Reading List (to evolve as the semester progresses):

  1. [levchenko-sp11] Levchenko et. al., Click Trajectories: End-to-End Analysis of the Spam Value Chain, IEEE Security and Privacy, 2011.
  2. [caballero-security11] J. Caballero, C. Grier, C. Kreibich and V. Paxson, Measuring Pay-per-Install: The Commoditization of Malware Distribution, USENIX Security Symposium, 2011.
  3. [motoyama-security11] M. Motoyama, D. McCoy, K. Levchenko, S. Savage and G.M. Voelker, Dirty Jobs: The Role of Freelance Labor in Web Service Abuse, USENIX Security Symposium, 2011.
  4. [gao-ndss12] H. Gao, Y. Chen, K. Lee, D. Palsetia and A. Choudhary, Towards Online Spam Filtering in Social Networks, ISOC Network and Distributed System Security Symposium (NDSS), 2012.
  5. [lee-ndss12] S. Lee and J. Kim, WARNINGBIRD: Detecting Suspicious URLs in Twitter Stream, ISOC Network and Distributed System Security Symposium (NDSS), 2012.
  6. [jiang-ndss12] J. Jiang, J. Liang, K. Li, J. Li, H. Duan and J. Wu, Ghost Domain Names: Revoked Yet Still Resolvable, ISOC Network and Distributed System Security Symposium (NDSS), 2012.
  7. [moore-ccs11] T. Moore, N. Leontiadis and N. Christin, Fashion Crimes: Trending-Term Exploitation on the Web, ACM Computer and Communications Security Symposium (CCS), 2011.
  8. [lu-ccs11] L. Lu, R. Perdisci and W. Lee, SURF: Detecting and Measuring Search Poisoning, ACM Computer and Communications Security Symposium (CCS), 2011.
  9. [wang-ccs11] D.Y. Wang, S. Savage and G.M. Voelker, Cloak and Dagger: Dynamics of Web Search Cloaking, ACM Computer and Communications Security Symposium (CCS), 2011.
  10. [felt-ccs11] A.P. Felt, E. Chin, S. Hanna, D. Song and D. Wagner, Android Permissions Demystified, ACM Computer and Communications Security Symposium (CCS), 2011.
  11. [miller-dimva11] B. Miller, P. Pearce, C. Grier, C. Kreibich and V. Paxson, What's Clicking What? Techniques and Innovations of Today's Clickbots, Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), 2011.
  12. [irani-dimva11] D. Irani, M. Balduzzi, D. Balzarotti, E. Kirda and C. Pu, Reverse Social Engineering Attacks in Online Social Networks, Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), 2011.
  13. [maier-dimva11] G. Maier, A. Feldmann, V. Paxson, R. Sommer and M. Vallentin, An Assessment of Overt Malicious Activity Manifest in Residential Networks, Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), 2011.
  14. [kapravelos-dimva11] A. Kapravelos, M. Cova, C. Kruegel and G. Vigna, Escape from Monkey Island: Evading High-Interaction Honeyclients, Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), 2011.
  15. [stone-imc11] B. Stone-Gross, R. Stevens, R. Kemmerer, C. Kruegel, G. Vigna and A. Zarras, Understanding Fraudulent Activities in Online Ad Exchanges, ACM/USENIXInternet Measurement Conference (IMC), 2011.
  16. [shin-raid11] S. Shin, R. Lin and G. Gu, Cross-Analysis of Botnet Victims: New Insights and Implications, International Symposium on Research in Attacks, Intrusions and Defenses (RAID), 2011.
  17. [zhang-leet11] C. Zhang, C. Huang, K. Ross, D.A. Maltz and J. Li, Inflight Modifications of Content: Who Are the Culprits?, USENIX Workshop on Large-scale Exploits and Emergent Threats (LEET), 2011.
  18. [liu-leet11] H. Liu, K. Levchenko, M. Félegyházi, C. Kreibich, G. Maier, G.M. Voelker and S. Savage, On the Effects of Registrar-level Intervention, USENIX Workshop on Large-scale Exploits and Emergent Threats (LEET), 2011.
  19. [motoyama-imc11] M. Motoyama, D. McCoy, S. Savage and G.M. Voelker, An Analysis of Underground Forums, ACM/USENIX Internet Measurement Conference (IMC), 2011.
  20. [zhang-web11] Q. Zhang, T. Ristenpart, S. Savage and G.M. Voelker, Got Traffic? An Evaluation of Click Traffic Providers, Proceedings of the WICOM/AIRWeb Workshop on Web Quality (WebQuality), 2011.
  21. [zhou-ndss12] Y. Zhou, Z. Wang, W. Zhou and X. Jiang, Hey, You, Get Off of My Market: Detecting Malicious Apps in Official and Alternative Android Markets, ISOC Network and Distributed System Security Symposium (NDSS), 2012.
  22. [ihm-imc11] S. Ihm and V.S. Pai, Towards Understanding Modern Web Traffic, ACM/USENIX Internet Measurement Conference (IMC), 2011.
  23. [butkiewicz-imc11] M. Butkiewicz, H.V. Madhyastha and V. Sekar, Understanding Website Complexity: Measurements, Metrics, and Implications, ACM/USENIX Internet Measurement Conference (IMC), 2011.
  24. [ding-imc11] Y. Ding, Y. Du, Y. Hu, Z. Liu, L. Wang, K.W. Ross and A. Ghose, Broadcast Yourself: Understanding YouTube Uploaders, ACM/USENIX Internet Measurement Conference (IMC), 2011.
  25. [hao-imc11] S. Hao, N. Feamster and R. Pandrangi, Monitoring the Initial DNS Behavior of Malicious Domains, ACM/USENIX Internet Measurement Conference (IMC), 2011.
  26. [thomas-imc11] K. Thomas, C. Grier, V. Paxson and D. Song, Suspended Accounts in Retrospect: An Analysis of Twitter Spam, ACM/USENIX Internet Measurement Conference (IMC), 2011.
  27. [holz-imc11] R. Holz, L. Braun, N. Kammenhuber and G. Carle, The SSL Landscape – A Thorough Analysis of the X.509 PKI Using Active and Passive Measurements, ACM/USENIX Internet Measurement Conference (IMC), 2011.
  28. [roesner-nsdi12] F. Roesner, T. Kohno and D. Wetherall, Detecting and Defending Against Third-Party Tracking on the Web, USENIX Symposium on Networked Systems Design and Implementation (NSDI), 2012.
  29. [shields-dfrws11] C. Shields, O. Frieder, M. Maloof, A system for the proactive, continuous, and efficient collection of digital forensic evidence, ACM/SIGSAC Digital Forensics Research Conference (DFRWS), 2011.
  30. [white-sp11] A.M. White, A.R. Matthews, K.Z. Snow and F. Monrose, Phonotactic Reconstruction of Encrypted VoIP Conversations: Hookt on fon-iks, IEEE Symposium on Security and Privacy, 2011.
  31. [leon-tr12] P.G. Leon, B. Ur, R. Balebako, L.F. Cranor, R. Shay and Y. Wang, Why Johnny Can’t Opt Out: A Usability Evaluation of Tools to Limit Online Behavioral Advertising, CMU Technical Report, 2012.
  32. [weaver-foci11] N. Weaver, C. Kreibich and V. Paxson, Redirecting DNS for Ads and Profit, USENIX Workshop on Free and Open Communications on the Internet (FOCI), 2011.
  33. [wang-sp12] R. Wang, S. Chen and X. Wang, Signing Me onto Your Accounts through Facebook and Google: a Traffic-Guided Security Study of Commercially Deployed Single-Sign-On Web Services, IEEE Symposium on Security and Privacy, 2012.
  34. [osterweil-hotnets11] E. Osterweil, S. Amante, D. McPherson and D. Massey, The Great IPv4 Land Grab: Resource Certification for the IPv4 Grey Market, ACM Workshop on Hot Topics in Networks (HotNets), 2011.
  35. [bilenko-pets11] M. Bilenko, M. Richardson and J.Y. Tsai, Targeted, Not Tracked: Client-side Solutions for Privacy-Friendly Behavioral Advertising, Privacy Enhancing Technologies Symposium (PETS), 2011.
  36. [wustrow-security11] E. Wustrow, S. Wolchok, I. Goldberg and J.A. Halderman, Telex: Anticensorship in the Network Infrastructure, USENIX Security Symposium, 2011.
  37. [fifield-tr12] D. Fifield, N. Hardison, J. Ellithorpe, E. Stark, R. Dingledine, P. Porras and D. Boneh, Evading Censorship with Browser-Based Proxies, Stanford University Technical Report, 2012.
  38. [winter-tr12] P. Winter and S. Lindskog, How China Is Blocking Tor, arXiv Report, 2012.
  39. [moghaddam-tr12] H.M. Moghaddam, B. Li, M. Derakhshani and I. Goldberg, SkypeMorph: Protocol Obfuscation for Tor Bridges, University of Waterloo Technical Report, 2012.
  40. [dainotti-imc11] A. Dainotti, C. Squarcella, E. Aben, K.C. Claffy, M. Chiesa, M. Russo and A. Pescape, Analysis of Country-wide Internet Outages Caused by Censorship, ACM/USENIX Internet Measurement Conference (IMC), 2011.
  41. [knockel-foci11] J. Knockel, J.R. Crandall and J. Saia, Three Researchers, Five Conjectures: An Empirical Analysis of TOM-Skype Censorship and Surveillance, USENIX Free and Open Communications on the Internet (FOCI), 2011.
  42. [xu-pam11] X. Xu, Z.M. Mao and J.A. Halderman, Internet Censorship in China: Where Does the Filtering Occur?, Springer Passive and Active Measurement (PAM) Conference, 2011.
  43. [likarish-pets11] P. Likarish, O. Brdiczka, N. Yee, N. Ducheneaut and L. Nelson, Demographic Profiling from MMOG Gameplay Privacy Enhancing Technologies Symposium (PETS), 2011.

Reading list from the Spring'11 offering of the course is here.