Survey and taxonomy of adversarial reconnaissance techniques

S Roy, N Sharmin, JC Acosta, C Kiekintveld… - ACM Computing …, 2022 - dl.acm.org
Adversaries are often able to penetrate networks and compromise systems by exploiting
vulnerabilities in people and systems. The key to the success of these attacks is information …

Mistrust Plugins You Must: A {Large-Scale} Study Of Malicious Plugins In {WordPress} Marketplaces

RP Kasturi, J Fuller, Y Sun, O Chabklo… - 31st USENIX Security …, 2022 - usenix.org
Modern websites owe most of their aesthetics and functionalities to Content Management
Systems (CMS) plugins, which are bought and sold on widely popular marketplaces. Driven …

Forecasting malware capabilities from cyber attack memory images

O Alrawi, M Ike, M Pruett, RP Kasturi, S Barua… - 30th USENIX security …, 2021 - usenix.org
The remediation of ongoing cyber attacks relies upon timely malware analysis, which aims
to uncover malicious functionalities that have not yet executed. Unfortunately, this requires …

Mnemosyne: An effective and efficient postmortem watering hole attack investigation system

J Allen, Z Yang, M Landen, R Bhat, H Grover… - Proceedings of the …, 2020 - dl.acm.org
Compromising a website that is routinely visited by employees of a targeted organization
has become a popular technique for nation-state level adversaries to penetrate an …

Entangled Clouds: Measuring the Hosting Infrastructure of the Free Contents Web

M Alqadhi, M Alkinoon, J Lin, A Abdalaal… - Proceedings of the …, 2023 - dl.acm.org
Free content websites (FCWs) are a critical part of the Internet, and understanding them is
essential for their wide use. This study statistically explores the distribution of free content …

C-bedim and s-bedim: lateral movement detection in enterprise network through behavior deviation measurement

C Dong, J Yang, S Liu, Z Wang, Y Liu, Z Lu - Computers & Security, 2023 - Elsevier
Lateral movement plays a vital role in a network attack campaign. After breaking into the
intranet, perpetrators penetrate to their final target through this procedure. In order to protect …

Bedim: lateral movement detection in enterprise network through behavior deviation measurement

C Dong, Y Chen, Y Zhang, Y Liu, Z Lu… - 2021 IEEE 23rd Int …, 2021 - ieeexplore.ieee.org
Lateral movement plays a vital role in a network attack campaign. After breaking into the
intranet, perpetrators penetrate to their final target through this procedure. In order to protect …

Stargazer: Long-Term and Multiregional Measurement of Timing/Geolocation-Based Cloaking

S Fujii, T Sato, S Aoki, Y Tsuda, N Kawaguchi… - IEEE …, 2023 - ieeexplore.ieee.org
Malicious hosts have come to play a significant and varied role in today's cyber attacks.
Some of these hosts are equipped with a technique called cloaking, which discriminates …

Memory-efficient detection of large-scale obfuscated malware

Y Wang, M Zhang - International Journal of Wireless and …, 2024 - inderscienceonline.com
Obfuscation techniques are frequently used in malicious programs to evade detection.
However, current effective methods often require much memory space during training. This …

[PDF][PDF] TOWARD SOLVING THE SECURITY RISKS OF OPENSOURCE SOFTWARE USE

R Duan - 2019 - cyfi.ece.gatech.edu
I would like to thank Professor Alexandra Boldyreva, Professor Mustaque Ahamad and
Professor Angelos D. Keromytis for taking time to serve on my thesis committee. Their …