Publications

Conference Publications


Shimware: Toward Practical Security Retrofitting for Monolithic Firmware Images
Eric Gustafson, Paul Grosen, Nilo Redini, Saagar Jha, Andrea Continella, Ruoyu Wang, Kevin Fu, Sara Rampazzi, Christopher Kruegel, and Giovanni Vigna
26th Symposium on Research in Attacks, Intrusions and Defenses (RAID), ACM International Conference Proceedings Series (ICPS).
Hong Kong, October 2023.
[ Article ]

Container Orchestration Honeypot: Observing Attacks in the Wild
Noah Spahn, Nils Hanke, Thorsten Holz, Christopher Kruegel, and Giovanni Vigna
26th Symposium on Research in Attacks, Intrusions and Defenses (RAID), ACM International Conference Proceedings Series (ICPS).
Hong Kong, October 2023.
[ Article ]

Confusum Contractum: Confused Deputy Vulnerabilities in Ethereum Smart Contracts
Fabio Gritti, Nicola Ruaro, Robert McLaughlin, Priyanka Bose, Dipanjan Das, Ilya Grishchenko, Christopher Kruegel, and Giovanni Vigna
32nd Usenix Security Symposium.
USA, August 2023.
[ Article ]

A Large Scale Study of the Ethereum Arbitrage Ecosystem
Robert McLaughlin, Christopher Kruegel, and Giovanni Vigna
32nd Usenix Security Symposium.
USA, August 2023.
[ Article ]

Actor: Action-Guided Kernel Fuzzing
Marius Fleischer, Dipanjan Das, Priyanka Bose, Weiheng Bai, Kangjie Lu, Mathias Payer, Christopher Kruegel, and Giovanni Vigna
32nd Usenix Security Symposium.
USA, August 2023.
[ Article ]

Certifiably Vulnerable: Using Certificate Transparency Logs for Target Reconnaissance
Stijn Pletinckx, Thanh-Dat Nguyen, Tobias Fiebig, Christopher Kruegel, and Giovanni Vigna
IEEE European Symposium on Security and Privacy.
Netherlands, July 2023.
[ Article ]

TEEzz: Fuzzing Trusted Applications on COTS Android Devices
Marcel Busch, Aravind Machiry, Chad Spensky, Giovanni Vigna, Christopher Kruegel, and Mathias Payer
IEEE Symposium on Security and Privacy, IEEE Computer Society Press.
USA, May 2023.
[ Article ]

Toss a Fault to Your Witcher: Applying Grey-box Coverage-Guided Mutational Fuzzing to Detect SQL and Command Injection Vulnerabilities
Erik Trickel, Fabio Pagani, Chang Zhu, Lukas Dresel, Giovanni Vigna, Christopher Kruegel, Ruoyu Wang, Tiffany Bao, Yan Shoshitaishvili, and Adam Doupe
IEEE Symposium on Security and Privacy, IEEE Computer Society Press.
USA, May 2023.
[ Article ]

Columbus: Android App Testing Through Systematic Callback Exploration
Priyanka Bose, Dipanjan Das, Saastha Vasan, Sebastiano Mariani, Ilya Grishchenko, Andrea Continella, Antonio Bianchi, Christopher Kruegel, and Giovanni Vigna
45th International Conference on Software Engineering (ICSE), ACM Press.
Australia, May 2023.
[ Article ]

Venomave: Targeted Poisoning Against Speech Recognition
Hojjat Aghakhani, Lea Schoenherr, Thorsten Eisenhofer, Dorothea Kolossa, Thorsten Holz, Christopher Kruegel, and Giovanni Vigna
IEEE Conference on Secure and Trustworthy Machine Learning (SaTML), IEEE Computer Society Press.
USA, February 2023.
[ Article ]

Popkorn: Popping Windows Kernel Drivers At Scale
Rajat Gupta, Lukas Dresel, Noah Spahn, Giovanni Vigna, Christopher Kruegel, and Taesoo Kim
Annual Computer Security Applications Conference (ACSAC), IEEE Computer Society Press.
USA, December 2022.
[ Article ]

Understanding Security Issues in the NFT Ecosystem
Dipanjan Das, Priyanka Bose, Nicola Ruaro, Christopher Kruegel, and Giovanni Vigna
29th ACM Conference on Computer and Communications Security (CCS), ACM Press.
USA, November 2022.
[ Article ]

Fuzzware: Using Precise MMIO Modeling for Effective Firmware Fuzzing
Tobias Scharnowski, Nils Bars, Moritz Schloegel, Eric Gustafson, Marius Muench, Giovanni Vigna, Christopher Kruegel, Thorsten Holz, and Ali Abbas
31st Usenix Security Symposium.
USA, August 2022.
This paper won a distinguished artifact award.
[ Article ]

Regulator: Dynamic Analysis to Detect ReDoS
Robert McLaughlin, Fabio Pagani, Noah Spahn, Christopher Kruegel, and Giovanni Vigna
31st Usenix Security Symposium.
USA, August 2022.
[ Article ]

Decomperson: How Humans Decompile and What We Can Learn From It
Kevin Burk, Fabio Pagani, Christopher Kruegel, and Giovanni Vigna
31st Usenix Security Symposium.
USA, August 2022.
[ Article ]

Hybrid Pruning: Towards Precise Pointer and Taint Analysis
Dipanjan Das, Priyanka Bose, Aravind Machiry, Sebastiano Mariani, Yan Shoshitaishvili, Christopher Kruegel, and Giovanni Vigna
Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA), Lecture Notes in Computer Science, Springer Verlag.
Italy, June 2022.
[ Article ]

DeepCase: Semi-Supervised Contextual Analysis of Security Events
Thijs van Ede, Hojjat Aghakhani, Noah Spahn, Riccardo Bortolameotti, Marco Cova, Andrea Continella, Maarten Steen, Andreas Peter, Christopher Kruegel, and Giovanni Vigna
IEEE Symposium on Security and Privacy, IEEE Computer Society Press.
USA, May 2022.
[ Article ]

Heapster: Analyzing the Security of Dynamic Allocators for Monolithic Firmware Images
Fabio Gritti, Fabio Pagani, Ilya Grishchenko, Lukas Dresel, Nilo Redini, Christopher Kruegel, and Giovanni Vigna
IEEE Symposium on Security and Privacy, IEEE Computer Society Press.
USA, May 2022.
[ Article ]

SymbExcel: Automated Analysis and Understanding of Malicious Excel 4.0 Macros
Nicola Ruaro, Fabio Pagani, Stefano Ortolani, Christopher Kruegel, and Giovanni Vigna
IEEE Symposium on Security and Privacy, IEEE Computer Society Press.
USA, May 2022.
[ Article ]

Sailfish: Vetting Smart Contract State-Inconsistency Bugs in Seconds
Priyanka Bose, Dipanjan Das, Yanju Chen, Yu Feng, Christopher Kruegel, and Giovanni Vigna
IEEE Symposium on Security and Privacy, IEEE Computer Society Press.
USA, May 2022.
[ Article ]

SyML: Guiding Symbolic Execution Toward Vulnerable States Through Pattern Learning
Nicola Ruaro, Lukas Dresel, Kyle Zeng, Tiffany Bao, Mario Polino, Andrea Continella, Stefano Zanero, Christopher Kruegel, and Giovanni Vigna
24th Symposium on Research in Attacks, Intrusions and Defenses (RAID), Usenix Association.
Spain, October 2021.
[ Article ]

Bullseye Polytope: A Scalable Clean-Label Poisoning Attack with Improved Transferability
Hojjat Aghakhani, Dongyu Meng, Yu-Xiang Wang, Christopher Kruegel, and Giovanni Vigna
IEEE European Symposium on Security and Privacy.
Austria, September 2021.
[ Article ]

Token-Level Fuzzing
Christopher Salls, Chani Jindal, Jake Corina, Christopher Kruegel, and Giovanni Vigna
30th Usenix Security Symposium.
USA, August 2021.
[ Article ]

Toward a Secure Crowdsourced Location Tracking System
Chinmay Garg, Aravind Machiry, Andrea Continella, Christopher Kruegel, and Giovanni Vigna
ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec), ACM Press.
Abu Dhabi, July 2021.
[ Article ]

Glitching Demystified: Analyzing Control-flow-based Glitching Attacks and Defenses
Chad Spensky, Aravind Machiry, Nathan Burow, Hamed Okhravi, Rick Housley, Zhongshu Gu, Hani Jamjoom, Christopher Kruegel, and Giovanni Vigna
IEEE/IFIP International Conference on Dependable Systems and Networks (DSN).
Taiwan, June 2021.
[ Article ]

Bran: Reduce Vulnerability Search Space in Large Open-Source Repositories by Learning Bug Symptoms
Dongyu Meng, Michele Guerriero, Aravind Machiry, Hojjat Aghakhani, Priyanka Bose, Andrea Continella, Christopher Kruegel, and Giovanni Vigna
ACM Asia Conference on Computer and Communications Security (AsiaCCS), ACM Press.
China, June 2021.
[ Article ]

Conware: Automated Modeling of Hardware Peripherals
Chad Spensky, Aravind Machiry, Nilo Redini, Colin Unger, Graham Foster, Evan Blasband, Hamed Okhravi, Christopher Kruegel, and Giovanni Vigna
ACM Asia Conference on Computer and Communications Security (AsiaCCS), ACM Press.
China, June 2021.
[ Article ]

Diane: Identifying Fuzzing Triggers in Apps to Generate Under-constrained Inputs for IoT Devices
Nilo Redini, Andrea Continella, Dipanjan Das, Giulio Pasquale, Noah Spahn, Aravind Machiry, Antonio Bianchi, Christopher Kruegel, and Giovanni Vigna
IEEE Symposium on Security and Privacy, IEEE Computer Society Press.
USA, May 2021.
[ Article ]

Tracing and Analyzing Web Access Paths Based on User-Side Data Collection: How Do Users Reach Malicious URLs?
Takeshi Takahashi, Christopher Kruegel, Giovanni Vigna, Katsunari Yoshioka, and Daisuke Inoue
23rd Symposium on Research in Attacks, Intrusions and Defenses (RAID), Usenix Association.
Spain, October 2020.
[ Article ]

HALucinator: Firmware Re-hosting through Abstraction Layer Emulation
Abraham Clements, Eric Gustafson, Tobias Scharnowski, Paul Grosen, David Fritz, Christopher Kruegel, Giovanni Vigna, Saurabh Bagchi, and Mathias Payer
29th Usenix Security Symposium.
USA, August 2020.
[ Article ]

On the Security of Application Installers and Online Software Repositories
Marcus Botacin, Giovanni Bertao, Paulo de Geus, Andre Gregio, Christopher Kruegel, and Giovanni Vigna
Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA), Lecture Notes in Computer Science, Springer Verlag.
Portugal, June 2020.
[ Article ]

Exploring Abstraction Functions in Fuzzing
Christopher Salls, Aravind Machiry, Adam Doupe, Yan Shoshitaishvili, Christopher Kruegel, and Giovanni Vigna
IEEE Conference on Communications and Network Security (CNS).
France, June 2020.
[ Article ]

Trust.IO: Protecting Physical Interfaces on Cyber-physical Systems
Chad Spensky, Aravind Machiry, Marcel Busch, Kevin Leach, Rick Housley, Christopher Kruegel, and Giovanni Vigna
IEEE Conference on Communications and Network Security (CNS).
France, June 2020.
[ Article ]

Symbion: Interleaving Symbolic with Concrete Execution
Fabio Gritti, Lorenzo Fontana, Eric Gustafson, Fabio Pagani, Andrea Continella, Christopher Kruegel, and Giovanni Vigna
IEEE Conference on Communications and Network Security (CNS).
France, June 2020.
[ Article ]

Spider: Enabling Fast Patch Propagation in Related Software Repositories
Aravind Machiry, Nilo Camellini, Christopher Kruegel, and Giovanni Vigna
IEEE Symposium on Security and Privacy, IEEE Computer Society Press.
USA, May 2020.
[ Article ]

Karonte: Detecting Insecure Multi-binary Interactions in Embedded Firmware
Nilo Redini, Aravind Machiry, Ruoyu Wang, Chad Spensky, Andrea Continella, Yan Shoshitaishvili, Christopher Kruegel, Giovanni Vigna
IEEE Symposium on Security and Privacy, IEEE Computer Society Press.
USA, May 2020.
[ Article ]

Dirty Clicks: A Study of the Usability and Security Implications of Click-related Behaviors on the Web
Iskander Sanchez-Rola, Davide Balzarotti, Christopher Kruegel, Giovanni Vigna, and Igor Santos
The Web Conference (WWW).
Taiwan, April 2020.
[ Article ]

When Malware is Packin' Heat; Limits of Machine Learning Classifiers Based on Static Analysis Features
Hojjat Aghakhani, Fabio Gritti, Francesco Mecca, Martina Lindorfer, Stefano Ortolani, Davide Balzarotti, Giovanni Vigna, and Christopher Kruegel
Network and Distributed System Security Symposium (NDSS), Internet Society.
USA, February 2020.
[ Article ]

Neurlux: Dynamic Malware Analysis Without Feature Engineering
Chani Jindal, Christopher Salls, Hojjat Aghakhani, Keith Long, Christopher Kruegel, and Giovanni Vigna
Annual Computer Security Applications Conference (ACSAC), IEEE Computer Society Press.
Puerto Rico, December 2019.
[ Article ]

Sleak: Automating Address Space Layout Derandomization
Christophe Hauser, Jayakrishna Menon, Yan Shoshitaishvili, Ruoyu Wang, Giovanni Vigna, and Christopher Kruegel
Annual Computer Security Applications Conference (ACSAC), IEEE Computer Society Press.
Puerto Rico, December 2019.
[ Article ]

Toward the Analysis of Embedded Firmware through Automated Re-hosting
Eric Gustafson, Marius Muench, Chad Spensky, Nilo Redini, Aravind Machiry, Davide Balzarotti, Yanick Fratantonio, Aurelien Francillon, Yung Ryn Choe, Christopher Kruegel, and Giovanni Vigna
22nd Symposium on Research in Attacks, Intrusions and Defenses (RAID), Lecture Notes in Computer Science, Springer Verlag.
China, September 2019.
[ Article ]

BinTrimmer: Towards Static Binary Debloating Through Abstract Interpretation
Nilo Redini, Ruoyu Wang, Aravind Machiry, Yan Shoshitaishvili, Giovanni Vigna, and Christopher Kruegel
Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA), Lecture Notes in Computer Science, Springer Verlag.
Sweden, June 2019.
[ Article ]

Think Outside the Dataset: Finding Fraudulent Reviews using Cross-Dataset Analysis
Shirin Nilizadeh, Hojjat Aghakhani, Eric Gustafson, Christopher Kruegel, and Giovanni Vigna
International World Wide Web Conference (WWW).
USA, May 2019.
[ Article ]

BootKeeper: Validating Software Integrity Properties on Boot Firmware Images
Ronny Chevalier, Stefano Cristalli, Christophe Hauser, Yan Shoshitaishvili, Ruoyu Wang, Christopher Kruegel, Giovanni Vigna, Danilo Bruschi, and Andrea Lanzi
ACM Conference on Data and Application Security and Privacy (CODASPY), ACM Press.
USA, March 2019.
[ Article ]

PeriScope: An Effective Probing and Fuzzing Framework for the Hardware-OS Boundary
Dokyung Song, Felicitas Hetzelt, Dipanjan Das, Chad Spensky, Yeoul Na, Stijn Volckaert, Giovanni Vigna, Christopher Kruegel, Jean-Pierre Seifert, and Michael Franz
Network and Distributed System Security Symposium (NDSS), Internet Society.
USA, February 2019.
[ Article ]

Using Loops For Malware Classification Resilient to Feature-unaware Perturbations
Aravind Machiry, Nilo Redini, Eric Gustafson, Yanick Fratantonio, Yung Ryn Choe, Christopher Kruegel, and Giovanni Vigna
34th Annual Computer Security Applications Conference (ACSAC), IEEE Computer Society Press.
USA, December 2018.
[ Article ]

MineSweeper: An In-depth Look into Drive-by Cryptocurrency Mining and Its Defense
Radhesh Konoth, Emanuele Vineti, Veelasha Moonsamy, Martina Lindorfer, Christopher Kruegel, Herbert Bos, and Giovanni Vigna
25th ACM Conference on Computer and Communications Security (CCS), ACM Press.
Canada, October 2018.
[ Article ]

HeapHopper: Bringing Bounded Model Checking to Heap Implementation Security
Moritz Eckert, Antonio Bianchi, Ruoyu Wang, Yan Shoshitaishvili, Christopher Kruegel, and Giovanni Vigna
27th Usenix Security Symposium.
USA, August 2018.
[ Article ]

Rampart: Protecting Web Applications from CPU-Exhaustion Denial-of-Service Attacks
Wei Meng, Chenxiong Qian, Shuang Hao, Kevin Borgolte, Giovanni Vigna, Christopher Kruegel, and Wenke Lee
27th Usenix Security Symposium.
USA, August 2018.
[ Article ]

GuardION: Practical Mitigation of DMA-based Rowhammer Attacks on ARM
Victor van der Veen, Martina Lindorfer, Yanick Fratantonio, Harikrishnan Padmanabha Pillai, Giovanni Vigna, Christopher Kruegel, Herbert Bos, and Kaveh Razavi
Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA), Lecture Notes in Computer Science, Springer Verlag.
France, June 2018.
[ Article ]

Measuring E-Mail Header Injections on the World Wide Web
Sai Chandramouli, Pierre-Marie Bajan, Christopher Kruegel, Giovanni Vigna, Ziming Zhao, Adam Doupe, and Gail-Joon Ahn
ACM Symposium on Applied Computing (SAC), ACM Press.
France, April 2018.
[ Article ]

In rDNS We Trust: Revisiting a Common Data-Source's Reliability
Tobias Fiebig, Kevin Borgolte, Shuang Hao, Christopher Kruegel, Giovanni Vigna, and Anja Feldmann
Passive Active Measurement Conference (PAM).
Germany, March 2018.
[ Article ]

Broken Fingers: On the Usage of the Fingerprint API in Android
Antonio Bianchi, Yanick Fratantonio, Aravind Machiry, Christopher Kruegel, Giovanni Vigna, Pak Chung, and Wenke Lee
Network and Distributed System Security Symposium (NDSS), Internet Society.
USA, February 2018.
[ Article ]

Cloud Strife: Mitigating the Security Risks of Domain-Validated Certificate
Kevin Borgolte, Tobias Fiebig, Shuang Hao, Christopher Kruegel, and Giovanni Vigna
Network and Distributed System Security Symposium (NDSS), Internet Society.
USA, February 2018.
[ Article ]

Exploitation and Mitigation of Authentication Schemes Based on Device-Public Information
Antonio Bianchi, Eric Gustafson, Yanick Fratantonio, Christopher Kruegel, and Giovanni Vigna
33rd Annual Computer Security Applications Conference (ACSAC), IEEE Computer Society Press.
USA, December 2017.
[ Article ]

Piston: Uncooperative Remote Runtime Patching
Christopher Salls, Yan Shoshitaishvili, Nick Stephens, Christopher Kruegel, and Giovanni Vigna
33rd Annual Computer Security Applications Conference (ACSAC), IEEE Computer Society Press.
USA, December 2017.
[ Article ]

Rise of the HaCRS: Augmenting Autonomous Cyber Reasoning Systems with Human Assistance
Yan Shoshitaishvili, Michael Weissbacher, Lukas Dresel, Christopher Salls, Ruoyu Wang, Christopher Kruegel, and Giovanni Vigna
24th ACM Conference on Computer and Communications Security (CCS), ACM Press.
USA, October 2017.
[ Article ]

Poised: Spotting Twitter Spam Off the Beaten Paths
Shirin Nilizadeh, Francois Labreche, Alireza Sadighian, Ali Zand, Jose Fernandez, Christopher Kruegel, Gianluca Stringhini, and Giovanni Vigna
24th ACM Conference on Computer and Communications Security (CCS), ACM Press.
USA, October 2017.
[ Article ]

Difuze: Interface Aware Fuzzing for Kernel Drivers
Jake Corina, Aravind Machiry, Christopher Salls, Yan Shoshitaishvili, Shuang Hao, Christopher Kruegel, and Giovanni Vigna
24th ACM Conference on Computer and Communications Security (CCS), ACM Press.
USA, October 2017.
[ Article ]

How Shall We Play a Game: A Game-Theoretical Model for Cyber-warfare Games
Tiffany Bao, Yan Shoshitaishvili, Ruoyu Wang, Christopher Kruegel, Giovanni Vigna, and David Brumley
IEEE Computer Security Foundations Symposium (CSF), IEEE Computer Society Press.
USA, August 2017.
[ Article ]

Dr.Checker: A Soundy Analysis for Linux Kernel Drivers
Aravind Machiry, Chad Spensky, Jake Corina, Nick Stephens, Christopher Kruegel, and Giovanni Vigna
26th Usenix Security Symposium.
Canada, August 2017.
[ Article ]

BootStomp: On the Security of Bootloaders in Mobile Devices
Nilo Redini, Aravind Machiry, Dipanjan Das, Yanick Fratantonio, Antonio Bianchi, Eric Gustafson, Yan Shoshitaishvili, Christopher Kruegel, and Giovanni Vigna
26th Usenix Security Symposium.
Canada, August 2017.
[ Article ]

On the Privacy and Security of the Ultrasound Ecosystem
Vasilios Mavroudis, Shuang Hao, Yanick Fratantonio, Federico Maggi, Christopher Kruegel, and Giovanni Vigna
15th Privacy Enhancing Technologies Symposium (PETS).
USA, July 2017.
[ Article ]

Gossip: Automatically Identifying Malicious Domains from Mailing List Discussions
Cheng Huang, Shuang Hao, Luca Invernizzi, Jiayong Liu, Yong Fang, Christopher Kruegel, and Giovanni Vigna
ACM Symposium on InformAtion, Computer and Communications Security (ASIACCS), ACM Press.
UAE, April 2017.
[ Article ]

Something From Nothing (There): Collecting Global IPv6 Datasets From DNS
Tobias Fiebig, Kevin Borgolte, Shuang Hao, Christopher Kruegel, and Giovanni Vigna
Passive Active Measurement Conference (PAM).
Australia, March 2017.
[ Article ]

Obfuscation-Resilient Privacy Leak Detection for Mobile Apps Through Differential Analysis
Andrea Continella, Yanick Fratantonio, Martina Lindorfer, Alessandro Puccetti, Ali Zand, Christopher Kruegel, and Giovanni Vigna
Network and Distributed System Security Symposium (NDSS), Internet Society.
USA, February 2017.
[ Article ]

Boomerang: Exploiting the Semantic Gap in Trusted Execution Environments
Aravind Machiry, Eric Gustafson, Chad Spensky, Christopher Salls, Nick Stephens, Ruoyu Wang, Antonio Bianchi, Yung Choe, Christopher Kruegel, and Giovanni Vigna
Network and Distributed System Security Symposium (NDSS), Internet Society.
USA, February 2017.
[ Article ]

Ramblr: Making Reassembly Great Again
Ruoyu Wang, Yan Shoshitaishvili, Antonio Bianchi, Aravind Machiry, John Grosen, Paul Grosen, Christopher Kruegel, and Giovanni Vigna
Network and Distributed System Security Symposium (NDSS), Internet Society.
USA, February 2017.
This paper won a distinguished paper award.
[ Article ]

Taming Transactions: Towards Hardware-Assisted Control Flow Integrity using Transactional Memory
Marius Muench, Fabio Pagani, Yan Shoshitaishvili, Christopher Kruegel, Giovanni Vigna, and Davide Balzarotti
19th Symposium on Research in Attacks, Intrusions and Defenses (RAID), Lecture Notes in Computer Science, Springer Verlag.
France, September 2016.
[ Article ]

TriggerScope: Towards Detecting Logic Bombs in Android Applications
Yanick Fratantonio, Antonio Bianchi, William Robertson, Engin Kirda, Christopher Kruegel, and Giovanni Vigna
IEEE Symposium on Security and Privacy, IEEE Computer Society Press.
USA, May 2016.
[ Article ]

SoK: (State of) The Art of War: Offensive Techniques in Binary Analysis
Yan Shoshitaishvili, Ruoyu Wang, Christopher Salls, Nick Stephens, Mario Polino, Audrey Dutcher, John Grosen, Siji Feng, Christophe Hauser, Christopher Kruegel, and Giovanni Vigna
IEEE Symposium on Security and Privacy, IEEE Computer Society Press.
USA, May 2016.
[ Article ]

Going Native: Using a Large-Scale Analysis of Android Apps to Create a Practical Native-Code Sandboxing Policy
Vitor Afonso, Paulo de Geus, Antonio Bianchi, Yanick Fratantonio, Christopher Kruegel, Giovanni Vigna, Adam Doupe, and Mario Polino
Network and Distributed System Security Symposium (NDSS), Internet Society.
USA, February 2016.
[ Article ]

Driller: Augmenting Fuzzing Through Selective Symbolic Execution
Nick Stephens, John Grosen, Christopher Salls, Audrey Dutcher, Ruoyu Wang, Jacopo Corbetta, Yan Shoshitaishvili, Christopher Kruegel, and Giovanni Vigna
Network and Distributed System Security Symposium (NDSS), Internet Society.
USA, February 2016.
[ Article ]

Grab 'n Run: Secure and Practical Dynamic Code Loading for Android Applications
Luca Falsina, Yanick Fratantonio, Stefano Zanero, Christopher Kruegel, Giovanni Vigna, and Federico Maggi
31st Annual Computer Security Applications Conference (ACSAC), IEEE Computer Society Press.
USA, December 2015.
[ Article ]

BareDroid: Large-Scale Analysis of Android Apps on Real Devices
Simone Mutti, Yanick Fratantonio, Antonio Bianchi, Luca Invernizzi, Jacopo Corbetta, Dhilung Kirat, Christopher Kruegel, and Giovanni Vigna
31st Annual Computer Security Applications Conference (ACSAC), IEEE Computer Society Press.
USA, December 2015.
[ Article ]

Know Your Achilles' Heel: Automatic Detection of Network Critical Services
Ali Zand, Amir Houmansadr, Giovanni Vigna, Richard Kemmerer, and Christopher Kruegel
31st Annual Computer Security Applications Conference (ACSAC), IEEE Computer Society Press.
USA, December 2015.
[ Article ]

Prison: Tracking Process Interactions to Contain Malware
Benjamin Caillat, Bob Gilbert, Dick Kemmerer, Christoper Kruegel, and Giovanni Vigna
International Symposium on Cyberspace Safety and Security (CSS).
USA, August 2015.
[ Article ]

CLAPP: Characterizing loops in Android applications
Yanick Fratantonio, Aravind Machiry, Antonio Bianchi, Christopher Kruegel, and Giovanni Vigna
10th Joint Meeting of the European Software Engineering Conference and the ACM SIGSOFT Symposium on the Foundations of Software Engineering (ESEC/FSE), ACM Press.
Italy, August 2015.
[ Article ]

ZigZag: Automatically Hardening Web Applications Against Client-side Validation Vulnerabilities
Michael Weissbacher, William Robertson, Engin Kirda, Christopher Kruegel, and Giovanni Vigna
24th Usenix Security Symposium.
USA, August 2015.
[ Article ]

How the ELF Ruined Christmas
Alessandro Di Federico, Amat Cama, Yan Shoshitaishvili, Christopher Kruegel, and Giovanni Vigna
24th Usenix Security Symposium.
USA, August 2015.
[ Article ]

Meerkat: Detecting Website Defacements through Image-based Object Recognition
Kevin Borgolte, Christopher Kruegel, and Giovanni Vigna
24th Usenix Security Symposium.
USA, August 2015.
[ Article ]

EvilCohort: Detecting Communities of Malicious Accounts on Online Services
Gianluca Stringhini, Pierre Mourlanne, Gregoire Jacob, Manuel Egele, Christopher Kruegel, and Giovanni Vigna
24th Usenix Security Symposium.
USA, August 2015.
[ Article ]

On the Security and Engineering Implications of Finer-Grained Access Controls for Android Developers and Users
Yanick Fratantonio, Antonio Bianchi, William Robertson, Manuel Egele, Christopher Kruegel, Engin Kirda, and Giovanni Vigna
Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA), Lecture Notes in Computer Science, Springer Verlag.
Italy, July 2015.
[ Article ]

Portrait of a Privacy Invasion - Detecting Relationships Through Large-scale Photo Analysis
Yan Shoshitaishvili, Christopher Kruegel, and Giovanni Vigna
15th Privacy Enhancing Technologies Symposium (PETS), De Gruyter Open.
USA, June 2015.
[ Article ]

What the App is That? Deception and Countermeasures in the Android User Interface
Antonio Bianchi, Jacopo Corbetta, Luca Invernizzi, Yanick Fratantonio, Christopher Kruegel, and Giovanni Vigna
IEEE Symposium on Security and Privacy, IEEE Computer Society Press.
USA, May 2015.
[ Article ]

Firmalice - Automatic Detection of Authentication Bypass Vulnerabilities in Binary Firmware
Yan Shoshitaishvili, Ruoyu Wang, Christophe Hauser, Christopher Kruegel, and Giovanni Vigna
Network and Distributed System Security Symposium (NDSS), Internet Society.
USA, February 2015.
[ Article ]

EdgeMiner: Automatically Detecting Implicit Control Flow Transitions through the Android Framework
Yinzhi Cao, Yanick Fratantonio, Antonio Bianchi, Manuel Egele, Christopher Kruegel, Giovanni Vigna, and Yan Chen
Network and Distributed System Security Symposium (NDSS), Internet Society.
USA, February 2015.
[ Article ]

The Dark Alleys of Madison Avenue: Understanding Malicious Advertisements
Apostolis Zarras, Alexandros Kapravelos, Gianluca Stringhini, Thorsten Holz, Christopher Kruegel, and Giovanni Vigna
Internet Measurement Conference (IMC), ACM Press.
Canada, November 2014.
[ Article ]

Eyes of a Human, Eyes of a Program: Leveraging different views of the web for analysis and detection
Jacopo Corbetta, Luca Invernizzi, Christopher Kruegel, and Giovanni Vigna
17th Symposium on Research in Attacks, Intrusions and Defenses (RAID), Lecture Notes in Computer Science, Springer Verlag.
Sweden, September 2014.
[ Article ]

Protecting Web Single Sign-on against Relying party Impersonation Attacks through a Bi-directional Secure Channel with Authentication
Yinzhi Cao, Yan Shoshitaishvili, Kevin Borgolte, Christopher Kruegel, Giovanni Vigna, and Yan Chen
17th Symposium on Research in Attacks, Intrusions and Defenses (RAID), Lecture Notes in Computer Science, Springer Verlag.
Sweden, September 2014.
[ Article ]

Hulk: Eliciting Malicious Behavior in Browser Extensions
Alexandros Kapravelos, Chris Grier, Neha Chachra, Christopher Kruegel, Giovanni Vigna, and Vern Paxson
23rd Usenix Security Symposium.
USA, August 2014.
[ Article ]

BareCloud: Bare-metal Analysis-based Evasive Malware Detection
Dhilung Kirat, Giovanni Vigna, and Christopher Kruegel
23rd Usenix Security Symposium.
USA, August 2014.
[ Article ]

PExy: The other side of Exploit Kits
Giancarlo De Maio, Alexandros Kapravelos, Yan Shoshitaishvili, Christopher Kruegel, and Giovanni Vigna
Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA), Lecture Notes in Computer Science, Springer Verlag.
United Kingdom, July 2014.
[ Article ]

The Harvester, the Botmaster, and the Spammer: On the Relations Between the Different Actors in the Spam Landscape
Gianluca Stringhini, Oliver Hohlfeld, Christopher Kruegel, and Giovanni Vigna
ACM Symposium on InformAtion, Computer and Communications Security (ASIACCS), ACM Press.
Japan, June 2014.
[ Article ]

Rippler: Delay Injection for Service Dependency Detection
Ali Zand, Giovanni Vigna, Richard Kemmerer, Christopher Kruegel
IEEE International Conference on Computer Communications (INFOCOM), IEEE Computer Society Press.
Canada, April 2014.
[ Article ]

Stranger Danger: Exploring the Ecosystem of Ad-based URL Shortening Services
Nick Nikiforakis, Federico Maggi, Gianluca Stringhini, M Zubair Rafique, Wouter Joosen, Christopher Kruegel, Frank Piessens, Giovanni Vigna, and Stefano Zanero
International World Wide Web Conference (WWW).
South Korea, April 2014.
[ Article ]

Extracting Probable Command and Control Signatures for Detecting Botnets
Ali Zand, Giovanni Vigna, Xifeng Yan, and Christopher Kruegel
ACM Symposium on Applied Computing (SAC), ACM Press.
South Korea, March 2014.
[ Article ]

Execute This! Analyzing Unsafe and Malicious Dynamic Code Loading in Android Applications
Sebastian Poeplau, Yanick Fratantonio, Antonio Bianchi, Christopher Kruegel, and Giovanni Vigna
Network and Distributed System Security Symposium (NDSS), Internet Society.
USA, February 2014.
[ Article ]

Nazca: Detecting Malware Distribution in Large-Scale Networks
Luca Invernizzi, Stanislav Miskovic, Ruben Torres, Sabyasachi Saha, Sung-Ju Lee, Marco Mellia, Christopher Kruegel, and Giovanni Vigna
Network and Distributed System Security Symposium (NDSS), Internet Society.
USA, February 2014.
[ Article ]

Message In A Bottle: Sailing Past Censorship
Luca Invernizzi, Christopher Kruegel, and Giovanni Vigna
29th Annual Computer Security Applications Conference (ACSAC), IEEE Computer Society Press.
USA, December 2013.
[ Article ]

Shady Paths: Leveraging Surfing Crowds to Detect Malicious Web Pages
Gianluca Stringhini, Christopher Kruegel, and Giovanni Vigna
20th ACM Conference on Computer and Communications Security (CCS), ACM Press.
Germany, November 2013.
[ Article ]

deDacota: Toward Preventing Server-Side XSS via Automatic Code and Data Separation
Adam Doupe, Weidong Cui, Mariusz Jakubowski, Marcus Peinado, Christopher Kruegel, and Giovanni Vigna
20th ACM Conference on Computer and Communications Security (CCS), ACM Press.
Germany, November 2013.
[ Article ]

Delta: Automatic Identification of Unknown Web-based Infection Campaigns
Kevin Borgolte, Christopher Kruegel, and Giovanni Vigna
20th ACM Conference on Computer and Communications Security (CCS), ACM Press.
Germany, November 2013.
[ Article ]

An Empirical Study of Cryptographic Misuse in Android Applications
Manuel Egele, David Brumley, Yanick Fratantonio, and Christopher Kruegel
20th ACM Conference on Computer and Communications Security (CCS), ACM Press.
Germany, November 2013.
[ Article ]

Practical Attacks Against The I2P Network
Christoph Egger, Johannes Schlumberger, Christopher Kruegel, and Giovanni Vigna
16th Symposium on Research in Attacks, Intrusions and Defenses (RAID), Lecture Notes in Computer Science, Springer Verlag.
St. Lucia, October 2013.
[ Article ]

Follow the Green: Growth and Dynamics in Twitter Follower Markets
Gianluca Stringhini, Gang Wang, Manuel Egele, Christopher Kruegel, Giovanni Vigna, Haitao Zheng, Ben Zhao
Internet Measurement Conference (IMC), ACM Press.
Spain, October 2013.
[ Article ]

Revolver: An Automated Approach to the Detection of Evasive Web-based Malware
Alexandros Kapravelos, Yan Shoshitaishvili, Marco Cova, Christopher Kruegel, and Giovanni Vigna
22nd Usenix Security Symposium.
USA, August 2013.
[ Article ]

Steal This Movie - Automatically Bypassing DRM Protection in Streaming Media Services
Ruoyu Wang, Yan Shoshitaishvili, Christopher Kruegel, and Giovanni Vigna
22nd Usenix Security Symposium.
USA, August 2013.
[ Article ]

Cookieless Monster: Exploring the Ecosystem of Web-based Device Fingerprinting
Nick Nikiforakis, Alexandros Kapravelos, Wouter Joosen, Christopher Kruegel, Frank Piessens, Giovanni Vigna
IEEE Symposium on Security and Privacy, IEEE Computer Society Press.
USA, May 2013.
[ Article ]

Two Years of Short URLs Internet Measurement: Security Threats and Countermeasures
Federico Maggi, Alessandro Frossi, Stefano Zanero, Gianluca Stringhini, Brett Stone-Gross, Christopher Kruegel, and Giovanni Vigna
International World Wide Web Conference (WWW).
Brazil, April 2013.
[ Article ]

EARs in the Wild: Large-Scale Analysis of Execution After Redirect Vulnerabilities
Pierre Payet, Adam Doupe, Christopher Kruegel, and Giovanni Vigna
ACM Symposium on Applied Computing (SAC), ACM Press.
Portugal, March 2013.
[ Article ]

Clickonomics: Determining the Effect of Anti-Piracy Measures for One-Click Hosting
Tobias Lauinger, Martin Szydlowski, Kaan Onarlioglu, Gilbert Wondracek, Engin Kirda and Christopher Kruegel
Network and Distributed System Security Symposium (NDSS), Internet Society.
USA, February 2013.
[ Article ]

COMPA: Detecting Compromised Accounts on Social Networks
Manuel Egele, Gianluca Stringhini, Christopher Kruegel, and Giovanni Vigna
Network and Distributed System Security Symposium (NDSS), Internet Society.
USA, February 2013.
[ Article ]

Jarhead: Analysis and Detection of Malicious Java Applets
Johannes Schlumberger, Christopher Kruegel, and Giovanni Vigna
28th Annual Computer Security Applications Conference (ACSAC), IEEE Computer Society Press.
USA, December 2012.
[ Article ]

Disclosure: Detecting Botnet Command and Control Servers Through Large-Scale NetFlow Analysis
Leyla Bilge, Davide Balzarotti, William Robertson, Engin Kirda, and Christopher Kruegel
28th Annual Computer Security Applications Conference (ACSAC), IEEE Computer Society Press.
USA, December 2012.
[ Article ]

BotFinder: Finding Bots in Network Traffic Without Deep Packet Inspection
Florian Tegeler, Xiaoming Fu, Giovanni Vigna, and Christopher Kruegel
ACM Conference on emerging Networking EXperiments and Technologies (CoNEXT), ACM Press.
USA, October 2012.
[ Article ]

Blacksheep: Detecting Compromised Hosts in Homogeneous Crowds
Antonio Bianchi, Yan Shoshitaishvili, Christopher Kruegel, and Giovanni Vigna
19th ACM Conference on Computer and Communications Security (CCS), ACM Press.
USA, October 2012.
[ Article ]

PeerPress: Utilizing Enemies’ P2P Strength Against Them
Zhaoyan Xu, Lingfeng Chen, Guofei Gu, and Christopher Kruegel
19th ACM Conference on Computer and Communications Security (CCS), ACM Press.
USA, October 2012.
[ Article ]

You Are What You Include: Large-scale Evaluation of Remote JavaScript Inclusions
Nick Nikiforakis, Luca Invernizzi, Alexandros Kapravelos, Steven Van Acker, Wouter Joosen, Christopher Kruegel, Frank Piessens, and Giovanni Vigna
19th ACM Conference on Computer and Communications Security (CCS), ACM Press.
USA, October 2012.
[ Article ]

FlashDetect: ActionScript 3 malware detection
Timon Van Overveldt, Christopher Kruegel, and Giovanni Vigna
15th Symposium on Research in Attacks, Intrusions and Defenses (RAID), Lecture Notes in Computer Science, Springer Verlag.
Netherlands, September 2012.
[ Article ]

PUBCRAWL: Protecting Users and Businesses from CRAWLers
Gregoire Jacob, Engin Kirda, Christopher Kruegel, and Giovanni Vigna
21st Usenix Security Symposium.
USA, August 2012.
[ Article ]

B@bel: Leveraging Email Delivery for Spam Mitigation
Gianluca Stringhini, Manuel Egele, Apostolis Zarras, Thorsten Holz, Christopher Kruegel, and Giovanni Vigna
21st Usenix Security Symposium.
USA, August 2012.
[ Article ]

Enemy of the State: A State-Aware Black-Box Web Vulnerability Scanner
Adam Doupe, Ludovico Cavedon, Christopher Kruegel, and Giovanni Vigna
21st Usenix Security Symposium.
USA, August 2012.
[ Article ]

A Quantitative Study of Accuracy in System Call-Based Malware Detection
Davide Canali, Andrea Lanzi, Davide Balzarotti, Christopher Kruegel, Mihai Christodorescu, and Engin Kirda
International Symposium on Software Testing and Analysis (ISSTA), ACM Press.
USA, July 2012.
[ Article ]

ViewPoints: Differential String Analysis for Discovering Client- and Server-Side Input Validation Inconsistencies
Muath Alkhalaf, Shauvik Roy Choudhary, Mattia Fazzini, Tevfik Bultan, Alessandro Orso, and Christopher Kruegel
International Symposium on Software Testing and Analysis (ISSTA), ACM Press.
USA, July 2012.
[ Article ]

A static, packer-agnostic filter to detect similar malware samples
Gregoire Jacob, Paolo Milani Comparetti, Matthias Neugschwandtner, Christopher Kruegel, and Giovanni Vigna
Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA), Lecture Notes in Computer Science, Springer Verlag.
Greece, July 2012.
[ Article ]

Tracking Memory Writes for Malware Classification and Code Reuse Identification (Short Paper)
Andre Ricardo Abed Gregio, Paulo Licio de Geus, Christopher Kruegel, and Giovanni Vigna
Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA), Lecture Notes in Computer Science, Springer Verlag.
Greece, July 2012.
[ Article ]

Enforcing Dynamic Spectrum Access with Spectrum Permits
Lei Yang, Zengbin Zhang, Ben Zhao, Christopher Kruegel, and Haitao Zheng
13th International Symposium on Mobile Ad Hoc Networking and Computing (MobiHoc), ACM Press.
USA, June 2012.
[ Article ]

EvilSeed: A Guided Approach to Finding Malicious Web Pages
Luca Invernizzi, Stefano Benvenuti, Marco Cova, Paolo Milani Comparetti, Christopher Kruegel, and Giovanni Vigna
IEEE Symposium on Security and Privacy, IEEE Computer Society Press.
USA, May 2012.
[ Article ]

ForeCast – Skimming off the Malware Cream
Matthias Neugschwandtner, Paolo Milani Comparetti, Gregoire Jacob, and Christopher Kruegel
27th Annual Computer Security Applications Conference (ACSAC), IEEE Computer Society Press.
USA, December 2011.
[ Article ]

BareBox: Efficient Malware Analysis on Bare-Metal
Dhilung Kirat, Giovanni Vigna, and Christopher Kruegel
27th Annual Computer Security Applications Conference (ACSAC), IEEE Computer Society Press.
USA, December 2011.
[ Article ]

Nexat: A history-based approach to predict attacker actions
Casey Cipriano, Ali Zand, Amir Houmansadr, Christopher Kruegel, and Giovanni Vigna
27th Annual Computer Security Applications Conference (ACSAC), IEEE Computer Society Press.
USA, December 2011.
[ Article ]

Understanding Fraudulent Activities in Online Ad Exchanges
Brett Stone-Gross, Ryan Stevens, Richard Kemmerer, Christopher Kruegel, Giovanni Vigna, and Apostolis Zarras
Internet Measurement Conference (IMC), ACM Press.
Germany, November 2011.
[ Article ]

The Power of Procrastination: Detection and Mitigation of Execution-Stalling Malicious Code
Clemens Kolbitsch, Engin Kirda, and Christopher Kruegel
18th ACM Conference on Computer and Communications Security (CCS), ACM Press.
USA, October 2011.
[ Article ]

Fear the EAR: Discovering and Mitigating Execution After Redirect Vulnerabilities
Adam Doupe, Bryce Boe, Christopher Kruegel, and Giovanni Vigna
18th ACM Conference on Computer and Communications Security (CCS), ACM Press.
USA, October 2011.
[ Article ]

Silverline: Toward Data Confidentiality in Storage-Intensive Cloud Applications
Krishna Puttaswamy, Christopher Kruegel, and Ben Zhao
ACM Symposium on Cloud Computing (SoCC), ACM Press.
USA, October 2011.
[ Article ]

Dymo: Tracking Dynamic Code Identity
Bob Gilbert, Richard Kemmerer, Christopher Kruegel, and Giovanni Vigna
Symposium on Recent Advances in Intrusion Detection (RAID), Lecture Notes in Computer Science, Springer Verlag.
USA, September 2011.
[ Article ]

Shellzer: A tool for the dynamic analysis of malicious shellcode
Yanick Fratantonio, Christopher Kruegel, and Giovanni Vigna
Symposium on Recent Advances in Intrusion Detection (RAID), Lecture Notes in Computer Science, Springer Verlag.
USA, September 2011.
[ Article ]

Jackstraws: Picking Command and Control Connections from Bot Traffic
Gregoire Jacob, Ralf Hund, Christopher Kruegel, and Thorsten Holz
20th Usenix Security Symposium.
USA, August 2011.
[ Article ]

BotMagnifier: Locating Spambots on the Internet
Gianluca Stringhini, Thorsten Holz, Brett Stone-Gross, Christopher Kruegel, and Giovanni Vigna
20th Usenix Security Symposium.
USA, August 2011.
[ Article ]

Escape from Monkey Island: Evading High-Interaction Honeyclients
Alexandros Kapravelos, Marco Cova, Christopher Kruegel, and Giovanni Vigna
Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA), Lecture Notes in Computer Science, Springer Verlag.
Netherlands, July 2011.
[ Article ]

MISHIMA: Multilateration of Internet hosts hidden using malicious fast-flux agents (Short Paper)
Greg Banks, Aristide Fattori, Richard Kemmerer, Christopher Kruegel, and Giovanni Vigna
Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA), Lecture Notes in Computer Science, Springer Verlag.
Netherlands, July 2011.
[ Article ]

Peering Through the iFrame
Brett Stone-Gross, Marco Cova, Christopher Kruegel, and Giovanni Vigna
IEEE International Conference on Computer Communications (INFOCOM) Mini-Conference, IEEE Computer Society Press.
China, April 2011.
[ Article ]

Prophiler: A Fast Filter for the Large-Scale Detection of Malicious Web Pages
Davide Canali, Marco Cova, Christopher Kruegel, and Giovanni Vigna
International World Wide Web Conference (WWW).
India, March 2011.
[ Article ]

PiOS: Detecting Privacy Leaks in iOS Applications
Manuel Egele, Christopher Kruegel, Engin Kirda, and Giovanni Vigna
Network and Distributed System Security Symposium (NDSS), Internet Society.
USA, February 2011.
This paper won a distinguished paper award.
[ Article ]

Exposure: Finding Malicious Domains Using Passive DNS Analysis
Leyla Bilge, Engin Kirda, Christopher Kruegel, and Marco Balduzzi
Network and Distributed System Security Symposium (NDSS), Internet Society.
USA, February 2011.
[ Article ]

Detecting Spammers On Social Networks
Gianluca Stringhini, Christopher Kruegel, and Giovanni Vigna
26th Annual Computer Security Applications Conference (ACSAC), IEEE Computer Society Press.
USA, December 2010.
This paper won the best student paper award.
[ Article ]

AccessMiner: Using System-Centric Models for Malware Protection
Andrea Lanzi, Davide Balzarotti, Christopher Kruegel, Mihai Christoderescu, and Engin Kirda
17th ACM Conference on Computer and Communications Security (CCS), ACM Press.
USA, October 2010.
[ Article ]

Abusing Social Networks for Automated User Profiling
Marco Balduzzi, Christian Platzer, Thorsten Holz, Engin Kirda, Davide Balzarotti, and Christopher Kruegel
Symposium on Recent Advances in Intrusion Detection (RAID), Lecture Notes in Computer Science, Springer Verlag.
Canada, September 2010.
[ Article ]

Toward Automated Detection of Logic Vulnerabilities in Web Applications
Viktoria Felmetsger, Ludovico Cavedon, Christopher Kruegel, and Giovanni Vigna
19th Usenix Security Symposium.
USA, August 2010.
[ Article ]

Inspector Gadget: Automated Extraction of Proprietary Gadgets from Malware Binaries
Clemens Kolbitsch, Thorsten Holz, Christopher Kruegel, and Engin Kirda
IEEE Symposium on Security and Privacy, IEEE Computer Society Press.
USA, May 2010.
[ Article ]

Identifying Dormant Functionality in Malware Programs
Paolo Milani Comparetti, Guido Salvaneschi, Engin Kirda, Clemens Kolbitsch, Christopher Kruegel, and Stefano Zanero
IEEE Symposium on Security and Privacy, IEEE Computer Society Press.
USA, May 2010.
[ Article ]

A Practical Attack to De-Anonymize Social Network Users
Gilbert Wondracek, Thorsten Holz, Engin Kirda, and Christopher Kruegel
IEEE Symposium on Security and Privacy, IEEE Computer Society Press.
USA, May 2010.
[ Article ]

Detection and Analysis of Drive-by-Download Attacks and Malicious JavaScript Code
Marco Cova, Christopher Kruegel, and Giovanni Vigna
International World Wide Web Conference (WWW).
USA, April 2010.
[ Article ]

A Solution for the Automated Detection of Clickjacking Attacks
Marco Balduzzi, Manuel Egele, Engin Kirda, Davide Balzarotti, and Christopher Kruegel
ACM Symposium on InformAtion, Computer and Communications Security (ASIACCS), ACM Press.
China, April 2010.
[ Article ]

Improving the Efficiency of Dynamic Malware Analysis
Ulrich Bayer, Engin Kirda, and Christopher Kruegel
ACM Symposium on Applied Computing (SAC), ACM Press.
Switzerland, March 2010.
[ Article ]

CAPTCHA Smuggling: Hijacking Web Browsing Sessions to Create CAPTCHA Farms
Manuel Egele, Leyla Bilge, Engin Kirda, and Christopher Kruegel
ACM Symposium on Applied Computing (SAC), ACM Press.
Switzerland, March 2010.
[ Article ]

Efficient Detection of Split Personalities in Malware
Davide Balzarotti, Marco Cova, Christoph Karlberger, Christopher Kruegel, Engin Kirda, and Giovanni Vigna
Network and Distributed System Security Symposium (NDSS), Internet Society.
USA, February 2010.
[ Article ]

Effective Anomaly Detection with Scarce Training Data
William Robertson, Federico Maggi, Christopher Kruegel, and Giovanni Vigna
Network and Distributed System Security Symposium (NDSS), Internet Society.
USA, February 2010.
[ Article ]

FIRE: FInding Rogue nEtworks
Brett Stone-Gross, Andreas Moser, Kevin Almeroth, Christopher Kruegel, and Engin Kirda
25th Annual Computer Security Applications Conference (ACSAC), IEEE Computer Society Press.
USA, December 2009.
[ Article ]

Analyzing and Detecting Malicious Flash Advertisements
Sean Ford, Marco Cova, Christopher Kruegel, and Giovanni Vigna
25th Annual Computer Security Applications Conference (ACSAC), IEEE Computer Society Press.
USA, December 2009.
[ Article ]

Your Botnet is My Botnet: Analysis of a Botnet Takeover
Brett Stone-Gross, Marco Cova, Lorenzo Cavallaro, Bob Gilbert, Martin Szydlowski, Richard Kemmerer, Christopher Kruegel, and Giovanni Vigna
16th ACM Conference on Computer and Communications Security (CCS), ACM Press.
USA, November 2009.
[ Article ]

Automatically Generating Models for Botnet Detection
Peter Wurzinger, Leyla Bilge, Thorsten Holz, Jan Goebel, Christopher Kruegel, and Engin Kirda
14th European Symposium on Research in Computer Security (ESORICS), Lecture Notes in Computer Science, Springer Verlag.
France, September 2009.
[ Article ]

Protecting a Moving Target: Addressing Web Application Concept Drift
Federico Maggi, William Robertson, Christopher Kruegel, and Giovanni Vigna
Symposium on Recent Advances in Intrusion Detection (RAID), Lecture Notes in Computer Science, Springer Verlag.
France, September 2009.
[ Article ]

Automated Spyware Collection and Analysis
Andreas Stamminger, Christopher Kruegel, Giovanni Vigna, and Engin Kirda
12th Information Security Conference (ISC), Lecture Notes in Computer Science, Springer Verlag.
Italy, September 2009.
[ Article ]

Effective and Efficient Malware Detection at the End Host
Clemens Kolbitsch, Paolo Milani Comparetti, Christopher Kruegel, Engin Kirda, Xiaoyong Zhou, and XiaoFeng Wang
18th Usenix Security Symposium.
Canada, August 2009.
[ Article ]

Defending Browsers against Drive-by Downloads: Mitigating Heap-spraying Code Injection Attacks
Manuel Egele, Peter Wurzinger, Christopher Kruegel, and Engin Kirda
Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA), Lecture Notes in Computer Science, Springer Verlag.
Italy, July 2009.
[ Article ]

Prospex: Protocol Specification Extraction
Paolo Milani Comparetti, Gilbert Wondracek, Christopher Kruegel, and Engin Kirda
IEEE Symposium on Security and Privacy, IEEE Computer Society Press.
USA, May 2009.
[ Article ]

Removing Web Spam Links from Search Engine Results
Manuel Egele, Christopher Kruegel, and Engin Kirda
Annual Conference of the European Institute for Computer Antivirus Research (EICAR).
Germany, May 2009.
[ Article ]

Scalable, Behavior-Based Malware Clustering
Ulrich Bayer, Paolo Milani Comparetti, Clemens Hlauschek, Christopher Kruegel, and Engin Kirda
Network and Distributed System Security Symposium (NDSS), Internet Society.
USA, February 2009.
[ Article ]

A Parallel Architecture for Stateful, High-Speed Intrusion Detection
Luca Foschini, Ashish Thapliyal, Lorenzo Cavallaro, Christopher Kruegel, and Giovanni Vigna
International Conference on Information Systems Security (ICISS) , Lecture Notes in Computer Science, Springer Verlag.
India, December 2008.
[ Article ]

Overbot - A botnet protocol based on Kademlia
Guenther Starnberger, Christopher Kruegel, and Engin Kirda
IEEE International Conference on Security and Privacy for Emerging Areas in Communication Networks (Securecomm), IEEE Computer Society Press.
Turkey, September 2008.
[ Article ]

Visual Similarity-Based Phishing Detection
Eric Medvet, Engin Kirda, and Christopher Kruegel
IEEE International Conference on Security and Privacy for Emerging Areas in Communication Networks (Securecomm), IEEE Computer Society Press.
Turkey, September 2008.
[ Article ]

Leveraging User Interactions for In-Depth Testing of Web Applications
Sean McAllister, Christopher Kruegel, and Engin Kirda
Symposium on Recent Advances in Intrusion Detection (RAID), Lecture Notes in Computer Science, Springer Verlag.
USA, September 2008.
[ Article ]

VeriKey: A Dynamic Certificate Verification System for Public Key Exchanges
Brett Stone-Gross, David Sigal, Rob Cohn, John Morse, Kevin Almeroth, and Christopher Kruegel
Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA), Lecture Notes in Computer Science, Springer Verlag.
France, July 2008.
[ Article ]

Saner: Composing Static and Dynamic Analysis to Validate Sanitization in Web Applications
Marco Cova, Vika Felmetsger, Davide Balzarotti, Nenad Jovanovic, Christopher Kruegel, Engin Kirda, and Giovanni Vigna
IEEE Symposium on Security and Privacy, IEEE Computer Society Press.
USA, May 2008.
[ Article ]

Automatic Network Protocol Analysis
Gilbert Wondracek, Paolo Milani Comparetti, Christopher Kruegel, and Engin Kirda
Network and Distributed System Security Symposium (NDSS), Internet Society.
USA, February 2008.
[ Article ]

Limits of Static Analysis for Malware Detection
Andreas Moser, Christopher Kruegel, and Engin Kirda
23rd Annual Computer Security Applications Conference (ACSAC), IEEE Computer Society Press.
USA, December 2007.
[ Article ]

Improving Signature Testing Through Dynamic Data Flow Analysis
Davide Balzarotti, William Robertson, Christopher Kruegel, and Giovanni Vigna
23rd Annual Computer Security Applications Conference (ACSAC), IEEE Computer Society Press.
USA, December 2007.
[ Article ]

Secure Input for Web Applications
Martin Szydlowski, Christopher Kruegel, and Engin Kirda
23rd Annual Computer Security Applications Conference (ACSAC), IEEE Computer Society Press.
USA, December 2007.
[ Article ]

Panorama: Capturing System-wide Information Flow for Malware Detection and Analysis
Heng Yin, Dawn Song, Manuel Egele, Christopher Kruegel, and Engin Kirda
14th ACM Conference on Computer and Communications Security (CCS), ACM Press.
USA, October 2007.
[ Article ]

Detecting System Emulators
Thomas Raffetseder, Christopher Kruegel, and Engin Kirda
10th Information Security Conference (ISC), Lecture Notes in Computer Science, Springer Verlag.
Chile, October 2007.
This paper won the best student paper award.
[ Article ]

Mining Specifications of Malicious Behavior
Mihai Christodorescu, Somesh Jha, and Christopher Kruegel
6th Joint Meeting of the European Software Engineering Conference and the ACM SIGSOFT Symposium on the Foundations of Software Engineering (ESEC/FSE), ACM Press.
Croatia, September 2007.
This paper won a distinguished paper award.
[ Article ]

A Layout-Similarity-Based Approach for Detecting Phishing Pages
Angelo Rosiello, Engin Kirda, Christopher Kruegel, and Fabrizio Ferrandi
IEEE International Conference on Security and Privacy for Emerging Areas in Communication Networks (Securecomm), IEEE Computer Society Press.
France, September 2007.
[ Article ]

On the Effectiveness of Techniques to Detect Phishing Sites
Christian Ludl, Sean McAllister, Engin Kirda, and Christopher Kruegel
Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA), Lecture Notes in Computer Science, Springer Verlag.
Switzerland, July 2007.
[ Article ]

Dynamic Spyware Analysis
Manuel Egele, Christopher Kruegel, Engin Kirda, Heng Yin, and Dawn Song
Usenix Annual Technical Conference.
USA, June 2007.
[ Article ]

Exploring Multiple Execution Paths for Malware Analysis
Andreas Moser, Christopher Kruegel, and Engin Kirda
IEEE Symposium on Security and Privacy, IEEE Computer Society Press.
USA, May 2007.
[ Article ]

Cross Site Scripting Prevention with Dynamic Data Tainting and Static Analysis
Philipp Vogt, Florian Nentwich, Nenad Jovanovic, Engin Kirda, Christopher Kruegel, and Giovanni Vigna
Network and Distributed System Security Symposium (NDSS), Internet Society.
USA, February 2007.
[ Article ]

Extending .NET Security to Unmanaged Code
Patrick Klinkoff, Christopher Kruegel, Engin Kirda, and Giovanni Vigna
9th Information Security Conference (ISC), Lecture Notes in Computer Science, Springer Verlag.
Greece, September 2006.
[ Article ]

Preventing Cross Site Request Forgery Attacks
Nenad Jovanovic, Engin Kirda, and Christopher Kruegel
IEEE International Conference on Security and Privacy for Emerging Areas in Communication Networks (Securecomm), IEEE Computer Society Press.
USA, August 2006.
[ Article ]

Behavior-based Spyware Detection
Engin Kirda, Christopher Kruegel, Greg Banks, Giovanni Vigna, and Richard Kemmerer
15th Usenix Security Symposium.
Canada, August 2006.
[ Article ]

Using Static Program Analysis to Aid Intrusion Detection
Manuel Egele, Martin Szydlowski, Engin Kirda, and Christopher Kruegel
Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA), Lecture Notes in Computer Science, Springer Verlag.
Germany, July 2006.
[ Article ]

SecuBat: A Web Vulnerability Scanner
Stefan Kals, Engin Kirda, Christopher Kruegel, and Nenad Jovanovic
15th International World Wide Web Conference (WWW).
United Kingdom, May 2006.
[ Article ]

Pixy: A Static Analysis Tool for Detecting Web Application Vulnerabilities (Short Paper)
Nenad Jovanovic, Christopher Kruegel, and Engin Kirda
IEEE Symposium on Security and Privacy, IEEE Computer Society Press.
USA, May 2006.
[ Article ]

TTAnalyze: A Tool for Analyzing Malware
Ulrich Bayer, Christopher Kruegel, and Engin Kirda
15th Annual Conference of the European Institute for Computer Antivirus Research (EICAR).
Germany, April 2006.
This paper won the best paper award.
[ Article ]

Noxes: A Client-Side Solution for Mitigating Cross Site Scripting Attacks
Engin Kirda, Christopher Kruegel, Giovanni Vigna, and Nenad Jovanovic
21st ACM Symposium on Applied Computing (SAC), ACM Press.
France, April 2006.
[ Article ]

An Anomaly-driven Reverse Proxy for Web Applications
Fredrik Valeur, Giovanni Vigna, Christopher Kruegel, and Engin Kirda
21st ACM Symposium on Applied Computing (SAC), ACM Press.
France, April 2006.
[ Article ]

Using Generalization and Characterization Techniques in the Anomaly-based Detection of Web Attacks
William Robertson, Giovanni Vigna, Christopher Kruegel and Richard Kemmerer
Network and Distributed System Security Symposium (NDSS), Internet Society.
USA, February 2006.
[ Article ]

Polymorphic Worm Detection Using Structural Information of Executables
Christopher Kruegel, Engin Kirda, Darren Mutz, William Robertson, and Giovanni Vigna
8th Symposium on Recent Advances in Intrusion Detection (RAID), Lecture Notes in Computer Science, Springer Verlag.
USA, September 2005.
[ Article ]

Automating Mimicry Attacks Using Static Binary Analysis
Christopher Kruegel, Engin Kirda, Darren Mutz, William Robertson, and Giovanni Vigna
14th Usenix Security Symposium.
USA, August 2005.
[ Article ]

Protecting Users Against Phishing Attacks with AntiPhish
Engin Kirda and Christopher Kruegel
29th Annual International Computer Software and Applications Conference (COMPSAC), IEEE Computer Society Press.
United Kingdom, July 2005.
[ Article ]

Reverse Engineering of Network Signatures
Darren Mutz, Christopher Kruegel, William Robertson, Giovanni Vigna, and Richard Kemmerer
Information Technology Security Conference (AusCERT).
Australia, May 2005.
This paper won the best paper award.
[ Article ]

Detecting Kernel-Level Rootkits Through Binary Analysis
Christopher Kruegel, William Robertson and Giovanni Vigna
20th Annual Computer Security Applications Conference (ACSAC), IEEE Computer Society Press.
USA, December 2004.
[ Article ]

Static Disassembly of Obfuscated Binaries
Christopher Kruegel, William Robertson, Fredrik Valeur and Giovanni Vigna
13th Usenix Security Symposium.
USA, August 2004.
[ Article ]

Bayesian Event Classification for Intrusion Detection
Christopher Kruegel, Darren Mutz, William Robertson and Fredrik Valeur
19th Annual Computer Security Applications Conference (ACSAC), IEEE Computer Society Press.
USA, December 2003.
[ Article ]

Anomaly Detection of Web-based Attacks
Christopher Kruegel and Giovanni Vigna
10th ACM Conference on Computer and Communications Security (CCS), ACM Press.
USA, October 2003.
[ Article ]

On the Detection of Anomalous System Call Arguments
Christopher Kruegel, Darren Mutz, Fredrik Valeur and Giovanni Vigna
8th European Symposium on Research in Computer Security (ESORICS), Lecture Notes in Computer Science, Springer Verlag.
Norway, October 2003.
[ Article ]

Run-time Detection of Heap-based Overflows
William Robertson, Christopher Kruegel, Darren Mutz and Fredrik Valeur
17th Large Installation Systems Administration Conference (LISA), Usenix.
USA, October 2003.
[ Article ]

Using Decision Trees to Improve Signature-based Intrusion Detection
Christopher Kruegel and Thomas Toth
6th Symposium on Recent Advances in Intrusion Detection (RAID), Lecture Notes in Computer Science, Springer Verlag.
USA, September 2003.
[ Article ]

Topology-based Detection of Anomalous BGP Messages
Christopher Kruegel, Darren Mutz, William Robertson and Fredrik Valeur
6th Symposium on Recent Advances in Intrusion Detection (RAID), Lecture Notes in Computer Science, Springer Verlag.
USA, September 2003.
[ Article ]

Web Service Engineering with DIWE
Engin Kirda, Clemens Kerer, Christopher Kruegel and Roman Kurmanowytsch
29th Euromicro, IEEE Computer Society Press.
September 2003.
[ Article ]

Evaluating the Impact of Automated Intrusion Response Mechanisms
Thomas Toth and Christopher Kruegel
18th Annual Computer Security Applications Conference (ACSAC), IEEE Computer Society Press.
November 2002.
[ Article ]

Accurate Buffer Overflow Detection via Abstract Payload Execution
Thomas Toth and Christopher Kruegel
5th Symposium on Recent Advances in Intrusion Detection (RAID), Lecture Notes in Computer Science, Springer Verlag.
Switzerland, October 2002.
[ Article ]

DPS - An Architectural Style for Development of Secure Software
Pascal Fenkam, Harald Gall, Mehdi Jazayeri and Christopher Kruegel
Infrastructure Security Conference (InfraSec), Lecture Notes in Computer Science, Springer Verlag.
United Kingdom, October 2002.
[ Article ]

Stateful Intrusion Detection for High-Speed Networks
Christopher Kruegel, Fredrik Valeur, Giovanni Vigna and Richard Kemmerer
IEEE Symposium on Security and Privacy, IEEE Computer Society Press.
USA, May 2002.
[ Article ]

Service Specific Anomaly Detection for Network Intrusion Detection
Christopher Kruegel, Thomas Toth and Engin Kirda
17th ACM Symposium on Applied Computing (SAC), ACM Press.
Spain, March 2002.
[ Article ]

Distributed Pattern Detection for Intrusion Detection
Christopher Kruegel and Thomas Toth
Network and Distributed System Security Symposium (NDSS), Internet Society.
USA, February 2002.
[ Article ]

Flexible, Mobile Agent based Intrusion Detection for Dynamic Networks
Christopher Kruegel and Thomas Toth
European Wireless.
Italy, February 2002.
[ Article ]

Decentralized Event Correlation for Intrusion Detection
Christopher Kruegel, Thomas Toth and Clemens Kerer
International Conference on Information Security and Cryptology (ICISC), Lecture Notes in Computer Science, Springer Verlag.
Korea, December 2001.
[ Article ]

Sparta - A Mobile Agent based Intrusion Detection System
Christopher Kruegel, Thomas Toth, and Engin Kirda
IFIP Conference on Network Security (I-NetSec), Kluwer Academic Publishers.
Croatia, June 2001.
[ Article ]

An efficient, IP based solution to the 'Logical Timestamp Wrapping' problem
Christopher Kruegel and Thomas Toth
6th International Conference on Telecommunications (ConTEL).
Croatia, June 2001.
[ Article ]

Improved fieldbus control via middleware technolgy
Wolfgang Kastner and Christopher Kruegel
4th Conference on Automatic Control (Controlo).
Portugal, October 2000.
[ Article ]

Jini connectivity for EIB home and building networks - from design to implementation
Wolfgang Kastner and Christopher Kruegel
EIB Scientific Conference.
Germany, October 1999.
[ Article ]

Jini: Ein guter Geist fuer die Gebaeudesystemtechnik, German Language
Wolfgang Kastner, Christopher Kruegel and Heinrich Reiter
Java Informations Tage (JIT).
Germany, September 1999.
[ Article ]

Journal Publications


One Size Does Not Fit All: A Longitudinal Analysis of Brazilian Financial Malware
Marcus Botacin, Hojjat Aghakhani, Stefano Ortolani, Christopher Kruegel, Giovanni Vigna, Daniela Oliveira, Paulo Geus, and Andre Gregio
ACM Transactions on Privacy and Security, Volume 24, Number 2, ACM Press.
January 2021.
[ Article ]

Towards Detecting Compromised Accounts on Social Networks
Manuel Egele, Gianluca Stringhini, Christopher Kruegel, and Giovanni Vigna
IEEE Transactions on Dependable and Secure Computing, Volume 14, Number 4, IEEE Computer Society.
July/August 2017.
[ Article ]

Exposure: A Passive DNS Analysis Service to Detect and Report Malicious Domains
Leyla Bilge, Sevil Sen, Davide Balzarotti, Engin Kirda, and Christopher Kruegel
ACM Transactions on Information and System Security (TISSEC), Volume 16, Number 4, ACM Press.
April 2014.
[ Article ]

Preserving Location Privacy in Geo-Social Applications
Krishna Puttaswamy, Shiyuan Wang, Troy Steinbauer, Divyakant Agrawal, Amr El Abbadi, Christopher Kruegel, and Ben Zhao
IEEE Transactions on Mobile Computing, Volume 13, Number 1, IEEE Computer Society.
January 2014.
[ Article ]

A Survey on Automated Dynamic Malware-Analysis Techniques and Tools
Manuel Egele, Theodoor Scholte, Engin Kirda, and Christopher Kruegel
ACM Computing Surveys, Volume 44, Number 2, ACM Press.
February 2012.
[ Article ]

Analysis of a Botnet Takeover
Brett Stone-Gross, Marco Cova, Bob Gilbert, Richard Kemmerer, Christopher Kruegel, and Giovanni Vigna
IEEE Security and Privacy, Volume 9, Number 1, IEEE Computer Society.
January/February 2011.
[ Article ]

Static Analysis for Detecting Taint-Style Vulnerabilities in Web Applications
Nenad Jovanovic, Christopher Kruegel, and Engin Kirda
Journal of Computer Security (JCS), Volume 18, Number 5, IOS Press.
September 2010.
[ Article ]

Client-side cross-site scripting protection
Engin Kirda, Nenad Jovanovic, Christopher Kruegel, and Giovanni Vigna
Computers and Security, Volume 28, Number 7, Elsevier.
October 2009.
[ Article ]

Reducing errors in the anomaly-based detection of web-based attacks through the combined analysis of web requests and SQL queries
Giovanni Vigna, Fredrik Valeur, Davide Balzarotti, William Robertson, Christopher Kruegel, and Engin Kirda
Journal of Computer Security, Volume 17, Number 3, IOS Press.
August 2009.
[ Article ]

Server-side Bot Detection in Massive Multiplayer Online Games
Stefan Mitterhofer, Christian Platzer, Christopher Kruegel, and Engin Kirda
IEEE Security and Privacy (Special Issue: Online Gaming Security), Volume 7, Number 3, IEEE Computer Society.
May/June 2009.
[ Article ]

Extending .NET Security to Unmanaged Code
Patrick Klinkoff, Christopher Kruegel, Engin Kirda, and Giovanni Vigna
International Journal of Information Security, Volume 6, Number 6, Springer Computer Science Journal.
October 2007.
[ Article ]

Dynamic Analysis of Malicious Code
Ulrich Bayer, Andreas Moser, Christopher Kruegel, and Engin Kirda
Journal in Computer Virology, Volume 2, Number 1, Springer Computer Science Journal.
August 2006.
[ Article ]

Anomalous System Call Detection
Darren Mutz, Fredrik Valeur, Christopher Kruegel, and Giovanni Vigna
ACM Transactions on Information and System Security (TISSEC), Volume 9, Number 1, ACM Press.
February 2006.
[ Article ]

Protecting Users Against Phishing Attacks with AntiPhish
Engin Kirda and Christopher Kruegel
The Computer Journal, Volume 49, Number 5, Oxford University Press.
January 2006.
[ Article ]

A multi-model approach to the detection of web-based attacks
Christopher Kruegel, Giovanni Vigna, and William Robertson
Computer Networks, Volume 48, Number 5, Elsevier.
July 2005.
[ Article ]

Using Alert Verification to Identify Successful Intrusion Attempts
Christopher Kruegel, William Robertson, and Giovanni Vigna
Practice in Information Processing and Communication (PIK), Volume 27, Number 4, K.G. Saur Verlag.
October 2004.
[ Article ]

A Comprehensive Approach to Intrusion Detection Alert Correlation
Fredrik Valeur, Giovanni Vigna, Christopher Kruegel, and Richard Kemmerer
IEEE Transactions on Dependable and Secure Computing, Volume 1, Number 3.
July 2004.
[ Article ]

Workshop Publications


Tarnhelm: Isolated, Transparent and Confidential Execution of Arbitrary Code in ARM's TrustZone
Davide Quarta, Michele Ianni, Aravind Machiry, Yanick Fratantonio, Eric Gustafson, Davide Balzarotti, Martina Lindorfer, Christopher Kruegel, and Giovanni Vigna
ACM Workshop on Research on Offensive and Defensive Techniques in the Context of Man At The End Attacks (CheckMATE).
South Korea, November 2021.
[ Article ]

Towards Automatically Generating a Sound and Complete Dataset for Evaluating Static Analysis Tools
Aravind Machiry, Nilo Redini, Eric Gustafson, Hojjat Aghakhani, Christopher Kruegel, and Giovanni Vigna
Workshop on Binary Analysis Research (BAR).
USA, February 2019.
[ Article ]

Detecting Deceptive Reviews using Generative Adversarial Networks
Hojjat Aghakhani, Aravind Machiry, Shirin Nilizadeh, Christopher Kruegel, and Giovanni Vigna
Deep Learning and Security Workshop.
USA, May 2018.
[ Article ]

NJAS: Sandboxing unmodified applications in non-rooted devices running stock Android
Antonio Bianchi, Yanick Fratantonio, Christopher Kruegel, and Giovanni Vigna
5th Annual ACM CCS Workshop on Security and Privacy in Smartphones and Mobile Devices (SPSM).
USA, October 2015.
[ Article ]

Framing Dependencies Introduced by Underground Commoditization
Kurt Thomas, Danny Yuxing Huang, David Wang, Elie Bursztein, Chris Grier, Tom Holt, Christopher Kruegel, Damon McCoy, Stefan Savage, and Giovanni Vigna
Workshop on the Economics of Information Security (WEIS).
Netherlands, June 2015.
[ Article ]

A Large-Scale Study of Mobile Web App Security
Patrick Mutchler, Adam Doupe, John Mitchell, Christopher Kruegel, and Giovanni Vigna
Mobile Security Technologies Workshop (MoST).
USA, May 2015.
This paper won the best paper award.
[ Article ]

The Tricks of the Trade: What Makes Spam Campaigns Successful?
Jane Iedemska, Gianluca Stringhini, Richard Kemmerer, Christopher Kruegel, and Giovanni Vigna
International Workshop on Cyber Crime (IWCC), IEEE Press.
USA, May 2014.
[ Article ]

Poultry Markets: On the Underground Economy of Twitter Followers
Gianluca Stringhini, Manuel Egele, Christopher Kruegel, and Giovanni Vigna
Workshop on Online Social Networks (WOSN), ACM Press.
Finland, August 2012.
[ Article ]

Detecting social cliques for automated privacy control in online social networks
Hakan Yildiz and Christopher Kruegel
IEEE International Workshop on SEcurity and SOCial Networking (SESOC), IEEE Press.
Switzerland, March 2012.
[ Article ]

BTLab: A System-Centric, Data-Driven Analysis and Measurement Platform for BitTorrent Clients
Martin Szydlowski, Ben Zhao, Engin Kirda, and Christopher Kruegel
IEEE Workshop on Grid and P2P Systems and Applications (GridPeer), IEEE Computer Society Press.
USA, August 2011.
[ Article ]

The Underground Economy of Fake Antivirus Software
Brett Stone-Gross, Ryan Abman, Richard Kemmerer, Christopher Kruegel, Douglas Steigerwald, and Giovanni Vigna
10th Workshop on the Economics of Information Security (WEIS).
USA, June 2011.
[ Article ]

PoX: Protecting Users from Malicious Facebook Applications
Manuel Egele, Andreas Moser, Christopher Kruegel, and Engin Kirda
3rd IEEE International Workshop on SEcurity and SOCial Networking (SESOC), IEEE Computer Society Press.
USA, March 2011.
[ Article ]

Is the Internet for Porn? An Insight Into the Online Adult Industry
Gilbert Wondracek, Thorsten Holz, Christian Platzer, Engin Kirda, and Christopher Kruegel
9th Workshop on the Economics of Information Security (WEIS).
USA, June 2010.
[ Article ]

SWAP: Mitigating XSS Attacks using a Reverse Proxy
Peter Wurzinger, Christian Platzer, Christian Ludl, Engin Kirda, and Christopher Kruegel
ICSE Workshop on Software Engineering for Secure Systems (SESS), IEEE Computer Society Press.
Canada, May 2009.
[ Article ]

A View on Current Malware Behaviors
Ulrich Bayer, Imam Habibi, Davide Balzarotti, Engin Kirda, and Christopher Kruegel
Usenix Workshop on Large-scale Exploits and Emergent Threats (LEET).
USA, April 2009.
[ Article ]

There Is No Free Phish: An Analysis of "Free" and Live Phishing Kits
Marco Cova, Christopher Kruegel, and Giovanni Vigna
Usenix Workshop on Offensive Technologies (WOOT).
USA, July 2008.
[ Article ]

Exploiting Redundancy in Natural Language to Penetrate Bayesian Spam Filters
Christoph Karlberger, Guenter Bayler, Christopher Kruegel, and Engin Kirda
Usenix Workshop on Offensive Technologies (WOOT).
USA, August 2007.
[ Article ]

Building Anti-Phishing Browser Plug-Ins: An Experience Report
Thomas Raffetseder, Engin Kirda, and Christopher Kruegel
ICSE Workshop on Software Engineering for Secure Systems (SESS), IEEE Computer Society Press.
USA, May 2007.
[ Article ]

Precise Alias Analysis for Static Detection of Web Application Vulnerabilities
Nenad Jovanovic, Christopher Kruegel, and Engin Kirda
ACM Workshop on Programming Languages and Analysis for Security (PLAS), ACM Special Interest Group for Programming Languages (SIGPLAN) Notices.
USA, June 2006.
[ Article ]

Alert Verification - Determining the Success of Intrusion Attempts
Christopher Kruegel and William Robertson
Workshop on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA).
Germany, July 2004.
[ Article ]

Connection-history based anomaly detection
Thomas Toth and Christopher Kruegel
3rd IEEE Information Assurance Workshop, IEEE Computer Society Press.
USA, June 2002.
[ Article ]

XGuide - A Practical Guide to XML-based Web Engineering
Engin Kirda, Clemens Kerer and Christopher Kruegel
International Workshop on Web Engineering, Lecture Notes in Computer Science, Springer Verlag.
Italy, May 2002.
[ Article ]

Supporting multi-device enabled services: Challenges and open problems
Engin Kirda, Clemens Kerer, Mehdi Jazayeri and Christopher Kruegel
10th IEEE Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE), IEEE Computer Society Press.
USA, June 2001.
[ Article ]

Applying Mobile Agent Technology to Intrusion Detection
Christopher Kruegel and Thomas Toth
ICSE Workshop on Software Engineering and Mobility.
Canada, May 2001.
[ Article ]

A new approach for Java in embedded networks
Wolfgang Kastner and Christopher Kruegel
3rd IEEE Workshop on Factory Communication Systems, IEEE Computer Society Press.
Portugal, September 2000.
[ Article ]

Book Chapters and Editorials


Technical Perspective: Making Browser Extensions Secure
Christopher Kruegel
Communications of the ACM (CACM), No. 9, ACM Press.
September, 2011.
[ Article ]

Host-Based Intrusion Detection
Giovanni Vigna and Christopher Kruegel
Handbook of Information Security, John Wiley and Sons, ISBN 0-471-64833-7.
December 2005.
[ Article ] [ Book ]

Behavioral and Structural Properties of Malicious Code
Christopher Kruegel
Special Workshop on Malware Detection, Advances in Information Security, Springer Verlag, ISBN: 978-0-387-32720-4 .
USA, August 2005.
[ Article ] [ Book ]

Internet Security
Christopher Kruegel
The Industrial Communication Technology Handbook, CRC Press, ISBN 0-8493-3077-7.
February 2005.
[ Article ] [ Book ]

Network Security and Secure Applications
Christopher Kruegel
The Industrial Information Technology Handbook, CRC Press, ISBN 0-8493-1985-4.
November 2004.
[ Article ] [ Book ]

Books


Intrusion Detection and Correlation - Challenges and Solutions
Christopher Kruegel, Fredrik Valeur, and Giovanni Vigna
Advances in Information Security, Vol. 14, Springer Verlag, ISBN 0-387-23398-9.
January 2005.
[ Book ]

Einfuehrung in die Technische Informatik (Introduction to Technical Computer Science), German Language
Gerhard-Helge Schildt, Daniela Kahn, Christopher Kruegel, and Christian Moerz
Springers Lehrbuecher der Informatik (Textbooks on Computer Science), Springer Verlag, ISBN 3-211-24346-1.
April 2005.
[ Book ]

Editorships


Proceedings of the Perspectives Workshop: Network Attack Detection and Defense
Georg Carle, Falko Dressler, Richard Kemmerer, Hartmut Koenig, and Christopher Kruegel (Eds.)
Dagstuhl Seminar Proceedings (DSP) 08102, ISSN: 1862 - 4405.
March 2008.
[ Book ]

Proceedings of the 5th ACM Workshop on Recurring Malcode (WORM)
Christopher Kruegel (Eds.)
ACM Special Interest Group on Security, Audit, and Control (SIGSAC), ACM Press, ISBN 978-1-59593-886-2.
November 2007.
[ Book ]

Proceedings of the 10th International Symposium on Recent Advances in Intrusion Detection
Christopher Kruegel, Richard Lippmann, and Andrew Clark (Eds.)
Lecture Notes in Computer Science (LNCS), Vol. 4637, Springer Verlag, ISBN 978-3-540-74319-4.
September 2007.
[ Book ]

Proceedings of the 9th International Symposium on Recent Advances in Intrusion Detection
Diego Zamboni and Christopher Kruegel (Eds.)
Lecture Notes in Computer Science (LNCS), Vol. 4219, Springer Verlag, ISBN 978-3-540-39723-6.
September 2006.
[ Book ]

Proceedings of the 2nd International Conference on Intrusion and Malware Detection and Vulnerability Assessment
Klaus Julisch and Christopher Kruegel (Eds.)
Lecture Notes in Computer Science (LNCS), Vol. 3548, Springer Verlag, ISBN 3-540-26613-5.
July 2005.
[ Book ]

Proceedings of the 6th International Symposium on Recent Advances in Intrusion Detection
Giovanni Vigna, Erland Jonsson and Christopher Kruegel (Eds.)
Lecture Notes in Computer Science (LNCS), Vol. 2820, Springer Verlag, ISBN 3-540-40878-9.
September 2003.
[ Book ]