Publications

Conference Publications

ForeCast – Skimming off the Malware Cream
Matthias Neugschwandtner, Paolo Milani Comparetti, Gregoire Jacob, and Christopher Kruegel
27th Annual Computer Security Applications Conference (ACSAC), IEEE Computer Society Press.
USA, December 2011.
[ Article ]

BareBox: Efficient Malware Analysis on Bare-Metal
Dhilung Kirat, Giovanni Vigna, and Christopher Kruegel
27th Annual Computer Security Applications Conference (ACSAC), IEEE Computer Society Press.
USA, December 2011.
[ Article ]

Nexat: A history-based approach to predict attacker actions
Casey Cipriano, Ali Zand, Amir Houmansadr, Christopher Kruegel, and Giovanni Vigna
27th Annual Computer Security Applications Conference (ACSAC), IEEE Computer Society Press.
USA, December 2011.
[ Article ]

Understanding Fraudulent Activities in Online Ad Exchanges
Brett Stone-Gross, Ryan Stevens, Richard Kemmerer, Christopher Kruegel, Giovanni Vigna, and Apostolis Zarras
Internet Measurement Conference (IMC), ACM Press.
Germany, November 2011.
[ Article ]

The Power of Procrastination: Detection and Mitigation of Execution-Stalling Malicious Code
Clemens Kolbitsch, Engin Kirda, and Christopher Kruegel
18th ACM Conference on Computer and Communications Security (CCS), ACM Press.
USA, October 2011.
[ Article ]

Fear the EAR: Discovering and Mitigating Execution After Redirect Vulnerabilities
Adam Doupe, Bryce Boe, Christopher Kruegel, and Giovanni Vigna
18th ACM Conference on Computer and Communications Security (CCS), ACM Press.
USA, October 2011.
[ Article ]

Silverline: Toward Data Confidentiality in Storage-Intensive Cloud Applications
Krishna Puttaswamy, Christopher Kruegel, and Ben Zhao
ACM Symposium on Cloud Computing (SoCC), ACM Press.
USA, October 2011.
[ Article ]

Dymo: Tracking Dynamic Code Identity
Bob Gilbert, Richard Kemmerer, Christopher Kruegel, and Giovanni Vigna
Symposium on Recent Advances in Intrusion Detection (RAID), Lecture Notes in Computer Science, Springer Verlag.
USA, September 2011.
[ Article ]

Shellzer: A tool for the dynamic analysis of malicious shellcode
Yanick Fratantonio, Christopher Kruegel, and Giovanni Vigna
Symposium on Recent Advances in Intrusion Detection (RAID), Lecture Notes in Computer Science, Springer Verlag.
USA, September 2011.
[ Article ]

Jackstraws: Picking Command and Control Connections from Bot Traffic
Gregoire Jacob, Ralf Hund, Christopher Kruegel, and Thorsten Holz
20th Usenix Security Symposium.
USA, August 2011.
[ Article ]

BotMagnifier: Locating Spambots on the Internet
Gianluca Stringhini, Thorsten Holz, Brett Stone-Gross, Christopher Kruegel, and Giovanni Vigna
20th Usenix Security Symposium.
USA, August 2011.
[ Article ]

Escape from Monkey Island: Evading High-Interaction Honeyclients
Alexandros Kapravelos, Marco Cova, Christopher Kruegel, and Giovanni Vigna
Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA), Lecture Notes in Computer Science, Springer Verlag.
Netherlands, July 2011.
[ Article ]

MISHIMA: Multilateration of Internet hosts hidden using malicious fast-flux agents (Short Paper)
Greg Banks, Aristide Fattori, Richard Kemmerer, Christopher Kruegel, and Giovanni Vigna
Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA), Lecture Notes in Computer Science, Springer Verlag.
Netherlands, July 2011.
[ Article ]

Peering Through the iFrame
Brett Stone-Gross, Marco Cova, Christopher Kruegel, and Giovanni Vigna
IEEE International Conference on Computer Communications (INFOCOM) Mini-Conference, IEEE Computer Society Press.
China, April 2011.
[ Article ]

Prophiler: A Fast Filter for the Large-Scale Detection of Malicious Web Pages
Davide Canali, Marco Cova, Christopher Kruegel, and Giovanni Vigna
International World Wide Web Conference (WWW).
India, March 2011.
[ Article ]

PiOS: Detecting Privacy Leaks in iOS Applications
Manuel Egele, Christopher Kruegel, Engin Kirda, and Giovanni Vigna
Network and Distributed System Security Symposium (NDSS), Internet Society.
USA, February 2011.
This paper won a distinguished paper award.
[ Article ]

Exposure: Finding Malicious Domains Using Passive DNS Analysis
Leyla Bilge, Engin Kirda, Christopher Kruegel, and Marco Balduzzi
Network and Distributed System Security Symposium (NDSS), Internet Society.
USA, February 2011.
[ Article ]

Detecting Spammers On Social Networks
Gianluca Stringhini, Christopher Kruegel, and Giovanni Vigna
26th Annual Computer Security Applications Conference (ACSAC), IEEE Computer Society Press.
USA, December 2010.
This paper won the best student paper award.
[ Article ]

AccessMiner: Using System-Centric Models for Malware Protection
Andrea Lanzi, Davide Balzarotti, Christopher Kruegel, Mihai Christoderescu, and Engin Kirda
17th ACM Conference on Computer and Communications Security (CCS), ACM Press.
USA, October 2010.
[ Article ]

Abusing Social Networks for Automated User Profiling
Marco Balduzzi, Christian Platzer, Thorsten Holz, Engin Kirda, Davide Balzarotti, and Christopher Kruegel
Symposium on Recent Advances in Intrusion Detection (RAID), Lecture Notes in Computer Science, Springer Verlag.
Canada, September 2010.
[ Article ]

Toward Automated Detection of Logic Vulnerabilities in Web Applications
Viktoria Felmetsger, Ludovico Cavedon, Christopher Kruegel, and Giovanni Vigna
19th Usenix Security Symposium.
USA, August 2010.
[ Article ]

Inspector Gadget: Automated Extraction of Proprietary Gadgets from Malware Binaries
Clemens Kolbitsch, Thorsten Holz, Christopher Kruegel, and Engin Kirda
IEEE Symposium on Security and Privacy, IEEE Computer Society Press.
USA, May 2010.
[ Article ]

Identifying Dormant Functionality in Malware Programs
Paolo Milani Comparetti, Guido Salvaneschi, Engin Kirda, Clemens Kolbitsch, Christopher Kruegel, and Stefano Zanero
IEEE Symposium on Security and Privacy, IEEE Computer Society Press.
USA, May 2010.
[ Article ]

A Practical Attack to De-Anonymize Social Network Users
Gilbert Wondracek, Thorsten Holz, Engin Kirda, and Christopher Kruegel
IEEE Symposium on Security and Privacy, IEEE Computer Society Press.
USA, May 2010.
[ Article ]

Detection and Analysis of Drive-by-Download Attacks and Malicious JavaScript Code
Marco Cova, Christopher Kruegel, and Giovanni Vigna
International World Wide Web Conference (WWW).
USA, April 2010.
[ Article ]

A Solution for the Automated Detection of Clickjacking Attacks
Marco Balduzzi, Manuel Egele, Engin Kirda, Davide Balzarotti, and Christopher Kruegel
ACM Symposium on InformAtion, Computer and Communications Security (ASIACCS), ACM Press.
China, April 2010.
[ Article ]

Improving the Efﬁciency of Dynamic Malware Analysis
Ulrich Bayer, Engin Kirda, and Christopher Kruegel
ACM Symposium on Applied Computing (SAC), ACM Press.
Switzerland, March 2010.
[ Article ]

CAPTCHA Smuggling: Hijacking Web Browsing Sessions to Create CAPTCHA Farms
Manuel Egele, Leyla Bilge, Engin Kirda, and Christopher Kruegel
ACM Symposium on Applied Computing (SAC), ACM Press.
Switzerland, March 2010.
[ Article ]

Efficient Detection of Split Personalities in Malware
Davide Balzarotti, Marco Cova, Christoph Karlberger, Christopher Kruegel, Engin Kirda, and Giovanni Vigna
Network and Distributed System Security Symposium (NDSS), Internet Society.
USA, February 2010.
[ Article ]

Effective Anomaly Detection with Scarce Training Data
William Robertson, Federico Maggi, Christopher Kruegel, and Giovanni Vigna
Network and Distributed System Security Symposium (NDSS), Internet Society.
USA, February 2010.
[ Article ]

FIRE: FInding Rogue nEtworks
Brett Stone-Gross, Andreas Moser, Kevin Almeroth, Christopher Kruegel, and Engin Kirda
25th Annual Computer Security Applications Conference (ACSAC), IEEE Computer Society Press.
USA, December 2009.
[ Article ]

Analyzing and Detecting Malicious Flash Advertisements
Sean Ford, Marco Cova, Christopher Kruegel, and Giovanni Vigna
25th Annual Computer Security Applications Conference (ACSAC), IEEE Computer Society Press.
USA, December 2009.
[ Article ]

Your Botnet is My Botnet: Analysis of a Botnet Takeover
Brett Stone-Gross, Marco Cova, Lorenzo Cavallaro, Bob Gilbert, Martin Szydlowski, Richard Kemmerer, Christopher Kruegel, and Giovanni Vigna
16th ACM Conference on Computer and Communications Security (CCS), ACM Press.
USA, November 2009.
[ Article ]

Automatically Generating Models for Botnet Detection
Peter Wurzinger, Leyla Bilge, Thorsten Holz, Jan Goebel, Christopher Kruegel, and Engin Kirda
14th European Symposium on Research in Computer Security (ESORICS), Lecture Notes in Computer Science, Springer Verlag.
France, September 2009.
[ Article ]

Protecting a Moving Target: Addressing Web Application Concept Drift
Federico Maggi, William Robertson, Christopher Kruegel, and Giovanni Vigna
Symposium on Recent Advances in Intrusion Detection (RAID), Lecture Notes in Computer Science, Springer Verlag.
France, September 2009.
[ Article ]

Automated Spyware Collection and Analysis
Andreas Stamminger, Christopher Kruegel, Giovanni Vigna, and Engin Kirda
12th Information Security Conference (ISC), Lecture Notes in Computer Science, Springer Verlag.
Italy, September 2009.
[ Article ]

Effective and Efficient Malware Detection at the End Host
Clemens Kolbitsch, Paolo Milani Comparetti, Christopher Kruegel, Engin Kirda, Xiaoyong Zhou, and XiaoFeng Wang
18th Usenix Security Symposium.
Canada, August 2009.
[ Article ]

Defending Browsers against Drive-by Downloads: Mitigating Heap-spraying Code Injection Attacks
Manuel Egele, Peter Wurzinger, Christopher Kruegel, and Engin Kirda
Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA), Lecture Notes in Computer Science, Springer Verlag.
Italy, July 2009.
[ Article ]

Prospex: Protocol Specification Extraction
Paolo Milani Comparetti, Gilbert Wondracek, Christopher Kruegel, and Engin Kirda
IEEE Symposium on Security and Privacy, IEEE Computer Society Press.
USA, May 2009.
[ Article ]

Removing Web Spam Links from Search Engine Results
Manuel Egele, Christopher Kruegel, and Engin Kirda
Annual Conference of the European Institute for Computer Antivirus Research (EICAR).
Germany, May 2009.
[ Article ]

Scalable, Behavior-Based Malware Clustering
Ulrich Bayer, Paolo Milani Comparetti, Clemens Hlauschek, Christopher Kruegel, and Engin Kirda
Network and Distributed System Security Symposium (NDSS), Internet Society.
USA, February 2009.
[ Article ]

A Parallel Architecture for Stateful, High-Speed Intrusion Detection
Luca Foschini, Ashish Thapliyal, Lorenzo Cavallaro, Christopher Kruegel, and Giovanni Vigna
International Conference on Information Systems Security (ICISS) , Lecture Notes in Computer Science, Springer Verlag.
India, December 2008.
[ Article ]

Overbot - A botnet protocol based on Kademlia
Guenther Starnberger, Christopher Kruegel, and Engin Kirda
IEEE International Conference on Security and Privacy for Emerging Areas in Communication Networks (Securecomm), IEEE Computer Society Press.
Turkey, September 2008.
[ Article ]

Visual Similarity-Based Phishing Detection
Eric Medvet, Engin Kirda, and Christopher Kruegel
IEEE International Conference on Security and Privacy for Emerging Areas in Communication Networks (Securecomm), IEEE Computer Society Press.
Turkey, September 2008.
[ Article ]

Leveraging User Interactions for In-Depth Testing of Web Applications
Sean McAllister, Christopher Kruegel, and Engin Kirda
Symposium on Recent Advances in Intrusion Detection (RAID), Lecture Notes in Computer Science, Springer Verlag.
USA, September 2008.
[ Article ]

VeriKey: A Dynamic Certificate Verification System for Public Key Exchanges
Brett Stone-Gross, David Sigal, Rob Cohn, John Morse, Kevin Almeroth, and Christopher Kruegel
Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA), Lecture Notes in Computer Science, Springer Verlag.
France, July 2008.
[ Article ]

Saner: Composing Static and Dynamic Analysis to Validate Sanitization in Web Applications
Marco Cova, Vika Felmetsger, Davide Balzarotti, Nenad Jovanovic, Christopher Kruegel, Engin Kirda, and Giovanni Vigna
IEEE Symposium on Security and Privacy, IEEE Computer Society Press.
USA, May 2008.
[ Article ]

Automatic Network Protocol Analysis
Gilbert Wondracek, Paolo Milani Comparetti, Christopher Kruegel, and Engin Kirda
Network and Distributed System Security Symposium (NDSS), Internet Society.
USA, February 2008.
[ Article ]

Limits of Static Analysis for Malware Detection
Andreas Moser, Christopher Kruegel, and Engin Kirda
23rd Annual Computer Security Applications Conference (ACSAC), IEEE Computer Society Press.
USA, December 2007.
[ Article ]

Improving Signature Testing Through Dynamic Data Flow Analysis
Davide Balzarotti, William Robertson, Christopher Kruegel, and Giovanni Vigna
23rd Annual Computer Security Applications Conference (ACSAC), IEEE Computer Society Press.
USA, December 2007.
[ Article ]

Secure Input for Web Applications
Martin Szydlowski, Christopher Kruegel, and Engin Kirda
23rd Annual Computer Security Applications Conference (ACSAC), IEEE Computer Society Press.
USA, December 2007.
[ Article ]

Panorama: Capturing System-wide Information Flow for Malware Detection and Analysis
Heng Yin, Dawn Song, Manuel Egele, Christopher Kruegel, and Engin Kirda
14th ACM Conference on Computer and Communications Security (CCS), ACM Press.
USA, October 2007.
[ Article ]

Detecting System Emulators
Thomas Raffetseder, Christopher Kruegel, and Engin Kirda
10th Information Security Conference (ISC), Lecture Notes in Computer Science, Springer Verlag.
Chile, October 2007.
This paper won the best student paper award.
[ Article ]

Mining Specifications of Malicious Behavior
Mihai Christodorescu, Somesh Jha, and Christopher Kruegel
6th Joint Meeting of the European Software Engineering Conference and the ACM SIGSOFT Symposium on the Foundations of Software Engineering (ESEC/FSE), ACM Press.
Croatia, September 2007.
This paper won a distinguished paper award.
[ Article ]

A Layout-Similarity-Based Approach for Detecting Phishing Pages
Angelo Rosiello, Engin Kirda, Christopher Kruegel, and Fabrizio Ferrandi
IEEE International Conference on Security and Privacy for Emerging Areas in Communication Networks (Securecomm), IEEE Computer Society Press.
France, September 2007.
[ Article ]

On the Effectiveness of Techniques to Detect Phishing Sites
Christian Ludl, Sean McAllister, Engin Kirda, and Christopher Kruegel
Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA), Lecture Notes in Computer Science, Springer Verlag.
Switzerland, July 2007.
[ Article ]

Dynamic Spyware Analysis
Manuel Egele, Christopher Kruegel, Engin Kirda, Heng Yin, and Dawn Song
Usenix Annual Technical Conference.
USA, June 2007.
[ Article ]

Exploring Multiple Execution Paths for Malware Analysis
Andreas Moser, Christopher Kruegel, and Engin Kirda
IEEE Symposium on Security and Privacy, IEEE Computer Society Press.
USA, May 2007.
[ Article ]

Cross Site Scripting Prevention with Dynamic Data Tainting and Static Analysis
Philipp Vogt, Florian Nentwich, Nenad Jovanovic, Engin Kirda, Christopher Kruegel, and Giovanni Vigna
Network and Distributed System Security Symposium (NDSS), Internet Society.
USA, February 2007.
[ Article ]

Extending .NET Security to Unmanaged Code
Patrick Klinkoff, Christopher Kruegel, Engin Kirda, and Giovanni Vigna
9th Information Security Conference (ISC), Lecture Notes in Computer Science, Springer Verlag.
Greece, September 2006.
[ Article ]

Preventing Cross Site Request Forgery Attacks
Nenad Jovanovic, Engin Kirda, and Christopher Kruegel
IEEE International Conference on Security and Privacy for Emerging Areas in Communication Networks (Securecomm), IEEE Computer Society Press.
USA, August 2006.
[ Article ]

Behavior-based Spyware Detection
Engin Kirda, Christopher Kruegel, Greg Banks, Giovanni Vigna, and Richard Kemmerer
15th Usenix Security Symposium.
Canada, August 2006.
[ Article ]

Using Static Program Analysis to Aid Intrusion Detection
Manuel Egele, Martin Szydlowski, Engin Kirda, and Christopher Kruegel
Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA), Lecture Notes in Computer Science, Springer Verlag.
Germany, July 2006.
[ Article ]

SecuBat: A Web Vulnerability Scanner
Stefan Kals, Engin Kirda, Christopher Kruegel, and Nenad Jovanovic
15th International World Wide Web Conference (WWW).
United Kingdom, May 2006.
[ Article ]

Pixy: A Static Analysis Tool for Detecting Web Application Vulnerabilities (Short Paper)
Nenad Jovanovic, Christopher Kruegel, and Engin Kirda
IEEE Symposium on Security and Privacy, IEEE Computer Society Press.
USA, May 2006.
[ Article ]

TTAnalyze: A Tool for Analyzing Malware
Ulrich Bayer, Christopher Kruegel, and Engin Kirda
15th Annual Conference of the European Institute for Computer Antivirus Research (EICAR).
Germany, April 2006.
This paper won the best paper award.
[ Article ]

Noxes: A Client-Side Solution for Mitigating Cross Site Scripting Attacks
Engin Kirda, Christopher Kruegel, Giovanni Vigna, and Nenad Jovanovic
21st ACM Symposium on Applied Computing (SAC), ACM Press.
France, April 2006.
[ Article ]

An Anomaly-driven Reverse Proxy for Web Applications
Fredrik Valeur, Giovanni Vigna, Christopher Kruegel, and Engin Kirda
21st ACM Symposium on Applied Computing (SAC), ACM Press.
France, April 2006.
[ Article ]

Using Generalization and Characterization Techniques in the Anomaly-based Detection of Web Attacks
William Robertson, Giovanni Vigna, Christopher Kruegel and Richard Kemmerer
Network and Distributed System Security Symposium (NDSS), Internet Society.
USA, February 2006.
[ Article ]

Polymorphic Worm Detection Using Structural Information of Executables
Christopher Kruegel, Engin Kirda, Darren Mutz, William Robertson, and Giovanni Vigna
8th Symposium on Recent Advances in Intrusion Detection (RAID), Lecture Notes in Computer Science, Springer Verlag.
USA, September 2005.
[ Article ]

Automating Mimicry Attacks Using Static Binary Analysis
Christopher Kruegel, Engin Kirda, Darren Mutz, William Robertson, and Giovanni Vigna
14th Usenix Security Symposium.
USA, August 2005.
[ Article ]

Protecting Users Against Phishing Attacks with AntiPhish
Engin Kirda and Christopher Kruegel
29th Annual International Computer Software and Applications Conference (COMPSAC), IEEE Computer Society Press.
United Kingdom, July 2005.
[ Article ]

Reverse Engineering of Network Signatures
Darren Mutz, Christopher Kruegel, William Robertson, Giovanni Vigna, and Richard Kemmerer
Information Technology Security Conference (AusCERT).
Australia, May 2005.
This paper won the best paper award.
[ Article ]

Detecting Kernel-Level Rootkits Through Binary Analysis
Christopher Kruegel, William Robertson and Giovanni Vigna
20th Annual Computer Security Applications Conference (ACSAC), IEEE Computer Society Press.
USA, December 2004.
[ Article ]

Static Disassembly of Obfuscated Binaries
Christopher Kruegel, William Robertson, Fredrik Valeur and Giovanni Vigna
13th Usenix Security Symposium.
USA, August 2004.
[ Article ]

Bayesian Event Classification for Intrusion Detection
Christopher Kruegel, Darren Mutz, William Robertson and Fredrik Valeur
19th Annual Computer Security Applications Conference (ACSAC), IEEE Computer Society Press.
USA, December 2003.
[ Article ]

Anomaly Detection of Web-based Attacks
Christopher Kruegel and Giovanni Vigna
10th ACM Conference on Computer and Communications Security (CCS), ACM Press.
USA, October 2003.
[ Article ]

On the Detection of Anomalous System Call Arguments
Christopher Kruegel, Darren Mutz, Fredrik Valeur and Giovanni Vigna
8th European Symposium on Research in Computer Security (ESORICS), Lecture Notes in Computer Science, Springer Verlag.
Norway, October 2003.
[ Article ]

Run-time Detection of Heap-based Overflows
William Robertson, Christopher Kruegel, Darren Mutz and Fredrik Valeur
17th Large Installation Systems Administration Conference (LISA), Usenix.
USA, October 2003.
[ Article ]

Using Decision Trees to Improve Signature-based Intrusion Detection
Christopher Kruegel and Thomas Toth
6th Symposium on Recent Advances in Intrusion Detection (RAID), Lecture Notes in Computer Science, Springer Verlag.
USA, September 2003.
[ Article ]

Topology-based Detection of Anomalous BGP Messages
Christopher Kruegel, Darren Mutz, William Robertson and Fredrik Valeur
6th Symposium on Recent Advances in Intrusion Detection (RAID), Lecture Notes in Computer Science, Springer Verlag.
USA, September 2003.
[ Article ]

Web Service Engineering with DIWE
Engin Kirda, Clemens Kerer, Christopher Kruegel and Roman Kurmanowytsch
29th Euromicro, IEEE Computer Society Press.
September 2003.
[ Article ]

Evaluating the Impact of Automated Intrusion Response Mechanisms
Thomas Toth and Christopher Kruegel
18th Annual Computer Security Applications Conference (ACSAC), IEEE Computer Society Press.
November 2002.
[ Article ]

Accurate Buffer Overflow Detection via Abstract Payload Execution
Thomas Toth and Christopher Kruegel
5th Symposium on Recent Advances in Intrusion Detection (RAID), Lecture Notes in Computer Science, Springer Verlag.
Switzerland, October 2002.
[ Article ]

DPS - An Architectural Style for Development of Secure Software
Pascal Fenkam, Harald Gall, Mehdi Jazayeri and Christopher Kruegel
Infrastructure Security Conference (InfraSec), Lecture Notes in Computer Science, Springer Verlag.
United Kingdom, October 2002.
[ Article ]

Stateful Intrusion Detection for High-Speed Networks
Christopher Kruegel, Fredrik Valeur, Giovanni Vigna and Richard Kemmerer
IEEE Symposium on Security and Privacy, IEEE Computer Society Press.
USA, May 2002.
[ Article ]

Service Specific Anomaly Detection for Network Intrusion Detection
Christopher Kruegel, Thomas Toth and Engin Kirda
17th ACM Symposium on Applied Computing (SAC), ACM Press.
Spain, March 2002.
[ Article ]

Distributed Pattern Detection for Intrusion Detection
Christopher Kruegel and Thomas Toth
Network and Distributed System Security Symposium (NDSS), Internet Society.
USA, February 2002.
[ Article ]

Flexible, Mobile Agent based Intrusion Detection for Dynamic Networks
Christopher Kruegel and Thomas Toth
European Wireless.
Italy, February 2002.
[ Article ]

Decentralized Event Correlation for Intrusion Detection
Christopher Kruegel, Thomas Toth and Clemens Kerer
International Conference on Information Security and Cryptology (ICISC), Lecture Notes in Computer Science, Springer Verlag.
Korea, December 2001.
[ Article ]

Sparta - A Mobile Agent based Intrusion Detection System
Christopher Kruegel, Thomas Toth, and Engin Kirda
IFIP Conference on Network Security (I-NetSec), Kluwer Academic Publishers.
Croatia, June 2001.
[ Article ]

An efficient, IP based solution to the 'Logical Timestamp Wrapping' problem
Christopher Kruegel and Thomas Toth
6th International Conference on Telecommunications (ConTEL).
Croatia, June 2001.
[ Article ]

Improved fieldbus control via middleware technolgy
Wolfgang Kastner and Christopher Kruegel
4th Conference on Automatic Control (Controlo).
Portugal, October 2000.
[ Article ]

Jini connectivity for EIB home and building networks - from design to implementation
Wolfgang Kastner and Christopher Kruegel
EIB Scientific Conference.
Germany, October 1999.
[ Article ]

Jini: Ein guter Geist fuer die Gebaeudesystemtechnik, German Language
Wolfgang Kastner, Christopher Kruegel and Heinrich Reiter
Java Informations Tage (JIT).
Germany, September 1999.
[ Article ]

Journal Publications

Analysis of a Botnet Takeover
Brett Stone-Gross, Marco Cova, Bob Gilbert, Richard Kemmerer, Christopher Kruegel, and Giovanni Vigna
IEEE Security and Privacy, Volume 9, Number 1, IEEE Computer Society.
January/February 2011.
[ Article ]

Static Analysis for Detecting Taint-Style Vulnerabilities in Web Applications
Nenad Jovanovic, Christopher Kruegel, and Engin Kirda
Journal of Computer Security (JCS), Volume 18, Number 5, IOS Press.
September 2010.
[ Article ]

Client-side cross-site scripting protection
Engin Kirda, Nenad Jovanovic, Christopher Kruegel, and Giovanni Vigna
Computers and Security, Volume 28, Number 7, Elsevier.
October 2009.
[ Article ]

Reducing errors in the anomaly-based detection of web-based attacks through the combined analysis of web requests and SQL queries
Giovanni Vigna, Fredrik Valeur, Davide Balzarotti, William Robertson, Christopher Kruegel, and Engin Kirda
Journal of Computer Security, Volume 17, Number 3, IOS Press.
August 2009.
[ Article ]

Server-side Bot Detection in Massive Multiplayer Online Games
Stefan Mitterhofer, Christian Platzer, Christopher Kruegel, and Engin Kirda
IEEE Security and Privacy (Special Issue: Online Gaming Security), Volume 7, Number 3, IEEE Computer Society.
May/June 2009.
[ Article ]

Extending .NET Security to Unmanaged Code
Patrick Klinkoff, Christopher Kruegel, Engin Kirda, and Giovanni Vigna
International Journal of Information Security, Volume 6, Number 6, Springer Computer Science Journal.
October 2007.
[ Article ]

Dynamic Analysis of Malicious Code
Ulrich Bayer, Andreas Moser, Christopher Kruegel, and Engin Kirda
Journal in Computer Virology, Volume 2, Number 1, Springer Computer Science Journal.
August 2006.
[ Article ]

Anomalous System Call Detection
Darren Mutz, Fredrik Valeur, Christopher Kruegel, and Giovanni Vigna
ACM Transactions on Information and System Security, Volume 9, Number 1, ACM Press.
February 2006.
[ Article ]

Protecting Users Against Phishing Attacks with AntiPhish
Engin Kirda and Christopher Kruegel
The Computer Journal, Volume 49, Number 5, Oxford University Press.
January 2006.
[ Article ]

A multi-model approach to the detection of web-based attacks
Christopher Kruegel, Giovanni Vigna, and William Robertson
Computer Networks, Volume 48, Number 5, Elsevier.
July 2005.
[ Article ]

Using Alert Verification to Identify Successful Intrusion Attempts
Christopher Kruegel, William Robertson, and Giovanni Vigna
Practice in Information Processing and Communication (PIK), Volume 27, Number 4, K.G. Saur Verlag.
October 2004.
[ Article ]

A Comprehensive Approach to Intrusion Detection Alert Correlation
Fredrik Valeur, Giovanni Vigna, Christopher Kruegel, and Richard Kemmerer
IEEE Transactions on Dependable and Secure Computing, Volume 1, Number 3.
July 2004.
[ Article ]

Workshop Publications

BTLab: A System-Centric, Data-Driven Analysis and Measurement Platform for BitTorrent Clients
Martin Szydlowski, Ben Zhao, Engin Kirda, and Christopher Kruegel
IEEE Workshop on Grid and P2P Systems and Applications (GridPeer), IEEE Computer Society Press.
USA, August 2011.
[ Article ]

The Underground Economy of Fake Antivirus Software
Brett Stone-Gross, Ryan Abman, Richard Kemmerer, Christopher Kruegel, Douglas Steigerwald, and Giovanni Vigna
10th Workshop on the Economics of Information Security (WEIS).
USA, June 2011.
[ Article ]

PoX: Protecting Users from Malicious Facebook Applications
Manuel Egele, Andreas Moser, Christopher Kruegel, and Engin Kirda
3rd IEEE International Workshop on SEcurity and SOCial Networking (SESOC), IEEE Computer Society Press.
USA, March 2011.
[ Article ]

Is the Internet for Porn? An Insight Into the Online Adult Industry
Gilbert Wondracek, Thorsten Holz, Christian Platzer, Engin Kirda, and Christopher Kruegel
9th Workshop on the Economics of Information Security (WEIS).
USA, June 2010.
[ Article ]

SWAP: Mitigating XSS Attacks using a Reverse Proxy
Peter Wurzinger, Christian Platzer, Christian Ludl, Engin Kirda, and Christopher Kruegel
ICSE Workshop on Software Engineering for Secure Systems (SESS), IEEE Computer Society Press.
Canada, May 2009.
[ Article ]

A View on Current Malware Behaviors
Ulrich Bayer, Imam Habibi, Davide Balzarotti, Engin Kirda, and Christopher Kruegel
Usenix Workshop on Large-scale Exploits and Emergent Threats (LEET).
USA, April 2009.
[ Article ]

There Is No Free Phish: An Analysis of "Free" and Live Phishing Kits
Marco Cova, Christopher Kruegel, and Giovanni Vigna
Usenix Workshop on Offensive Technologies (WOOT).
USA, July 2008.
[ Article ]

Exploiting Redundancy in Natural Language to Penetrate Bayesian Spam Filters
Christoph Karlberger, Guenter Bayler, Christopher Kruegel, and Engin Kirda
Usenix Workshop on Offensive Technologies (WOOT).
USA, August 2007.
[ Article ]

Building Anti-Phishing Browser Plug-Ins: An Experience Report
Thomas Raffetseder, Engin Kirda, and Christopher Kruegel
ICSE Workshop on Software Engineering for Secure Systems (SESS), IEEE Computer Society Press.
USA, May 2007.
[ Article ]

Precise Alias Analysis for Static Detection of Web Application Vulnerabilities
Nenad Jovanovic, Christopher Kruegel, and Engin Kirda
ACM Workshop on Programming Languages and Analysis for Security (PLAS), ACM Special Interest Group for Programming Languages (SIGPLAN) Notices.
USA, June 2006.
[ Article ]

Alert Verification - Determining the Success of Intrusion Attempts
Christopher Kruegel and William Robertson
Workshop on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA).
Germany, July 2004.
[ Article ]

Connection-history based anomaly detection
Thomas Toth and Christopher Kruegel
3rd IEEE Information Assurance Workshop, IEEE Computer Society Press.
USA, June 2002.
[ Article ]

XGuide - A Practical Guide to XML-based Web Engineering
Engin Kirda, Clemens Kerer and Christopher Kruegel
International Workshop on Web Engineering, Lecture Notes in Computer Science, Springer Verlag.
Italy, May 2002.
[ Article ]

Supporting multi-device enabled services: Challenges and open problems
Engin Kirda, Clemens Kerer, Mehdi Jazayeri and Christopher Kruegel
10th IEEE Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE), IEEE Computer Society Press.
USA, June 2001.
[ Article ]

Applying Mobile Agent Technology to Intrusion Detection
Christopher Kruegel and Thomas Toth
ICSE Workshop on Software Engineering and Mobility.
Canada, May 2001.
[ Article ]

A new approach for Java in embedded networks
Wolfgang Kastner and Christopher Kruegel
3rd IEEE Workshop on Factory Communication Systems, IEEE Computer Society Press.
Portugal, September 2000.
[ Article ]

Book Chapters and Editorials

Technical Perspective: Making Browser Extensions Secure
Christopher Kruegel
Communications of the ACM (CACM), No. 9, ACM Press.
September, 2011.
[ Article ]

Host-Based Intrusion Detection
Giovanni Vigna and Christopher Kruegel
Handbook of Information Security, John Wiley and Sons, ISBN 0-471-64833-7.
December 2005.
[ Article ] [ Book ]

Characterizing the Behavior and Structure of Malicious Executables
Christopher Kruegel
Special Workshop on Malware Detection, Advances in Information Security, Springer Verlag, ISBN: 978-0-387-32720-4 .
USA, August 2005.
[ Article ] [ Book ]

Internet Security
Christopher Kruegel
The Industrial Communication Technology Handbook, CRC Press, ISBN 0-8493-3077-7.
February 2005.
[ Article ] [ Book ]

Network Security and Secure Applications
Christopher Kruegel
The Industrial Information Technology Handbook, CRC Press, ISBN 0-8493-1985-4.
November 2004.
[ Article ] [ Book ]

Books

Intrusion Detection and Correlation - Challenges and Solutions
Christopher Kruegel, Fredrik Valeur, and Giovanni Vigna
Advances in Information Security, Vol. 14, Springer Verlag, ISBN 0-387-23398-9.
January 2005.
[ Book ]

Einfuehrung in die Technische Informatik (Introduction to Technical Computer Science), German Language
Gerhard-Helge Schildt, Daniela Kahn, Christopher Kruegel, and Christian Moerz
Springers Lehrbuecher der Informatik (Textbooks on Computer Science), Springer Verlag, ISBN 3-211-24346-1.
April 2005.
[ Book ]

Editorships

Proceedings of the Perspectives Workshop: Network Attack Detection and Defense
Georg Carle, Falko Dressler, Richard Kemmerer, Hartmut Koenig, and Christopher Kruegel (Eds.)
Dagstuhl Seminar Proceedings (DSP) 08102, ISSN: 1862 - 4405.
March 2008.
[ Book ]

Proceedings of the 5th ACM Workshop on Recurring Malcode (WORM)
Christopher Kruegel (Eds.)
ACM Special Interest Group on Security, Audit, and Control (SIGSAC), ACM Press, ISBN 978-1-59593-886-2.
November 2007.
[ Book ]

Proceedings of the 10th International Symposium on Recent Advances in Intrusion Detection
Christopher Kruegel, Richard Lippmann, and Andrew Clark (Eds.)
Lecture Notes in Computer Science (LNCS), Vol. 4637, Springer Verlag, ISBN 978-3-540-74319-4.
September 2007.
[ Book ]

Proceedings of the 9th International Symposium on Recent Advances in Intrusion Detection
Diego Zamboni and Christopher Kruegel (Eds.)
Lecture Notes in Computer Science (LNCS), Vol. 4219, Springer Verlag, ISBN 978-3-540-39723-6.
September 2006.
[ Book ]

Proceedings of the 2nd International Conference on Intrusion and Malware Detection and Vulnerability Assessment
Klaus Julisch and Christopher Kruegel (Eds.)
Lecture Notes in Computer Science (LNCS), Vol. 3548, Springer Verlag, ISBN 3-540-26613-5.
July 2005.
[ Book ]

Proceedings of the 6th International Symposium on Recent Advances in Intrusion Detection
Giovanni Vigna, Erland Jonsson and Christopher Kruegel (Eds.)
Lecture Notes in Computer Science (LNCS), Vol. 2820, Springer Verlag, ISBN 3-540-40878-9.
September 2003.
[ Book ]

Created by Christopher Kruegel (© 2008, using Apache Cocoon).