Juice: A Longitudinal Study of an SEO Campaign, David Wang, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the Network and Distributed System Security Symposium (NDSS), San Diego, CA, February 2013.

Taster's Choice: A Comparative Analysis of Spam Feeds, Andreas Pitsillidis, Chris Kanich, Geoffrey M. Voelker, Kirill Levchenko, and Stefan Savage, Proceedings of the ACM Internet Measurement Conference, Boston, MA, November 2012.

Priceless: The Role of Payments in Abuse-advertised Goods, Damon McCoy, Hitesh Dharmdasani, Christian Kreibich, Geoffrey M. Voelker, and Stefan Savage, Proceedings of the ACM Conference on Computer and Communications Security, Raleigh, NC, October 2012.

Manufacturing Compromise: The Emergence of Exploit-as-a-Service, Chris Grier, Lucas Ballard, Juan Caballero, Neha Chachra, Christian J. Dietrich, Kirill Levchenko, Panayiotis Mavrommatis, Damon McCoy, Antonio Nappa, Andreas Pitsillidis, Niels Provos, M. Zubair Rafique, Moheeb Abu Rajab, Christian Rossow, Kurt Thomas, Vern Paxson, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the ACM Conference on Computer and Communications Security, Raleigh, NC, October 2012.

PharmaLeaks: Understanding the Business of Online Pharmaceutical Affiliate Programs, Damon McCoy, Andreas Pitsillidis, Grant Jordan, Nicholas Weaver, Christian Kreibich, Brian Krebs, Geoffrey M. Voelker, Stefan Savage, and Kirill Levchenko, Proceedings of the USENIX Security Symposium, Bellevue, WA, August 2012.

When Good Services Go Wild: Reassembling Web Services for Unintended Purposes, Feng Lu, Jiaqi Zhang, and Stefan Savage, Proceedings of the USENIX Workshop on Hot Topics in Security, Bellevue, WA, August 2012.

Economic Analysis of Cybercrime in Crowdsourced Labor Markets, Vaibhav Garg, Chris Kanich, and L. Jean Camp, Proceedings of the Workshop on the Economics of Information Security (WEIS), Berlin, Germany, June 2012.

Measuring the Cost of Cybercrime, Ross Anderson, Chris Barton, Rainer Boehme, Richard Clayton, Michel J.G. van Eeten, Michael Levi, Tyler Moore, and Stefan Savage, Proceedings of the Workshop on the Economics of Information Security (WEIS), Berlin, Germany, June 2012.

Prudent Practices for Designing Malware Experiments: Status Quo and Outlook, Christian Rossow, Christian J. Dietrich, Christian Kreibich, Chris Grier, Vern Paxson, Norbert Pohlmann, Herbert Bos, and Maarten van Steen, Proceedings of the IEEE Symposium on Security and Privacy, May 2012.

Adapting Social Spam Infrastructure for Political Censorship, Kurt Thomas, Chris Grier, and Vern Paxson, Proceedings of the USENIX Workshop on Large-scale Exploits and Emergent Threats (LEET), April 2012.

Return-Oriented Programming: Systems, Languages and Applications, Ryan Roemer, Erik Buchanan, Hovav Shacham, and Stefan Savage, ACM Transactions on Information and System Security 15(1), March 2012.

The BIZ Top-Level Domain: Ten Years Later, Tristan Halvorson, Janos Szurdi, Gregor Maier, Mark Felegyhazi, Christian Kreibich, Nicholas Weaver, Kirill Levchenko, and Vern Paxson, Proceedings of the Passive and Active Measurement Workshop, Vienna, Austria, March 2012.

Applying Ethical Principles to Information and Communication Technology Research: A Companion to the Department of Homeland Security Menlo Report, Erin Kenneally, Co-Leader & Author, U.S. Department of Homeland Working Group on Ethics in Computer Security Research, January 2012.

An Analysis of Underground Forums, Marti Motoyama, Damon McCoy, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the ACM Internet Measurement Conference, Berlin, CA, November 2011.

Suspended Accounts in Retrospect: An Analysis of Twitter Spam, Kurt Thomas, Chris Grier, Vern Paxson, and Dawn Song, Proceedings of the ACM Internet Measurement Conference, Berlin, CA, November 2011.

Practical Containment for Measuring Modern Malware Systems, Christian Kreibich, Nicholas Weaver, Chris Kanich, Wedong Cui, and Vern Paxson, Proceedings of the ACM Internet Measurement Conference, Berlin, CA, November 2011.

Topic Modeling of Freelance Job Postings to Monitor Web Service Abuse, Do-kyum Kim, Marti Motoyama, Geoffrey M. Voelker, and Lawrence K. Saul, Proceedings of the ACM Workshop on Artificial Intelligence and Security (AISEC), Chicago, IL, October 2011.

Judging a site by its content: learning the textual, structural, and visual features of malicious Web pages, Sushma Nagesh Bannur, Lawrence K. Saul, and Stefan Savage, Proceedings of the ACM Workshop on Artificial Intelligence and Security (AISEC), Chicago, IL, October 2011.

Cloak and Dagger: Dynamics of Web Search Cloaking, David Wang, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the ACM Conference on Computer and Communications Security, Chicago, IL, October 2011.

Putting Out a HIT: Crowdsourcing Malware Installs, Chris Kanich, Stephen Checkoway, and Keaton Mowery, Proceedings of Workshop On Offensive Technologies (WOOT), August 2011.

The Menlo Report: Ethical Principles Guiding Information and Communication Technology Research, Erin Kenneally, Co-Leader & Author, U.S. Department of Homeland Working Group on Ethics in Computer Security Research, September 2011.

No Plan Survives Contact: Experience with Cybercrime Measurement, Chris Kanich, Neha Chachra, Damon McCoy, Chris Grier, David Wang, Marti Motoyama, Kirill Levchenko, Stefan Savage, and Geoffrey M. Voelker, Proceedings of Workshop on Cyber Security Experimentation and Test (CSET), August 2011.

Measuring Pay-per-Install: The Commoditization of Malware Distribution, Juan Caballero, Chris Grier, Christian Kreibich, and Vern Paxson, Proceedings of the USENIX Security Symposium, San Francisco, CA, August 2011.

Show Me the Money: Characterizing Spam-advertised Revenue, Chris Kanich, Nicholas Weaver, Damon McCoy, Tristan Halvorson, Christian Kreibich, Kirill Levchenko, Vern Paxson, Geoffrey M. Voelker, and Stefan Savage, Proceedings of the USENIX Security Symposium, San Francisco, CA, August 2011.

Dirty Jobs: The Role of Freelance Labor in Web Service Abuse, Marti Motoyama, Damon McCoy, Kirill Levchenko, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the USENIX Security Symposium, San Francisco, CA, August 2011.

Redirecting DNS for Ads and Profit, Nicholas Weaver, Christian Kreibich, and Vern Paxson, Proceedings of the USENIX Workshop on Free and Open Communications on the Internet (FOCI), August 2011.

Interview with Stefan Savage: On the Spam Payment Trail, Rik Farrow and Stefan Savage, USENIX ;login: 36(4):7-20, August 2011.

What's Clicking What? Techniques and Innovations of Today's Clickbots, Brad Miller, Paul Pearce, Chris Grier, Christian Kreibich, and Vern Paxson, Proceedings of the Eighth Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), July 2011.

An Assessment of Overt Malicious Activity Manifest in Residential Networks, Gregor Maier, Anja Feldmann, Vern Paxson, Robin Sommer, and Matthias Vallentin, Proceedings of the Eighth Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), July 2011.

Privacy-preserving Network Forensics, Mikhail Afanasyev, Tadayoshi Kohno, Justin Ma, Nick Murphy, Stefan Savage, Alex C. Snoeren, and Geoffrey M. Voelker, Communications of the Association for Computing Machinery, June 2011.

Click Trajectories: End-to-End Analysis of the Spam Value Chain, Kirill Levchenko, Andreas Pitsillidis, Neha Chachra, Brandon Enright, Márk Félegyházi, Chris Grier, Tristan Halvorson, Chris Kanich, Christian Kreibich, He Liu, Damon McCoy, Nicholas Weaver, Vern Paxson, Geoffrey M. Voelker, and Stefan Savage, Proceedings of the IEEE Symposium and Security and Privacy, May 2011, pages 431-446.

Design and Evaluation of a Real-Time URL Spam Filtering Service, Kurt Thomas, Chri Grier, Justin Ma, Vern Paxson, and Dawn Song, Proceedings of the IEEE Symposium and Security and Privacy, May 2011.

Dissemination in Opportunistic Mobile Ad-hoc Networks: the Power of the Crowd, Gjergji Zyba, Geoffrey M. Voelker, Stratis Ioannidis, and Christophe Diot, Proceedings of the IEEE Infocom Conference, Shanghai, China, April 2011, pages 1179-1187.

Learning to Detect Malicious URLs, Justin Ma, Lawrence K Saul, Stefan Savage, and Geoffrey M Voelker, ACM Transactions on Intelligent Systems and Technology (TIST) 2(3):30:1-30:24, April 2011.

On the Effects of Registrar-level Intervention, He Liu, Kirill Levchenko, Márk Félegyházi, Christian Kreibich, Gregor Maier, Geoffrey M. Voelker, and Stefan Savage, Proceedings of the USENIX Workshop on Large-scale Exploits and Emergent Threats (LEET), Boston, MA, March 2011, pages 1-8.

Detecting and Analyzing Automated Activity on Twitter, Chao Michael Zhang and Vern Paxson, Proceedings of the Passive & Active Measurement, March 2011.

Got Traffic? An Evaluation of Click Traffic Providers, Qing Zhang, Thomas Ristenpart, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the WICOM/AIRWeb Workshop on Web Quality (WebQuality), Hyderabad, India, March 2011, pages 19-26.

Proximax: Fighting Censorship with an Adaptive System for Distribution of Open Proxies, Kirill Levchenko, Jose Andre Morales, and Damon McCoy, Proceedings of the International Conference on Financial Cryptography and Data Security, St Lucia, February 2011.

Moving Forward, Building An Ethics Community (Panel Statements), Erin Kenneally, Angelos Stavrou, John McHugh, and Nicolas Christin, Proceedings of the Workshop on Ethics in Computer Security Research (WECSR'11), February 2011.

Can Network Science Help Re-Write The Privacy Playbook?, Erin Kenneally, Information Security and Privacy Journal, American Bar Association Information Security Committee 1:21-31, Fall 2010.

Using Network Science to Understand and Apply Privacy Controls, Erin Kenneally, Proceedings of the W3C Workshop on Privacy and Data Usage Control, October 2010.

Towards Situational Awareness of Large-scale Botnet Probing Events, Zhichun Li, Anup Goyal, Yan Chen, and Vern Paxson, IEEE Transactions on Information Forensics and Security 5(4), October 2010.

Employing Honeynets For Network Situational Awareness, Paul Barford, Yan Chen, Anup Goyal, Zhichun Li, Vern Paxson, and Vinod Yegneswaran, In Cyber Situational Awareness: Issues and Research. Sushil Jajodia and Peng Liu and Vipin Swarup and Cliff Wang, editor. Springer, 2010.

Re: CAPTCHAs -- Understanding CAPTCHA-Solving from an Economic Context, Marti Motoyama, Kirill Levchenko, Chris Kanich, Damon McCoy, Geoffrey M. Voelker, and Stefan Savage, Proceedings of the USENIX Security Symposium, Washington, D.C., August 2010.

Dialing Privacy and Utility: A Proposed Data-Sharing Framework to Advance Internet Research, Erin E. Kenneally and Kimberly Claffy, IEEE Security and Privacy 8(4):31-39, July 2010.

Beyond Heuristics: Learning to Classify Vulnerabilities and Predict Exploits, Mehran Bozorgi, Lawrence K. Saul, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the ACM SIGKDD Conference, Washington D.C., July 2010.

SecondLife: a Social Network of Humans and Bots, Matteo Varvello and Geoffrey M. Voelker, Proceedings of the ACM International Workshop on Network and Operating Systems Support for Digital Audio and Video (NOSSDAV), Amsterdam, the Netherlands, June 2010.

Measuring Online Service Availability Using Twitter, Marti Motoyama, Brendan Meeder, Kirill Levchenko, Stefan Savage, and Geoffrey M. Voelker, Proceedings of ACM Workshop on Online Social Networks (WOSN), Boston, MA, June 2010.

Outside the Closed World: On Using Machine Learning For Network Intrusion Detection, Robin Sommer and Vern Paxson, Proceedings of the IEEE Symposium and Security and Privacy, Oakland, CA, May 2010.

Exploiting Feature Covariance in High-Dimensional Online Learning, Justin Ma, Alex Kulesza, Mark Dredze, Koby Crammer, Lawrence K. Saul, and Fernando Pereira, Proceedings of the International Conference on Artificial Intelligence and Statistics (AISTATS), Sardinia, Italy, May 2010.

Insights from the Inside: A View of Botnet Management from Infiltration, Chia Yuan Cho, Juan Caballero, Chris Grier, Vern Paxson, and Dawn Song, Proceedings of the 3rd USENIX Workshop on Large-Scale Exploits and Emergent Threats, San Jose, CA, April 2010.

On the Potential of Proactive Domain Blacklisting, M. Felegyhazi and C. Kreibich and V. Paxson, Proceedings of the 3rd USENIX Workshop on Large-Scale Exploits and Emergent Threats, San Jose, CA, April 2010.

Botnet Judo: Fighting Spam with Itself, Andreas Pitsillidis, Kirill Levchenko, Christian Kreibich, Chris Kanich, Geoffrey M. Voelker, Vern Paxson, Nicholas Weaver, and Stefan Savage, Proceedings of the Network and Diestributed System Security Symposium (NDSS), San Diego, CA, February 2010.

A Framework for Understanding and Applying Ethical Principles in Network and Security Research, Erin Kenneally, Michael Bailey, and Douglas Maughan, Proceedings of the Workshop on Ethics in Computer Security Research (WECSR 2010), Canary Islands, Spain, January 2010.

An Internet Sharing Framework for Balancing Privacy and Utility, Erin E. Kenneally and kc claffy, Proceedings of Engaging Data: First International Forum on the Application and Management of Personal Electronic Information, October 2009.

Dispatcher: Enabling Active Botnet Infiltration using Automatic Protocol Reverse-Engineering, Juan Caballero, Pongsin Poosankam, Christian Kreibich, and Dawn Song, Proceedings of the ACM Conference on Computer and Communications Security, Chicago, IL, November 2009.

Hey, You, Get Off of My Cloud: Exploring Information Leakage in Third-Party Compute Clouds, Thomas Ristenpart, Eran Tromer, Hovav Shacham, and Stefan Savage, Proceedings of the ACM Conference on Computer and Communications Security, Chicago, IL, November 2009.

Spamalytics: An Empirical Analysis of Spam Marketing Conversion, Chris Kanich, Christian Kreibich, Kirill Levchenko, Brandon Enright, Geoffrey M. Voelker, Vern Paxson, and Stefan Savage, Communications of the Association for Computing Machinery 52(9):99-107, September 2009.

Security of open source and closed source software: An empirical comparison of published vulnerabilities, Guido Schryen, Proceedings of the 15th Americas Conference on Information Systems, 2009.

Competitive Cyber-Insurance and Internet Security, Nikhil Shetty, Galina Schwartz, Mark Felegyhazi, and Jean Walrand, Workshop on Economics of Information Security (WEIS 2009), 2009.

Identifying Suspicious URLs: An Application of Large-Scale Online Learning, Justin Ma, Lawrence K. Saul, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the International Conference on Machine Learning, Montreal, Quebec, June 2009.

Beyond Blacklists: Learning to Detect Malicious Web Sites from Suspicious URLs, Justin Ma, Lawrence K. Saul, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the ACM SIGKDD Conference, Paris, France, June 2009.

Defending Mobile Phones from Proximity Malware, Gjergji Zyba, Geoffrey M. Voelker, Michael Liljenstam, András Méhes, and Per Johansson, Proceedings of the IEEE Infocom Conference, Rio de Janeiro, Brazil, April 2009.

Spamcraft: An Inside Look at Spam Campaign Orchestration, Christian Kreibich, Chris Kanich, Kirill Levchenko, Brandon Enright, Geoffrey M. Voelker, Vern Paxson, and Stefan Savage, Proceedings of the USENIX Workshop on Large-scale Exploits and Emergent Threats (LEET), Boston, MA, April 2009.

Automating Analysis of Large-Scale Botnet Probing Events, Zhichun Li, Anup Goyal, Yan Chen, and Vern Paxson, Proceedings of ASIACCS, March 2009.

Detecting Forged TCP Reset Packets, Nicholas Weaver, Robin sommer, and Vern Paxson, Proceedings of the 16th Annual Network and Distributed System Security Symposium (NDSS'09), February 2009.

Detecting Malicious Packet Losses, Alper Mizrak, Stefan Savage, and Keith Marzullo, IEEE Transactions on Parallel and Distributed Systems 20(2), February 2009.

Detecting In-Flight Page Changes with Web Tripwires, Charles Reis, Steven D. Gribble, Tadayoshi Kohno, and Nicholas Weaver, Proceedings of the 5th ACM/USENIX Symposium on Networked Systems Design and Implementation (NSDI), San Francisco, CA, April 2008.

Spamalytics: an Empirical Analysis of Spam Marketing Conversion, Chris Kanich, Christian Kreibich, Kirill Levchenko, Brandon Enright, Vern Paxson, Geoffrey M. Voelker, and Stefan Savage, Proceedings of the ACM Conference on Computer and Communications Security, Alexandria, VA, October 2008.

Reconsidering Physical Key Secrecy: Teleduplication via Optical Decoding, Benjamin Laxton, Kai Wang, and Stefan Savage, Proceedings of the ACM Conference on Computer and Communications Security, Alexandria, VA, October 2008.

When Good Instructions Go Bad: Generalizing Return-oriented Programming to the SPARC, Erik Buchanan, Ryan Roemer, Hovav Shacham, and Stefan Savage, Proceedings of the ACM Conference on Computer and Communications Security, Alexandria, VA, October 2008.

Predicting the Resource Consumption of Network Intrusion Detection Systems, Holger Dreger, Anja Feldmann, Vern Paxson, and Robin Sommer, RAID 2008, September 2008.

Enriching Network Security Analysis with Time Travel, Gregor Maier, Robin Sommer, Holger Dreger, Anja Feldmann, Vern Paxson, and Fabian Schneider, Proceedings of the ACM SIGCOMM Conference, Seattle, WA, August 2008.

A Tool for Offline and Live Testing of Evasion Resilience in Network Intrusion Detection Systems (Extended Abstract), Leo Juan, Christian Kreibich, Chih-Hung Lin, and Vern Paxson, Proc. Fifth GI International Conference on Detection of Intrusions and Malware & Vulnerability Assessment, July 2008.

Storm: When Researchers Collide, Brandon Enright, Geoff Voelker, Stefan Savage, Chris Kanich, and Kirill Levchenko, USENIX ;login: 33(4), August 2008.

On the Spam Campaign Trail, Christian Kreibich, Chris Kanich, Kirill Levchenko, Brandon Enright, Geoffrey M. Voelker, Vern Paxson, and Stefan Savage, Proceedings of the USENIX Workshop on Large-scale Exploits and Emergent Threats (LEET), San Franciso, CA, April 2008.

The Heisenbot Uncertainty Problem: Challenges in Separating Bots from Chaff, Chris Kanich, Kirill Levchenko, Brandon Enright, Geoffrey M. Voelker, and Stefan Savage, Proceedings of the USENIX Workshop on Large-scale Exploits and Emergent Threats (LEET), San Franciso, CA, April 2008.

Detecting Compromised Routers via Packet Forwarding Behavior, Alper Mizrak, Stefan Savage, and Keith Marzullo, IEEE Network 22(2), March 2008.

Can You Infect Me Now? Malware Propagation in Mobile Phone Networks, Chris Fleizach, Michael Lilijenstam, Per Johansson, Geoffrey M. Voelker, and András Méhes, Proceedings of the ACM Workshop on Recurring Malcode (WORM), Washington D.C., November 2007.

Issues and Etiquette Concerning Use of Shared Measurement Data, Mark Allman and Vern Paxson, Proceedings of the ACM Internet Measurement Conference, San Diego, CA, October 2007.

A Brief History of Scanning, Mark Allman, Vern Paxson, and Jeff Terrell, Proceedings of the ACM Internet Measurement Conference, San Diego, CA, October 2007.

Shunting: A Hardware/Software Architecture for Flexible, High-Performance Network Intrusion Prevention, Jose Maria Gonzalez, Nicholas Weaver, and Vern Paxson, Proceedings of the ACM Conference on Computer and Communications Security, Alexandria, VA, October 2007.

An Inquiry into the Nature and Causes of the Wealth of Internet Miscreants, Jason Franklin, Vern Paxson, Adrian Perrig, and Stefan Savage, Proceedings of the ACM Conference on Computer and Communications Security, Alexandria, VA, October 2007.

Spamscatter: Characterizing Internet Scam Hosting Infrastructure, David S. Anderson, Chris Fleizach, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the USENIX Security Symposium, Boston, MA, August 2007.

Slicing Spam with Occam's Razor, Chris Fleizach, Geoffrey M. Voelker, and Stefan Savage, Proceedings of the Conference on Email and Anti-Spam (CEAS), Mountain View, CA, August 2007.

On the Adaptive Real-Time Detection of Fast-Propagating Network Worms, Jaeyeon Jung, Rodolfo A. Milito, and Vern Paxson, Proceedings of the Fourth GI International Conference on Detection of Intrusions & Malware, and Vulnerability Assessment, Lucerne, Switzerland, July 2007.

The Shunt: An FPGA-Based Accelerator for Network Intrusion Prevention, Nicholas Weaver, Vern Paxson, and Jose M. Gonzalez, Proceedings of the ACM/SIGDA 15th International Symposium on Field Programmable Gate Arrays, February 2007.

Glavlit: Preventing Exfiltration at Wire Speed, Nabil Schear, Carmelo Kintana, Qing Zhang, and Amin Vahdat, Proceedings of the 5th ACM Workshop on Hot Topics in Networks (HotNets-V), Irvine, CA, November 2006.

Fighting Coordinated Attackers with Cross-Organizational Information Sharing, Mark Allman, Ethan Blanton, Vern Paxson, and Scott Shenker, Proceedings of the 5th ACM Workshop on Hot Topics in Networks (HotNets-V), Irvine, CA, November 2006.

On the Adaptive Real-Time Detection of Fast-Propagating Network Worms, Jaeyeon Jung, Rodolfo A. Milito, and Vern Paxson, MIT technical report MIT-CSAIL-TR-2006-074, November 2006.

binpac: A yacc for Writing Application Protocol Parsers, Ruoming Pang, Vern Paxson, Robin Sommer, and Larry Peterson, Proceedings of the ACM Internet Measurement Conference, Rio de Janeiro, Brazil, October 2006.

Semi-Automated Discovery of Application Session Structure, Jayanthkumar Kannan, Jaeyeon Jung, Vern Paxson, and Can Emre Koksal, Proceedings of the ACM Internet Measurement Conference, Rio de Janeiro, Brazil, October 2006.

Automated Protocol Inference: Unexpected Means of Identifying Protocols, Justin Ma, Kirill Levchenko, Cristian Kriebich, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the ACM Internet Measurement Conference, Rio de Janeiro, Brazil, October 2006.

Finding Diversity in Remote Code Injection Exploits, Justin Ma, John Dunagan, Helen J. Wang, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the ACM Internet Measurement Conference, Rio de Janeiro, Brazil, October 2006.

GQ: Realizing a System to Catch Worms in a Quarter Million Places, Weidong Cui, Vern Paxson, and Nicholas Weaver, ICSI technical report TR-06-004, September 2006.

Dynamic Application-Layer Protocol Analysis for Network Intrusion Detection, Holger Dreger, Anja Feldmann, Michael Mai, Vern Paxson, and Robin Sommer, 15th Usenix Security Symposium, August 2006.

Fatih: Detecting and Isolating Malicious Routers via Traffic Validation, Alper Mizrak, Yu-Chung Cheng, Keith Marzullo, and Stefan Savage, IEEE Transactions on Dependable and Secure Computing 3(3), July 2006.

Inferring Internet Denial-of-Service Activity, David Moore, Colleen Shannon, Doug Brown, Geoffrey M. Voelker, and Stefan Savage, ACM Transactions on Computer Systems 24(2):115-139, May 2006.

Community-Oriented Network Measurement Infrastructure (CONMI) Workshop Report, kc claffy, Mark Crovella, Timur Friedman, Colleen Shannon, and Neil Spring, 36(2):41-48, April 2006.

Protocol-Independent Adaptive Replay of Application Dialog, Weidong Cui, Vern Paxson, Nicholas Weaver, and Randy H. Katz, 13th Annual Network and Distributed System Security Symposium (NDSS'06), February 2006.

Case Study: A Failure Wrapped in Success' Clothing - On the Need for Sound Forensics in Handling Digital Evidence Cases, Erin E. Kenneally and Andrea Monti, Digital Investigation, Elsevier Ltd., Winter 2005.

Using Honeynets for Internet Situational Awareness, Vinod Yegneswaran, Paul Barford, and Vern Paxson, Proceedings of the 4th ACM Workshop on Hot Topics in Networks (HotNets-IV), College Park, MD, November 2005.

Opportunistic Measurement: Extracting Insight from Spurious Traffic, Martin Casado, Tal Garfinkel, Weidong Cui, Vern Paxson, and Stefan Savage, Proceedings of the 4th ACM Workshop on Hot Topics in Networks (HotNets-IV), College Park, MD, November 2005.

Self-stopping Worms, Justin Ma, Geoffrey M. Voelker, and Stefan Savage, Proceedings of the ACM Workshop on Rapid Malcode (WORM), Washington D.C., November 2005.

Scalability, Fidelity and Containment in the Potemkin Virtual Honeyfarm, Michael Vrable, Justin Ma, Jay Chen, David Moore, Erik VandeKieft, Alex C. Snoeren, Geoffrey M. Voelker, and Stefan Savage, Proceedings of the 20th ACM Symposium on Operating System Principles (SOSP), Brighton, UK, October 2005.

Exploiting Underlying Structure for Detailed Reconstruction of an Internet-scale Event, Abhishek Kumar, Vern Paxson, and Nicholas Weaver, Proceedings of the USENIX/ACM Internet Measurement Conference, New Orleans, LA, October 2005.

Confluence of Digital Evidence and the Law: On the Forensic Soundness of Live-Remote Digital Evidence Collection, Erin E. Kenneally, UCLA Journal of Law and Technology, 2005.

Automated Worm Fingerprinting, Sumeet Singh, Cristian Estan, George Varghese, and Stefan Savage, Proceedings of the 6th ACM/USENIX Symposium on Operating System Design and Implementation (OSDI), San Francisco, CA, December 2004.

On the Difficulty of Scalably Detecting Network Attacks, Kirill Levchenko, Ramamohan Paturi, and George Varghese, Proceedings of the ACM Conference on Computer and Communications Security, Washington, D.C., October 2004.

Preliminary Results Using ScaleDown to Explore Worm Dynamics, Nicholas Weaver, Ihab Hamadeh, George Kesidis, and Vern Paxson, Proceedings of the ACM Workshop on Rapid Malcode (WORM), Washington, D.C., October 2004.

The Top Speed of Flash Worms, Stuart Staniford, David Moore, Vern Paxson, and Nicholas Weaver, Proceedings of the ACM Workshop on Rapid Malcode (WORM), Washington, D.C., October 2004.

On Scalable Attack Detection in the Network, Ramana Rao Kompella, Sumeet Singh, and George Varghese, Proceedings of the USENIX/ACM Internet Measurement Conference, Taormina, Sicily, Italy, October 2004.