Home

Publications

This page contains the list of publications of our group.
Please check individual webpages for the list of publications of each member (including the papers published with previous affiliations).

2017

Extension Breakdown: Security Analysis of Browsers Extension Resources Control Policies
Iskander Sanchez-Rola, Igor Santos, Davide Balzarotti
Proceedings of the 26rd USENIX Security Symposium (USENIX Security) (acceptance rate: 16.3%)
Using chatbots against voice spam: Analyzing Lenny’s effectiveness
Merve Sahin, Marc Relieu, Aurélien Francillon
Proceedings of the Thirteenth Symposium on Usable Privacy and Security (SOUPS 2017) , Santa Clara, USA (acceptance rate: 26.5%)
A Lustrum of Malware Network Communication: Evolution and Insights
Chaz Lever, Platon Kotzias, Davide Balzarotti, Juan Caballero, Manos Antonakakis
Proceedings of the IEEE Symposium on Security and Privacy , San Jose, CA (acceptance rate: 13.3%)
Towards Automated Classification of Firmware Images and Identification of Embedded Devices
Costin, Andrei, Zarras, Apostolis, Francillon, Aurélien
32nd International Conference on ICT Systems Security and Privacy Protection (IFIP SEC 2017) , Rome, Italy (acceptance rate: 19.4%)
SoK: Fraud in Telephony Networks
Merve Sahin, Aurélien Francillon, Payas Gupta, Mustaque Ahamad
Proceedings of the 2nd IEEE European Symposium on Security and Privacy (EuroS&P'17) , Paris, France (acceptance rate: 19.6%)
Attacks Landscape in the Dark Side of the Web
Onur Catakoglu, Marco Balduzzi, Davide Balzarotti
Proceedings of the 32nd Annual ACM Symposium on Applied Computing (SAC) , Marrakech, Morocco (acceptance rate: 15.7%)
Best Paper Award
The Onions Have Eyes: A Comprehensive Structure and Privacy Analysis of Tor Hidden Services
Iskander Sanchez-Rola, Davide Balzarotti, Igor Santos
26th International World Wide Web Conference (WWW) , Perth, Australia (acceptance rate: 17.0%)

2016

Over-The-Top Bypass: Study of a Recent Telephony Fraud
Merve Sahin, Aurélien Francillon
Proceedings of the 23rd ACM conference on Computer and communications security (CCS) , Vienna, Austria (acceptance rate: 16.4%)
PhishEye: Live Monitoring of Sandboxed Phishing Kits
Xiao Han, Nizar Kheir, Davide Balzarotti
Proceedings of the 23rd ACM conference on Computer and communications security (CCS) , Vienna, Austria (acceptance rate: 16.4%)
Best European Student Paper Award
Taming Transactions: Towards Hardware-Assisted Control Flow Integrity Using Transactional Memory
Marius Muench, Fabio Pagani, Yan Shoshitaishvili, Christopher Kruegel, Giovanni Vigna, Davide Balzarotti
Symposium on Research in Attacks, Intrusion, and Defenses (RAID) , Paris (acceptance rate: 25.9%)
Uses and Abuses of Server-Side Requests
Giancarlo Pellegrino, Onur Catakoglu, Davide Balzarotti, Christian Rossow
Symposium on Research in Attacks, Intrusion, and Defenses (RAID) , Paris (acceptance rate: 25.9%)
Micro-Virtualization Memory Tracing to Detect and Prevent Spraying Attacks
Stefano Cristalli, Mattia Pagnozzi, Mariano Graziano, Andrea Lanzi, Davide Balzarotti
Proceedings of the 25rd USENIX Security Symposium (USENIX Security) (acceptance rate: 15.6%)
Google Dorks: Analysis, Creation, and new Defenses
Flavio Toffalini, Maurizio Abba, Damiano Carra, Davide Balzarotti
Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA) , San Sebastian, Spain (acceptance rate: 31.8%)
Subverting Operating System Properties through Evolutionary DKOM Attacks
Mariano Graziano, Lorenzo Flore, Andrea Lanzi, Davide Balzarotti
Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA) , San Sebastian, Spain (acceptance rate: 31.8%)
RAMBO: Run-time packer Analysis with Multiple Branch Observation
Xabier Ugarte-Pedrero, Davide Balzarotti, Igor Santos, Pablo G. Bringas
Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA) , San Sebastian, Spain (acceptance rate: 31.8%)
Measuring the Role of Greylisting and Nolisting in Fighting Spam
F. Pagani, M. De Astis, M. Graziano, A. Lanzi, D. Balzarotti
International Conference on Dependable Systems and Networks (DSN) , Toulouse, France (acceptance rate: 20.5%)
ROPMEMU: A Framework for the Analysis of Complex Code-Reuse Attacks
Mariano Graziano, Davide Balzarotti, Alain Zidouemba
Proceedings of the ACM Symposium on Information, Computer and Communications Security (ASIACCS) , Xi'an, China (acceptance rate: 20.9%)
Automated Dynamic Firmware Analysis at Scale: A Case Study on Embedded Web Interfaces
Costin, Andrei, Zarras, Apostolis, Francillon, Aurélien
11th ACM Asia Conference on Computer and Communications Security (AsiaCCS) , Xidian, China (acceptance rate: 20.9%)
Automatic Extraction of Indicators of Compromise for Web Applications
Onur Catakoglu, Marco Balduzzi, Davide Balzarotti
25th International World Wide Web Conference (WWW) , Montreal, Canada (acceptance rate: 22.0%)
Trust, But Verify: Why and how to establish trust in embedded devices (invited paper)
Aurélien Francillon
Proceedings of Design, Automation and Test in Europe (DATE), Dresden, Germany
SMASHUP: a toolchain for unified verification of hardware/software co-designs
Lugou, Florian, Apvrille, Ludovic, Francillon, Aurelien
Journal of Cryptographic Engineering

2015

PIE: Parser Identification in Embedded Systems
Lucian Cojocar, Jonas Zaddach, Roel Verdult, Herbert Bos, Aurelien Francillon, Davide Balzarotti
Annual Computer Security Applications Conference (ACSAC) (acceptance rate: 24.4%)
Automated Dynamic Firmware Analysis at Scale: A Case Study on Embedded Web Interfaces
Andrei Costin, Apostolis Zarras, Aurelien Francillon
ArXiv e-prints
Reverse Engineering Intel Last-Level Cache Complex Addressing Using Performance Counters
Clémentine Maurice, Le Scouarnec, Nicolas, Christoph Neumann, Olivier Heen, Aurélien Francillon
Proceedings of the 18th International Symposium on Research in Attacks, Intrusions and Defenses (RAID'15)
Toward a methodology for unified verication of hardware/software co-designs
Florian Lugou, Ludovic Apvrille, Aurélien Francillon
PROOFS 2015, Security Proofs for Embedded Systems, 17 September 2015, Saint-Malo, France, Springer , Saint-Malo, FRANCE
Large Scale Security Analysis of Embedded Devices' Firmware
Costin, Andrei
All your cluster-grids are belong to us: Monitoring the (in)security of infrastructure monitoring systems
Andrei Costin
1st Workshop on Security and Privacy in the Cloud (SPC) of the 2015 IEEE Conference on Communications and Network Security (CNS) (acceptance rate: 27.3%)
Needles in a Haystack: Mining Information from Public Dynamic Analysis Sandboxes for Malware Intelligence
Mariano Graziano, Davide Canali, Leyla Bilge, Andrea Lanzi, Davide Balzarotti
Proceedings of the 24rd USENIX Security Symposium (USENIX Security) (acceptance rate: 15.7%)
In the Compression Hornet's Nest: A Security Study of Data Compression in Network Services
Giancarlo Pellegrino, Davide Balzarotti, Stefan Winter, Neeraj Suri
Proceedings of the 24rd USENIX Security Symposium (USENIX Security) (acceptance rate: 15.7%)
The Impact of GPU-Assisted Malware on Memory Forensics: A Case Study
Antonio Villani, Davide Balzarotti, Roberto di Pietro
Annual Digital Forensics Research Conference (DFRWS) , Philadelphia, USA (acceptance rate: 34.8%)
The Role of Cloud Services in Malicious Software: Trends and Insights
Xiao Han, Nizar Kheir, Davide Balzarotti
Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA) , Milan, Italy (acceptance rate: 22.7%)
Cutting the Gordian Knot: A Look Under the Hood of Ransomware Attacks
Amin Kharraz, William Robertson, Davide Balzarotti, Leyla Bilge, Engin Kirda
Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA) , Milan, Italy (acceptance rate: 22.7%)
C5: Cross-Cores Cache Covert Channel
Clémentine Maurice, Christoph Neumann, Olivier Heen, Aurélien Francillon
Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA) , Milan, Italy (acceptance rate: 22.7%)
Best Paper Award
[SoK] Deep Packer Inspection: A Longitudinal Study of the Complexity of Run-Time Packers
Xabier Ugarte-Pedrero, Davide Balzarotti, Igor Santos, Pablo G. Bringas
Proceedings of the IEEE Symposium on Security and Privacy , San Jose, CA (acceptance rate: 13.8%)
Hypervisor-based Malware Protection with AccessMiner
Aristide Fattori, Andrea Lanzi, Davide Balzarotti, Engin Kirda
Computers {\&} Security

2014

Resource monitoring for the detection of parasite P2P botnets
Rafael Rodríguez-Gómez, Gabriel Maciá-Fernández, Pedro García-Teodoro, Moritz Steiner, Davide Balzarotti
Journal of Computer Networks
Through the Looking-Glass, and What Eve Found There
Luca Bruno, Mariano Graziano, Davide Balzarotti, Aurélien Francillon
8th USENIX Workshop on Offensive Technologies (WOOT 14) (acceptance rate: 48.6%)
A Large Scale Analysis of the Security of Embedded Firmwares
Andrei Costin, Jonas Zaddach, Aurélien Francillon, Davide Balzarotti
Proceedings of the 23rd USENIX Security Symposium (USENIX Security) (acceptance rate: 19.0%)
Short Paper: WifiLeaks: Underestimated Privacy Implications of the ACCESS_WIFI_STATE Android Permission
Jagdish Prasad Achara, Mathieu Cunche, Vincent Roca, Aurélien Francillon
Proceedings of the ACM Conference on Security and Privacy in Wireless and Mobile Networks (ACM WiSec) (acceptance rate: 26.0%)
Short Paper: A Dangerous 'Pyrotechnic Composition': Fireworks, Embedded Wireless and Insecurity-by-Design
Andrei Costin, Aurélien Francillon
Proceedings of the ACM Conference on Security and Privacy in Wireless and Mobile Networks (ACM WiSec) (acceptance rate: 26.0%)
Shades of Grey: A Closer Look at Emails in the Gray Area
Jelena Isacenkova, Davide Balzarotti
Proceedings of the ACM Symposium on Information, Computer and Communications Security (ASIACCS) , Kyoto, Japan (acceptance rate: 20.0%)
Optical Delusions: A Study of Malicious QR Codes in the Wild
Amin Kharraz, Engin Kirda, William Robertson, Davide Balzarotti, Aurelien Francillon
Proceedings of the IEEE/IFIP International Conference on Dependable Systems and Networks (DSN) , Atlanta, GA USA (acceptance rate: 21.8%)
On the Feasibility of Software Attacks on Commodity Virtual Machine Monitors via Direct Device Assignment
Gabor Pek, Andrea Lanzi, Abhinav Srivastava, Davide Balzarotti, Aurélien Francillon, Christoph Neumann
Proceedings of the ACM Symposium on Information, Computer and Communications Security (ASIACCS) , Kyoto, Japan (acceptance rate: 20.0%)
On The Effectiveness of Risk Prediction Based on Users Browsing Behavior
Davide Canali, Leyla Bilge, Davide Balzarotti
Proceedings of the ACM Symposium on Information, Computer and Communications Security (ASIACCS) , Kyoto, Japan (acceptance rate: 20.0%)
Microcomputations As Micropayments in Web-based Services
Ghassan O. Karame, Aurélien Francillon, Victor Budilivschi, Srdjan Capkun, Vedran Capkun
ACM Trans. Internet Technol. (ACM TOIT) , New York, NY, USA
EXPOSURE: a Passive DNS Analysis Service to Detect and Report Malicious Domains
Leyla Bilge, Sevil Sen, Davide Balzarotti, Engin Kirda, Christopher Kruegel
ACM Transactions on Information and System Security (TISSEC)
Confidentiality Issues on a GPU in a Virtualized Environment
Clémentine Maurice, Christoph Neumann, Olivier Heen, Aurélien Francillon
Proceedings of the Eighteenth International Conference on Financial Cryptography and Data Security (FC'14) , Barbados (acceptance rate: 22.5%)
A Minimalist Approach to Remote Attestation
Aurelien Francillon, Quan Nguyen, Kasper B. Rasmussen, Gene Tsudik
Proceedings of Design, Automation and Test in Europe (DATE), Dresden, Germany
Avatar: A Framework to Support Dynamic Security Analysis of Embedded Systems' Firmwares
Jonas Zaddach, Luca Bruno, Aurelien Francillon, Davide Balzarotti
Network and Distributed System Security (NDSS) Symposium , San Diego (USA) (acceptance rate: 18.6%)
Toward Black-Box Detection of Logic Flaws in Web Applications
Giancarlo Pellegrino, Davide Balzarotti
Network and Distributed System Security (NDSS) Symposium , San Diego (USA) (acceptance rate: 18.6%)
Inside the SCAM Jungle: A Closer Look at 419 Scam Email Operations
Jelena Isacenkova, Olivier Thonnard, Andrei Costin, Aurelien Francillon, Davide Balzarotti
EURASIP Journal on Information Security

2013

Implementation and Implications of a Stealth Hard-Drive Backdoor
Jonas Zaddach, Anil Kurmus, Davide Balzarotti, Erik Olivier Blass, Aurelien Francillon, Travis Goodspeed, Moitrayee Gupta, Ioannis Koltsidas
Proceedings of the 29th Annual Computer Security Applications Conference (ACSAC) , New Orleans (acceptance rate: 19.0%)
Best Student Paper Award
Hypervisor Memory Forensics
Mariano Graziano, Andrea Lanzi, Davide Balzarotti
Symposium on Research in Attacks, Intrusion, and Defenses (RAID) , Saint Lucia (acceptance rate: 22.9%)
Winner of the 2013 Annual Volatility Framework Plugin Contest!
The Role of Phone Numbers in Understanding Cyber-Crime Schemes
Andrei Costin, Jelena Isachenkova, Marco Balduzzi, Aurelien Francillon, Davide Balzarotti
Annual Conference on Privacy, Security, and Trust (PST) , Terragona, Spain (acceptance rate: 29.0%)
Improving 802.11 Fingerprinting of Similar Devices by Cooperative Fingerprinting
Clémentine Maurice, Stephane Onno, Christoph Neumann, Olivier Heen, Aurelien Francillon
Proceedings of the 2013 International Conference on Security and Cryptography (SECRYPT'13) , Reykjavik, Iceland
PeerRush: Mining the Unwanted P2P Traffic
Babak Rahbarinia, Roberto Perdisci, Andrea Lanzi, and Kang Li,
Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA) , Berlin, Germany (acceptance rate: 31.6%)
Best Paper Award
The Role of Web Hosting Providers in Detecting Compromised Websites
Davide Canali, Davide Balzarotti, Aurelien Francillon
22th International World Wide Web Conference (WWW) , Rio de Janeiro, Brazil (acceptance rate: 15.0%)
Best Paper Nominee
Inside the SCAM Jungle: A Closer Look at 419 Scam Email Operations
Jelena Isacenkova, Olivier Thonnard, Andrei Costin, Davide Balzarotti, Aurelien Francillon
Proceedings of the International Workshop on Cyber Crime (co-located with S&P) , San Francisco, CA
Behind the Scenes of Online Attacks: an Analysis of Exploitation Behaviors on the Web
Davide Canali, Davide Balzarotti
Proceedings of the 20th Annual Network and Distributed System Security Symposium (NDSS) , San Diego, CA (acceptance rate: 18.8%)
Embedded Devices Security and Firmware Reverse Engineering
Jonas Zaddach, Andrei Costin
BlackHat USA
An authentication flaw in browser-based Single Sign-On protocols: Impact and remediations
Alessandro Armando, Roberto Carbone, Luca Compagna, Jorge Cuellar, Giancarlo Pellegrino, Alessandro Sorniotti
Computers {\&} Security

2012

Analysis of the communication between colluding applications on modern smartphones
Claudio Marforio, Hubert Ritzdorf, Aurélien Francillon, Srdjan Capkun
Proceedings of the 28th Annual Computer Security Applications Conference (ACSAC) , Orlando (acceptance rate: 19.0%)
Enabling trusted scheduling in embedded systems
Ramya Jayaram Masti, Claudio Marforio, Aanjhan Ranganathan, Aurélien Francillon, Srdjan Capkun
Proceedings of the 28th Annual Computer Security Applications Conference (ACSAC) , Orlando (acceptance rate: 19.0%)
Disclosure: detecting botnet command and control servers through large-scale NetFlow analysis
Leyla Bilge, Davide Balzarotti, William Robertson, Engin Kirda, Christopher Kruegel
Proceedings of the 28th Annual Computer Security Applications Conference (ACSAC) , Orlando, FL (acceptance rate: 19.0%)
Towards network containment in malware analysis systems
Mariano Graziano, Corrado Leita, Davide Balzarotti
Proceedings of the 28th Annual Computer Security Applications Conference (ACSAC) , Orlando, FL (acceptance rate: 19.0%)
A quantitative study of accuracy in system call-based malware detection
Davide Canali, Andrea Lanzi, Davide Balzarotti, Christopher Kruegel, Mihai Christodorescu, Engin Kirda
Proceedings of the 2012 International Symposium on Software Testing and Analysis (ISSTA) , Minneapolis, MN (acceptance rate: 28.7%)
Preventing Input Validation Vulnerabilities in Web Applications through Automated Type Analysis
Theodoor Scholte, William Robertson, Davide Balzarotti, Engin Kirda
36th Computer Software and Applications Conference (COMPSAC) , Izmir, Turkey (acceptance rate: 18.0%)
Have things changed now? An empirical study on input validation vulnerabilities in web applications
Theodoor Scholte, Davide Balzarotti, Engin Kirda
Journal on Computers & Security
From model-checking to automated testing of security protocols: Bridging the gap
Alessandro Armando, Giancarlo Pellegrino, Roberto Carbone, Alessio Merlo, Davide Balzarotti
6th International Conference on Tests and Proofs (TAP) , Prague, Czech Republic
A security analysis of amazon's elastic compute cloud service
Marco Balduzzi, Jonas Zaddach, Davide Balzarotti, Engin Kirda, Sergio Loureiro
Proceedings of the 27th Annual ACM Symposium on Applied Computing (SAC) , Trento, Italy (acceptance rate: 24.0%)
An empirical analysis of input validation mechanisms in web applications and languages
Theodoor Scholte, William Robertson, Davide Balzarotti, Engin Kirda
Proceedings of the 27th Annual ACM Symposium on Applied Computing (SAC) , Trento, Italy (acceptance rate: 24.0%)
Insights into user behavior in dealing with internet attacks
Kaan Onarlioglu, U Ozan Yilmaz, Davide Balzarotti, Engin Kirda
19th Annual Network and Distributed System Security Symposium (NDSS) , San Diego, CA (acceptance rate: 17.8%)
Ghost in the Air (Traffic): On insecurity of ADS-B protocol and practical attacks on ADS-B devices
Andrei Costin, Aurélien Francillon
Black Hat USA
Physical-Layer Attacks on Chirp-based Ranging Systems
Ranganathan, Aanjhan, Danev, Boris, Francillon, Aurélien, Capkun, Srdjan
Proceedings of the ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec)
SMART: Secure and Minimal Architecture for (Establishing a Dynamic) Root of Trust
Karim El Defrawy, Aurelien Francillon, Daniele Perito, Gene Tsudik
Proceedings of the Network and Distributed System Security Symposium (NDSS), San Diego

2011

Measurement and evaluation of a real world deployment of a challenge-response spam filter
Jelena Isacenkova, Davide Balzarotti
Proceedings of the 2011 ACM SIGCOMM conference on Internet Measurement Conference (IMC) , Berlin (acceptance rate: 19.1%)
Operating System Interface Obfuscation and the Revealing of Hidden Operations
Abhinav Srivastava, Andrea Lanzi, Jonathon Giffin, Davide Balzarotti
Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA) , Amsterdam, The Netherlands (acceptance rate: 31.7%)
Reverse Social Engineering Attacks in Online Social Networks
Danesh Irani, Marco Balduzzi, Davide Balzarotti, Engin Kirda, C. Pu
Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA) , Amsterdam, The Netherlands (acceptance rate: 31.7%)
Thwarting Real-Time Dynamic Unpacking
Leyla Bilge, Andrea Lanzi, Davide Balzarotti
Proceedings of the Fourth European Workshop on System Security (EUROSEC)
Prophiler: a Fast Filter for the Large-Scale Detection of Malicious Web Pages
Davide Canali, Marco Cova, Giovanni Vigna, Christopher Kruegel
20th International World Wide Web Conference (WWW) , Hyderabad, India (acceptance rate: 12.3%)
Exposing the lack of privacy in file hosting services
Nick Nikiforakis, Marco Balduzzi, S. Van Acker, W. Joosen, Davide Balzarotti
Proceedings of the 4th USENIX conference on Large-scale exploits and emergent threats (LEET)
Quo Vadis? A Study of the Evolution of Input Validation Vulnerabilities in Web Applications
Theodor Scholte, Davide Balzarotti, Engin Kirda
Proceedings of the Fifteenth International Conference on Financial Crypto (FC) , St. Lucia (acceptance rate: 20.3%)
Automated discovery of parameter pollution vulnerabilities in web applications
Marco Balduzzi, Carment T. Gimenez, Davide Balzarotti, Engin Kirda
Proceedings of the 18th Network and Distributed System Security Symposium (NDSS) , San Diego, CA (acceptance rate: 20.1%)
Distinguished Paper Award
A Summary of Two Practical Attacks Against Social Networks
Leyla Bilge, Marco Balduzzi, Davide Balzarotti, Engin Kirda
Trustworthy Internet (Book Chapter)
Automatic Security Analysis of SAML-based Single Sign-On Protocols
Alessandro Armando, Roberto Carbone, Luca Compagna, Giancarlo Pellegrino
Digital Identity and Access Management: Technologies and Framework
EphPub: Toward Robust Ephemeral Publishing
Castelluccia, Claude, De Cristofaro, Emiliano, Francillon, Aurélien, Kaafar, Mohamed Ali
Proceedings of the IEEE International Conference on Network Protocols (ICNP)

2010

G-Free: defeating return-oriented programming through gadget-less binaries
Kaan Onarlioglu, Leyla Bilge, Andrea Lanzi, Davide Balzarotti, Engin Kirda
Proceedings of the 26th Annual Computer Security Applications Conference (ACSAC) , Austin, Texas (acceptance rate: 16.3%)
AccessMiner: using system-centric models for malware protection
Andrea Lanzi, Davide Balzarotti, Christopher Kruegel, Mihai Christodorescu, Engin Kirda
Proceedings of the 17th ACM conference on Computer and communications security (CCS) , Chicago, Illinois, USA (acceptance rate: 17.2%)
Abusing Social Networks for Automated User Profiling
Marco Balduzzi, Christian Platzer, Thorsten Holz, Engin Kirda, Davide Balzarotti, Christopher Kruegel
Proceedings of the Internation Symposium on Recent Advances in Intrusion Detection (RAID) , Ottawa, Canada (acceptance rate: 23.1%)
Honeybot, Your Man in the Middle for Automated Social Engineering
Tobias Lauinger, Veikko Pankakoski, Davide Balzarotti, Engin Kirda
Proceedings of the 3rd USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET) , San Jose, CA (acceptance rate: 31.4%)
A Solution for the Automated Detection of Clickjacking Attacks
Marco Balduzzi, Manuel Egele, Engin Kirda, Davide Balzarotti, Christopher Kruegel
Proceedings of the ACM Symposium on Information, Computer and Communications Security (ASIACCS) , Beijing, China (acceptance rate: 15.0%)
Efficient Detection of Split Personalities in Malware
Davide Balzarotti, Marco Cova, Christoph Karlberger, Christopher Kruegel, Engin Kirda, Giovanni Vigna
Proceedings of the Network and Distributed System Security Symposium (NDSS) , San Diego, CA (acceptance rate: 15.4%)

2009

A view on current malware behaviors
Ulrich Bayer, Imam Habibi, Davide Balzarotti, Engin Kirda, Christopher Kruegel
USENIX workshop on large-scale exploits and emergent threats (LEET) , Boston, MA (acceptance rate: 40.9%)
All Your Contacts Are Belong to Us: Automated Identity Theft Attacks on Social Networks
Leyla Bilge, Thorsten Strufe, Davide Balzarotti, Engin Kirda
20th International World Wide Web Conference (WWW) , Madrid, Spain (acceptance rate: 11.7%)