 2019 2019
  2. DIMVA
    Detection of Intrusions and Malware, and Vulnerability Assessment - 16th International Conference, DIMVA 2019, Gothenburg, Sweden, June 19-20, 2019, Proceedings
    2019

2018

  1. AsiaCCS
    Augmenting Telephone Spam Blacklists by Mining Large CDR Datasets
    Liu, Jienan, Rahbarinia, Babak, Perdisci, Roberto, Du, Haitao, and Su, Li
    In Proceedings of the 2018 on Asia Conference on Computer and Communications Security, AsiaCCS 2018, Incheon, Republic of Korea, June 04-08, 2018 2018
  2. AsiaCCS
    Towards Measuring the Role of Phone Numbers in Twitter-Advertised Spam
    Gupta, Payas, Perdisci, Roberto, and Ahamad, Mustaque
    In Proceedings of the 2018 on Asia Conference on Computer and Communications Security, AsiaCCS 2018, Incheon, Republic of Korea, June 04-08, 2018 2018
  3. NDSS
    JSgraph: Enabling Reconstruction of Web Attacks via Efficient Tracking of Live In-Browser JavaScript Executions
    Li, Bo, Vadrevu, Phani, Lee, Kyu Hyung, and Perdisci, Roberto
    In 25th Annual Network and Distributed System Security Symposium, NDSS 2018, San Diego, California, USA, February 18-21, 2018 2018
  4. NDSS
    Towards Measuring the Effectiveness of Telephony Blacklists
    Pandit, Sharbani, Perdisci, Roberto, Ahamad, Mustaque, and Gupta, Payas
    In 25th Annual Network and Distributed System Security Symposium, NDSS 2018, San Diego, California, USA, February 18-21, 2018 2018

2017

  1. TDSC
    Still Beheading Hydras: Botnet Takedowns Then and Now
    Nadji, Yacin, Perdisci, Roberto, and Antonakakis, Manos
    IEEE Trans. Dependable Secur. Comput. 2017
  2. Practical Attacks Against Graph-based Clustering
    Chen, Yizheng, Nadji, Yacin, Kountouras, Athanasios, Monrose, Fabian, Perdisci, Roberto, Antonakakis, Manos, and Vasiloglou, Nikolaos
    In Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, CCS 2017, Dallas, TX, USA, October 30 - November 03, 2017 2017
  3. Exploring the Long Tail of (Malicious) Software Downloads
    Rahbarinia, Babak, Balduzzi, Marco, and Perdisci, Roberto
    In 47th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2017, Denver, CO, USA, June 26-29, 2017 2017
  4. Enabling Reconstruction of Attacks on Users via Efficient Browsing Snapshots
    Vadrevu, Phani, Liu, Jienan, Li, Bo, Rahbarinia, Babak, Lee, Kyu Hyung, and Perdisci, Roberto
    In 24th Annual Network and Distributed System Security Symposium, NDSS 2017, San Diego, California, USA, February 26 - March 1, 2017 2017
  5. Practical Attacks Against Graph-based Clustering
    Chen, Yizheng, Nadji, Yacin, Kountouras, Athanasios, Monrose, Fabian, Perdisci, Roberto, Antonakakis, Manos, and Vasiloglou, Nikolaos
    CoRR 2017

2016

  1. Efficient and Accurate Behavior-Based Tracking of Malware-Control Domains in Large ISP Networks
    Rahbarinia, Babak, Perdisci, Roberto, and Antonakakis, Manos
    ACM Trans. Priv. Secur. 2016
  2. MAXS: Scaling Malware Execution with Sequential Multi-Hypothesis Testing
    Vadrevu, Phani, and Perdisci, Roberto
    In Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security, AsiaCCS 2016, Xi’an, China, May 30 - June 3, 2016 2016
  3. Real-Time Detection of Malware Downloads via Large-Scale URL-\textgreaterFile-\textgreaterMachine Graph Mining
    Rahbarinia, Babak, Balduzzi, Marco, and Perdisci, Roberto
    In Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security, AsiaCCS 2016, Xi’an, China, May 30 - June 3, 2016 2016
  4. Towards Measuring and Mitigating Social Engineering Software Download Attacks
    Nelms, Terry, Perdisci, Roberto, Antonakakis, Manos, and Ahamad, Mustaque
    In 25th USENIX Security Symposium, USENIX Security 16, Austin, TX, USA, August 10-12, 2016 2016

2015

  1. WebCapsule: Towards a Lightweight Forensic Engine for Web Browsers
    Neasbitt, Christopher, Li, Bo, Perdisci, Roberto, Lu, Long, Singh, Kapil, and Li, Kang
    In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, Denver, CO, USA, October 12-16, 2015 2015
  2. Segugio: Efficient Behavior-Based Tracking of Malware-Control Domains in Large ISP Networks
    Rahbarinia, Babak, Perdisci, Roberto, and Antonakakis, Manos
    In 45th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2015, Rio de Janeiro, Brazil, June 22-25, 2015 2015
  3. ASwatch: An AS Reputation System to Expose Bulletproof Hosting ASes
    Konte, Maria, Perdisci, Roberto, and Feamster, Nick
    In Proceedings of the 2015 ACM Conference on Special Interest Group on Data Communication, SIGCOMM 2015, London, United Kingdom, August 17-21, 2015 2015
  4. WebWitness: Investigating, Categorizing, and Mitigating Malware Download Paths
    Nelms, Terry, Perdisci, Roberto, Antonakakis, Manos, and Ahamad, Mustaque
    In 24th USENIX Security Symposium, USENIX Security 15, Washington, D.C., USA, August 12-14, 2015 2015
  5. Understanding Malvertising Through Ad-Injecting Browser Extensions
    Xing, Xinyu, Meng, Wei, Lee, Byoungyoung, Weinsberg, Udi, Sheth, Anmol, Perdisci, Roberto, and Lee, Wenke
    In Proceedings of the 24th International Conference on World Wide Web, WWW 2015, Florence, Italy, May 18-22, 2015 2015

2014

  1. PeerRush: Mining for unwanted P2P traffic
    Rahbarinia, Babak, Perdisci, Roberto, Lanzi, Andrea, and Li, Kang
    J. Inf. Secur. Appl. 2014
  2. Building a Scalable System for Stealthy P2P-Botnet Detection
    Zhang, Junjie, Perdisci, Roberto, Lee, Wenke, Luo, Xiapu, and Sarfraz, Unum
    IEEE Trans. Inf. Forensics Secur. 2014
  3. ClickMiner: Towards Forensic Reconstruction of User-Browser Interactions from Network Traces
    Neasbitt, Christopher, Perdisci, Roberto, Li, Kang, and Nelms, Terry
    In Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, Scottsdale, AZ, USA, November 3-7, 2014 2014
  4. DNS Noise: Measuring the Pervasiveness of Disposable Domains in Modern DNS Traffic
    Chen, Yizheng, Antonakakis, Manos, Perdisci, Roberto, Nadji, Yacin, Dagon, David, and Lee, Wenke
    In 44th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2014, Atlanta, GA, USA, June 23-26, 2014 2014

2013

  1. Scalable fine-grained behavioral clustering of HTTP-based malware
    Perdisci, Roberto, Ariu, Davide, and Giacinto, Giorgio
    Comput. Networks 2013
  2. Beheading hydras: performing effective botnet takedowns
    Nadji, Yacin, Antonakakis, Manos, Perdisci, Roberto, Dagon, David, and Lee, Wenke
    In 2013 ACM SIGSAC Conference on Computer and Communications Security, CCS’13, Berlin, Germany, November 4-8, 2013 2013
  3. PeerRush: Mining for Unwanted P2P Traffic
    Rahbarinia, Babak, Perdisci, Roberto, Lanzi, Andrea, and Li, Kang
    In Detection of Intrusions and Malware, and Vulnerability Assessment - 10th International Conference, DIMVA 2013, Berlin, Germany, July 18-19, 2013. Proceedings 2013
  4. Measuring and Detecting Malware Downloads in Live Network Traffic
    Vadrevu, Phani, Rahbarinia, Babak, Perdisci, Roberto, Li, Kang, and Antonakakis, Manos
    In Computer Security - ESORICS 2013 - 18th European Symposium on Research in Computer Security, Egham, UK, September 9-13, 2013. Proceedings 2013
  5. SinkMiner: Mining Botnet Sinkholes for Fun and Profit
    Rahbarinia, Babak, Perdisci, Roberto, Antonakakis, Manos, and Dagon, David
    In 6th USENIX Workshop on Large-Scale Exploits and Emergent Threats, LEET ’13, Washington, D.C., USA, August 12, 2013 2013
  6. Connected Colors: Unveiling the Structure of Criminal Networks
    Nadji, Yacin, Antonakakis, Manos, Perdisci, Roberto, and Lee, Wenke
    In Research in Attacks, Intrusions, and Defenses - 16th International Symposium, RAID 2013, Rodney Bay, St. Lucia, October 23-25, 2013. Proceedings 2013
  7. ExecScent: Mining for New C&C Domains in Live Networks with Adaptive Control Protocol Templates
    Nelms, Terry, Perdisci, Roberto, and Ahamad, Mustaque
    In Proceedings of the 22th USENIX Security Symposium, Washington, DC, USA, August 14-16, 2013 2013

2012

  1. Early Detection of Malicious Flux Networks via Large-Scale Passive DNS Traffic Analysis
    Perdisci, Roberto, Corona, Igino, and Giacinto, Giorgio
    IEEE Trans. Dependable Secur. Comput. 2012
  2. Detecting and Tracking the Rise of DGA-Based Malware
    Antonakakis, Manos, Perdisci, Roberto, Vasiloglou, Nikolaos, and Lee, Wenke
    login Usenix Mag. 2012
  3. VAMO: towards a fully automated malware clustering validity analysis
    Perdisci, Roberto, and U, Man Chon
    In 28th Annual Computer Security Applications Conference, ACSAC 2012, Orlando, FL, USA, 3-7 December 2012 2012
  4. From Throw-Away Traffic to Bots: Detecting the Rise of DGA-Based Malware
    Antonakakis, Manos, Perdisci, Roberto, Nadji, Yacin, Vasiloglou, Nikolaos, Abu-Nimeh, Saeed, Lee, Wenke, and Dagon, David
    In Proceedings of the 21th USENIX Security Symposium, Bellevue, WA, USA, August 8-10, 2012 2012

2011

  1. Understanding the prevalence and use of alternative plans in malware with network games
    Nadji, Yacin, Antonakakis, Manos, Perdisci, Roberto, and Lee, Wenke
    In Twenty-Seventh Annual Computer Security Applications Conference, ACSAC 2011, Orlando, FL, USA, 5-9 December 2011 2011
  2. Exposing invisible timing-based traffic watermarks with BACKLIT
    Luo, Xiapu, Zhou, Peng, Zhang, Junjie, Perdisci, Roberto, Lee, Wenke, and Chang, Rocky K. C.
    In Twenty-Seventh Annual Computer Security Applications Conference, ACSAC 2011, Orlando, FL, USA, 5-9 December 2011 2011
  3. Boosting the scalability of botnet detection using adaptive traffic sampling
    Zhang, Junjie, Luo, Xiapu, Perdisci, Roberto, Gu, Guofei, Lee, Wenke, and Feamster, Nick
    In Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security, ASIACCS 2011, Hong Kong, China, March 22-24, 2011 2011
  4. SURF: detecting and measuring search poisoning
    Lu, Long, Perdisci, Roberto, and Lee, Wenke
    In Proceedings of the 18th ACM Conference on Computer and Communications Security, CCS 2011, Chicago, Illinois, USA, October 17-21, 2011 2011
  5. Detecting stealthy P2P botnets using statistical traffic fingerprints
    Zhang, Junjie, Perdisci, Roberto, Lee, Wenke, Sarfraz, Unum, and Luo, Xiapu
    In Proceedings of the 2011 IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2011, Hong Kong, China, June 27-30 2011 2011
  6. HTTPOS: Sealing Information Leaks with Browser-side Obfuscation of Encrypted Flows
    Luo, Xiapu, Zhou, Peng, Chan, Edmond W. W., Lee, Wenke, Chang, Rocky K. C., and Perdisci, Roberto
    In Proceedings of the Network and Distributed System Security Symposium, NDSS 2011, San Diego, California, USA, 6th February - 9th February 2011 2011
  7. Detecting Malware Domains at the Upper DNS Hierarchy
    Antonakakis, Manos, Perdisci, Roberto, Lee, Wenke, Vasiloglou, Nikolaos, and Dagon, David
    In 20th USENIX Security Symposium, San Francisco, CA, USA, August 8-12, 2011, Proceedings 2011

2010

  1. On the Secrecy of Spread-Spectrum Flow Watermarks
    Luo, Xiapu, Zhang, Junjie, Perdisci, Roberto, and Lee, Wenke
    In Computer Security - ESORICS 2010, 15th European Symposium on Research in Computer Security, Athens, Greece, September 20-22, 2010. Proceedings 2010
  2. Behavioral Clustering of HTTP-Based Malware and Signature Generation Using Malicious Network Traces
    Perdisci, Roberto, Lee, Wenke, and Feamster, Nick
    In Proceedings of the 7th USENIX Symposium on Networked Systems Design and Implementation, NSDI 2010, April 28-30, 2010, San Jose, CA, USA 2010
  3. A Centralized Monitoring Infrastructure for Improving DNS Security
    Antonakakis, Manos, Dagon, David, Luo, Xiapu, Perdisci, Roberto, Lee, Wenke, and Bellmor, Justin
    In Recent Advances in Intrusion Detection, 13th International Symposium, RAID 2010, Ottawa, Ontario, Canada, September 15-17, 2010. Proceedings 2010
  4. Building a Dynamic Reputation System for DNS
    Antonakakis, Manos, Perdisci, Roberto, Dagon, David, Lee, Wenke, and Feamster, Nick
    In 19th USENIX Security Symposium, Washington, DC, USA, August 11-13, 2010, Proceedings 2010

2009

  1. McPAD: A multiple classifier system for accurate payload-based anomaly detection
    Perdisci, Roberto, Ariu, Davide, Fogla, Prahlad, Giacinto, Giorgio, and Lee, Wenke
    Comput. Networks 2009
  2. Detecting Malicious Flux Service Networks through Passive Analysis of Recursive DNS Traces
    Perdisci, Roberto, Corona, Igino, Dagon, David, and Lee, Wenke
    In Twenty-Fifth Annual Computer Security Applications Conference, ACSAC 2009, Honolulu, Hawaii, USA, 7-11 December 2009 2009
  3. WSEC DNS: Protecting recursive DNS resolvers from poisoning attacks
    Perdisci, Roberto, Antonakakis, Manos, Luo, Xiapu, and Lee, Wenke
    In Proceedings of the 2009 IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2009, Estoril, Lisbon, Portugal, June 29 - July 2, 2009 2009

2008

  1. Intrusion detection in computer networks by a modular ensemble of one-class classifiers
    Giacinto, Giorgio, Perdisci, Roberto, Rio, Mauro Del, and Roli, Fabio
    Inf. Fusion 2008
  2. Classification of packed executables for accurate computer virus detection
    Perdisci, Roberto, Lanzi, Andrea, and Lee, Wenke
    Pattern Recognit. Lett. 2008
  3. McBoost: Boosting Scalability in Malware Collection and Analysis Using Statistical Classification of Executables
    Perdisci, Roberto, Lanzi, Andrea, and Lee, Wenke
    In Twenty-Fourth Annual Computer Security Applications Conference, ACSAC 2008, Anaheim, California, USA, 8-12 December 2008 2008
  4. BotMiner: Clustering Analysis of Network Traffic for Protocol- and Structure-Independent Botnet Detection
    Gu, Guofei, Perdisci, Roberto, Zhang, Junjie, and Lee, Wenke
    In Proceedings of the 17th USENIX Security Symposium, July 28-August 1, 2008, San Jose, CA, USA 2008

2007

  1. Sensing Attacks in Computers Networks with Hidden Markov Models
    Ariu, Davide, Giacinto, Giorgio, and Perdisci, Roberto
    In Machine Learning and Data Mining in Pattern Recognition, 5th International Conference, MLDM 2007, Leipzig, Germany, July 18-20, 2007, Proceedings 2007

2006

  1. Alarm clustering for intrusion detection systems in computer networks
    Perdisci, Roberto, Giacinto, Giorgio, and Roli, Fabio
    Eng. Appl. Artif. Intell. 2006
  2. Using an Ensemble of One-Class SVM Classifiers to Harden Payload-based Anomaly Detection Systems
    Perdisci, Roberto, Gu, Guofei, and Lee, Wenke
    In Proceedings of the 6th IEEE International Conference on Data Mining (ICDM 2006), 18-22 December 2006, Hong Kong, China 2006
  3. MisleadingWorm Signature Generators Using Deliberate Noise Injection
    Perdisci, Roberto, Dagon, David, Lee, Wenke, Fogla, Prahlad, and Sharif, Monirul I.
    In 2006 IEEE Symposium on Security and Privacy (S&P 2006), 21-24 May 2006, Berkeley, California, USA 2006
  4. Polymorphic Blending Attacks
    Fogla, Prahlad, Sharif, Monirul I., Perdisci, Roberto, Kolesnikov, Oleg M., and Lee, Wenke
    In Proceedings of the 15th USENIX Security Symposium, Vancouver, BC, Canada, July 31 - August 4, 2006 2006

2005

  1. Network Intrusion Detection by Combining One-Class Classifiers
    Giacinto, Giorgio, Perdisci, Roberto, and Roli, Fabio
    In Image Analysis and Processing - ICIAP 2005, 13th International Conference, Cagliari, Italy, September 6-8, 2005, Proceedings 2005
  2. Alarm Clustering for Intrusion Detection Systems in Computer Networks
    Giacinto, Giorgio, Perdisci, Roberto, and Roli, Fabio
    In Machine Learning and Data Mining in Pattern Recognition, 4th International Conference, MLDM 2005, Leipzig, Germany, July 9-11, 2005, Proceedings 2005