Keromytis, Angelos D. - Department of Computer Science, Columbia University

• W3Bcrypt: Encryption as a Stylesheet Angelos Stavrou, Michael E. Locasto, and Angelos D. Keromytis
• Return Value Predictability Profiles for SelfHealing Michael E. Locasto1
• International Journal of Network Security, Vol.8, No.1, PP.3751, Jan. 2009 37 Anonymity in Wireless Broadcast Networks
• Capturing Information Flow with Concatenated Dynamic Taint Analysis Hyung Chan Kim Angelos D. Keromytis Michael Covington Ravi Sahita
• Proceedings of the 2007 IEEE Workshop on Information Assurance
• Automating the Injection of Believable Decoys to Detect Brian M. Bowen Vasileios P. Kemerlis Pratap Prabhu
• Integrity Postures for Software SelfDefense Michael E. Locasto
• ASSURE: Automatic Software Self-healing Using REscue points Stelios Sidiroglou, Oren Laadan, Carlos R. Perez, Nicolas Viennot,
• The Role of Trust Management in Distributed Systems Security?
• Distributed Trust John Ioannidis, AT&T Labs Research
• 94 Computer S E C U R I T Y
• Mach Learn (2010) 81: 179205 DOI 10.1007/s10994-009-5143-5
• gore: Routing-Assisted Defense Against DDoS Attacks Stephen T. Chou1
• A Study of Malcode-Bearing Documents Wei-Jen Li, Salvatore Stolfo, Angelos Stavrou, Elli Androulaki, and Angelos D.
• Tagging Data In The Network Stack: mbuf tags Angelos D. Keromytis
• e-NeXSh: Achieving an Effectively Non-Executable Stack and Heap via System-Call Policing
• Behavior-Profile Clustering for False Alert Reduction in Anomaly Detection Sensors
• 70 ; L O G I N : VO L . 3 1 , N O. 1 S T E V E N M . B E L L O V I N , B I L L C H E S W I C K ,
• SYMANTECENTERPRISESECURITY Rogue Security Software
• Security in Active Networks D. Scott Alexander1, William A. Arbaugh2, Angelos D. Keromytis2, and
• Worm Evolution Tracking via Timing Analysis
• Action Amplification: A New Approach To Scalable Administration Kostas G. Anagnostakis Angelos D. Keromytis
• Global ISR: Toward a Comprehensive Defense Against Unauthorized Code Execution
• Conversion and Proxy Functions for Symmetric Key Ciphers Debra L. Cook Angelos D. Keromytis
• Speculative Virtual Verification: Policy-Constrained Speculative Execution
• Designing Firewalls: A Survey Angelos D. Keromytis and Vassilis Prevelakis
• Global Information Technologies
• Safety and Security of Programmable Network Infrastructures
• Misuse Detection in Consent-based Networks Mansoor Alicherry1
• Fast and Practical Instruction-Set Randomization for Commodity Systems
• iLeak: A Lightweight System for Detecting Inadvertent Information Leaks Vasileios P. Kemerlis, Vasilis Pappas, Georgios Portokalidis, and Angelos D. Keromytis
• Traffic Analysis Against Low-Latency Anonymity Networks Using Available
• DIPLOMA: Distributed Policy Enforcement Architecture for MANETs
• BARTER: Behavior Profile Exchange for Behavior-Based Admission and Access Control
• A Network Access Control Mechanism Based on Behavior Profiles
• Baiting Inside Attackers Using Decoy Documents Brian M. Bowen, Shlomo Hershkop, Angelos D. Keromytis, Salvatore J. Stolfo
• DoubleCheck: Multi-path Verification Against Man-in-the-Middle Attacks
• Spectrogram: A Mixture-of-Markov-Chains Model for Anomaly Detection in Web Traffic
• Authentication on Untrusted Remote Hosts with Public-key Sudo
• Behavior-Based Network Access Control: A Proof-of-Concept Vanessa Frias-Martinez Salvatore J. Stolfo Angelos D. Keromytis
• Path-based Access Control for Enterprise Matthew Burnside and Angelos D. Keromytis
• Methods for Linear and Differential Cryptanalysis of Elastic Block Ciphers
• Pushback for Overlay Networks: Protecting against Malicious Insiders Angelos Stavrou1
• Taming the Devil: Techniques for Evaluating Anonymized Network Data S. E. Coull
• Elastic Block Ciphers in Practice: Constructions and Modes of Encryption
• Characterizing Self-Healing Software Systems Angelos D. Keromytis
• Remotely Keyed Cryptographics Secure Remote Display Access Using
• Countering DoS Attacks With Stateless Multipath Overlays Angelos Stavrou
• A Dynamic Mechanism for Recovering from Buffer Overflow Attacks
• Detecting Targeted Attacks Using Shadow Honeypots K. G. Anagnostakis
• An Email Worm Vaccine Architecture Stelios Sidiroglou, John Ioannidis, Angelos D. Keromytis, and Salvatore J. Stolfo
• The Effect of DNS Delays on Worm Propagation in an IPv6 Internet
• The Dual Receiver Cryptosystem and Its Applications Theodore Diament Homin K. Lee Angelos D. Keromytis Moti Yung
• CamouflageFS: Increasing the Effective Key Length in Cryptographic Filesystems on the Cheap
• PUB REF NBR (e.g. RTO-MP-IST-999) PAPER NBR -1 Dealing with System Monocultures
• EasyVPN: IPsec Remote Access Made Easy Mark C. Benvenuto, Angelos D. Keromytis
• The Design of the OpenBSD Cryptographic Framework Angelos D. Keromytis
• Experience with the KeyNote Trust Management System: Applications and Future Directions
• Fileteller: Paying and Getting Paid for File Storage John Ioannidis, Sotiris Ioannidis, Angelos D. Keromytis, and Vassilis Prevelakis
• Automated Recovery in a Secure Bootstrap Process William A. Arbaugh
• Implementing IPsec Angelos D. Keromytis
• Network Bandwidth Denial of Service (DoS) Angelos D. Keromytis
• springeronline.com ADIS 20 AA DD VV AA NN CC EE SS II NN II NN FF OO RR MM AA TT II OO NN SS EE CC UU RR II TT YY AA DD VV AA NN CC EE SS II NN II NN FF OO RR MM AA TT II OO NN SS EE CC UU RR II TT YY
• 240 Smith, Greenwald, Ioannidis, Keromytis, Laurie, Maughan, Rahn and Wright Copyright 2005, Idea Group Inc. Copying or distributing in print or electronic forms without written permis-
• STRONGMAN: A SCALABLE SOLUTION TO TRUST MANAGEMENT IN NETWORKS
• The SPARCHS Project Hardware Support for Software Security
• Computer Security Research with Human Subjects: Risks, Benefits and Informed Consent
• Online Network Forensics for Automatic Repair Michael E. Locasto1
• A Network Worm Vaccine Architecture Stelios Sidiroglou
• xPF: Packet Filtering for Low-Cost Network Monitoring S. Ioannidis
• Active extensions Execution Environment
• A Self-Learning Worm Using Importance Scanning Zesheng Chen
• The Limits of Global Scanning Worm Detectors in the Presence
• Defending against Hitlist Worms using Network Address Space Randomization
• The Detection of RCS Worm Epidemics Kurt Rohloff
• On The Stochastic Modeling and Detection of RCS Worms
• IEICE TRANS. INF. & SYST., VOL.Exx??, NO.xx XXXX 200x On the Deployment of Dynamic Taint Analysis for
• International Journal of Information Security manuscript No. (will be inserted by the editor)
• High-Speed I/O: The Operating System As A Signalling Position paper
• Trust Management and Network Layer Security Matt Blaze1 and John Ioannidis1 and Angelos D. Keromytis2
• Gone Rogue: An Analysis of Rogue Security Software Campaigns (Invited Paper)
• Elastic Block Ciphers: The Basic Design Murray Hill, NJ, USA
• The MINESTRONE Architecture Combining Static and Dynamic Analysis
• Cryptography in OpenBSD: An Overview Theo de Raadt, Niklas Hallqvist, Artur Grabowski, Angelos D. Keromytis, Niels Provos
• A Secure Plan Michael Hicks and Angelos D. Keromytis?
• WebSOS: Protecting Web Servers From DDoS Debra L. Cook, William G. Morein, Angelos D. Keromytis, Vishal Misra and Daniel Rubenstein
• Network Worms ecentincidentshavedemonstratedtheabilityof
• On Instant Messaging Worms, Analysis and Countermeasures
• A Survey of Voice Over IP Security Research Angelos D. Keromytis
• Designing an Embedded Firewall/VPN Gateway* Vassilis Prevelakis1
• The Bandwidth Exchange Architecture David Michael Turner
• Retrofitting Security in COTS Software with Binary Rewriting Padraig O'Sullivan 1
• Angelos D. Keromytis, Vishal Misra, Daniel Rubenstein Columbia University in the City of New York
• The Limits of Global Scanning Worm Detectors in the Presence of Background Noise
• ; LOGIN : February 2010 a LOOk aT vOIP vuLNerabILITIeS 41 a n g e l o S d. k e Ro my t i S
• IEEE NETWORK 1 A Secure Active Network Environment Architecture
• Defending Against Next Generation through Network/Endpoint Collaboration and Interaction
• FLIPS: Hybrid Adaptive Intrusion Prevention Michael E. Locasto, Ke Wang, Angelos D. Keromytis, and Salvatore J. Stolfo
• Low Latency Anonymity with Mix Rings Matthew Burnside and Angelos D. Keromytis
• Countering Code-Injection Attacks With Instruction-Set Randomization
• Scalable InternetScalable Internet Threat MonitoringThreat Monitoring
• A Repeater Encryption Unit for IPv4 and IPv6 Norimitsu Nagashima
• Band-aid Patching Stelios Sidiroglou
• Elastic Block Ciphers: Method, Security and Instantiations
• An Adversarial Evaluation of Network Signaling and Control Kangkook Jee1, Stelios Sidiroglou-Douskos2, Angelos Stavrou3, and
• Mediated Overlay Services (MOSES): Network Security as a Composable Service
• Using Rescue Points to Navigate Software Recovery (Short Paper) Stelios Sidiroglou, Oren Laadan, Angelos D. Keromytis, and Jason Nieh
• Software Self-healing Using Error Virtualization Stylianos Sidiroglou
• BotSwindler: Tamper Resistant Injection of Believable Decoys in VM-Based Hosts for Crimeware Detection
• PalProtect: A Collaborative Security Approach to Comment Spam Benny Wong, Michael E. Locasto, Angelos D. Keromytis
• F3ildCrypt: End-to-End Protection of Sensitive Information in Web Services
• MOVE: An End-to-End Solution To Network Denial of Service Angelos Stavrou Angelos D. Keromytis Jason Nieh Vishal Misra Dan Rubenstein
• Journal of Information Assurance and Security 2 (2006) 4150 Conversion Functions for Symmetric Key Ciphers
• Securing MANET Multicast Using DIPLOMA Mansoor Alicherry Angelos D. Keromytis
• Self-Stopping Worms Justin Ma, Geoffrey M. Voelker, and Stefan Savage
• On the Effectiveness of Automatic Patching Milan Vojnovic and Ayalvadi Ganesh
• Evaluation of a Spyware Detection System using Thin Client Computing
• Race to the bottom: Malicious Hardware Angelos D. Keromytis Simha Sethumadhavan Ken Shepard
• One Class Support Vector Machines for Detecting Anomalous Windows Registry Katherine A. Heller Krysta M. Svore Angelos D. Keromytis Salvatore J. Stolfo
• A Market-based Bandwidth Charging Framework David Michael Turner
• A Study of the Relative Costs of Network Security Protocols Stefan Miltchev
• Software Self-Healing Using Collaborative Application Communities
• A Distributed Policy Enforcement Architecture for Mobile Ad-Hoc Networks
• IEEE COMMUNICATIONS SURVEYS & TUTORIALS 1 A Comprehensive Survey of Voice over IP Security
• IEEE TDSC 1 On The General Applicability of Instruction-Set
• Basic Training Editors: Richard Ford, rford@se.fit.edu
• Designing Host and Network Sensors to Mitigate the Insider Brian M. Bowen Malek Ben Salem Shlomo Hershkop
• IT Monoculture 18 Published by the ieee ComPuter soCiety 1540-7993/09/$25.00 2009 ieee ieee seCurity & PrivaCy
• Int. J. Inf. Secur. (2006) DOI 10.1007/s10207-006-0083-6
• Cryptography As An Operating System Service: A Case Study
• JOURNAL ON SELECTED AREAS IN COMMUNICATIONS, VOL. 21, NO. XXX, XXX 2003 1 SOS: An Architecture For Mitigating DDoS Attacks
• IEEE TRANSACTIONS ON SYSTEMS, MAN, AND CYBERNETICS--PART C: APPLICATIONS AND REVIEWS, VOL. 33, NO. 3, AUGUST 2003 413 A Secure PLAN
• Performance Implications of Securing Active Networks D. Scott Alexander, William A. Arbaugh, Angelos D. Keromytis and Jonathan M. Smithyz
• Creating e cient fail-stop cryptographic protocols Technical Report MS-CIS-96-32
• A Secure PLAN (Extended Version) Michael Hicks
• Crimeware Swindling without Virtual Machines Vasilis Pappas, Brian M. Bowen, and Angelos D. Keromytis
• Elastic Block Ciphers Debra Lee Cook
• Adding Trust to P2P Distribution of Paid Content Alex Sherman1
• COVER FEATURE There are clear tradeoffs among security, flexibility, and
• Requirements for Scalable Access Control and Security Management Architectures
• Casting out Demons: Sanitizing Training Data for Anomaly Sensors Gabriela F. Cretu1
• From STEM to SEAD: Speculative Execution for Automated Defense Michael E. Locasto, Angelos Stavrou, Gabriela F. Cretu, Angelos D. Keromytis
• 26 IAnewsletter Vol 9 No 4 Winter 2006IAnewsletter Vol 9 No 4 Winter 2006IAnewsletter http://iac.dtic.mil/iatac Countering DDoS Attacks
• 978-1-4244-4793-0/09/$25.00 c 2009 IEEE Evaluating a Collaborative Defense Architecture for
• Data Sanitization: Improving the Forensic Utility of Anomaly Detection Systems
• An Overlay Architecture for End-to-End Service Availability Angelos Stavrou
• Just Fast Keying: Key Agreement In A Hostile Internet
• FlowPuter: A Cluster Architecture Unifying Switch, Server and Storage Processing
• Host-Based Detection of Worms through Peer-to-Peer Cooperation
• M: Access-Assured Mobile Desktop Computing Angelos Stavrou1
• Detecting Traffic Snooping in Tor Using Decoys Sambuddho Chakravarty, Georgios Portokalidis, Michalis Polychronakis, and
• A General Approach for Efficiently Accelerating Software-based Dynamic Data Flow Tracking on Commodity Hardware