2025
[1] | CyberMALT: Machine Learning-Assisted Traffic Analysis for Cyber Threat Detection and Classification. In Proceedings of the 2025 IEEE Consumer Communications and Networking Conference (IEEE CCNC 2025), ():, IEEE, 2025., (To appear). |
2024
[1] | Resilience and Performance Quantification of Dynamic Reconfiguration. Future Generation Computer Systems, , Elsevier, 2024., (). |
[2] | Utilizing Online Learning for Both Defense and DoS Attacks in CPS: A Repeated Game Approach. In Proceedings of the 2024 IEEE Global Communications Conference (GLOBECOM 2024), ():, IEEE, 2024., (To appear). |
[3] | Encyclopedia of Cryptography, Security and Privacy. Springer, 2024. |
[4] | Encyclopedia of Cryptography, Security and Privacy. Springer, 2024. |
[5] | CVE2CWE: Automated Mapping of Software Vulnerabilities to Weaknesses Based on CVE Descriptions. In Proceedings of the 21st International Conference on Security and Cryptography (SECRYPT 2024), pages 500-507, SciTePress, 2024. |
[6] | DISC: A Dataset for Information Security Classification. In Proceedings of the 21st International Conference on Security and Cryptography (SECRYPT 2024), pages 175-185, SciTePress, 2024. |
[7] | Understanding Human-Generated and AI-generated Election Claims in Social Media. In Proceedings of the 21st International Conference on Security and Cryptography (SECRYPT 2024), pages 237-248, SciTePress, 2024. |
2023
[1] | A Framework for Designing Vulnerability Metrics. Computers \& Security, 132, Elsevier, 2023. |
[2] | An Attack Volume Metric. Security and Privacy, 6(4), Wiley, 2023. |
[3] | Towards Usable Scoring of Common Weaknesses. In Proceedings of the 20th International Conference on Security and Cryptography (SECRYPT 2023), pages 183-191, SciTePress, 2023. |
[4] | Design and Modeling of Moving Target Defense in Workflow-Based Applications. Cluster Computing, ():, Springer, 2023. |
2022
[1] | Mason Vulnerability Scoring Framework: A Customizable Framework for Scoring Common Vulnerabilities and Weaknesses. In Proceedings of the 19th International Conference on Security and Cryptography (SECRYPT 2022), pages 215-225, SciTePress, 2022., (Best Paper Award). |
[2] | Encyclopedia of Cryptography, Security and Privacy. Springer, 2022. |
[3] | A Formal Model for Credential Hopping Attacks. In Proceedings of the 27th European Symposium on Research in Computer Security (ESORICS 2022), Part I, 13554:367-386, Springer, 2022. |
[4] | Biometric multi-factor authentication: On the usability of the FingerPIN scheme. Security and Privacy, ():, Wiley, 2022., (). |
2021
[1] | Performance Modeling of Moving Target Defenses with Reconfiguration Limits. IEEE Transactions on Dependable and Secure Computing, 18(1):205-219, IEEE, 2021. |
[2] | Vulnerability Metrics for Graph-based Configuration Security. In Proceedings of the 18th International Conference on Security and Cryptography (SECRYPT 2021), pages 259-270, SciTePress, 2021. |
2020
[1] | A Quantitative Framework to Model Reconnaissance by Stealthy Attackers and Support Deception-Based Defenses. In Proceedings of the 8th IEEE Conference on Communications and Network Security (CNS 2020), pages , IEEE, 2020. |
[2] | SCIBORG: Secure Configurations for the IoT Based on Optimization and Reasoning on Graphs. In Proceedings of the 8th IEEE Conference on Communications and Network Security (IEEE CNS 2020), IEEE, 2020. |
2019
[1] | Adversarial and Uncertain Reasoning for Adaptive Cyber Defense. , 11830:94-111, Springer, 2019. |
[2] | Adversarial and Uncertain Reasoning for Adaptive Cyber Defense. , 11830:156-205, Springer, 2019. |
[3] | Adversarial and Uncertain Reasoning for Adaptive Cyber Defense. , 11830:232-261, Springer, 2019. |
[4] | Proactive Defense Through Deception. , 75:169-202, Springer, 2019. |
[5] | Securing Distributed System Configuration through Optimization and Reasoning on Graphs. In Proceedings of the Network and Distributed Systems Security Symposium (NDSS 2019), Internet Society, 2019., (Poster). |
[6] | Performance Modeling of Moving Target Defenses with Reconfiguration Limits. IEEE Transactions on Dependable and Secure Computing, ():, IEEE, 2019., (to appear). |
2018
[1] | On Defensive Cyber Deception: A Case Study Using SDN. In Proceedings of the 2018 Military Communications Conference (MILCOM 2011), pages 110-115, IEEE, 2018. |
[2] | From Database to Cyber Security: Essays Dedicated to Sushil Jajodia on the Occasion of His 70th Birthday. , 11170:1-23, Springer, 2018. |
[3] | DeBot: A Novel Network-based Mechanism to Detect Exfiltration by Architectural Stealthy Botnets. Security and Privacy, 1(6), Wiley, 2018. |
[4] | Measuring the Effectiveness of Network Deception. In Proceedings of the IEEE International Conference on Intelligence and Security Informatics (IEEE ISI 2018), pages 142-147, IEEE, 2018. |
[5] | A Quantitative Framework to Model Advanced Persistent Threats. In Proceedings of the 15th International Conference on Security and Cryptography (SECRYPT 2018), pages 282-293, SciTePress, 2018., (Best Paper Award). |
[6] | Defending from Stealthy Botnets Using Moving Target Defenses. IEEE Security and Privacy Magazine, 16(1):92-97, IEEE, 2018. |
[7] | A Graphical Model to Assess the Impact of Multi-Step Attacks. Journal of Defense Modeling and Simulation, 15(1):79-93, SAGE Publications, 2018., (Selected by the Guest Editor, Alexander Kott, as an article of particular value). |
2017
[1] | Performance Modeling of Moving Target Defenses. In Proceedings of the 4th ACM Workshop on Moving Target Defense (MTD 2017), pages 53-63, ACM, 2017. |
[2] | Detecting Stealthy Botnets in a Resource-Constrained Environment using Reinforcement Learning. In Proceedings of the 4th ACM Workshop on Moving Target Defense (MTD 2017), pages 75-85, ACM, 2017. |
[3] | A Framework for Moving Target Defense Quantification. In Proceedings of the IFIP International Conference on ICT Systems Security and Privacy Protection (IFIP SEC 2017), pages 124-138, Springer, 2017. |
[4] | From Idea to Prototype: Introducing Students to Entrepreneurship. In Proceedings of the 7th IEEE Integrated STEM Education Conference (ISEC 2017), pages 71-75, IEEE, 2017. |
[5] | Theory and Models for Cyber Situation Awareness. , 10030:3-25, Springer, 2017. |
[6] | Theory and Models for Cyber Situation Awareness. , 10030:29-46, Springer, 2017. |
2016
[1] | A Moving Target Defense Approach to Disrupting Stealthy Botnets. In Proceedings of the 3rd ACM Workshop on Moving Target Defense (MTD 2016), pages 37-46, ACM, 2016. |
[2] | A Moving Target Defense Approach to Mitigate DDoS Attacks against Proxy-Based Architectures. In Proceedings of the 4th IEEE Conference on Communications and Network Security (IEEE CNS 2016), ():, IEEE, 2016., (). |
[3] | Cyber Deception:Building the Scientific Foundation. , pages 167-199Springer, 2016. |
[4] | Moving Target Defense against DDoS Attacks: An Empirical Game-Theoretic Analysis. In Proceedings of the 3rd ACM Workshop on Moving Target Defense (MTD 2016), pages 93-104, ACM, 2016. |
2015
[1] | Disrupting Stealthy Botnets through Strategic Placement of Detectors. In Proceedings of the 3rd IEEE Conference on Communications and Network Security (IEEE CNS 2015), pages 55-63, IEEE, 2015., (Best Paper Runner-up Award). |
2014
[1] | Manipulating the Attacker's View of a System's Attack Surface. In Proceedings of the IEEE Conference on Communications and Network Security (IEEE CNS 2014), pages 472-480, IEEE, 2014. |
2013
[1] | Fast Activity Detection: Indexing for Temporal Stochastic Automaton-Based Activity Models. IEEE Transactions on Knowledge and Data Engineering, 25(2):360-373, IEEE, 2013. |
[2] | Integration of Reusable Systems. , ():, Springer, 2013., (). |
[3] | A Moving Target Defense Mechanism for MANETs Based on Identity Virtualization. In Proceedings of the IEEE Conference on Communications and Network Security (IEEE CNS 2013), ():278-286, IEEE, 2013., (). |
[4] | A Moving Target Defense Approach for Protecting Resource-Constrained Distributed Devices. In Proceedings of the 14th International Conference on Information Reuse and Integration (IEEE IRI 2013), ():22-29, , 2013., (). |
[5] | An Efficient Approach to Assessing the Risk of Zero-Day. In Proceedings of the 10th International Conference on Security and Cryptography (SECRYPT 2013), ():207-218, SciTePress, 2013., (). |
[6] | Reliable Mission Deployment in Vulnerable Distributed Systems. In Proceedings of the 43rd IEEE/IFIP International Conference on Dependable Systems and Networks Workshops (DSN-W 2013), ():, , 2013., (). |
2012
[1] | Time-Efficient and Cost-Effective Network Hardening Using Attack Graphs. In Proceedings of the 42nd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2012), IEEE, 2012. |
[2] | A Probabilistic Framework for Localization of Attackers in MANETs. In Proceedings of the 17th European Symposium on Research in Computer Security (ESORICS 2012), ():145-162, Springer, 2012., (). |
2011
[1] | Scalable Analysis of Attack Scenarios. In Proceedings of the 16th European Symposium on Research in Computer Security (ESORICS 2011), ():416-433, Springer, 2011., (). |
[2] | Cauldron: Mission-Centric Cyber Situational Awareness with Defense in Depth. In Proceedings of the 2011 Military Communications Conference (MILCOM 2011), pages 1339-1344, IEEE, 2011. |
2010
[1] | A multimedia recommender integrating object features and user behavior. Multimedia Tools and Applications, 50(3):563-585, Springer, 2010., (). |
[2] | A Ranking Method for Multimedia Recommenders. In Proceedings of the 9th ACM International Conference on Image and Video Retrieval (CIVR 2010), ():311-318, , 2010., (). |