Publications — Researchy goodness, sorted by year

Christian Kreibich

ICSI » ICIR » Christian Kreibich » Publications

Publications

Researchy goodness, sorted by year

An automatically generated compilation of my publications, with additional statistics, is provided by Google Scholar.

2018

Apps, Trackers, Privacy and Regulators: A Global Study of the Mobile Tracking Ecosystem pdf bib

A. Razaghpanah, R. Nithyanand, N. Vallina-Rodriguez, S. Sundaresan, M. Allman, C. Kreibich, and P. Gill. NDSS 2018, San Diego, CA, USA.

2017

Opportunities and Challenges of Ad-based Measurements from the Edge of the Network pdf bib

P. Callejo, C. Kelton, N. Vallina-Rodriguez, R. Cuevas, O. Gasser, C. Kreibich, F. Wohlfart, and A. Cuevas. HotNets 2017, Palo Alto, CA, USA.

2016

RevProbe: Detecting Silent Reverse Proxies in Malicious Server Infrastructures pdf bib

A. Nappa, R.F. Munir, I.K. Tanoli, C. Kreibich, and J. Caballero. ACSAC 2016, Los Angeles, CA, USA.
Tracking the Trackers: Towards Understanding the Mobile Advertising and Tracking Ecosystem pdf bib 26 citations

N. Vallina-Rodriguez, S. Sundaresan, A. Razaghpanah, R. Nithyanand, M. Allman, C. Kreibich, and P. Gill. DAT 2016, New York, NY, USA.
A Multi-perspective Analysis of Carrier-Grade NAT Deployment pdf bib 26 citations

P. Richter, F. Wohlfart, N. Vallina-Rodriguez, M. Allman, R. Bush, A. Feldmann, C. Kreibich, N. Weaver, and V. Paxson. IMC 2016, Santa Monica, CA, USA.

2015

Header Enrichment or ISP Enrichment: Emerging Privacy Threats in Mobile Networks pdf bib 14 citations

N. Vallina-Rodriguez, C. Kreibich, V. Paxson, S. Sundaresan. HotMiddlebox 2015, London, UK.
Beyond the Radio: Illuminating the Higher Layers of Mobile Networks pdf bib 51 citations

N. Vallina-Rodriguez, S. Sundaresan, C. Kreibich, N. Weaver, and V. Paxson. MobiSys 2015, Florence, Italy.

2014

A Tangled Mass: The Android Root Certificate Stores pdf bib

N. Vallina-Rodriguez, J. Amann, C. Kreibich, N. Weaver, and V. Paxson. ACM CoNEXT 2014, Sydney, Australia.

Best short paper award.
Here Be Web Proxies pdf bib

N. Weaver, C. Kreibich, M. Dam, and V. Paxson. Passive and Active Measurement Conference (PAM) 2014, Los Angeles, CA, USA.

2013

Understanding the Domain Registration Behavior of Spammers pdf bib

S. Hao, M. Thomas, V. Paxson, N. Feamster, C. Kreibich, C. Grier and S. Hollenbeck. (Long paper.) Internet Measurement Conference (IMC) 2013, Barcelona, Spain.

2012

Fathom: A Browser-based Network Measurement Platform pdf bib

M. Dhawan, J. Samuel, R. Teixeira, C. Kreibich, M. Allman, N. Weaver, V. Paxson. Internet Measurement Conference (IMC) 2012, Boston, MA, USA.

Fathom, a runner-up for best paper at IMC 2012, brings a JavaScript network measurement API directly into web pages. Check it out and build cool things with it!
Priceless: The Role of Payments in Abuse-advertised Goods pdf bib

D. McCoy, H. Dharmdasani, C. Kreibich, G. Voelker, S. Savage. 19th ACM Conference on Computer and Communications Security (CCS), 16-18 October 2012, Raleigh, NC, USA.

This paper documents two years of experience in monitoring payment networks for abuse-advertised goods and the efficacy of payment-related interventions. For more details, take a look at Brian Krebs's article on our work.
PharmaLeaks: Understanding the Business of Online Pharmaceutical Affiliate Programs pdf bib

D. McCoy, A. Pitsillidis, G. Jordan, N. Weaver, C. Kreibich, B. Krebs, G. Voelker, S. Savage, K. Levchenko. USENIX Security Symposium, 2012, Bellevue/WA, USA.

This paper presents an in-depth look at the business of rogue internet pharmacies. See Brian's article for a high-level summary.
Prudent Practices for Designing Malware Experiments: Status Quo and Outlook pdf bib

C. Rossow, C. Dietrich, C. Kreibich, C. Grier, V. Paxson, N. Pohlmann, H. Bos, M. van Steen. IEEE Symposium on Security and Privacy, 2012, San Francisco, USA.
Probe and Pray: Using UPnP for Home Network Measurements pdf bib

L. DiCioccio, R. Teixeira, M. May, C. Kreibich. Passive and Active Measurement Conference, 2012, Vienna, Austria.
The BIZ Top-Level Domain: Ten Years Later pdf bib

T. Halvorson, J. Szurdi, G. Maier, M. Felegyhazi, C. Kreibich, N. Weaver, K. Levchenko, V. Paxson. Passive and Active Measurement Conference, 2012, Vienna, Austria.

2011

GQ: Practical Containment for Measuring Modern Malware Systems pdf bib

C. Kreibich, N. Weaver, C. Kanich, W. Cui, V. Paxson. Internet Measurement Conference (IMC) 2011, Berlin, Germany.

This paper presents the malware habitat that enabled all of our botnet infiltrations and spam harvesting, and also discusses some lessons learned from 5+ years of building and (safely!) running one of the most wretched hives of malware scum and villainy around.
Experiences from Netalyzr with Engaging Users in End-System Measurement pdf bib

C. Kreibich, N. Weaver, G. Maier, B. Nechaev, V. Paxson. ACM SIGCOMM Workshop on Measurements Up the Stack (W-MUST), 2011, Toronto, Canada.
Redirecting DNS for Ads and Profit pdf bib

N. Weaver, C. Kreibich, V. Paxson. USENIX Workshop on Free and Open Communications on the Internet (FOCI), 2011, San Francisco, USA.

This paper in part describes the unfolding story of some US ISPs using technology by a company called Paxfire to hijack web search queries for monetization through marketing affiliate programs. Read more at New Scientist, EFF, BoingBoing, Slashdot, or the Inquirer. You can also follow it over on the Netalyzr blog.
Show Me the Money: Characterizing Spam-advertised Revenue pdf bib

C. Kanich, N. Weaver, D. McCoy, T. Halvorson, C. Kreibich, K. Levchenko, V. Paxson, G. Voelker, S. Savage. USENIX Security Symposium, 2011, San Francisco, USA.

CircleID article. 07.03.12

MIT Technology Review article on this work, unfortunately completely failing to mention ICSI's involvement. 26.07.11
Measuring Pay-per-Install: The Commoditization of Malware Distribution pdf bib

C. Grier, J. Caballero, C. Kreibich, V. Paxson. USENIX Security Symposium, 2011, San Francisco, USA.

MIT Technology Review article on this work. 09.06.11

We scored an outstanding paper award at the conference. 10.08.11
What's Clicking What? Techniques and Innovations of Today's Clickbots pdf bib

B. Miller, P. Pearce, C. Grier, C. Kreibich, V. Paxson. Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), 2011, Amsterdam, The Netherlands.
Click Trajectories: End-to-End Analysis of the Spam Value Chain pdf bib

K. Levchenko, A. Pitsillidis, N. Chachra, B. Enright, M. Felegyhazi, C. Grier, T. Halvorson, C. Kanich, C. Kreibich, H. Liu, D. McCoy, N. Weaver, V. Paxson, G. M. Voelker, and S. Savage. IEEE Symposium on Security and Privacy, 2011, Oakland, USA.

Read more details about this work here.
Implications of Netalyzr's DNS Measurements pdf bib

N. Weaver, C. Kreibich, B. Nechaev, V. Paxson. First Workshop on Securing and Trusting Internet Names (SATIN), 2011, Teddington, UK.
On the Effects of Registrar-level Intervention pdf bib

H. Liu, K. Levchenko, M. Felegyhazi, C. Kreibich, G. Maier, G. M. Voelker, S. Savage. Fourth USENIX Workshop on Large-scale Exploits and Emergent Threats (LEET '11), 2011, Boston, USA.

2010

Netalyzr: Illuminating The Edge Network pdf bib

C. Kreibich, N. Weaver, B. Nechaev, V. Paxson. Internet Measurement Conference (IMC), 2010, Melbourne, Australia.

This paper has co-won the FCC's Open Internet Research Challenge. Read more about the award here. 05.08.11

For more details on this work, please check out the Netalyzr website.
On the Potential of Proactive Domain Blacklisting pdf bib

M. Felegyhazi, C. Kreibich, V. Paxson. Third USENIX Workshop on Large-scale Exploits and Emergent Threats (LEET '10), 2010, San Jose, USA.
Botnet Judo: Fighting Spam with Itself pdf bib

A. Pitsillidis, K. Levchenko, C. Kreibich, C. Kanich, G.M. Voelker, V. Paxson, N. Weaver, S. Savage. 17th Annual Network and Distributed System Security Symposium, 28 February - 3 March 2010, San Diego, USA.

New Scientist featured this work, as did BoingBoing, Slashdot, Ars Technica, and the Chronicle of Higher Education. 25.01.10
Detection of Intrusions and Malware, and Vulnerability Assessment html bib

C. Kreibich, M. Jahnke (eds). Proceedings of the 7th International DIMVA Conference, July 2010, Bonn, Germany. LNCS Volme 6201, Springer Verlag. ISBN 978-3-642-14214-7.
Recent Advances in Intrusion Detection html bib

S. Jha, R. Sommer, C. Kreibich (eds). Proceedings of the 13th International RAID Symposium, September 2010, Ottawa, Ontario, Canada. LNCS Volume 6307, Springer Verlag. ISBN 978-3-642-15511-6.

2009

Dispatcher: Enabling Active Botnet Infiltration using Automatic Protocol Reverse-engineering pdf bib

J. Caballero, P. Poosankam, C. Kreibich, and D. Song. 16th ACM Conference on Computer and Communications Security (CCS), 9-13 November 2009, Chicago, USA.

MIT Technology Review article on our work. 11.11.09
Spamalytics: An Empirical Analysis of Spam Marketing Conversion pdf bib

C. Kanich, C. Kreibich, K. Levchenko, B. Enright, G. Voelker, V. Paxson, and S. Savage. Communications of the ACM, 52(9), pp. 99-107, September 2009.

Read more about the Spamalytics study and its media coverage here.
Spamcraft: An Inside Look At Spam Campaign Orchestration pdf bib

C. Kreibich, C. Kanich, K. Levchenko, B. Enright, G. Voelker, V. Paxson, and S. Savage. Second USENIX Workshop on Large-scale Exploits and Emergent Threats (LEET '09), 2009, Boston, USA.

New Scientist article on our work. 07.05.09

2008

Spamalytics: An Empirical Analysis of Spam Marketing Conversion pdf html bib

C. Kanich, C. Kreibich, K. Levchenko, B. Enright, G. Voelker, V. Paxson, and S. Savage. 15th ACM Conference on Computer and Communications Security (CCS), 27-31 October 2008, Alexandria, VA.

Read more details about the Spamalytics study here.
Principles for Developing Comprehensive Network Visibility pdf

M. Allman, C. Kreibich, V. Paxson, R. Sommer, and N. Weaver. 3rd USENIX Workshop on Hot Topics in Security (HotSec '08), 29 July 2008, San Jose, USA.
On the Spam Campaign Trail pdf html bib

C. Kreibich, C. Kanich, K. Levchenko, B. Enright, G. Voelker, V. Paxson, and S. Savage. First USENIX Workshop on Large-scale Exploits and Emergent Threats (LEET '08), 2008, San Francisco, USA.
A Tool for Offline and Live Testing of Evasion Resilience in Network Intrusion Detection Systems pdf

L. Juan, C. Kreibich, C.-H. Lin, and V. Paxson. Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), 2008, Paris, France.

2007

The Strengths of Weaker Identities: Opportunistic Personas pdf

M. Allman, C. Kreibich, V. Paxson, R. Sommer, and N. Weaver. Second USENIX Workshop on Hot Topics in Security (HotSec '07), 2007, Boston, USA.
Structural Traffic Analysis For Network Security Monitoring pdf

C. Kreibich. Ph.D. thesis, 2007.

2006

Unexpected Means of Protocol Inference pdf

J. Ma, K. Levchenko, C. Kreibich, S. Savage, and G. Voelker. Internet Measurement Conference (IMC), 2006, Rio de Janeiro, Brazil.
Efficient Sequence Alignment of Network Traffic pdf

C. Kreibich and J. Crowcroft. Internet Measurement Conference (IMC), 2006, Rio de Janeiro, Brazil.

2005

Using Packet Symmetry to Curtail Malicious Traffic pdf

C. Kreibich, A. Warfield, J. Crowcroft, S. Hand, and I. Pratt. Fourth Workshop on Hot Topics in Networks (HotNets-IV), 2005, College Park/Maryland, USA.
Only 365 Days Left Until The Sigcomm Deadline pdf (Jon's fault! :)

J. Crowcroft and C. Kreibich. ACM SIGCOMM Computer Communication Review, Volume 36, Issue 5 (October 2006), pages 57-62.
Enhancing the Accuracy of Network-based Intrusion Detection with Host-based Context pdf

H. Dreger, C. Kreibich, R. Sommer, and V. Paxson. Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA '05), Vienna, Austria.
Policy-controlled Event Management for Distributed Intrusion Detection pdf

C. Kreibich and R. Sommer. 4th International Workshop on Distributed Event-Based Systems (DEBS '05), 2005, Columbus/Ohio, USA.
Brooery: A Graphical Environment for Analysis of Security-Relevant Network Activity pdf

C. Kreibich. Usenix Technical Conference, Freenix Track, 2005, Anaheim, USA.

2004

Design and Implementation of Netdude, a Framework for Packet Trace Manipulation pdf html

C. Kreibich. Usenix Technical Conference, Freenix Track, 2004, Boston, USA. Awarded Best Student Paper.

2003

Honeycomb: Creating Intrusion Detection Signatures Using Honeypots pdf

C. Kreibich and J. Crowcroft. 2nd Workshop on Hot Topics in Networks (HotNets-II), 2003, Boston, USA.
Towards an Infrastructure for Automated Distribution of Vulnerability Knowledge pdf

C. Kreibich and J. Crowcroft. Cabernet Radicals Workshop 2003, Corsica.
Automated NIDS Signature Generation using Honeypots pdf

C. Kreibich and J. Crowcroft. Poster paper, SIGCOMM 2003, Karlsruhe, Germany.
Architecture of a Network Monitor pdf

A. Moore, J. Hall, C. Kreibich, E. Harris, and I. Pratt. Passive and Active Measurements Workshop, La Jolla, California. 2003.

2001

Network Intrusion Detection: Evasion, Traffic Normalization, and End-to-End Protocol Semantics ps.gz

M. Handley, C.Kreibich, and V. Paxson. Usenix Security Symposium, Washington, USA, 2001.

The source code for Norm, the normalizer presented in this paper, is available here.

2000

Analysis of Metaheuristics in the Network Design Process ps.gz

C. Kreibich. Diplomarbeit, Technische Universität München, 2000.

updated on 26 July 19 | yummy spam, yesss...

built with TT | (cc) Christian Kreibich