Publications
binpac: A yacc for Writing Application Protocol Parsers.
Proceedings of the Internet Measurement Conference 2006 (IMC 2006). 289-300.
(2006). The Devil and Packet Trace Anonymization.
Computer Communication Review. 36(1), 29-38.
(2006). Dynamic Application-Layer Protocol Analysis for Network Intrusion Detection.
Proceedings of the 15th USENIX Security Symposium (Security '06).
(2006). Enhancing Network Intrusion Detection With Integrated Sampling and Filtering.
Proceedings of the 9th International Syposium on Recent Advances in Intrusion Detection (RAID 2006). 272-289.
(2006). Fighting Coordinated Attackers with Cross-Organizational Information on Sharing.
Proceedings of the Fifth Workshop on Hot Topics in Networks (Hotnets-V). 121-126.
(2006). Network Loss Tomography Using Striped Unicast Probes.
IEEE/ACM Transactions on Networking. 697-710.
(2006). Network System Challenges in Selective Sharing and Verification for Personal, Social, and Urban-Scale Sensing Applications.
Proceedings of the Fifth Workshop on Hot Topics in Networks (Hotnets-V). 37-42.
(2006). Observed Structure of Addresses in IP Traffic.
IEEE/ACM Transactions on Networking. 14(16), 1207-1218.
(2006). Protocol-Independent Adaptive Replay of Application Dialog.
Proceedings of the 13th Annual Symposium on Network and Distributed System Security (NDSS'06).
(2006). Rethinking Hardware Support for Network Analysis and Intrusion Prevention.
Proceedings of the First USENIX Workshop on Hot Topics in Security (HotSec '06).
(2006). RFC 4440: IAB Thoughts on the Role of the Internet Research Task Force (IRTF).
(Floyd, S., Paxson V., & Falk A., Ed.).
(2006). Semi-Automated Discovery of Application Session Structure.
Proceedings of the Internet Measurement Conference 2006 (IMC 2006). 119-132.
(2006).
(2006). An Architecture for Developing Behavioral History.
Proceedings of the First Conference on Steps to Reduce Unwanted Traffic in the Internet (SRUTI '05). 45-51.
(2005). Building a Time Machine for Efficient Recording and Retrieval of High-Volume Network Traffic.
Proceedings of the Fifth ACM Conference on Internet Measurement (IMC 2005). 267-272.
(2005).
(2005). Enhancing the Accuracy of Network-Based Intrusion Detection with Host-Based Context.
Proceedings of Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA 2005). 206-221.
(2005). Exploiting Independent State For Network Intrusion Detection.
Proceedings of the 21st Annual Computer Security Applications Conference (ACSAC 2005). 59-71.
(2005). Exploiting Underlying Structure for Detailed Reconstruction of an Internet Scale Event.
Proceedings of the 2005 Internet Measurement Conference (IMC 2005). 351-364.
(2005). A First Look at Modern Enterprise Traffic.
Proceedings of the 2005 Internet Measurement Conference (IMC 2005). 15-28.
(2005). The Network Oracle.
Bulletin of the IEEE Computer Society Technical Committee on Data Engineering. 28(1), 3-10.
(2005). Opportunistic Measurement: Extracting Insight from Spurious Traffic.
Proceedings of the Fourth Workshop on Hot Topics in Networks (Hotnets-IV).
(2005). Robust TCP Reassembly in the Presence of Adversaries.
Proceedings of the 14th Conference on USENIX Security Symposium (Security '05). 65-80.
(2005). Using Honeynets for Internet Situational Awareness.
Proceedings of the Fourth Workshop on Hot Topics in Networks (Hotnets-IV).
(2005). Characteristics of Internet Background Radiation.
Proceedings of the 2004 Internet Measurement Conference (IMC 2004).
(2004).