|
|
|
Engin Kirda
|
About me
Currently, I am Sy and Laurie Sternberg Associate Professor for Information Assurance at the
College of Computer and Information Science
and the
Department of Electrical and Computer Engineering
of
Northeastern University
in Boston. I am also the director of the Northeastern Information Assurance Institute.
Previously, I was tenured faculty at
Institute Eurecom
(Graduate School and Research Center) in the French
Riviera
and before that, faculty at the Technical University of Vienna where I co-founded the Secure Systems Lab. Our
lab
has now become international and is distributed over five institutions and geographical locations.
My current research interests are in systems, software and network security (with focus on Web security, binary analysis, malware detection). Before that, I was mainly interested in distributed systems, software engineering and software architectures. I am not interested in theoretical security or crypto.
I am very fortunate to work with and have the privilege to advise some very bright Ph.D. students. I am very proud of their achievements! I've also been fortunate to work with some very smart and technically capable post-docs and collaborators around the world.
I personally enjoy writing code in different languages (e.g., C, Perl, C#, Java, [recently] Python) and am convinced that computer science students need to be language-independent ;-) I am trying to continue to code as much as possible -- although I have much more admin work to do now...
I am also part of the
Shellphish
hacking group. We regularly participate at the
DefCon CTF
.
You can follow some work I am involved in through our
Twitter feed
.
|
Prospective Students
|
BEFORE YOU SEND ME AN EMAIL ABOUT BECOMING MY PH.D. STUDENT, please
read this
.
|
General Information
|
Education:
|
Habilitation (Priv.Doz.), Dr. techn., Dipl.-Ing. in Computer Science,
Technical University of Vienna
|
|
Office Hours:
|
Tuesdays, 3:50-4:50pm
|
|
Email:
|
ek@ccs.neu.edu
|
|
Current Address:
|
Northeastern University - CCIS
Building WVH, Room 258, 360 Huntington Ave
Boston, MA, 02115
USA
|
|
Telephone:
|
+1 (617) 37 37 484
|
|
Member of:
|
IEEE, ACM,
Shellphish
|
Company
|
I am one of the co-founders of
Lastline Inc.
, a company that focuses on providing advanced threats intelligence and detection capabilities and services to its customers.
|
Research Labs
Current Awarded Grants (U.S.)
DISCLOSURE: Automatic Botnet Identification
Sponsor: NSF (CNS-1116777)
Position: Principle Investigator
|
DarkDroid: Identifying malicious activity in the Android App Market
Sponsor: DARPA
Position: co-Principle Investigator
|
ZIGZAG: Secure Execution of Client-Side Web Application Components
Sponsor: ONR (N000141210165)
Position: Principle Investigator
|
Teaching Systems Security using an interactive platform
Sponsor: Symantec Research
Position: Principle Investigator
|
Past Awarded Grants (Europe)
iCode (Real-time Malicious Code Detection)
Sponsor: The EU Commission
Position: Principle Investigator
|
SysSec (Network of Excellence for Networking Systems Security Research in Europe)
Sponsor: The EU Commission
Position: Principle Investigator
|
VAMPIRE (Voice Over IP Security)
Sponsor: ANR (French National Research Agency)
Position: Principle Investigator
|
WOMBAT (Worldwide Observatory of Malicious Behaviors and Attack Threats)
Sponsor: The EU Commission
Position: Principle Investigator (together with
Christopher Kruegel
)
|
SECoverer (Detection of Application Logic Errors in Web Applications)
Sponsor: FIT-IT Trust in IT-Systems 2. Call, Austria
Position: Principle Investigator (together with
Christopher Kruegel
)
|
TRADE (Trustworthy Adaptive Quality Balancing Through Temporal Decoupling)
Sponsor: FIT-IT Trust in IT-Systems 2. Call, Austria
Position: Investigator
|
MECANOS (Smartcard Security)
Sponsor: POLE de Competitivite SCS, France
Position: Principle Investigator
|
Web-Defense: Defending Internet Users against web attacks
Sponsor: Fonds zur Foerderung der wissenschaftlichen Forschung (FWF) - No. P18764
Position: Principle Investigator (together with
Christopher Kruegel
)
|
FORWARD (Managing Emerging Threats in ICT Infrastructures)
Sponsor: The EU Commission
Position: Principle Investigator (together with
Christopher Kruegel
)
|
Pathfinder (Malicious Code Analysis and Detection) -- also selected best project of the call
Sponsor: FIT-IT Trust in IT-Systems 1. Call
Position: Principle Investigator (together with
Christopher Kruegel
)
|
Software Security through Binary Analysis
Sponsor: Fonds zur Foerderung der wissenschaftlichen Forschung (FWF) - No. P18157
Position: Principle Investigator (together with
Christopher Kruegel
)
|
Software Security Audit using Reverse Engineering
Sponsor: Austrian Central Bank (OeNB)
Position: Principle Investigator (together with
Christopher Kruegel
)
|
Omnis - Security, Components and Infrastructure for Pervasive Environments
Sponsor: Fonds zur Foerderung der wissenschaftlichen Forschung (FWF) - No. P18368
Position: Principle Investigator (together with
Christopher Kruegel
)
|
Software Security Analysis
Sponsor: BAWAG P.S.K. Bank
Position: Consultant
|
Solaris and Linux Baseline Security
Sponsor: Austrian Central Bank (OeNB)
Position: Principal Investigator (together with
Christopher Kruegel
)
|
Publications
|
Workshops and Conferences (Security)
|
Kaan Onarlioglu, Mustafa Battal, William Robertson, and Engin Kirda, Securing Legacy Firefox Extensions with SENTINEL, 10th Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA), Berlin, Germany, July 2013
[download]
|
Kaan Onarlioglu, Collin Mulliner, William Robertson, Engin Kirda, PRIVEXEC: Private Execution as an Operating System Service, IEEE Security and Privacy, San Francisco, May 2013
[download]
|
Aldo Cassola, William Robertson, Engin Kirda, and Guevara Noubir, A Practical, Targeted, and Stealthy Attack Against WPA Enterprise Authentication, 20th Annual Network and Distributed System Security Symposium, (NDSS 2013), San Diego, CA, February 2013
[download]
|
Tobias Lauinger, Martin Szydlowski, Kaan Onarlioglu, Gilbert Wondracek, Engin Kirda, and Christopher Kruegel, Clickonomics: Determining the Effect of Anti-Piracy Measures for One-Click Hosting, 20th Annual Network and Distributed System Security Symposium, (NDSS 2013), San Diego, CA, February 2013
[download]
|
Leyla Bilge, Davide Balzarotti, William Robertson, Engin Kirda, Christopher Kruegel, DISCLOSURE: Detecting Botnet Command and Control Servers Through Large-Scale NetFlow Analysis, Annual Computer Security Applications Conference (ACSAC), Orlando, December 2012
[download]
|
Tobias Lauinger, Nikolaos Laoutaris, Pablo Rodriguez, Thorsten Strufe, Ernst Biersack, and Engin Kirda. Privacy Risks in Named Data Networking: What is the Cost of Performance? Editorial Note. ACM SIGCOMM Computer Communication Review, 42(5), October 2012
[download]
|
Tobias Lauinger, Engin Kirda and Pietro Michiardi, Paying for Piracy? An Analysis of One-Click Hosters' Controversial Reward Schemes, 15th International Symposium on Research in Attacks, Intrusions and Defenses (RAID), Amsterdam, September 2012.
[download]
|
Gregoire Jacob, Christopher Kruegel, Engin Kirda, Giovanni Vigna, Protecting Users and Businesses from CRAWLers, 21st USENIX Security Conference, Bellevue, WA, August 2012
[download]
|
Davide Canali, Andrea Lanzi, Davide Balzarotti, Mihai Christoderescu, Christopher Kruegel, Engin Kirda, A Quantitative Study of Accuracy in System Call-Based Malware Detection, International Symposium on Software Testing and Analysis (ISSTA) 2012, Minneapolis, MN, July 2012
[download]
|
Theodoor Scholte, William K. Robertson, Davide Balzarotti, and Engin Kirda, "Preventing Input Validation Vulnerabilities in Web Applications through Automated Type Analysis", 36th IEEE Conference on Computers, Software, and Applications (COMPSAC), Izmir, Turkey - July 2012
[download]
|
Kaan Onarlioglu, Utku Ozan Yilmaz, Engin Kirda, and Davide Balzarotti, Insights into User Behavior in Dealing with Internet Attacks, 19th Annual Network and Distributed System Security Symposium, (NDSS 2012), San Diego, February 2012
[download]
|
Marco Balduzzi, Jonnas Zaddach, Davide Balzarotti, Engin Kirda, and Sergio Loureiro, A Security Analysis of Amazon's Elastic Compute Cloud Service, 27th ACM Symposium On Applied Computing (SAC), Security Track, Trento, Italy, March 2012
[download]
|
Theodoor Scholte, Davide Balzarotti, William Robertson, and Engin Kirda, An Empirical Analysis of Input Validation Mechanisms in Web Applications and Languages, 27th ACM Symposium On Applied Computing (SAC), Security Track, Trento, Italy, March 2012
[download]
|
Clemens Kolbitsch, Engin Kirda, and Christopher Kruegel, The Power of Procrastination: Detection and Mitigation of Execution-Stalling Malicious Code, 18th ACM Conference on Computer and Communications Security (CCS), Chicago, October 2011
[download]
|
|
Engin Kirda, Cross Site Scripting Attacks, Encyclopedia of Cryptography and Security (2nd Ed.) 275-277, 2011
|
|
Engin Kirda, Malware Behavior Clustering, Encyclopedia of Cryptography and Security (2nd Ed.), 751-752, 2011
|
Danesh Irani, Marco Balduzzi, Davide Balzarotti, Engin Kirda, Carlton Pu, Reverse Social Engineering Attacks in Online Social Networks, Eighth Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA), Amsterdam, Netherlands, July 2011
[
download
]
|
Manuel Egele, Andreas Moser, Christopher Kruegel, Engin Kirda, PoX: Protecting Users from Malicious Facebook Applications, 3rd IEEE International Workshop on SEcurity and SOCial Networking (SESOC), Seattle, WA, March 2011
[
download
]
|
Theodoor Scholte, Davide Balzarotti, Engin Kirda, Quo Vadis? A Study of the Evolution of Input Validation Vulnerabilities in Web Applications, Fifteenth International Conference on Financial Cryptography and Data Security '11, St. Lucia, February 2011
[
download
]
|
Leyla Bilge, Engin Kirda, Christopher Kruegel, Marco Balduzzi, EXPOSURE: Finding Malicious Domains Using Passive DNS Analysis, 18th Annual Network and Distributed System Security Symposium, (NDSS 2011), San Diego, February 2011
[
download
]
|
Marco Balduzzi, Carmen Torrano Gimenez, Davide Balzarotti, Engin Kirda, Automated Discovery of Parameter Pollution Vulnerabilities in Web Applications, 18th Annual Network and Distributed System Security Symposium, (NDSS 2011), San Diego, February 2011 (
Distinguished Paper Award
)
[
download
]
|
Manuel Egele, Christopher Kruegel, Engin Kirda, Giovanni Vigna, PiOS: Detecting Privacy Leaks in iOS Applications, 18th Annual Network and Distributed System Security Symposium, (NDSS 2011), San Diego, February 2011 (
Distinguished Paper Award
)
[
download
]
|
Kaan Onarlioglu, Leyla Bilge, Andrea Lanzi, Davide Balzarotti, Engin Kirda, G-Free: Defeating Return-Oriented Programming through Gadget-less Binaries, 26th Annual Computer Security Applications Conference (ACSAC), Austin, Texas, December 2010
[
download
]
|
Andrea Lanzi, Davide Balzarotti, Christopher Kruegel, Mihai Christoderescu, Engin Kirda, AccessMiner: Using System-Centric Models for Malware Protection, 17th ACM Conference on Computer and Communications Security (CCS), Chicago, October 2010
[
download
]
|
Marco Balduzzi, Christian Platzer, Thorsten Holz, Engin Kirda, Davide Balzarotti, Christopher Kruegel, Abusing Social Networks for Automated User Profiling, International Symposium on Recent Advances in Intrusion Detection (RAID 2010), Ottowa, Canada, September 2010
[
download
]
|
Gilbert Wondracek, Thorsten Holz, Christian Platzer, Engin Kirda, Christopher Kruegel, Is the Internet for Porn? An Insight Into the Online Adult Industry, The Ninth Workshop on the Economics of Information Security (WEIS 2010), Boston, MA, June 2010
[
download
]
|
Tobias Lauinger, Veikko Pankakoski, Davide Balzarotti, Engin Kirda, Honeybot: Your Man in the Middle for Automated Social Engineering, 3nd USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET), San Jose, April 2010
[
download
]
|
Corrado Leita, Ulrich Bayer, Engin Kirda, Exploiting diverse observation perspectives to get insights on the malware landscape, International Conference on Dependable Systems and Networks (DSN 2010), Chicago, June 2010
[
download
]
|
Clemens Kolbitsch, Christopher Kruegel, Engin Kirda, Extending Mondrian Memory Protection, NATO RTO IST-091 Symposium, Antalya, Turkey, April 2010
[
download
]
|
Clemens Kolbitsch, Thorsten Holz, Christopher Kruegel, Engin Kirda, Inspector Gadget: Automated Extraction of Proprietary Gadgets from Malware Binaries, IEEE Security and Privacy, Oakland, May 2010
[
download
]
|
Gilbert Wondracek, Thorsten Holz, Engin Kirda, Christopher Kruegel, A Practical Attack to De-Anonymize Social Network Users, IEEE Security and Privacy, Oakland, May 2010
[
download
]
|
Paolo Milani Comparetti, Guido Salvaneschi, Clemens Kolbitsch, Christopher Kruegel, Engin Kirda, Stefano Zanero, Identifying Dormant Functionality in Malware Programs, IEEE Security and Privacy, Oakland, May 2010
[
download
]
|
Marco Balduzzi, Manuel Egele, Davide Balzarotti, Engin Kirda, and Christopher Kruegel, A Solution for the Automated Detection of Clickjacking Attacks, ASIACCS, Beijing, China, April 2010
[
download
]
|
Davide Balzarotti, Marco Cova, Christoph Karlberger, Christopher Kruegel, Engin Kirda, and Giovanni Vigna, Efficient Detection of Split Personalities in Malware, 17th Annual Network and Distributed System Security Symposium (NDSS 2010), San Diego, February 2010
[
download
]
|
Manuel Egele, Leyla Bilge, Engin Kirda, Christopher Kruegel, CAPTCHA Smuggling: Hijacking Web Browsing Sessions to Create CAPTCHA Farms, 25th Symposium On Applied Computing (SAC), Track on Information Security Research and Applications, Lusanne, Switzerland, March 2010
[
download
]
|
Ulrich Bayer, Engin Kirda, Christopher Kruegel, Improving the Efficiency of Dynamic Malware Analysis, 25th Symposium On Applied Computing (SAC), Track on Information Security Research and Applications, Lusanne, Switzerland, March 2010
[
download
]
|
Brett Stone-Gross, Andreas Moser, Christopher Kruegel, Kevin Almaroth, Engin Kirda, FIRE: FInding Rogue nEtworks, 25th Annual Computer Security Applications Conference (ACSAC), Honolulu, December 2009
[download]
|
Peter Wurzinger, Leyla Bilge, Thorsten Holz, Jan Goebel, Christopher Kruegel, Engin Kirda, Automatically Generating Models for Botnet Detection, 14th European Symposium on Research in Computer Security (ESORICS 2009), Saint Malo, Brittany, France, September 2009
[
download
]
|
Andreas Stamminger, Christopher Kruegel, Giovanni Vigna, Engin Kirda, "Automated Spyware Collection and Analysis", Information Security Conference (ISC) 2009, Pisa, Italy, September 2009
[
download
]
|
Clemens Kolbitsch, Paolo Milani Comparetti, Christopher Kruegel, Engin Kirda, Xiaoyong Zhou, and Xiaofeng Wang, Effective and Efficient Malware Detection at the End Host, in USENIX Security '09, Montreal, Canada, August 2009
[
download
]
|
Manuel Egele, Peter Wurzinger, Christopher Kruegel, and Engin Kirda, Defending Browsers against Drive-by Downloads: Mitigating Heap-spraying Code Injection Attacks, Sixth Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA), Milan, Italy, June 2009
[
download
]
|
Manuel Egele, Engin Kirda, and Christopher Kruegel, Mitigating Drive-by Download Attacks: Challenges and Open Problems, Open Research Problems in Network Security Workshop (iNetSec 2009), Zurich, April 2009
[
download
]
|
Ulrich Bayer, Imam Habibi, Davide Balzarotti, Engin Kirda, and Christopher Kruegel, Insights Into Current Malware Behavior,
2nd USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET), Boston, MA, April 2009
[
download
]
|
Paolo Milani Comparetti, Gilbert Wondracek, Christopher Kruegel, and Engin Kirda, Prospex: Protocol Specification Extraction, IEEE Security and Privacy, Oakland, May 2009
[
download
]
|
Manuel Egele, Christopher Kruegel, Engin Kirda, Removing Web Spam Links from Search Engine Results, 18th European Institute for Computer Antivirus Research (EICAR 2009) Annual Conference, Berlin, May 2009
[
download
]
|
Peter Wurzinger, Christian Platzer, Christian Ludl, Engin Kirda, and Christopher Kruegel, SWAP: Mitigating XSS Attacks using a Reverse Proxy, The 5th International Workshop on Software Engineering for Secure Systems (SESS'09), 31st International Conference on Software Engineering (ICSE), IEEE Computer Society, Vancouver, Canada, May 2009
[
download
]
|
Leyla Bilge, Thorsten Strufe, Davide Balzarotti, and Engin Kirda, All Your Contacts Are Belong to Us: Automated Identity Theft Attacks on Social Networks, 18th International World Wide Web Conference (WWW 2009), Madrid, April 2009
[
download
]
|
Ulrich Bayer, Paolo Milani, Clemens Hlauschek, Christopher Kruegel, and Engin Kirda, Scalable, Behavior-Based Malware Clustering, 16th Annual Network and Distributed System Security Symposium (NDSS 2009), San Diego, February 2009
[
download
]
|
Julio Canto, Marc Dacier, Engin Kirda, and Corrado Leita, Large Scale Malware Collection: Lessons Learned, IEEE SRDS Workshop on Sharing Field Data and Experiment Measurements on Resilience of Distributed Computing Systems, Naples, Italy, October 2008
[
download
]
|
Guenther Starnberger, Christopher Kruegel, and Engin Kirda, Overbot - A botnet protocol based on Kademlia, 4th International Conference on Security and Privacy in Communication Networks (SecureComm), Istanbul, Turkey, September 2008
[
download
]
|
Eric Medvet, Engin Kirda, Christopher Kruegel, Visual-Similarity-Based Phishing Detection, 4th International Conference on Security and Privacy in Communication Networks (SecureComm), Istanbul, Turkey, September 2008
[
download
]
|
Sean McAllister, Engin Kirda, and Christopher Kruegel, Expanding Human Interactions for In-Depth Testing of Web Applications, 11th Symposium on Recent Advances in Intrusion Detection (RAID), Boston, MA, September 2008
[
download
]
|
Marco Cova, Vika Felmetsger, Davide Balzarotti, Nenad Jovanovic, Christopher Kruegel, Engin Kirda, Giovanni Vigna, Saner: Composing Static and Dynamic Analysis to Validate Sanitization in Web Applications, IEEE Security and Privacy, Oakland, May 2008
[
download
]
|
Corrado Leita, V.H. Pham, Olivier Thonnard, E. Ramirez-Silva, Fabian Pouget, Engin Kirda , Marc Dacier, The Leurre.com Project: Collecting Internet Threats Information using a Worldwide Distributed Honeynet, In Proceedings of the 1st WOMBAT workshop, IEEE Computer Society, Amsterdam, April 2008
[
download
]
|
Gilbert Wondracek, Paulo Milani, Christopher Kruegel and Engin Kirda, Automatic Network Protocol Analysis, 15th Annual Network and Distributed System Security Symposium (NDSS 2008), San Diego, February 2008
[
download
]
|
Andreas Moser, Christopher Kruegel, and Engin Kirda, Limits of Static Analysis for Malware Detection, 23rd Annual Computer Security Applications Conference (ACSAC), Miami Beach, Florida, December 2007
[
download
]
|
Martin Syzdlowski, Christopher Kruegel, and Engin Kirda, Secure Input for Web Applications, 23rd Annual Computer Security Applications Conference (ACSAC), Miami Beach, Florida, December 2007
[
download
]
|
Heng Yin, Dawn Song, Manuel Egele, Christopher Kruegel, and Engin Kirda, Panorama: Capturing System-wide Information Flow for Malware Detection and Analysis, 14th ACM Conference on Computer and Communications Security, Alexandria, VA, November 2007
[
download
]
|
Christoph Karlberger, Guenter Bayler, Christopher Kruegel, and Engin Kirda, Exploiting Redundancy in Natural Language to Penetrate Bayesian Spam Filters, First USENIX Workshop on Offensive Technologies (WOOT '07), Boston, August 2007.
[
download
]
|
Christian Ludl, Sean McAllister, Engin Kirda, and Christopher Kruegel, On the Effectiveness of Techniques to Detect Phishing Sites, Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA) 2007 Conference, Lucerne, Switzerland, July 2007.
[
download
]
|
Manuel Egele, Christopher Kruegel, Engin Kirda, Heng Yin, and Dawn Song, Dynamic Spyware Analysis, USENIX Annual Technical Conference, Santa Clara, CA, June 2007.
[
download
]
|
Thomas Raffetseder, Christopher Kruegel, and Engin Kirda, Detecting System Emulators, Information Security Conference (ISC 2007), Valparaiso, Chile, October 2007 (
Best Student Paper Award
)
[
download
]
|
Thomas Raffetseder, Engin Kirda, and Christopher Kruegel, Building Anti-Phishing Browser Plug-Ins: An Experience Report, The 3rd International Workshop on Software Engineering for Secure Systems (SESS07), 29th International Conference on Software Engineering (ICSE), Minneapolis, IEEE Computer Society Press, May 2007.
[
download
]
|
Andreas Moser, Christopher Kruegel, and Engin Kirda, Exploring Multiple Execution Paths for Malware Analysis, IEEE Security and Privacy, Oakland, May 2007.
[
download
]
|
Philipp Vogt, Florian Nentwich, Nenad Jovanovic, Christopher Kruegel, Engin Kirda and Giovanni Vigna, Cross Site Scripting Prevention with Dynamic Data Tainting and Static Analysis, 14th Annual Network and Distributed System Security Symposium (NDSS 2007), San Diego, CA, February 2007
[
download
]
|
Nenad Jovanovic, Engin Kirda and Christopher Kruegel, Preventing Cross Site Request Forgery Attacks, 2nd IEEE Communications Society International Conference on Security and Privacy in Communication Networks (SecureComm), Baltimore, MD, August 2006
[
download
] [
download technical report
]
|
Patrick Klinkoff, Christopher Kruegel, Engin Kirda and Giovanni Vigna, Extending .NET Security to Unmanaged Code, 9th Information Security Conference (ISC 2006), Samos, Greece, September 2006
[
download
]
|
Engin Kirda, Christopher Kruegel, Greg Banks, Giovanni Vigna, and Richard A. Kemmerer, Behavior-Based Spyware Detection, in USENIX Security '06, Vancouver, Canada, August 2006
[
download
]
|
Nenad Jovanovic, Christopher Kruegel, and Engin Kirda, Precise Alias Analysis for Syntactic Detection of Web Application Vulnerabilities, ACM SIGPLAN Workshop on Programming Languages and Analysis for Security, Ottowa, Canada, June 2006
[
download
]
|
Manuel Egele, Martin Szydlowski, Engin Kirda, and Christopher Kruegel, Using Static Program Analysis to Aid Intrusion Detection, Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA) 2006 Conference, Berlin, Germany, July 2006
[
download
]
|
Stefan Kals, Engin Kirda, Christopher Kruegel, and Nenad Jovanovic, SecuBat: A Web Vulnerability Scanner, The 15th International World Wide Web Conference (WWW 2006), Edinburgh, Scotland, May 2006
[
download
]
|
Ulrich Bayer, Christopher Kruegel, and Engin Kirda, TTAnalyze: A Tool for Analyzing Malware, 15th European Institute for Computer Antivirus Research (EICAR 2006) Annual Conference, Hamburg, Germany, April 2006 (
Best Paper Award
)
[
download
]
|
Nenad Jovanovic, Christopher Kruegel, and Engin Kirda, Pixy: A
Static Analysis Tool for Detecting Web Application Vulnerabilities (Short
Paper), 2006 IEEE Symposium on Security and Privacy, Oakland, CA, May
2006
[
download
]
|
Engin Kirda, Christopher Kruegel, Giovanni Vigna, and Nenad Jovanovic, Noxes: A Client-Side Solution for Mitigating Cross Site Scripting Attacks, The 21st ACM Symposium on Applied Computing
(SAC 2006), Security Track, Dijon, France, April 2006
[
download
]
|
Fredrik Valeur, Giovanni Vigna, Christopher Kruegel, and Engin Kirda, An Anomaly-driven Reverse Proxy for Web Applications, The 21st ACM Symposium on Applied Computing
(SAC 2006), Security Track, Dijon, France, April 2006
[
download
]
|
Engin Kirda and Christopher Kruegel, Protecting Users against Phishing Attacks with AntiPhish, 29th Annual International Computer Software and Applications Conference (COMPSAC 2005), Edinburgh, Scotland, July 2005
[
download
]
|
Christopher Kruegel, Engin Kirda, Darren Mutz, William Robertson, and Giovanni Vigna, Polymorphic Worm Detection Using Structural Information of Executables, 8th Symposium on Recent Advances in Intrusion Detection (RAID), Lecture Notes in Computer Science, Springer Verlag. USA, September 2005.
[
download
]
|
Christopher Kruegel, Engin Kirda, Darren Mutz, William Robertson, Giovanni Vigna, Automating Mimicry Attacks Using Static Binary Analysis, in USENIX Security '05, Baltimore, US, August 2005
[
download
]
|
|
Workshops and Conferences (Software Engineering)
|
|
Clemens Kerer and Engin Kirda, XGuide - Concurrent Web Engineering with Contracts,
4th International Conference on Web Engineering (ICWE) 2004, Munich, Germany, Lecture Notes in Computer Science, July 2004.
|
|
Engin Kirda and Clemens Kerer, DIWE: A Framework for constructing Device-Independent Web Applications,
UMICS 2004 Workshop, CAISE 2004 Conference, Riga, Latvia, Lecture Notes in Computer Science, June 2004
|
|
Engin Kirda, Clemens Kerer, Christopher Kruegel and Roman Kurmanowytsch, Web Service
Engineering with DIWE, 29th EUROMICRO Conference, Antalya, Turkey, IEEE Computer Society Press,
September 2003
|
|
Sagar Chaki, Pascal Fenkam, Harald Gall, Somesh Jha, Engin Kirda and Helmuth Veith, Integrating
Publish/Subscribe into a Mobile Teamwork Support Platform, 15th International Software
Engineering and Knowledge Engineering Conference (SEKE 2003) (San Fransisco Bay,
USA). ACM Press, July 2003.
|
|
Roman Kurmanowytsch, Engin Kirda, Clemens Kerer
and Schahram Dustdar, OMNIX: A topology-independent P2P middleware,
Ubiquitous Mobile Information and Collaboration Systems (UMICS 2003) workshop,
CAISE 2003, Klagenfurt, Austria, June 2003
|
|
Zorlu Yalniz and Engin Kirda. Supporting Collaboration in the
Designing of Tools and Dies in Manufacturing Networks. IEEE 12th
International Workshops on Enabling Technologies:
Infrastructure for Collaborative Enterprises
(WETICE 2003), Linz, Austria. IEEE Computer Society Press, June 2003.
|
|
Schahram Dustdar, Harald Gall and Engin Kirda, Distributed Product
Development in Virtual Communities, 2nd Workshop on Cooperative
Supports for Distributed Software Engineering Processes, 7th European
Conference on Software Maintenance and Reengineering, Benevento,
Italy, in Cooperative Methods and Tools for Distributed
Software Processes, editors Aniello Cimitile, Andrea De Lucia and
Harald Gall, pages 25-43, FrancoAngeli ISBN-88-464-4774-3, March 2003
|
|
Engin Kirda, Pascal Fenkam, Gerald Reif, and Harald Gall. A Service
Architecture for Mobile Teamwork. 14th International Software
Engineering and Knowledge Engineering Conference (SEKE 2002) (Ischia,
Italy). ACM Press, July 2002.
|
|
Engin Kirda, Harald Gall, Pascal Fenkam, and Gerald Reif. MOTION: A
Peer-to-Peer Platform for Mobile Teamwork Support. In Cooperative
Support for Distributed Software Engineering Processes Workshop, 26th
COMPSAC Conference, Oxford, England. IEEE Computer Society Press,
August 2002.
|
|
Clemens Kerer, Engin Kirda, and Christopher Kruegel. XGuide - A
Practical Guide to XML-based Web Engineering. International Workshop
on Web Engineering, Networking 2002 (Pisa, Italy, May 2002), Eds: Lucy
Cherkasova and Fabio Panzieri, editors, Lecture Notes of Computer
Science, 2376, Springer, May 2002.
|
|
Roman Kurmanowytsch, Mehdi Jazayeri, and Engin Kirda. Towards a
hierarchical, semantic peer-to-peer topology. In Second IEEE
International Conference on Peer-to-Peer Computing, Use of Computers
at the Edge of Networks (P2P, Grid, Clusters), Linkoping, Sweden,
2002. IEEE Computer Society Press.
|
|
Pascal Fenkam, Schahram Dustdar, Engin Kirda, Harald Gall, and Gerald
Reif. Towards an Access Control System for Mobile Peer-to-Peer
Collaborative Environments. IEEE 11th International Workshops on
Enabling Technologies: Infrastructure for Collaborative Enterprises
(WETICE 2002) (Carnegie Mellon University, Pittsburgh, Pennsylvania,
USA). IEEE Computer Society Press, June 10-12 2002.
|
|
Pascal Fenkam, Engin Kirda, Schahram Dustdar, Harald Gall, and Gerald
Reif. Evaluation of a Publish/Subscribe System for Collaborative and
Mobile Working. IEEE 11th International Workshops on Enabling
Technologies: Infrastructure for Collaborative Enterprises (WETICE
2002) (Carnegie Mellon University, Pittsburgh, Pennsylvania,
USA). IEEE Computer Society Press, June 10-12 2002.
|
|
Engin Kirda, Gerald Reif, Harald Gall, and Pascal Fenkam. TWSAPI: A
Generic Teamwork Services Application Programming
Interface. International Workshop on Mobile Teamwork 2002, 22nd International
Conference on Distributed Computing Systems (ICDCS) (Vienna,
Austria). IEEE CS Press, June 2002.
|
|
Christopher Kruegel, Thomas Toth, and Engin Kirda. Service Specific
Anomaly Detection for Network Intrusion Detection. Symposium on
Applied Computing (SAC) (Madrid, Spain). ACM Press, March 2002.
|
|
Engin Kirda, Clemens Kerer, Mehdi Jazayeri, Harald Gall, and Roman
Kurmanowytsch. The Evolution of an Organizational Web Site: Migrating
to XML/XSL. 3rd International Workshop on Web Site Evolution, ICSM
2001 (Florence, Italy). IEEE Computer Society Press, 6-10 November,
2001.
|
|
Christopher Kruegel, Thomas Toth, and Engin Kirda. Sparta - A Mobile
Agent based Intrusion Detection System. IFIP Conference on Network
Security (I-NetSec) (Leuven, Belgium). Kluwer Academic Publishers,
November 2001.
|
|
Engin Kirda, Harald Gall, Gerald Reif, Pascal Fenkam, and Clemens
Kerer. Supporting Mobile Users and Distributed Teamwork. Proceedings
of ConTEL 2001 - 6th International Conference on Telecommunications
(Zagreb, Croatia, June 13-15 2001), edited by Maja Matijasevic
and Alen Bazant, Zagreb, ISBN 953-184-020-2, 2001
|
|
Clemens Kerer, Engin Kirda, Mehdi Jazayeri, and Roman Kurmanowytsch.
Building XML/XSL-Powered Web Sites: An Experience Report. 25th
International Computer Software and Applications Conference (COMPSAC)
(Chicago, IL, USA). IEEE Computer Society Press, October 2001.
|
|
Engin Kirda. Engineering of Web Services with XML and XSL, Tutorial
Abstract. 8th European Software Engineering Conference (ESEC)
(Vienna, Austria), pages 318-19, Volker Gruhn, editor. ACM Press,
September 10-14 2001.
|
|
Engin Kirda, Clemens Kerer, and Mehdi Jazayeri. Supporting
Multi-device Enabled Web Services: Challenges and Open Problems.10th
IEEE Workshops on Enabling Technologies: Infrastructure for
Collaborative Enterprises (WETICE) (Boston, MA, USA). IEEE Computer
Society, June 2001.
|
|
Gerald Reif, Engin Kirda, Harald Gall, Gian Pietro Picco, Gianpaola
Cugola, and Pascal Fenkam. A Web-based peer-to-peer architecture for
collaborative nomadic working. 10th IEEE Workshops on Enabling
Technologies: Infrastructures for Collaborative Enterprises (WETICE)
(Boston, MA, USA). IEEE Computer Society Press, June 2001.
|
|
Engin Kirda, Clemens Kerer, and Gerald Matzka. Using XML/XSL to build
adaptable database interfaces for Web site content management. XML in
Software Engineering Workshop (XSE 2001), 23rd International
Conference on Software Engineering (May 2001, Toronto, Ontario,
Canada), May 2001.
|
|
Engin Kirda. Web Engineering Device Independent Web Services. 23rd
International Conference on Software Engineering, Doctoral Symposium
(Toronto, Canada). IEEE Computer Society Press, May 2001.
|
|
Engin Kirda and Clemens Kerer. MyXML: An XML based template engine
for the generation of flexible web content. Proceedings of WEBNET 2000 (San Antonio,
Texas, USA), pages 317-322, November 2000.
|
|
Clemens Kerer and Engin Kirda. Layout, Content and Logic Separation
in Web Engineering. 9th International World Wide Web Conference, 3rd
Web Engineering Workshop (Amsterdam, 15-16 May 2000). Lecture Notes in
Computer Science Series, 2016, Springer Verlag, May 2000.
|
|
Journal (Security)
|
Manuel Egele, Andreas Moser, Christopher Kruegel, Engin Kirda, PoX: Protecting Users from Malicious Facebook Applications, Computer Communications Journal, Elsevier, 2012
[
download
]
|
Theodoor Scholte, Davide Balzarotti, and Engin Kirda, Have things changed now? An empirical study on input validation vulnerabilities in web applications, Computers and Security 31(3): 344-356 (2012)
[
download
]
|
Manuel Egele, Theodoor Scholte, Engin Kirda, Christopher Kruegel, A Survey on Automated Dynamic Malware Analysis Techniques and Tools, ACM Computing Surveys Journal, Volume 44 Issue 2, February 2012
[
download
]
|
Nenad Jovanovic, Christopher Kruegel, Engin Kirda, Static analysis for detecting taint-style vulnerabilities in web applications, Journal of Computer Security, 18 (2010) 861-907, IOS Press, 2010
[
download
]
|
Engin Kirda, Nenad Jovanovich, Christopher Kruegel, Giovanni Vigna, Client-Side Cross-Site Scripting Protection, Computers and Security Journal, Elsevier, Vol: 28, No: 7, 2009
[
download
]
|
Giovanni Vigna, Fredrik Valeur, Davide Balzarotti, William Robertson, Christopher Kruegel, and Engin Kirda, Reducing errors in the anomaly-based detection of web-based attacks through the combined analysis of web requests and SQL queries, Journal of Computer Security, IOS Press, Volume 17, Number 3, 2009
[
download
]
|
Stefan Mitterhofer, Christian Platzer, Engin Kirda, and Christopher Kruegel, Server-side Bot Detection in Massive Multiplayer Online Games, IEEE Security and Privacy, Special Issue - Online Gaming Security, May/June 2009 (vol. 7 no. 3) pp. 29-36
[
download
]
|
Patrick Klinkoff, Engin Kirda, Christopher Kruegel, and Giovanni Vigna, Extending .NET Security to Unmanaged Code (Special Issue on the Best of ISC 2007 papers, extended version), International Journal of Information Security, Springer Verlag, Volume 4176/2006
[
download
]
|
Ulrich Bayer, Andreas Moser, Christopher Kruegel, and Engin Kirda, Dynamic Analysis of Malicious Code, Journal in Computer Virology, Springer Computer Science
[
download
]
|
Engin Kirda and Christopher Kruegel, Protecting Users against Phishing Attacks (Best of COMPSAC 2005), The Computer Journal, Oxford University Press
[
download
]
|
|
Journal (Education)
|
|
Clemens Kerer, Gerald Reif, Thomas Gschwind, Engin Kirda, Roman
Kurmanowytsch and Marek Pralic, ShareMe: Running A Distributed Systems
Lab For 600 Students With 3 Faculty Members, IEEE Transactions on
Education, vol: 48, no: 3, pp. 430-437, August 2005
|
|
Journal (Software Engineering)
|
|
Engin Kirda and Harald Gall, A Service Architecture for Mobile
Teamwork, (Best of SEKE 2002), International Journal on Software
Engineering and Knowledge Engineering, World Scientific Publishing Company, August 2003.
|
|
Clemens Kerer, Engin Kirda and Roman
Kurmanowytsch, A Generic Content Management Tool for Web Databases,
IEEE Internet Computing, August 2002
|
|
Engin Kirda, Mehdi Jazayeri, Clemens Kerer, and Markus
Schranz. Experiences in Engineering Flexible Web Services. IEEE
Multimedia, Jannuary - March 2001.
|
|
Editorships
|
|
Manuel Costa, Engin Kirda (eds): Proceedings of the Third European Workshop on System Security, EUROSEC 2010, ACM, Paris, France, April 2010
|
|
Engin Kirda, Somesh Jha, Davide Balzarotti (eds), Proceedings of the 12th International Symposium on Recent Advances in Intrusion Detection, Volume 5258/2009, ISBN-10 3-642-04341-0, September 2009
|
|
Richard Lippmann, Engin Kirda, Ari Trachtenberg, (eds), Proceedings of the 11th International Symposium on Recent Advances in Intrusion Detection, Volume 5230/2008, ISBN 978-3-540-87402-7, September 2008
|
|
Working seminar proceedings
|
|
Lothar Braun, Falko Dressler, Thorsten Holz, Engin Kirda, Jan Kohlrausch, Christopher Kruegel, Tobias Limmer, Konrad Rieck, James P. G. Sterbenz: 08102 Working Group -- Requirements for Network Monitoring from an IDS Perspective, Dagstuhlseminar Proceedings, Network Attack Detection and Defense 2008
|
|
Marc Dacier, Herve Debar, Thorsten Holz, Engin Kirda, Jan Kohlrausch, Christopher Kruegel, Konrad Rieck, James P. G. Sterbenz: 8102 Working Group -- Attack Taxonomy, Dagstuhlseminar Proceedings, Network Attack Detection and Defense 2008
|
Teaching
|
Fall 2012
|
|
Software Vulnerabilities and Security (CS 5770)
|
|
Special Topics in Security (ECE 5968)
|
|
Previous teaching (Not all of them at NEU):
|
|
Fall 2011, Software Vulnerabilities and Security (CS 5770)
|
|
2008-2010, Secure Programming I (SS)
|
|
2008-2010, Secure Programming II (WS)
|
|
2004-2008, Internet Security (SS)
|
|
2004-2008, Advanced Topics in Security / Advanced Internet Security [also known as Internet Security 2] (WS)
|
|
2003-2007, Bakkalaureatsarbeiten
|
|
2003-2007, Praktika
|
|
2004-2007, Distributed Systems (WS)
|
|
Current Ph.D. students:
|
|
Tobias Lauinger
|
|
Kaan Onarlioglu
|
|
Michael Weissbacher
|
|
Former Ph.D. students:
|
|
Theodoor Scholte (2012), SAP Research
|
|
Marco Balduzzi (2011), Trendmicro Research
|
|
Leyla Bilge (2011), Symantec Research
|
|
Clemens Kolbitsch (2011), Lastline Inc.
|
|
Manuel Egele (2011), Post-Doc @ Carnegie Mellon University
|
|
Gilbert Wondracek (2010), Post-Doc @ Technical University of Vienna
|
|
Ulrich Bayer (2010), Secure Business Austria
|
|
Andreas Moser (2010), Google
|
|
Nenad Jovanovic (2007), E-Card Austria
|
|
Current master's students:
|
|
Ryan Rickert, Improved Fuzzing.
|
|
Former master's students:
|
|
Chuang-Ming Tan, "A solution for protecting the privacy of photographs on Facebook", 2011
|
|
Thomas Raffetseder, "Smart Fuzzing", 2010
|
|
Stefan Mitterhofer, "Server-Side Bot-Detection for Massive Multiplayer Online Games", 2009
|
|
Christian Ludl, "SWAP: A proxy-based solution for mitigating XSS attacks", 2008
|
|
Sean McAllister, "Increasing the coverage of Web Application Vulnerability Scanners", 2008
|
|
Clemens Kolbitsch, "Extending Mondrian Memory Protection", 2008
|
|
Andreas Stamminger, "Automated Spyware Collection and Analysis", 2007
|
|
Florian Nentwich, "Sicherheitsanalyse von Signatursoftware", 2007
|
|
Guenther Bayler, "Penetrating Bayesian Spam Filters Using
Redundancy in Natural Language", 2007
|
|
Martin Szydlowski, "Secure Input for Web Applications", 2007
|
|
Helmut Petritsch, "Understanding and Replaying Network Traffic in Windows XP for Malware Analysis", 2007
|
|
Manuel Egele, "Behavior-Based Spyware Detection Using Dynamic Taint Analysis", 2006
|
|
David Tischler, "WSFW: An Open Source Web Service Firewall", 2006
|
|
Philipp Vogt, "Cross Site Scripting (XSS) Attack Prevention with Dynamic Data Tainting on the Client Side", 2006
|
|
Stefan Kals, "Secubat: A Web Vulnerability Scanner", 2006
|
|
Viktor Moser, "Foxy: A proxy for mobile web access", 2006
|
|
Ullrich Bayer, "TTAnalyze: A Tool for Analyzing Malware", 2005
|
|
Patrick Klinkoff, "Extending .NET Security to Native Code", 2005
|
|
David Saez Palacios, "Survey on Techniques and Software for the Remote Security Analysis of Computer Systems", 2004.
|
|
Lorenz Froihofer, "A Survey of WLAN Security with Focus on HotSpot and Enterprise Environments", 2004 (Awarded the 2004 Best Computer Science Master's Thesis Award of the Vienna City).
|
Recent Professional Activities
|
Program Chair
|
|
5th USENIX Workshop on Large-Scale Exploits and Emerging Threats (LEET) 2012, San Jose, CA, April 2012
|
|
2011 BADGERS (Building Analysis Datasets and Gathering Experience Returns for Security) Workshop, Salzburg, Austria, April 2011
|
|
2011 European Workshop on System Security (EUROSEC), Salzburg, Austria, April 2011
|
|
Recent Advances in Intrusion Detection (RAID) 2009, Saint Malo, Brittany, France
|
|
Program Co-Chair
|
|
2010 European Workshop on System Security (EUROSEC), Paris, France, April 2010
|
|
Recent Advances in Intrusion Detection (RAID) 2008, Boston, USA
|
|
Program Committee Memberships
|
|
20th ACM Conference on Computer and Communications Security (CCS), 2013, Berlin, Germany, October 2013.
|
|
18th European Symposium on Research in Computer Security (ESORICS) 2013, UK, September 2013
|
|
Research on Attacks, Intrusions and Defenses (RAID 2013), St. Lucia, October 2013
|
|
6th International Conference on Trust and Trustworthy Computing (TRUST 2013), London, UKa, June 2013
|
|
International World Wide Web Conference (WWW 2013), Abuse, Security, and Privacy Track, Rio de Janeiro, Brazil, May 2013
|
|
IEEE Security and Privacy, San Francisco, CA, May 2013
|
|
43nd Annual International Conference on Dependable Systems and Networks, DSN 2013, Budapest, Hungary, June 2013
|
|
20th Network and IT Security Conference (NDSS) 2013, San Diego, CA, February 2013
|
|
21st USENIX Security Symposium, Bellevue, WA, August, 2012
|
|
19th ACM Conference on Computer and Communications Security (ACM CCS), Raleigh, NC, 2012
|
|
IEEE Security and Privacy, San Francisco, CA, May 2012
|
|
16th International Conference on Financial Cryptography and Data Security, Bonaire, February 2012
|
|
International Symposium on Engineering Secure Software and Systems (ESSOS) 2012, Eindhoven, Netherlands
|
|
42nd Annual International Conference on Dependable Systems and Networks, DSN 2012, Boston, June 2012
|
|
5th USENIX Workshop on Offensive Technologies, San Francisco, CA, August 2011
|
|
4th USENIX Workshop on Large-Scale Exploits and Emerging Threats (LEET) 2011, Boston, MA, March 2011
|
|
IEEE Security and Privacy, Oakland, CA, May 2011
|
|
International World Wide Web Conference (WWW 2011), Abuse, Security, and Privacy Track, Hyderabad, India, March 2011
|
|
Detection of Intrusions and Malware and Vulnerability Assessment Working Conference (DIMVA 2011), July 2011
|
|
41st Annual International Conference on Dependable Systems and Networks, DSN 2011, Hong Kong, June 2011
|
|
5th USENIX Workshop on Hot Topics in Security (HotSec '10), Washington DC, August 2010
|
|
ACM Conference on Computer and Communications Security (CCS), Chicago, IL, October 2010
|
|
IEEE Security and Privacy, Oakland, CA, May 2010
|
|
Web 2.0 Security and Privacy Workshop 2010, Oakland, CA, May 2010
|
|
Detection of Intrusions and Malware and Vulnerability Assessment Working Conference (DIMVA 2010), Bonn, Germany, July 2010
|
|
Network and IT Security Conference (NDSS) 2010, San Diego, CA, February 2010
|
|
OWASP AppSec Research 2010 - Stockholm, Sweden
|
|
5th European Conference on Computer Network Defence (EC2ND) , Milan, Italy, November 2009
|
|
Detection of Intrusions and Malware and Vulnerability Assessment Working Conference (DIMVA 2009), Milan, Italy, July 2009
|
|
IEEE International Conference on Privacy, Security, Risk and Trust (PASSAT-09), Vancouver, Canada, August 2009
|
|
Network and IT Security Conference (NDSS) 2009, San Diego, CA, February 2009
|
|
4th International CRIS Conference on Critical Infrastructures, Linkoeping, Sweden, April, 2009
|
|
European Workshop on System Security (EUROSEC) 2009
|
|
Network and IT Security Conference (NDSS) 2008, San Diego, CA, February 2008
|
|
4th International Conference on Information Systems Security (ICISS 2008), Hyderabad, India, December 2008.
|
|
4th European Conference on Computer Network Defense (EC2ND), Dublin, December 2008.
|
|
1st Workshop on Open Source Software for Computer and Network Forensics (OSSCoNF), Milan, September 2008
|
|
10th International Conference on Information and Communications Security (ICICS 2008), Prague, July 2008
|
|
The 5th International Conference on Autonomic and Trusted Computing, Oslo, June 2008
|
|
27th IEEE Symposium on Reliable Distributed Systems (SRDS-27), Napoli, October 2008
|
|
EUROSEC Workshop, Annual ACM SIGOPS EuroSys Conference, Glasgow, Marc 2008
|
|
The 4th International Workshop on Software Engineering for Secure Systems (SESS'08), 29th International Conference on Software Engineering (ICSE), Leipzig, May 2008
|
|
SecureComm 2008, Istanbul, Turkey, September 2008
|
|
Network and IT Security Conference (NDSS) 2007, San Diego, CA, February 2007
|
|
Ninth International Conference on Information and Communications Security (ICICS 2007)
|
|
5th Workshop on Recurring Malcode (WORM), 14th ACM Conference on Computer and Communications Security
(CCS), Alexandria, VA, October 2007
|
|
The 3rd International Workshop on Software Engineering for Secure Systems (SESS07), 29th International Conference on Software Engineering (ICSE), May 2007
|
|
Detection of Intrusions and Malware and Vulnerability Assessment Working Conference (DIMVA 2006), Berlin, Germany, June 2006
|
|
The 4th International Workshop on Ubiquitous Mobile Information and
Communication Systems (UMICS), Luxembourg, June 2006
|
|
International Conference on Communications and Networking in China, CHINACOM 2006, October 2006
|
|
Security and Privacy in Computing Systems Conference (SPCS2006), May 2006
|
|
4th International Workshop on Distributed and Mobile Collaboration (DMC 2006), WETICE-2006, Manchester, UK, June 2006
|
|
ICIW 2006 - IEEE International Conference on IP and Web Applications (ICIW'06), Guadeloupe, French Caribbean, February 2006
|
|
Detection of Intrusions and Malware and Vulnerability Assessment Working Conference (DIMVA 2005), Vienna, Austria, June 2005
|
|
Workshop on Distributed and Mobile Collaboration, IEEE 14th
International Workshops on Enabling Technologies Infrastructure for
Collaborative Enterprises (WETICE 2005), Linkoping, Sweden, June
2005
|
|
Workshop on Evaluation of Collaborative Information Systems and
Support for Virtual Enterprises, IEEE 14th International Workshops
on Enabling Technologies Infrastructure for Collaborative
Enterprises (WETICE 2005), Linkoping, Sweden, June 2005
|
|
Fault-Tolerant and Dependable Distributed Systems Minitrack of
the Software Technology Track 38th IEEE Hawaii International
Conference on System Sciences, Hawaii, USA, 2004
|
|
TECOS 2004 - Testing Component-based Systems Workshop, Net.ObjectDays 2004
|
|
3rd Workshop on Cooperative Support for Distributed Software Engineering Processes (CSSE), 19th Automated Software Engineering Conference (ASE), Linz, Austria, September 2004
|
|
2nd International Workshop on Web Based Systems and
Applications, The 28th Annual International Computer Software and
Applications Conference (COMPSAC), Hong Kong, China, September
2004
|
|
Workshop on Evaluation of Collaborative Information Systems, IEEE
13th International Workshops on Enabling
Technologies Infrastructure for Collaborative Enterprises (WETICE
2003), Modena, Italy, June 2004
|
|
Workshop on Distributed Mobile Collaboration (DMC), IEEE
13th International Workshops on Enabling
Technologies Infrastructure for Collaborative Enterprises (WETICE
2003), Modena, Italy, June 2004
|
|
Workshop on Evaluation of Collaborative Information Systems and Support for Virtual Enterprises, IEEE 12th International Workshops on Enabling
Technologies Infrastructure for Collaborative Enterprises (WETICE
2003), Linz, Austria, June 2003
|
|
International Workshop on Distributed and Mobile Collaboration (DMC
2003), IEEE 12th International Workshops on Enabling Technologies
Infrastructure for Collaborative Enterprises (WETICE 2003) , Linz,
Austria, June 2003
|
|
2nd Workshop on Cooperative Supports for Distributed Software
Engineering Processes, 7th European Conference on Software
Maintenance and Reengineering, Benevento, Italy, March 2003
|
Mobile Teamwork Support (Mobile Teams 2002) Workshop, 22nd
International Conference on Distributed Computing Systems (ICDCS),
July 2002, Vienna, Austria
|
|
Conference organization
|
|
2nd FORWARD Workshop, Saint Jean - Cap Ferrat, France
|
|
Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA 2005) Working Conference, Vienna, Austria
|
|
Reviewer (Journals)
|
|
Computer Networks
|
|
The Oxford Computer Journal
|
|
International Journal of Information Security
|
|
IEEE Transactions and Dependable and Secure Computing
|
|
IEEE Transactions on Knowledge and Data Engineering
|
|
Journal of Computer Security
|
|
IEEE Computer
|
|
IEEE Transactions on Education
|
|
IEEE Internet Computing
|
|
IEEE Transactions on Information Forensics and Security
|
|
IEEE Security and Privacy
|
|
IEEE Transactions on Systems, Man, and Cybernetics Part B
|
|
IEEE Software
|
|
International Journal of Internet Protocol Technology (IJIPT)
|
|
Multimedia Tools and Applications Journal, Kluwer Academic Publishers
|
|
Reviewer (Conferences)
|
|
17th Word Wide Web Conference, Beijing, China, May 2008
|
|
ACM Conference on Computer and Communications Security (CCS) 2007, Alexandria, VA, November 2007
|
|
ESORICS 2007, Dresden, Germany, September 2007
|
|
4th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA), Lucerne, Switzerland, July 2007
|
|
7th International Conference on Web Engineering (ICWE), Como, Italy, July 2007
|
|
Programming Language Design and Implementation (PLDI), San Diego, CA, June 2007
|
|
Annual Computer Security Applications Conference (ACSAC) 2006, Miami, Florida, USA
|
|
The 8th IEEE Conference on E-Commerce Technology (CEC' 06)
|
|
The 3rd IEEE Conference on Enterprise Computing, E-Commerce and E-Services (EEE' 06)
|
|
FASE (Fundamental Approaches to Software Engineering) 2006 Conference, Vienna, Austria
|
|
ICSE 2006 (International Conference on Software Engineering), Shanghai, China
|
|
ICDE 2006 (22nd International Conference on Data Engineering), Atlanta, Georgia
|
|
RAID 2005 (8th International Symposium on Recent Advances in Intrusion Detection), Seattle, Washington
|
|
FASE (Fundamental Approaches to Software Engineering) 2005 Conference, Edinburgh, Scotland
|
|
CONTEL 2005 Conference
|
|
Pervasive 2004 Conference
|
Experience (i.e., Code Hacks)
|
Languages used to date: Java, C#, C, C++, Pascal, Modula, Basic, Assembler, Perl, SQL, Prolog, XSLT, PHP, Python
|
|
Database technologies used to date: MySQL, Postgres, Oracle and Oracle Pro*C/C++, JDBC, ODBC
|
|
Operating Systems used to date: Windows (3.x, 95, 98, NT, XP, 2000, CE), OS/2, UNIX (Linux, Solaris, HP UNIX, Mac OS), DOS
|
|
Distributed programming done with: RMI, SUN RPC, CORBA, ISIS, Web Services
|
Last Modified:
01. 04. 2013, 23:00:52
|
|
|
