Intrusion detection is an important area of research. Traditionally, the approach taken to find
attacks is to inspect the contents of every packet. However, packet inspection cannot easily …

It has long been a significant but difficult problem to identify propagation sources based on
limited knowledge of network structures and the varying states of network nodes. In practice …

Based on interviews with 28 organizations, we found that industry practitioners are not
equipped with tactical and strategic tools to protect, detect and respond to attacks on their …

Abstract Convolutional Neural Networks (CNNs) with Bilinear Pooling, initially in their full
form and later using compact representations, have yielded impressive performance gains …

We describe a new, general approach for safeguarding systems against any type of code-
injection attack. We apply Kerckhoff's principle, by creating process-specific randomized …

The development of techniques for quantitative, model-based evaluation of computer system
dependability has a long and rich history. A wide array of model-based evaluation …

A method and system of detecting a malicious and/or botnet-related domain name,
comprising: reviewing a domain name used in Domain Name System (DNS) traffic in a …

A system and method for detecting a first network of compromised computers in a second
network of computers, comprising: collecting Domain Name System (DNS) data for the …

Active worms spread in an automated fashion and can flood the Internet in a very short time.
Modeling the spread of active worms can help us understand how active worms spread, and …

Time zones play an important and unexplored role in malware epidemics. To understand
how time and location affect malware spread dynamics, we studied botnets, or large …