Vern Paxson

According to our database1, Vern Paxson authored at least 188 papers between 1993 and 2019.

Collaborative distances:

Awards

ACM Fellow

ACM Fellow 2006, "For contributions to Internet measurement and intrusion detection.".

Timeline

Legend:

Book 
In proceedings 
Article 
PhD thesis 
Other 

Links

Homepages:

On csauthors.net:

Bibliography

2019
Detecting and Characterizing Lateral Phishing at Scale.
Proceedings of the 28th USENIX Security Symposium, 2019

2018
A Large-Scale Empirical Study of Security Patches.
;login:, 2018

Toward Continual Measurement of Global Network-Level Censorship.
IEEE Security & Privacy, 2018

Exploring Server-side Blocking of Regions.
CoRR, 2018

Scanning the Internet for Liveness.
Computer Communication Review, 2018

A Bestiary of Blocking: The Motivations and Modes behind Website Unavailability.
Proceedings of the 8th USENIX Workshop on Free and Open Communications on the Internet, 2018

We Still Don't Have Secure Cross-Domain Requests: an Empirical Study of CORS.
Proceedings of the 27th USENIX Security Symposium, 2018

2017
Global-Scale Measurement of DNS Manipulation.
;login:, 2017

Social Engineering Attacks on Government Opponents: Target Perspectives.
PoPETs, 2017

On the Potential Abuse of IGMP.
Computer Communication Review, 2017

Tools for Automated Analysis of Cybercriminal Markets.
Proceedings of the 26th International Conference on World Wide Web, 2017

Characterizing the Nature and Dynamics of Tor Exit Blocking.
Proceedings of the 26th USENIX Security Symposium, 2017

Global Measurement of DNS Manipulation.
Proceedings of the 26th USENIX Security Symposium, 2017

Detecting Credential Spearphishing in Enterprise Settings.
Proceedings of the 26th USENIX Security Symposium, 2017

Augur: Internet-Wide Detection of Connectivity Disruptions.
Proceedings of the 2017 IEEE Symposium on Security and Privacy, 2017

The Security Impact of HTTPS Interception.
Proceedings of the 24th Annual Network and Distributed System Security Symposium, 2017

Target generation for internet-wide IPv6 scanning.
Proceedings of the 2017 Internet Measurement Conference, 2017

Packetlab: a universal measurement endpoint interface.
Proceedings of the 2017 Internet Measurement Conference, 2017

Identifying Products in Online Cybercrime Marketplaces: A Dataset for Fine-grained Domain Adaptation.
Proceedings of the 2017 Conference on Empirical Methods in Natural Language Processing, 2017

Data Breaches, Phishing, or Malware?: Understanding the Risks of Stolen Credentials.
Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, CCS 2017, Dallas, TX, USA, October 30, 2017

2016
Towards Mining Latent Client Identifiers from Network Traffic.
PoPETs, 2016

Remedying Web Hijacking: Notification Effectiveness and Webmaster Comprehension.
Proceedings of the 25th International Conference on World Wide Web, 2016

You've Got Vulnerability: Exploring Effective Vulnerability Notifications.
Proceedings of the 25th USENIX Security Symposium, 2016

SoK: Towards Grounding Censorship Circumvention in Empiricism.
Proceedings of the IEEE Symposium on Security and Privacy, 2016

Detecting DNS Root Manipulation.
Proceedings of the Passive and Active Measurement - 17th International Conference, 2016

VAST: A Unified Platform for Interactive Network Forensics.
Proceedings of the 13th USENIX Symposium on Networked Systems Design and Implementation, 2016

Do You See What I See? Differential Treatment of Anonymous Users.
Proceedings of the 23rd Annual Network and Distributed System Security Symposium, 2016

Forwarding-Loop Attacks in Content Delivery Networks.
Proceedings of the 23rd Annual Network and Distributed System Security Symposium, 2016

A Multi-perspective Analysis of Carrier-Grade NAT Deployment.
Proceedings of the 2016 ACM on Internet Measurement Conference, 2016

An Analysis of the Privacy and Security Risks of Android VPN Permission-enabled Apps.
Proceedings of the 2016 ACM on Internet Measurement Conference, 2016

Profiling underground merchants based on network behavior.
Proceedings of the 2016 APWG Symposium on Electronic Crime Research, 2016

PREDATOR: Proactive Recognition and Elimination of Domain Abuse at Time-Of-Registration.
Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, 2016

Host of Troubles: Multiple Host Ambiguities in HTTP Implementations.
Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, 2016

2015
Blocking-resistant communication through domain fronting.
PoPETs, 2015

Haystack: In Situ Mobile Traffic Analysis in User Space.
CoRR, 2015

A Primer on IPv4 Scarcity.
Computer Communication Review, 2015

Ad Injection at Scale: Assessing Deceptive Advertisement Modifications.
Proceedings of the 2015 IEEE Symposium on Security and Privacy, 2015

Temporal Lensing and Its Application in Pulsing Denial-of-Service Attacks.
Proceedings of the 2015 IEEE Symposium on Security and Privacy, 2015

Header Enrichment or ISP Enrichment?: Emerging Privacy Threats in Mobile Networks.
Proceedings of the 2015 ACM SIGCOMM Workshop on Hot Topics in Middleboxes and Network Function Virtualization, 2015

Ethical Concerns for Censorship Measurement.
Proceedings of the 2015 ACM SIGCOMM Workshop on Ethics in Networked Systems Research, 2015

Beyond the Radio: Illuminating the Higher Layers of Mobile Networks.
Proceedings of the 13th Annual International Conference on Mobile Systems, 2015

Keynote Speaker.
Proceedings of the 10th International Conference on Malicious and Unwanted Software, 2015

Measurement and Analysis of Traffic Exchange Services.
Proceedings of the 2015 ACM Internet Measurement Conference, 2015

Examining How the Great Firewall Discovers Hidden Circumvention Servers.
Proceedings of the 2015 ACM Internet Measurement Conference, 2015

GFlux: A google-based system for Fast Flux detection.
Proceedings of the 2015 IEEE Conference on Communications and Network Security, 2015

Exploring Privacy Preservation in Outsourced K-Nearest Neighbors with Multiple Data Owners.
Proceedings of the 2015 ACM Workshop on Cloud Computing Security Workshop, 2015

2014
On Modeling the Costs of Censorship.
CoRR, 2014

When Governments Hack Opponents: A Look at Actors and Technology.
Proceedings of the 23rd USENIX Security Symposium, San Diego, CA, USA, August 20-22, 2014., 2014

Hulk: Eliciting Malicious Behavior in Browser Extensions.
Proceedings of the 23rd USENIX Security Symposium, San Diego, CA, USA, August 20-22, 2014., 2014

Native actors: how to scale network forensics.
Proceedings of the ACM SIGCOMM 2014 Conference, 2014

Here Be Web Proxies.
Proceedings of the Passive and Active Measurement - 15th International Conference, 2014

HILTI: an Abstract Execution Environment for Deep, Stateful Network Traffic Analysis.
Proceedings of the 2014 Internet Measurement Conference, 2014

A Look at the Consequences of Internet Censorship Through an ISP Lens.
Proceedings of the 2014 Internet Measurement Conference, 2014

The Matter of Heartbleed.
Proceedings of the 2014 Internet Measurement Conference, 2014

A Tangled Mass: The Android Root Certificate Stores.
Proceedings of the 10th ACM International on Conference on emerging Networking Experiments and Technologies, 2014

Consequences of Connectivity: Characterizing Account Hijacking on Twitter.
Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, 2014

Characterizing Large-Scale Click Fraud in ZeroAccess.
Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, 2014

2013
Trafficking Fraudulent Accounts: The Role of the Underground Market in Twitter Spam and Abuse.
Proceedings of the 22th USENIX Security Symposium, Washington, DC, USA, August 14-16, 2013, 2013

Practical Comprehensive Bounds on Surreptitious Communication over DNS.
Proceedings of the 22th USENIX Security Symposium, Washington, DC, USA, August 14-16, 2013, 2013

Towards Illuminating a Censorship Monitor's Model to Facilitate Evasion.
Proceedings of the 3rd USENIX Workshop on Free and Open Communications on the Internet, 2013

Understanding the domain registration behavior of spammers.
Proceedings of the 2013 Internet Measurement Conference, 2013

Detecting stealthy, distributed SSH brute-forcing.
Proceedings of the 2013 ACM SIGSAC Conference on Computer and Communications Security, 2013

2012
Cloud Terminal: Secure Access to Sensitive Applications from Untrusted Systems.
Proceedings of the 2012 USENIX Annual Technical Conference, 2012

Prudent Practices for Designing Malware Experiments: Status Quo and Outlook.
Proceedings of the IEEE Symposium on Security and Privacy, 2012

The BIZ Top-Level Domain: Ten Years Later.
Proceedings of the Passive and Active Measurement - 13th International Conference, 2012

Adapting Social Spam Infrastructure for Political Censorship.
Proceedings of the 5th USENIX Workshop on Large-Scale Exploits and Emergent Threats, 2012

Fathom: a browser-based network measurement platform.
Proceedings of the 12th ACM SIGCOMM Internet Measurement Conference, 2012

Manufacturing compromise: the emergence of exploit-as-a-service.
Proceedings of the ACM Conference on Computer and Communications Security, 2012

2011
Computing TCP's Retransmission Timer.
RFC, June, 2011

Towards Situational Awareness of Large-Scale Botnet Probing Events.
IEEE Trans. Information Forensics and Security, 2011

Redirecting DNS for Ads and Profit.
Proceedings of the USENIX Workshop on Free and Open Communications on the Internet, 2011

Show Me the Money: Characterizing Spam-advertised Revenue.
Proceedings of the 20th USENIX Security Symposium, 2011

Measuring Pay-per-Install: The Commoditization of Malware Distribution.
Proceedings of the 20th USENIX Security Symposium, 2011

Design and Evaluation of a Real-Time URL Spam Filtering Service.
Proceedings of the 32nd IEEE Symposium on Security and Privacy, 2011

Click Trajectories: End-to-End Analysis of the Spam Value Chain.
Proceedings of the 32nd IEEE Symposium on Security and Privacy, 2011

Experiences from Netalyzr with engaging users in end-system measurement.
Proceedings of the first ACM SIGCOMM workshop on Measurements up the stack, 2011

Detecting and Analyzing Automated Activity on Twitter.
Proceedings of the Passive and Active Measurement - 12th International Conference, 2011

Suspended accounts in retrospect: an analysis of twitter spam.
Proceedings of the 11th ACM SIGCOMM Internet Measurement Conference, 2011

GQ: practical containment for measuring modern malware systems.
Proceedings of the 11th ACM SIGCOMM Internet Measurement Conference, 2011

What's Clicking What? Techniques and Innovations of Today's Clickbots.
Proceedings of the Detection of Intrusions and Malware, and Vulnerability Assessment, 2011

An Assessment of Overt Malicious Activity Manifest in Residential Networks.
Proceedings of the Detection of Intrusions and Malware, and Vulnerability Assessment, 2011

2010
Employing Honeynets For Network Situational Awareness.
Proceedings of the Cyber Situational Awareness - Issues and Research, 2010

Outside the Closed World: On Using Machine Learning for Network Intrusion Detection.
Proceedings of the 31st IEEE Symposium on Security and Privacy, 2010

A Longitudinal View of HTTP Traffic.
Proceedings of the Passive and Active Measurement, 11th International Conference, 2010

A Preliminary Analysis of TCP Performance in an Enterprise Network.
Proceedings of the 2010 Internet Network Management Workshop / Workshop on Research on Enterprise Networking, 2010

Botnet Judo: Fighting Spam with Itself.
Proceedings of the Network and Distributed System Security Symposium, 2010

On the Potential of Proactive Domain Blacklisting.
Proceedings of the 3rd USENIX Workshop on Large-Scale Exploits and Emergent Threats, 2010

Insights from the Inside: A View of Botnet Management from Infiltration.
Proceedings of the 3rd USENIX Workshop on Large-Scale Exploits and Emergent Threats, 2010

Netalyzr: illuminating the edge network.
Proceedings of the 10th ACM SIGCOMM Internet Measurement Conference, 2010

Using strongly typed networking to architect for tussle.
Proceedings of the 9th ACM Workshop on Hot Topics in Networks. HotNets 2010, Monterey, CA, USA - October 20, 2010

@spam: the underground on 140 characters or less.
Proceedings of the 17th ACM Conference on Computer and Communications Security, 2010

2009
TCP Congestion Control.
RFC, September, 2009

An architecture for exploiting multi-core processors to parallelize network intrusion prevention.
Concurrency and Computation: Practice and Experience, 2009

Selecting the 2008 sigcomm test-of-time awardwinner(s).
Computer Communication Review, 2009

Spamalytics: an empirical analysis of spam marketing conversion.
Commun. ACM, 2009

Detecting Forged TCP Reset Packets.
Proceedings of the Network and Distributed System Security Symposium, 2009

Spamcraft: An Inside Look At Spam Campaign Orchestration.
Proceedings of the 2nd USENIX Workshop on Large-Scale Exploits and Emergent Threats, 2009

On calibrating enterprise switch measurements.
Proceedings of the 9th ACM SIGCOMM Internet Measurement Conference, IMC 2009, Chicago, 2009

On dominant characteristics of residential broadband internet traffic.
Proceedings of the 9th ACM SIGCOMM Internet Measurement Conference, IMC 2009, Chicago, 2009

Securing Mediated Trace Access Using Black-box Permutation Analysis.
Proceedings of the Eight ACM Workshop on Hot Topics in Networks (HotNets-VIII), 2009

Automating analysis of large-scale botnet probing events.
Proceedings of the 2009 ACM Symposium on Information, 2009

2008
On the adaptive real-time detection of fast-propagating network worms.
Journal in Computer Virology, 2008

Principles for Developing Comprehensive Network Visibility.
Proceedings of the 3rd USENIX Workshop on Hot Topics in Security, 2008

Efficient and Robust TCP Stream Normalization.
Proceedings of the 2008 IEEE Symposium on Security and Privacy (S&P 2008), 2008

Predicting the resource consumption of network intrusion detection systems.
Proceedings of the 2008 ACM SIGMETRICS International Conference on Measurement and Modeling of Computer Systems, 2008

Enriching network security analysis with time travel.
Proceedings of the ACM SIGCOMM 2008 Conference on Applications, 2008

A Reactive Measurement Framework.
Proceedings of the Passive and Active Network Measurement, 9th International Conference, 2008

On the Spam Campaign Trail.
Proceedings of the First USENIX Workshop on Large-Scale Exploits and Emergent Threats, 2008

A Tool for Offline and Live Testing of Evasion Resilience in Network Intrusion Detection Systems.
Proceedings of the Detection of Intrusions and Malware, 2008

2007
Very Fast Containment of Scanning Worms, Revisited.
Proceedings of the Malware Detection, 2007

The Strengths of Weaker Identities: Opportunistic Personas.
Proceedings of the 2nd USENIX Workshop on Hot Topics in Security, 2007

The NIDS Cluster: Scalable, Stateful Network Intrusion Detection on Commodity Hardware.
Proceedings of the Recent Advances in Intrusion Detection, 10th International Symposium, 2007

A brief history of scanning.
Proceedings of the 7th ACM SIGCOMM Internet Measurement Conference, 2007

Issues and etiquette concerning use of shared measurement data.
Proceedings of the 7th ACM SIGCOMM Internet Measurement Conference, 2007

Enabling an Energy-Efficient Future Internet Through Selectively Connected End Systems.
Proceedings of the 6th ACM Workshop on Hot Topics in Networks, 2007

The shunt: an FPGA-based accelerator for network intrusion prevention.
Proceedings of the ACM/SIGDA 15th International Symposium on Field Programmable Gate Arrays, 2007

Shunting: a hardware/software architecture for flexible, high-performance network intrusion prevention.
Proceedings of the 2007 ACM Conference on Computer and Communications Security, 2007

An inquiry into the nature and causes of the wealth of internet miscreants.
Proceedings of the 2007 ACM Conference on Computer and Communications Security, 2007

2006
IAB Thoughts on the Role of the Internet Research Task Force (IRTF).
RFC, March, 2006

Observed structure of addresses in IP traffic.
IEEE/ACM Trans. Netw., 2006

Network loss tomography using striped unicast probes.
IEEE/ACM Trans. Netw., 2006

End-to-end routing behavior in the internet.
Computer Communication Review, 2006

The devil and packet trace anonymization.
Computer Communication Review, 2006

Rethinking Hardware Support for Network Analysis and Intrusion Prevention.
Proceedings of the 1st USENIX Workshop on Hot Topics in Security, 2006

Work in Progress: Bro-LAN Pervasive Network Inspection and Control for LAN Traffic.
Proceedings of the Second International Conference on Security and Privacy in Communication Networks and the Workshops, 2006

Enhancing Network Intrusion Detection with Integrated Sampling and Filtering.
Proceedings of the Recent Advances in Intrusion Detection, 9th International Symposium, 2006

Protocol-Independent Adaptive Replay of Application Dialog.
Proceedings of the Network and Distributed System Security Symposium, 2006

binpac: a yacc for writing application protocol parsers.
Proceedings of the 6th ACM SIGCOMM Internet Measurement Conference, 2006

Semi-automated discovery of application session structure.
Proceedings of the 6th ACM SIGCOMM Internet Measurement Conference, 2006

Network System Challenges in Selective Sharing and Verification for Personal, Social, and Urban-Scale Sensing Applications.
Proceedings of the 5th ACM Workshop on Hot Topics in Networks, 2006

Fighting Coordinated Attackers with Cross-Organizational Information Sharing.
Proceedings of the 5th ACM Workshop on Hot Topics in Networks, 2006

2005
Guest Editor's Introduction: 2005 IEEE Symposium on Security and Privacy.
IEEE Trans. Dependable Sec. Comput., 2005

The Network Oracle.
IEEE Data Eng. Bull., 2005

An analysis of the witty outbreak: exploiting underlying structure for detailed reconstruction of an internet-scale event.
Proceedings of the 2005 ACM Workshop on Rapid Malcode, 2005

Robust TCP Stream Reassembly in the Presence of Adversaries.
Proceedings of the 14th USENIX Security Symposium, Baltimore, MD, USA, July 31, 2005

A First Look at Modern Enterprise Traffic.
Proceedings of the 5th Internet Measurement Conference, 2005

Exploiting Underlying Structure for Detailed Reconstruction of an Internet-scale Event.
Proceedings of the 5th Internet Measurement Conference, 2005

Building a Time Machine for Efficient Recording and Retrieval of High-Volume Network Traffic.
Proceedings of the 5th Internet Measurement Conference, 2005

Enhancing the Accuracy of Network-Based Intrusion Detection with Host-Based Context.
Proceedings of the Detection of Intrusions and Malware, 2005

Exploiting Independent State For Network Intrusion Detection.
Proceedings of the 21st Annual Computer Security Applications Conference (ACSAC 2005), 2005

2004
Cyber defense technology networking and evaluation.
Commun. ACM, 2004

Preliminary results using scale-down to explore worm dynamics.
Proceedings of the 2004 ACM Workshop on Rapid Malcode, 2004

The top speed of flash worms.
Proceedings of the 2004 ACM Workshop on Rapid Malcode, 2004

Very Fast Containment of Scanning Worms.
Proceedings of the 13th USENIX Security Symposium, August 9-13, 2004, San Diego, CA, USA, 2004

Fast Portscan Detection Using Sequential Hypothesis Testing.
Proceedings of the 2004 IEEE Symposium on Security and Privacy (S&P 2004), 2004

Measuring adversaries.
Proceedings of the International Conference on Measurements and Modeling of Computer Systems, 2004

Strategies for sound internet measurement.
Proceedings of the 4th ACM SIGCOMM Internet Measurement Conference, 2004

Characteristics of internet background radiation.
Proceedings of the 4th ACM SIGCOMM Internet Measurement Conference, 2004

Worms vs. perimeters: the case for hard-LANs.
Proceedings of the 12th Annual IEEE Symposium on High Performance Interconnects, 2004

Operational experiences with high-volume network intrusion detection.
Proceedings of the 11th ACM Conference on Computer and Communications Security, 2004

2003
Inside the Slammer Worm.
IEEE Security & Privacy, 2003

A taxonomy of computer worms.
Proceedings of the 2003 ACM Workshop on Rapid Malcode, 2003

Active Mapping: Resisting NIDS Evasion without Altering Traffic.
Proceedings of the 2003 IEEE Symposium on Security and Privacy (S&P 2003), 2003

A high-level programming environment for packet trace anonymization and transformation.
Proceedings of the ACM SIGCOMM 2003 Conference on Applications, 2003

Enhancing byte-level network intrusion detection signatures with context.
Proceedings of the 10th ACM Conference on Computer and Communications Security, 2003

2002
Controlling high bandwidth aggregates in the network.
Computer Communication Review, 2002

Aggregate congestion control.
Computer Communication Review, 2002

How to Own the Internet in Your Spare Time.
Proceedings of the 11th USENIX Security Symposium, 2002

On the characteristics and origins of internet flow rates.
Proceedings of the ACM SIGCOMM 2002 Conference on Applications, 2002

Multiscale Stepping-Stone Detection: Detecting Pairs of Jittered Interactive Streams by Exploiting Maximum Tolerable Delay.
Proceedings of the Recent Advances in Intrusion Detection, 5th International Symposium, 2002

2001
Difficulties in simulating the internet.
IEEE/ACM Trans. Netw., 2001

An analysis of using reflectors for distributed denial-of-service attacks.
Computer Communication Review, 2001

On estimating end-to-end network path properties.
Computer Communication Review, 2001

Network Intrusion Detection: Evasion, Traffic Normalization, and End-to-End Protocol Semantics.
Proceedings of the 10th USENIX Security Symposium, 2001

Inferring Link Loss Using Striped Unicast Probes.
Proceedings of the Proceedings IEEE INFOCOM 2001, 2001

2000
Computing TCP's Retransmission Timer.
RFC, November, 2000

Stream Control Transmission Protocol.
RFC, October, 2000

TCP Processing of the IPv4 Precedence Field.
RFC, June, 2000

IANA Allocation Guidelines For Values In the Internet Protocol and Related Headers.
RFC, March, 2000

Detecting Stepping Stones.
Proceedings of the 9th USENIX Security Symposium, 2000

Detecting Backdoors.
Proceedings of the 9th USENIX Security Symposium, 2000

1999
TCP Congestion Control.
RFC, April, 1999

Known TCP Implementation Problems.
RFC, March, 1999

IPPM Metrics for Measuring Connectivity.
RFC, January, 1999

End-to-end internet packet dynamics.
IEEE/ACM Trans. Netw., 1999

Bro: a system for detecting network intruders in real-time.
Comput. Networks, 1999

Defending against network IDS evasion.
Proceedings of the Recent Advances in Intrusion Detection, Second International Workshop, 1999

An Architecture for a Global Internet Host Distance Estimation Service.
Proceedings of the Proceedings IEEE INFOCOM '99, 1999

1998
IETF Criteria for Evaluating Reliable Multicast Transport and Application Protocols.
RFC, June, 1998

Framework for IP Performance Metrics.
RFC, May, 1998

On Calibrating Measurements of Packet Transit Times.
Proceedings of the 1998 ACM SIGMETRICS joint international conference on Measurement and modeling of computer systems, 1998

1997
Fast, approximate synthesis of fractional Gaussian noise for generating self-similar network traffic.
Computer Communication Review, 1997

Why We Don't Know How To Simulate the Internet.
Proceedings of the 29th conference on Winter simulation, 1997

Automated Packet Trace Analysis of TCP Implementations.
Proceedings of the ACM SIGCOMM 1997 Conference on Applications, 1997

1995
Wide area traffic: the failure of Poisson modeling.
IEEE/ACM Trans. Netw., 1995

Network Traffic Measurement and Modelling (Panel).
Proceedings of the 1995 ACM SIGMETRICS joint international conference on Measurement and modeling of computer systems, 1995

1994
Empirically derived analytic models of wide-area TCP connections.
IEEE/ACM Trans. Netw., 1994

1993
Glish: A User-Level Software Bus for Loosely-Coupled Distributed Systems.
Proceedings of the Usenix Winter 1993 Technical Conference, 1993


  Loading...