Selected Publications

Miuyin Yong, Matthew Landen, Frank Li, Fabian Monrose and Mustaque Ahamad, “Comparing Malware Evasion Theory with Practice: Results from Interviews with Expert Analysts”, USENIX Symposium on Usable Privacy and Security (SOUPS), 2024 (to appear).
Kedrian James, Kevin Valakuzhy, Kevin Snow, Fabian Monrose, “CrashTalk: Automated Generation of Precise, Human Readable, Descriptions of Software Security Bugs”, ACM Conference on Data and Application Security and Privacy, 2024 (to appear).
Athanasios Moschos, Fabian Monrose and Angelos Keromytis, “Towards Practical Fabrication Stage Attacks Using Interrupt-Resilient Hardware Trojans”, IEEE International Symposium on Hardware Oriented Security and Trust, 2024.
Yufei Du, Omar Alwari, Kevin Snow, Manos Antonakakis and Fabian Monrose, “Improving Security Tasks Using Compiler Provenance Information Recovered At the Binary-Level”, ACM Conference on Computer and Communications Security, 2023.
Zane Ma, Aaron Faulkenberry, Thomas Papastergiou, Zakir Durumeric, Michael D. Bailey, Angelos D. Keromytis, Fabian Monrose and Manos Antonakakis, “Stale TLS Certificates: Investigating Precarious Third-Party Access to Valid TLS Keys”, ACM Internet Measurement Conference, 2023.
Omar Alrawi, Athanasios Avgetidis, Kevin Valakuzhy, Charles Lever, Paul Burbage, Angelos Keromytis, Fabian Monrose, and Manos Antonakakis, “Beyond the Gates: An Empirical Analysis of HTTP-managed password stealers and operators”, USENIX Security Symposium, 2023.
Mac Malone and Fabian Monrose, “More Carrot or Less Stick: Organically Improving Student Time Management With Practice Tasks and Gamified Assignments”, ACM Conference on Innovation and Technology in Computer Science Education, 2023.
Mac Malone, Yicheng Wang and Fabian Monrose, “Securely Autograding Cybersecurity Exercises Using Web Accessible Jupyter Notebooks”, ACM SIGCSE Technical Symposium, 2023.
Aaron Faulkenberry, Athanasios Avgetidis, Zane Ma, Omar Alrawi, Charles Lever, Panagiotis Kintis, Fabian Monrose, Angelos Keromytis, and Manos Antonakakis, “View from Above: Exploring the Malware Ecosystem from the Upper DNS Hierarchy”, ACM Annual Computer Security Applications Conference, 2022.
Kedrian James, Yufei Du, Sanjeev Das and Fabian Monrose, “Separating the Wheat from the Chaff: Using Indexing and Sub-sequence Mining Techniques to Identify Related Crashes During Bug Triage”, IEEE International Conference on Software Quality, Reliability, and Security, 2022.
Yufei Du, Ryan Court, Kevin Z. Snow and Fabian Monrose, “Automatic Recovery of Fine-grained Compiler Provenance Information at the Binary Level”, USENIX Annual Technical Conference, 2022.
John Lim, Jan-Michael Frahm and Fabian Monrose, “Disentangling Style and Content for Low Resource Video Domain Adaptation: A Case Study on Keystroke Inference Attacks”, ACM Conference on Data and Application Security, 2022.
Mac Malone, Yicheng Wang and Fabian Monrose, “An Online Gamified Learning Platform for Teaching Cybersecurity and More”, ACM Annual Conference on IT Education, 2021.
Omar Alrawi, Athanasios Avgetidis, Kevin Valakuzhy, Charles Lever, Paul Burbage, Angelos Keromytis, Fabian Monrose, and Manos Antonakakis, “The Circle Of Life: A Large-Scale Study of The IoT Malware Lifecycle”, USENIX Security Symposium, 2021.
Tapti Palit, Jarin Firose Moon, Fabian Monrose and Michalis Polychronakis, “DynPTA: Combining Static and Dynamic Analysis for Practical Selective Data Protection”, IEEE Symposium on Security and Privacy, 2021.
Mac Malone, Yicheng Wang, Kevin Snow and Fabian Monrose, “Applicable Micropatches and Where to Find Them: Finding and Applying New Security Hot Fixes to Old Software”, IEEE International Conference on Software Testing, Verification and Validation, 2021.
Mac Malone, Yicheng Wang, Kedrian James, Murray Anderegg, Jan Werner and Fabian Monrose, “To Gamify or Not? On Leaderboard Effects, Student Engagement, and Learning outcomes in a Cybersecurity Intervention”, ACM SIGCSE Technical Symposium, 2021.
Sanjeev Das, Kedrian James, Jan Werner, Manos Antonakakis, Michalis Polychronakis and Fabian Monrose, “A Flexible Framework for Expediting Bug Findings by Leveraging Past (Mis-)Behavior to Discover New Bugs”, ACM Annual Computer Security Applications Conference, 2020.
Md Salman Ahmed, Ya Xiao, Kevin Z. Snow, Gang Tan, Fabian Monrose and Danfeng Yao, “Methodologies for Quantifying (Re-)randomization Security andT iming under JIT-ROP”, ACM Conference on Computer and Communications Security, 2020.
Tapti Palit, Fabian Monrose and Michalis Polychronakis, “Mitigating Data Leakage by Protecting Memory-resident Sensitive Data”, ACM Annual Computer Security Applications Conference, 2019.
Jan Werner, Joshua Mason, Manos Antonakakis, Michalis Polychronakis and Fabian Monrose, “The SEVerESt of Them All:Inference Attacks Against Secure Virtual Enclaves”, ACM Asia Conference on Computer and Communications Security, 2019.
Sanjeev Das, Jan Werner, Manos Antonakakis, Michalis Polychronakis and Fabian Monrose, “SoK: The Challenges, Pitfalls, and Perils of Using Hardware Performance Counters for Security”, IEEE Symposium on Security and Privacy, 2019.
Omar Alwari, Chaz Lever, Fabian Monrose and Manos Antonakakis, “SoK: Security Evaluation of Home-Based IoT Deployments”, IEEE Symposium on Security and Privacy, 2019.
Micah Morton, Jan Werner, Kevin Z. Snow, Michalis Polychronakis, Manos Antonakakis and Fabian Monrose, “Security Concerns in Asynchronous Web Server Architectures: When Performance Optimizations Empower Data-oriented Attacks”, IEEE European Symposium on Security and Privacy, 2018.
Micah Morton, Forrest Li, Kevin Z. Snow, Michalis Polychronakis and Fabian Monrose, “Keeping Zombie Gadgets at Bay by Re-randomizing after Disclosure”, Engineering Secure Systems and Software Conference, 2017.
Yizheng Chen, Yacin Nadji, Athanasios Kountouras, Fabian Monrose, Roberto Perdisci, Manos Antonakakis and Nikolaos Vasiloglou, “Practical Attacks Against Graph-based Clustering”, ACM Conference on Computer and Communications Security, 2017.
Roman Rogowski, Micah Morton, ForrestLi, Kevin Z. Snow, Michalis Polychronakis and Fabian Monrose, “Revisiting Browser Security in the Modern Era: New Data-only Attacks and Defenses”, IEEE European Symposium on Security and Privacy, 2017.
Yi Xu, True Price, Jan-Michael Frahm and Fabian Monrose, “Virtual U: Defeating Face Liveness Detection by Building Virtual Models From Your Public Photos”, USENIX Security Symposium, 2016.
Jan Werner, George Baltas, Rob Dallara, Nathan Otterness, Kevin Snow, Fabian Monrose and Michalis Polychronakis, “No-Execute-After-Read: Preventing Code Disclosures in Commodity Software”, ACM Asia Conference on Computer and Communication Security, 2016.
Yi Xu, True Price, Jan-Michael Frahm and Fabian Monrose, “Return to the Zombie Gadgets: Undermining Destructive Code Reads via Code-Inference Attacks”, IEEE Symposium on Security and Privacy, 2016.
Teryl Taylor, Kevin Snow, Nathan Otterness and Fabian Monrose, “Cache, Trigger, Impersonate: Enabling Context-Sensitive Honeyclient Analysis On-the-Wire”, ISOC Network and Distributed Systems Security Symposium, 2016.
Teryl Taylor, Xin Hu, Ting Wang, Jiyong Jang, Marc Stoeckin, Fabian Monrose and Reiner Sailer, “Detecting Malicious Exploit Kits using Tree-based Similarity Searches”, ACM Conference on Data and Application Security and Privacy, 2016.
Luca Davi, Christopher Liebchen, Ahmad-Reza Sadeghi, Kevin Z. Snow, and Fabian Monrose, “Isomeron: Code Randomization Resilient to (Just-in-Time) Return-Oriented Programming”, ISOC Network and Distributed Systems Security Symposium, 2015.
Yi Xu, Jan-Michael Frahm and Fabian Monrose, “Watching the Watchers: Inferring TV Content from Outdoor Light Effusions”, ACM Conference on Computer and Communications Security, 2014.
Blaine Stancill, Kevin Snow, Nathan Otterness, Fabian Monrose, Lucas Davi, and Ahmad-Reza Sadeghi, “Check my profile: Leverage static analysis for fast and accurate detection of ROP gadgets”, International Symposium on Research in Attacks, Intrusions, and Defenses, 2013.
Yi Xu, Jared Heinly, Andrew M. White, Fabian Monrose and Jan-Michael Frahm, “Seeing Double: Reconstructing Obscured Typed Input from Repeated Compromising Reflections”, ACM Conference on Computer and Communications Security, 2013.
Srinivas Krishnan, Teryl Taylor, Fabian Monrose and John McHugh, “Crossing the Threshold: Detecting Network Malfeasance via Sequential Hypothesis Testing”, International Conferences on Dependable Systems and Networks; Performance and Dependability Symposium, 2013.
Kevin Snow, Lucas Davi, Alexandra Dmitrienko, Christopher Liebchen, Fabian Monrose and Ahmad-Reza Sadeghi, “Just-In-Time Code Reuse: On the Effectiveness of Fine-Grained Address Space Layout Randomization”, (Best Student Paper Award), IEEE Symposium on Security and Privacy, 2013.
Andrew White, Srinivas Krishnan, Michael Bailey, Fabian Monrose and Phil Porras, “Clear and Present Data: Opaque Traffic and its Security Implications for the Future”, ISOC Network and Distributed Systems Security Symposium, 2013.
Yi Xu, Gerardo Reynaga, Sonia Chiasson, Jan-Michael Frahm, Fabian Monrose and Paul van Oorschot, “Security and Usability Challenges of Moving-Object CAPTCHAs: Decoding Codewords in Motion”, USENIX Security Symposium, 2012.
Teryl Taylor, Scott E. Coull, Fabian Monrose and John McHugh, “Toward Efficient Querying of Compressed Network Payloads”, In USENIX Annual Technical Conference, 2012.
Rahul Raguram, Andrew White, Dibyendusekhar Goswami, Fabian Monrose and Jan-Michael Frahm, “iSpy: Automatic Reconstruction of Typed Input from Compromising Reflections”, ACM Conference on Computer and Communications Security, 2011.
Kevin Snow, Srinivas Krishnan, Fabian Monrose and Niels Provos, “Enabling Fast Detection and Forensic Analysis of Code Injection Attacks”, USENIX Security Symposium, 2011.
Srinivas Krishnan and Fabian Monrose, “An Empirical Study of the Performance, Security and Privacy Implications of Domain Name Prefetching”, IEEE/IFIP International Conferences on Dependable Systems and Networks; Depend- able Computing and Communications Symposium, 2011.
Xin Huang, Fabian Monrose, and Michael K. Reiter, “Amplifying Limited Expert Input to Sanitize Large Network Traces”, IEEE/IFIP International Conferences on Dependable Systems and Networks; Depend- able Computing and Communications Symposium, 2011.
Andrew White, Kevin Snow, Austin Matthews and Fabian Monrose, “Phonotactic Reconstruction of Encrypted VoIP Conversations”, (Best Paper Award, Outstanding Research In Privacy Enhancing Technologies Award), IEEE Symposium on Security and Privacy, 2011.
Daniel Kumar, Fabian Monrose and Michael K. Reiter, “Towards Optimized Probe Scheduling for Active Measurement Studies”, (Best Paper Award), International Conference on Internet Monitoring and Protection, 2011.
Scott Coull, Micheal Bailey and Fabian Monrose, “On Measuring the Similarity of Network Hosts: Pitfalls, New Metrics, and Empirical Analyses”, Network and Distributed Systems Security Symposium, 2011.
Srinivas Krishnan, Kevin Snow, and Fabian Monrose, “Trail of Bytes: Efficient Support for Forensic Analysis”, ACM Conference on Computer and Communications Security, 2010.
Yinqian Zhang, Fabian Monrose, and Michael K. Reiter, “The Security of Modern Password Expiration: An Algorithmic Framework and Empirical Analysis”, ACM Conference on Computer and Communications Security, 2010.
Scott Coull, Andrew White, Ting-Fang Yen, Fabian Monrose and Michael K. Reiter, “Understanding Domain Registration Abuses”, International Information Security Conference, 2010.
Josh Mason, Sam Small, Greg McManus and Fabian Monrose, “English Shellcode”, ACM Conference on Computer and Communications Security, 2009.