Publications


  • Cached and Confused: Web Cache Deception in the Wild. Seyed Ali Mirheidari, Sajjad Arshad, Kaan Onarlioglu, Bruno Crispo, Engin Kirda, William Robertson. In Proceedings of the USENIX Security Symposium. .
  • HotFuzz: Discovering Algorithmic Denial-of-Service Vulnerabilities Through Guided Micro-Fuzzing. William Blair, Andrea Mambretti, Sajjad Arshad, Michael Weissbacher, William Robertson, Engin Kirda, Manuel Egele. In Proceedings of the ISOC Network and Distributed System Security Symposium (NDSS). .
  • Speculator: A Tool to Analyze Speculative Execution Attacks and Mitigations. Andrea Mambretti, Matthias Neugschwandtner, Alessandro Sorniotti, Engin Kirda, William Robertson, Anil Kurmus. In Proceedings of the Annual Computer Security Applications Conference (ACSAC). .
  • A Longitudinal Analysis of the ads.txt Standard. Muhammad Ahmad Bashir, Sajjad Arshad, Engin Kirda, William Robertson, Christo Wilson. In Proceedings of the Internet Measurement Conference (IMC). .
  • Getting Under Alexa’s Umbrella: Infiltration Attacks Against Internet Top Domain Lists. Walter Rweyemamu, Tobias Lauinger, Christo Wilson, William Robertson, Engin Kirda. In Proceedings of the International Conference on Information Security (ISC). .
  • USBESAFE: An End-Point Solution to Protect Against USB-Based Attacks. Amin Kharraz, Brandon Daley, Graham Baker, William Robertson, Engin Kirda. In Proceedings of the International Symposium on Research in Attacks, Intrusions, and Defenses (RAID). .
  • It's Not What It Looks Like: Measuring Attacks and Defensive Registrations of Homograph Domains. Florian Quinkert, Tobias Lauinger, William Robertson, Engin Kirda, Thorsten Holz. In Proceedings of the IEEE Conference on Communications and Network Security (CNS). .
  • Clustering and the Weekend Effect: Recommendations for the Use of Top Domain Lists in Security Research. Walter Rweyemamu, Tobias Lauinger, Christo Wilson, William Robertson, Engin Kirda. In Proceedings of the International Conference on Passive and Active Network Measurement (PAM). .
  • On the Effectiveness of Type-based Control Flow Integrity. Reza Mirzazade Farkhani, Saman Jafari, Sajjad Arshad, William Robertson, Engin Kirda, Hamed Okhravi. In Proceedings of the Annual Computer Security Applications Conference (ACSAC). .
  • From Deletion to Re-Registration in Zero Seconds: Domain Registrar Behaviour During the Drop. Tobias Lauinger, Abdelberi Chaabane, Ahmet Buyukkayhan, William Robertson, Engin Kirda. In Proceedings of the ACM Internet Measurement Conference (IMC). .