Faculty Publications - Vern Paxson

Books

Book chapters or sections

  • G. Maier, A. Feldmann, V. Paxson, R. Sommer, and M. Vallentin, "An assessment of overt malicious activity manifest in residential networks," in Detection of Intrusions and Malware, and Vulnerability Assessment, Springer, 2011, pp. 144--163.
  • B. Miller, P. Pearce, C. Grier, C. Kreibich, and V. Paxson, "What’s clicking what? techniques and innovations of today’s clickbots," in Detection of Intrusions and Malware, and Vulnerability Assessment, Springer, 2011, pp. 164--183.
  • P. Barford, Y. Chen, A. Goyal, Z. Li, V. Paxson, and V. Yegneswaran, "Employing Honeynets for network situational awareness," in Cyber situational awareness, Springer, 2010, pp. 71--102.
  • H. Dreger, A. Feldmann, V. Paxson, and R. Sommer, "Predicting the resource consumption of network intrusion detection systems," in Recent Advances in Intrusion Detection: Proc. 11th Intl. Symp. (RAID 2008), R. Lippmann, E. Kirda, and A. Trachtenberg, Eds., Lecture Notes in Computer Science, Vol. 5230, Berlin, Germany: Springer-Verlag, 2008, pp. 135-154.
  • L. Juan, C. Kreibich, C. H. Lin, and V. Paxson, "A tool for offline and live testing of evasion resilience in network intrusion detection systems (Extended Abstract)," in Detection of Intrusions and Malware, and Vulnerability Assessment: Proc. 5th Intl. Conf. (DIMVA 2008), D. Zamboni, Ed., Lecture Notes in Computer Science, Vol. 5137, Berlin, Germany: Springer-Verlag, 2008, pp. 267-278.
  • M. Allman and V. Paxson, "A reactive measurement framework," in Passive and Active Network Measurement: Proc. 9th Intl. Conf. (PAM 2008), M. Claypool and S. Uhlig, Eds., Lecture Notes in Computer Science, Vol. 4979, Berlin, Germany: Springer-Verlag, 2008, pp. 92-101.
  • M. Vallentin, R. Sommer, J. Lee, C. Leres, V. Paxson, and B. Tierney, "The NIDS cluster: Scalable, stateful network intrusion detection on commodity hardware," in Proc. 10th Intl. Symp. on Recent Advances in Intrusion Detection (RAID 2007), C. Kruegel, R. Lippmann, and A. Clark, Eds., Lecture Notes in Computer Science, Vol. 4637, Berlin, Germany: Springer-Verlag, 2007, pp. 107-126.
  • J. Jung, R. A. Milito, and V. Paxson, "On the adaptive real-time detection of fast-propagating network worms," in Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA 2007): Proc. 4th GI Intl. Conf., B. M. Hammerli and R. Sommer, Eds., Lecture Notes in Computer Science, Vol. 4579, Berlin, Germany: Springer-Verlag, 2007, pp. 175-192.
  • J. M. Gonzalez and V. Paxson, "Enhancing network intrusion detection with integrated sampling and filtering," in Recent Advances in Intrusion Detection: Proc. 9th Intl. Symp. (Raid 2006), D. Zamboni and C. Kruegel, Eds., Lecture Notes in Computer Science, Vol. 4219, Berlin, Germany: Springer-Verlag, 2006, pp. 272-289.
  • H. Dreger, C. Kreibich, V. Paxson, and R. Sommer, "Enhancing the accuracy of network-based intrusion detection with host-based context," in Intrusion and Malware Detection and Vulnerability Assessment: Proc. 2nd Intl. Conf. (DIMVA 2005), K. Julisch and C. Kruegel, Eds., Lecture Notes in Computer Science, Vol. 3548, Berlin, Germany: Springer-Verlag, 2005, pp. 206-221.
  • W. Willinger, V. Paxson, R. H. Riedi, and M. S. Taqqu, "Long-range dependence and data network traffic," in Theory and Applications of Long-Range Dependence, P. Doukhan, G. Oppenheim, and M. S. Taqqu, Eds., Boston, MA: Birkhauser, 2002, pp. 373-408.
  • D. L. Donoho, A. G. Flesia, U. Shankar, V. Paxson, J. Coit, and S. Staniford, "Multiscale stepping-stone detection: Detecting pairs of jittered interactive streams by exploiting maximum tolerable delay," in Recent Advances in Intrusion Detection (RAID 2002): Proc. 5th Intl. Symp., A. Wespi, G. Vigna, and L. Deri, Eds., Lecture Notes in Computer Science, Vol. 2516, Berlin, Germany: Springer-Verlag, 2002, pp. 17-35.
  • W. Willinger, V. Paxson, and M. S. Taqqu, "Self-similarity and heavy tails: Structural modeling of network traffic," in A Practical Guide to Heavy Tails: Statistical Techniques and Applications, R. J. Adler, R. E. Feldman, and M. S. Taqqu, Eds., Boston, MA: Birkhauser, 1998, pp. 27-54.

Articles in journals or magazines

Articles in conference proceedings

  • G. Ho, A. S. M. Javed, V. Paxson, and D. Wagner, "Detecting Credential Spearphishing Attacks in Enterprise Settings," in Proceedings of the 26rd USENIX Security Symposium (USENIX Security’17), 2017, pp. 469--485.
  • A. Murdock, F. Li, P. Bramsen, Z. Durumeric, and V. Paxson, "Target generation for internet-wide IPv6 scanning," in ACM Internet Measurement Conference, 2017, pp. 242-253.
  • K. Levchenko, A. Dhamdhere, B. Huffaker, K. Claffy, M. Allman, and V. Paxson, "Packetlab: a universal measurement endpoint interface," in ACM Internet Measurement Conference, 2017, pp. 254-260.
  • K. Thomas, F. Li, A. Zand, J. Barrett, J. Ranieri, L. Invernizzi, Y. Markov, O. Comanescu, V. Eranti, A. Moscicki, and V. Paxson, "Data breaches, phishing, or malware?: Understanding the risks of stolen credentials," in ACM SIGSAC Conference on Computer and Communications Security, 2017, pp. 1421-1434.
  • F. Li and V. Paxson, "A large-scale empirical study of security patches," in SIGSAC Conference on Computer and Communications Security, 2017, pp. 2201-2215.
  • G. Durrett, J. K. Kummerfeld, T. Berg-Kirkpatrick, R. S. Portnoff, S. Afroz, D. McCoy, K. Levchenko, and V. Paxson, "Identifying products in online cybercrime marketplaces: A dataset for fine-grained domain adaptation," in Empirical Methods in Natural Language Processing (EMNLP), 2017.
  • G. Ho, A. Sharma, M. Javed, V. Paxson, and D. Wagner, "Detecting Credential Spearphishing Attacks in Enterprise Settings," in USENIX Security Symposium, 2017, pp. 469-485.
  • P. Pearce, B. Jones, F. Li, R. Ensafi, N. Feamster, N. Weaver, and V. Paxson, "Global measurement of DNS manipulation," in USENIX Security Symposium, 2017, pp. 22.
  • R. Singh, R. Nithyanand, S. Afroz, P. Pearce, M. C. Tschantz, P. Gill, and V. Paxson, "Characterizing the nature and dynamics of Tor exit blocking," in 26th USENIX Security Symposium, 2017, pp. 325-341.
  • P. Pearce, R. Ensafi, F. Li, N. Feamster, and V. Paxson, "Augur: Internet-wide detection of connectivity disruptions," in IEEE Symposium on Security and Privacy, 2017, pp. 427-443.
  • R. S. Portnoff, S. Afroz, G. Durrett, J. K. Kummerfeld, T. Berg-Kirkpatrick, D. McCoy, K. Levchenko, and V. Paxson, "Tools for automated analysis of cybercriminal markets," in Proceedings of the 26th International Conference on World Wide Web, 2017, pp. 657--666.
  • Z. Durumeric, Z. Ma, D. Springall, R. Barnes, N. Sullivan, E. Bursztein, M. Bailey, J. A. Halderman, and V. Paxson, "The security impact of HTTPS interception," in Proc. Network and Distributed System Security Symposium (NDSS), 2017.
  • J. Chen, X. Zheng, H. Duan, J. Liang, J. Jiang, K. Li, T. Wan, and V. Paxson, "Forwarding-Loop Attacks in Content Delivery Networks.," in NDSS, 2016.
  • P. Richter, F. Wohlfart, N. Vallina-Rodriguez, M. Allman, R. Bush, A. Feldmann, C. Kreibich, N. Weaver, and V. Paxson, "A multi-perspective analysis of carrier-grade NAT deployment," in Proceedings of the 2016 Internet Measurement Conference, 2016, pp. 215-229.
  • M. Ikram, N. Vallina-Rodriguez, S. Seneviratne, M. A. Kaafar, and V. Paxson, "An analysis of the privacy and security risks of Android VPN permission-enabled apps," in Proceedings of the 2016 Internet Measurement Conference, 2016, pp. 349-364.
  • J. Chen, J. Jiang, H. Duan, N. Weaver, T. Wan, and V. Paxson, "Host of troubles: Multiple host ambiguities in http implementations," in Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, 2016, pp. 1516-1527.
  • S. Hao, A. Kantchelian, B. Miller, V. Paxson, and N. Feamster, "PREDATOR: proactive recognition and elimination of domain abuse at time-of-registration," in Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, 2016, pp. 1568--1579.
  • F. Li, Z. Durumeric, J. Czyz, M. Karami, M. Bailey, D. McCoy, S. Savage, and V. Paxson, "You've Got Vulnerability: Exploring Effective Vulnerability Notifications.," in USENIX Security Symposium, 2016, pp. 1033--1050.
  • S. Jain, M. Javed, and V. Paxson, "Towards mining latent client identifiers from network traffic," in Proc. Privacy Enhancing Technologies Symposium, Vol. 2016, De Gruyter Open, 2016, pp. 100-114.
  • M. C. Tschantz, S. Afroz, D. Fifield, and V. Paxson, "Sok: Towards grounding censorship circumvention in empiricism," in IEEE Symposium on Security and Privacy, 2016, pp. 914-933.
  • S. Sundaresan, D. McCoy, S. Afroz, and V. Paxson, "Profiling underground merchants based on network behavior," in APWG Symposium on Electronic Crime Research (eCrime), 2016, pp. 1-9.
  • F. Li, G. Ho, E. Kuan, Y. Niu, L. Ballard, K. Thomas, E. Bursztein, and V. Paxson, "Remedying web hijacking: Notification effectiveness and webmaster comprehension," in Proceedings of the 25th International Conference on World Wide Web, 2016, pp. 1009--1019.
  • B. Jones, N. Feamster, V. Paxson, N. Weaver, and M. Allman, "Detecting DNS root manipulation," in International Conference on Passive and Active Network Measurement, 2016, pp. 276--288.
  • M. Vallentin, V. Paxson, and R. Sommer, "VAST: A Unified Platform for Interactive Network Forensics," in Proceedings of the USENIX Symposium on Networked Systems Design and Implementation (NSDI), 2016.
  • S. Khattak, D. Fifield, S. Afroz, M. Javed, S. Sundaresan, V. Paxson, S. J. Murdoch, and D. McCoy, "Do you see what I see? differential treatment of anonymous users," in Proc. Network and Distributed Systems Security, 2016.
  • B. Jones, R. Ensafi, N. Feamster, V. Paxson, and N. Weaver, "Ethical concerns for censorship measurement," in Proceedings of the 2015 ACM SIGCOMM Workshop on Ethics in Networked Systems Research, 2015, pp. 17-19.
  • B. Marczak, N. Weaver, J. Dalek, R. Ensafi, D. Fifield, S. McKune, A. Rey, J. Scott-Railton, R. Deibert, and V. Paxson, "An analysis of China’s “Great Cannon”," in USENIX Workshop on Free and Open Communication on the Internet, 2015, pp. 37.
  • S. Afroz, D. Fifield, M. C. Tschantz, V. Paxson, and J. Tygar, "Censorship Arms Race: Research vs. Practice," in Workshop on Hot Topics in Privacy Enhancing Technologies, 2015.
  • R. Ensafi, D. Fifield, P. Winter, N. Feamster, N. Weaver, and V. Paxson, "Examining How the Great Firewall Discovers Hidden Circumvention Servers," in Internet Measurement Conference, ACM, 2015.
  • M. Javed, C. Herley, M. Peinado, and V. Paxson, "Measurement and Analysis of Traffic Exchange Services," in Proceedings of the 2015 Internet Measurement Conference, 2015, pp. 1--12.
  • F. Li, R. Shin, and V. Paxson, "Exploring privacy preservation in outsourced K-nearest neighbors with multiple data owners," in Proceedings of the 2015 ACM Workshop on Cloud Computing Security Workshop, 2015, pp. 53-64.
  • N. Vallina-Rodriguez, S. Sundaresan, C. Kreibich, and V. Paxson, "Header enrichment or ISP enrichment?: Emerging privacy threats in mobile networks," in Proceedings of the 2015 ACM SIGCOMM Workshop on Hot Topics in Middleboxes and Network Function Virtualization, 2015, pp. 25-30.
  • D. Fifield, C. Lan, R. Hynes, P. Wegmann, and V. Paxson, "Blocking-resistant communication through domain fronting," in Proc. Privacy Enhancing Technologies Symposium, 2015. [abstract]
  • K. Thomas, E. Bursztein, C. Grier, G. Ho, N. Jagpal, A. Kapravelos, D. McCoy, A. Nappa, V. Paxson, P. Pearce, N. Provos, and M. Abu Rajab, "Ad Injection at Scale: Assessing Deceptive Advertisement Modifications," in Proc. IEEE Security and Privacy, 2015. [abstract]
  • R. Rasti, M. Murthy, N. Weaver, and V. Paxson, "Temporal Lensing and its Application in Pulsing Denial-of-Service Attacks," in Proc. IEEE Security and Privacy, 2015. [abstract]
  • N. Vallina-Rodriguez, S. Sundaresan, C. Kreibich, N. Weaver, and V. Paxson, "Beyond the Radio: Illuminating the Higher Layers of Mobile Networks," in Proc. ACM MOBISYS, 2015. [abstract]
  • Z. Durumeric, J. Kasten, D. Adrian, J. A. Halderman, M. Bailey, F. Li, N. Weaver, J. Amann, J. Beekman, M. Payer, and V. Paxson, "The Matter of Heartbleed," in Proceedings of the 2014 Conference on Internet Measurement Conference, IMC '14, New York, NY, USA: ACM, 2014, pp. 475--488.
  • P. Pearce, V. Dave, C. Grier, K. Levchenko, S. Guha, D. McCoy, V. Paxson, S. Savage, and G. Voelker, "Characterizing Large-Scale Click Fraud in ZeroAccess," in Proceedings of the 2014 ACM Computer and Communications Security, 2014.
  • S. Khattak, M. Javed, S. Khayam, Z. Uzmi, and V. Paxson, "A Look at the Consequences of Internet Censorship Through an ISP Lens," in Proceedings of the 2014 ACM SIGCOMM Internet Measurement Conference, 2014.
  • Z. Durumeric, J. Kasten, D. Adrian, J. A. Halderman, M. Bailey, F. Li, N. Weaver, J. Amann, J. Beekman, M. Payer, and V. Paxson, "The Matter of Heartbleed," in ACM Internet Measurement Conference (IMC), 2014.
  • A. Kapravelos, C. Grier, N. Chachra, C. Kruegel, G. Vigna, V. Paxson, D. Kirat, G. De Maio, Y. Shoshitaishvili, and G. Stringhini, "Hulk: eliciting malicious behavior in browser extensions," in Proceedings of the 23rd USENIX conference on Security Symposium, 2014, pp. 641--654.
  • N. Weaver, C. Kreibich, M. Dam, and V. Paxson, "Here Be Web Proxies," in Passive and Active Measurement, 2014, pp. 183--192.
  • R. Sommer, M. Vallentin, L. De Carli, and V. Paxson, "HILTI: An Abstract Execution Environment for Deep, Stateful Network Traffic Analysis," in Proceedings of the 2014 ACM SIGCOMM Internet Measurement Conference, 2014.
  • W. R. Marczak, J. Scott-Railton, M. Marquis-Boire, and V. Paxson, "When Governments Hack Opponents: A Look at Actors and Technology," in Proceedings of the 23rd USENIX Security Symposium, 2014.
  • N. Vallina-Rodriguez, J. Amann, C. Kreibich, N. Weaver, and V. Paxson, "A Tangled Mass: The Android Root Certificate Stores," in Proceedings of the 10th ACM International on Conference on Emerging Networking Experiments and Technologies, CoNEXT '14, New York, NY, USA: ACM, 2014, pp. 141--148.
  • K. Thomas, F. Li, C. Grier, and V. Paxson, "Consequences of Connectivity: Characterizing Account Hijacking on Twitter," in Proceedings of the 2014 ACM Computer and Communications Security, 2014.
  • W. R. Marczak, J. Scott-Railton, M. Marquis-Boire, and V. Paxson, "When Governments Hack Opponents: A Look at Actors and Technology," in 23rd USENIX Security Symposium (USENIX Security 14), San Diego, CA: USENIX Association, 2014, pp. 511--525.
  • S. Khattak, M. Javed, P. D. Anderson, and V. Paxson, "Towards Illuminating a Censorship Monitor’s Model to Facilitate Evasion," in USENIX Workshop on Free and Open Communication on the Internet, 2013.
  • M. Javed and V. Paxson, "Detecting stealthy, distributed SSH brute-forcing," in Proceedings of the 2013 ACM Computer and Communications Security, 2013, pp. 85--96.
  • V. Paxson, M. Christodorescu, M. Javed, J. R. Rao, R. Sailer, D. L. Schales, M. P. Stoecklin, K. Thomas, W. Venema, and N. Weaver, "Practical Comprehensive Bounds on Surreptitious Communication over DNS," in USENIX Security Symposium, 2013, pp. 17--32.
  • K. Thomas, D. McCoy, C. Grier, A. Kolcz, and V. Paxson, "Trafficking Fraudulent Accounts: The Role of the Underground Market in Twitter Spam and Abuse," in USENIX Security Symposium, 2013, pp. 195--210.
  • S. Hao, M. Thomas, V. Paxson, N. Feamster, C. Kreibich, C. Grier, and S. Hollenbeck, "Understanding the domain registration behavior of spammers.," in Internet Measurement Conference, 2013, pp. 63--76.
  • H. Duan, N. Weaver, Z. Zhao, M. Hu, J. Liang, J. Jiang, K. Li, and V. Paxson, "Hold-on: Protecting against on-path DNS poisoning," in Workshop on Securing and Trusting Internet Names, 2012.
  • T. Halvorson, J. Szurdi, G. Maier, M. Felegyhazi, C. Kreibich, N. Weaver, K. Levchenko, and V. Paxson, "The BIZ Top-Level Domain: Ten Years Later," in Passive and Active Measurement, 2012, pp. 221--230.
  • M. Dhawan, J. Samuel, R. Teixeira, C. Kreibich, M. Allman, N. Weaver, and V. Paxson, "Fathom: A browser-based network measurement platform," in Proceedings of the 2012 ACM SIGCOMM Internet Measurement Conference, 2012, pp. 73--86.
  • C. Rossow, C. J. Dietrich, C. Grier, C. Kreibich, V. Paxson, N. Pohlmann, H. Bos, and M. Van Steen, "Prudent Practices for Designing Malware Experiments: Status Quo and Outlook," in IEEE Security and Privacy, 2012, pp. 65--79.
  • L. Martignoni, P. Poosankam, M. Zaharia, J. Han, S. McCamant, D. Song, V. Paxson, A. Perrig, S. Shenker, and I. Stoica, "Cloud Terminal: Secure Access to Sensitive Applications from Untrusted Systems," in USENIX Annual Technical Conference, 2012, pp. 165--182.
  • K. Thomas, C. Grier, and V. Paxson, "Adapting social spam infrastructure for political censorship," in Proceedings of the 5th USENIX Workshop on Large-Scale Exploits and Emergent Threats, 2012, pp. 13--13.
  • C. Grier, L. Ballard, J. Caballero, N. Chachra, C. J. Dietrich, K. Levchenko, P. Mavrommatis, D. McCoy, A. Nappa, A. Pitsillidis, and V. Paxson, "Manufacturing Compromise: The Emergence of Exploit-As-A-Service," in Proceedings of the 2012 ACM conference on Computer and communications security, 2012, pp. 821--832.
  • L. Martignoni, P. Poosankam, M. Zaharia, J. Han, S. McCamant, D. Song, V. Paxson, A. Perrig, S. Shenker, and I. Stoica, "Cloud Terminal: Secure Access to Sensitive Applications from Untrusted Systems.," in Proceedings of USENIX Annual Technical Conference, 2012.
  • N. Weaver, C. Kreibich, B. Nechaev, and V. Paxson, "Implications of Netalyzr’s DNS measurements," in Workshop on Securing and Trusting Internet Names, 2011.
  • N. Weaver, C. Kreibich, and V. Paxson, "Redirecting DNS for ads and profit," in USENIX Workshop on Free and Open Communications on the Internet (FOCI), 2011.
  • C. Kreibich, N. Weaver, G. Maier, B. Nechaev, and V. Paxson, "Experiences from Netalyzr with engaging users in end-system measurement," in Proceedings of the first ACM SIGCOMM workshop on Measurements up the stack, 2011, pp. 25--30.
  • C. M. Zhang and V. Paxson, "Detecting and analyzing automated activity on Twitter," in Passive and Active Measurement, 2011, pp. 102--111.
  • C. Kreibich, N. Weaver, C. Kanich, W. Cui, and V. Paxson, "GQ: Practical containment for measuring modern malware systems," in Proceedings of the 2011 ACM SIGCOMM Internet Measurement Conference, 2011, pp. 397--412.
  • K. Levchenko, A. Pitsillidis, N. Chachra, B. Enright, M. Felegyhazi, C. Grier, T. Halvorson, C. Kanich, C. Kreibich, H. Liu, and V. Paxson, "Click Trajectories: End-to-End Analysis of the Spam Value Chain," in IEEE Security and Privacy (SP), 2011, 2011, pp. 431--446.
  • C. Kanich, N. Weaver, D. McCoy, T. Halvorson, C. Kreibich, K. Levchenko, V. Paxson, G. M. Voelker, and S. Savage, "Show Me the Money: Characterizing Spam-advertised Revenue," in USENIX Security Symposium, 2011, pp. 15--15.
  • J. Caballero, C. Grier, C. Kreibich, and V. Paxson, "Measuring Pay-Per-Install: The Commoditization of Malware Distribution.," in USENIX Security Symposium, 2011.
  • K. Thomas, C. Grier, J. Ma, V. Paxson, and D. Song, "Design and evaluation of a real-time URL spam filtering service," in Security and Privacy (SP), 2011 IEEE Symposium on, 2011, pp. 447--462.
  • K. Thomas, C. Grier, D. Song, and V. Paxson, "Suspended accounts in retrospect: An analysis of Twitter spam," in Proceedings of the ACM Conference on Internet Measurement Conference, 2011, pp. 243-258.
  • B. Nechaev, M. Allman, V. Paxson, and A. Gurtov, "A preliminary analysis of TCP performance in an enterprise network," in SIGCOMM Workshop on Research on Enterprise Networking, 2010, pp. 7--7.
  • T. Callahan, M. Allman, and V. Paxson, "A longitudinal view of HTTP traffic," in Passive and Active Measurement, 2010, pp. 222--231.
  • C. Muthukrishnan, V. Paxson, M. Allman, and A. Akella, "Using strongly typed networking to architect for tussle," in Proceedings of the 9th ACM SIGCOMM Workshop on Hot Topics in Networks, 2010, pp. 9.
  • M. Felegyhazi, C. Kreibich, and V. Paxson, "On the potential of proactive domain blacklisting," in Proceedings of the Third USENIX Workshop on Large-scale Exploits and Emergent Threats (LEET), 2010.
  • A. Pitsillidis, K. Levchenko, C. Kreibich, C. Kanich, G. M. Voelker, V. Paxson, N. Weaver, and S. Savage, "Botnet Judo: Fighting Spam with Itself," in Network and Distribute Systems Security, 2010.
  • C. Kreibich, N. Weaver, B. Nechaev, and V. Paxson, "Netalyzr: Illuminating the edge network," in Proceedings of the 10th ACM SIGCOMM Internet Measurement Conference, 2010, pp. 246--259.
  • R. Sommer and V. Paxson, "Outside the Closed World: On Using Machine Learning for Network Intrusion Detection," in Security and Privacy (SP), 2010 IEEE Symposium on, 2010, pp. 305--316.
  • C. Grier, K. Thomas, V. Paxson, and M. Zhang, "@ spam: the underground on 140 characters or less," in Proceedings of the 17th ACM conference on Computer and communications security, 2010, pp. 27--37.
  • C. Y. Cho, C. Juan, G. Chris, V. Paxson, and D. Song, "Insights from the Inside: A View of Botnet Management from Infiltration," in 3rd USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET), 2010.
  • G. Maier, A. Feldmann, V. Paxson, and M. Allman, "On Dominant Characteristics of Residential Broadband Internet Traffic," in ACM Internet Measurement Conference, 2009.
  • B. Nechaev, V. Paxson, M. Allman, and A. Gurtov, "On Calibrating Enterprise Switch Measurements," in ACM Internet Measurement Conference, 2009.
  • P. Mittal, V. Paxson, R. Sommer, and M. Winterrowd, "Securing Mediated Trace Access Using Black-box Permutation Analysis," in ACM SIGCOMM HotNets, 2009.
  • C. Kreibich, C. Kanich, K. Levchenko, B. Enright, G. Voelker, V. Paxson, and S. Savage, "Spamcraft: An Inside Look At Spam Campaign Orchestration," in 2nd USENIX Workshop on Large-Scale Exploits and Emergent Threats, 2009.
  • Z. Li, A. Goyal, Y. Chen, and V. Paxson, "Automating Analysis of Large-Scale Botnet Probing Events," in ACM Symposium on Information, Computer and Communications Security, 2009. [abstract]
  • N. Weaver, R. Sommer, and V. Paxson, "Detecting Forged TCP Reset Packets," in Proceedings of the Network and Distributed System Security Symposium, 2009. [abstract]
  • C. Kanich, C. Kreibich, K. Levchenko, B. Enright, G. M. Voelker, V. Paxson, and S. Savage, "Spamalytics: An empirical analysis of spam marketing conversion," in Proc. 15th ACM Conf. on Computer and Communications Security (CCS 2008), P. Syverson, S. Jha, and X. Zhang, Eds., New York, NY: The Association for Computing Machinery, Inc., 2008, pp. 3-14.
  • G. Maier, R. Sommer, H. Dreger, A. Feldmann, V. Paxson, and F. Schneider, "Enriching network security analysis with time travel," in Proc. ACM SIGCOMM 2008 Conf. on Data Communication, New York, NY: The Association for Computing Machinery, Inc., 2008, pp. 183-194.
  • M. Allman, C. Kreibich, V. Paxson, R. Sommer, and N. Weaver, "Principles for developing comprehensive network visibility," in Proc. 3rd USENIX Workshop on Hot Topics in Security (HotSec 2008), Berkeley, CA: USENIX Association, 2008, pp. 6 pg.
  • H. Dreger, A. Feldmann, V. Paxson, and R. Sommer, "Predicting the resource consumption of network intrusion detection systems (Poster)," in Proc. 2008 ACM SIGMETRICS Intl. Conf. on Measurement and Modeling of Computer Systems (SIGMETRICS '08), New York, NY: The Association for Computing Machinery, Inc., 2008, pp. 437-438.
  • M. Vutukuru, H. Balakrishnan, and V. Paxson, "Efficient and robust TCP stream normalization," in Proc. 29th IEEE Symp. on Security and Privacy (SP 2008), Los Alamitos, CA: IEEE Computer Society, 2008, pp. 96-110.
  • C. Kreibich, C. Kanich, K. Levchenko, B. Enright, G. M. Voelker, V. Paxson, and S. Savage, "On the spam campaign trail," in Proc. 1st USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET 2008), F. Monrose, Ed., Berkeley, CA: USENIX Association, 2008, pp. 9 pg.
  • J. M. Gonzalez, V. Paxson, and N. Weaver, "Shunting: A hardware/software architecture for flexible, high-performance network intrusion prevention," in Proc. 14th ACM Conf. on Computer and Communications Security (CCS '07), S. De Capitani di Vimercati, P. Syverson, and D. Evans, Eds., New York, NY: The Association for Computing Machinery, Inc., 2007, pp. 139-149.
  • J. Franklin, V. Paxson, A. Perrig, and S. Savage, "An inquiry into the nature and causes of the wealth of Internet miscreants," in Proc. 14th ACM Conf. on Computer and Communications Security (CCS '07), S. De Capitani di Vimercati, P. Syverson, and D. Evans, Eds., New York, NY: The Association for Computing Machinery, Inc., 2007, pp. 375-388.
  • M. Allman, K. Christensen, B. Nordman, and V. Paxson, "Enabling an energy-efficient future Internet through selectively connected end systems," in Proc. 6th Workshop on Hot Topics in Networks (HotNets-VI), New York, NY: The Association for Computing Machinery, Inc., 2007, pp. 7 pg.
  • M. Allman and V. Paxson, "Issues and etiquette concerning use of shared measurement data," in Proc. 7th ACM SIGCOMM Internet Measurement Conf. (IMC '07), New York, NY: The Association for Computing Machinery, Inc., 2007, pp. 135-140.
  • M. Allman, V. Paxson, and J. Terrell, "A brief history of scanning," in Proc. 7th ACM SIGCOMM Internet Measurement Conf. (IMC '07), New York, NY: The Association for Computing Machinery, Inc., 2007, pp. 77-82.
  • M. Allman, C. Kreibich, V. Paxson, R. Sommer, and N. Weaver, "The strengths of weaker identities: Opportunistic personas," in Proc. 2nd USENIX Workshop on Hot Topics in Security (HotSec '07), Berkeley, CA: USENIX Association, 2007, pp. 6 pg.
  • V. Paxson, R. Sommer, and N. Weaver, "An architecture for exploiting multi-core processors to parallelize network intrusion prevention," in Proc. 2007 IEEE Sarnoff Symp., 2007, pp. 7 pg.
  • N. Weaver, V. Paxson, and J. M. Gonzalez, "The Shunt: An FPGA-based accelerator for network intrusion prevention," in Proc. 2007 ACM/SIGDA 15th Intl. Symp. on Field Programmable Gate Arrays (FPGA '07), New York, NY: The Association for Computing Machinery, Inc., 2007, pp. 199-206.
  • A. Parker, S. Reddy, T. Schmid, K. Chang, G. Saurabh, M. Srivastava, M. Hansen, J. Burke, D. Estrin, M. Allman, and V. Paxson, "Network system challenges in selective sharing and verification for personal, social , and urban-scale sensing applications," in Proc. 5th Workshop on Hot Topics in Networks (HotNets-V), New York, NY: The Association for Computing Machinery, Inc., 2006, pp. 37-42.
  • M. Allman, E. Blanton, V. Paxson, and S. Shenker, "Fighting coordinated attackers with cross-organizational information sharing," in Proc. 5th Workshop on Hot Topics in Networks (HotNets-V), New York, NY: The Association for Computing Machinery, Inc., 2006, pp. 121-126.
  • J. Kannan, J. Jung, V. Paxson, and C. E. Koksal, "Semi-automated discovery of application session structure," in Proc. 6th ACM SIGCOMM Internet Measurement Conf. (IMC '06), New York, NY: The Association for Computing Machinery, Inc., 2006, pp. 119-132.
  • R. Pang, V. Paxson, R. Sommer, and L. Peterson, "binpac: A yacc for writing application protocol parsers," in Proc. 6th AMC SIGCOMM Internet Measurement Conf. (IMC '06), New York, NY: The Association for Computing Machinery, Inc., 2006, pp. 289-300.
  • N. Weaver, V. Paxson, and R. Sommer, "Work in progress: Bro-LAN pervasive network inspection and control for LAN traffic," in Proc. 2nd Intl. Conf. on Security and Privacy in Communication Networks (SecureComm '06) and Workshops (WENS '06), Piscataway, NJ: IEEE Press, 2006, pp. 365-366.
  • H. Dreger, A. Feldmann, M. Mai, V. Paxson, and R. Sommer, "Dynamic application-layer protocol analysis for network intrusion detection," in Proc. 15th USENIX Security Symp., Vol. 15, Berkeley, CA: USENIX Association, 2006, pp. 257-272.
  • V. Paxson, K. Asanović, S. Dharmapurikar, J. W. Lockwood, R. Pang, R. Sommer, and N. Weaver, "Rethinking hardware support for network analysis and intrusion prevention," in Proc. 1st USENIX Workshop on Hot Topics in Security (HotSec '06), Berkeley, CA: USENIX Association, 2006, pp. 63-68.
  • W. Cui, V. Paxson, N. C. Weaver, and R. H. Katz, "Protocol-independent adaptive replay of application dialog," in Proc. 13th Annual Network and Distributed System Security Symp. (NDSS '06), Reston, VA: Internet Society, 2006, pp. 15 pg.
  • R. Sommer and V. Paxson, "Exploiting independent state for network intrusion detection," in Proc. 21st Annual Computer Security Applications Conf. (CSAC 2005), Los Alamitos, CA: IEEE Computer Society, 2005, pp. 59-71.
  • V. Yegneswaran, P. Barford, and V. Paxson, "Using honeynets for Internet situational awareness," in Proc. 4th Workshop on Hot Topics in Networks (HotNets-IV), New York, NY: The Association for Computing Machinery, Inc., 2005, pp. 6 pg.
  • M. Casado, T. Garfinkel, W. Cui, V. Paxson, and S. Savage, "Opportunistic measurement: Extracting insight from spurious traffic," in Proc. 4th Workshop on Hot Topics in Networks (HotNets-IV), New York, NY: The Association for Computing Machinery, Inc., 2005, pp. 6 pg.
  • S. Kornexl, V. Paxson, H. Dreger, A. Feldmann, and R. Sommer, "Building a time machine for efficient recording and retrieval of high-volume network traffic," in Proc. 5th ACM Internet Measurement Conf. (IMC '05), Berkeley, CA: USENIX Association, 2005, pp. 267-272.
  • A. Kumar, V. Paxson, and N. Weaver, "Exploiting underlying structure for detailed reconstruction of an Internet-scale event," in Proc. 5th ACM Internet Measurement Conf. (IMC '05), Berkeley, CA: USENIX Association, 2005, pp. 351-364.
  • R. Pang, M. Allman, M. Bennett, J. Lee, V. Paxson, and B. Tierney, "A first look at modern enterprise traffic," in Proc. 5th ACM Internet Measurement Conf. (IMC '05), Berkeley, CA: USENIX Association, 2005, pp. 15-28.
  • S. Dharmapurikar and V. Paxson, "Robust TCP stream reassembly in the presence of adversaries," in Proc. 14th USENIX Security Symp., Vol. 14, Berkeley, CA: USENIX Association, 2005, pp. 65-80.
  • M. Allman, E. Blanton, and V. Paxson, "An architecture for developing behavioral history," in Proc. Steps to Reducing Unwanted Traffic on the Internet Workshop (SRUTI '05), Berkeley, CA: USENIX Association, 2005, pp. 45-51.
  • H. Dreger, A. Feldmann, V. Paxson, and R. Sommer, "Operational experiences with high-volume network intrusion detection," in Proc. 11th ACM Conf. on Computer and Communications Security (CCS '04), New York, NY: The Association for Computing Machinery, Inc., 2004, pp. 2-11.
  • N. Weaver, I. Hamadeh, G. Kesidis, and V. Paxson, "Preliminary results using scale-down to explore worm dynamics," in Proc. 2nd ACM Workshop on Rapid Malcode (WORM '04), New York, NY: The Association for Computing Machinery, Inc., 2004, pp. 65-72.
  • S. Staniford, D. Moore, V. Paxson, and N. Weaver, "The top speed of flash worms," in Proc. 2nd ACM Workshop on Rapid Malcode (WORM '04), New York, NY: The Association for Computing Machinery, Inc., 2004, pp. 33-42.
  • R. Pang, V. Yegneswaran, P. Barford, V. Paxson, and L. Peterson, "Characteristics of Internet background radiation," in Proc. 4th ACM SIGCOMM Internet Measurement Conf. (IMC '04), New York, NY: The Association for Computing Machinery, Inc., 2004, pp. 27-40.
  • V. Paxson, "Strategies for sound Internet measurement," in Proc. 4th ACM SIGCOMM Internet Measurement Conf. (IMC '04), New York, NY: The Association for Computing Machinery, Inc., 2004, pp. 263-271.
  • N. Weaver, S. Staniford, and V. Paxson, "Very fast containment of scanning worms," in Proc. 13th USENIX Security Symp., Vol. 13, Berkeley, CA: USENIX Association, 2004, pp. 29-44.
  • N. Weaver, D. Ellis, S. Staniford, and V. Paxson, "Worms vs. perimeters: The case for hard-LANs," in Proc. 12th Annual IEEE Symp. on High Performance Interconnects (Hot Interconnects 12), Los Alamitos, CA: IEEE Computer Society, 2004, pp. 70-76.
  • V. Paxson, "Invited Talk: Measuring adversaries," in Proc. Joint Intl. Conf. on Measurement and Modeling of Computer Systems (SIGMETRICS '04/Performance '04), New York, NY: The Association for Computing Machinery, Inc., 2004, pp. 142-142.
  • N. Weaver and V. Paxson, "A worst-case worm," in Proc. 3rd Annual Workshop on Economics and Information Security (WEIS04), Minneapolis, MN: University of Minnesota Digital Technology Center, 2004, pp. 12 pg.
  • J. Jung, V. Paxson, A. W. Berger, and H. Balakrishnan, "Fast portscan detection using sequential hypothesis testing," in Proc. 2004 IEEE Symp. on Security and Privacy (S&P 2004), Los Alamitos, CA: IEEE Computer Society, 2004, pp. 211-225.
  • N. Weaver, V. Paxson, S. Staniford, and R. Cunningham, "A taxonomy of computer worms," in Proc. 1st Workshop on Rapid Malcode (WORM '03), New York, NY: The Association for Computing Machinery, Inc., 2003, pp. 11-18.
  • R. Sommer and V. Paxson, "Enhancing byte-level network intrusion detection signatures with context," in Proc. 10th ACM Conf. on Computer and Communications Security (CSS '03), New York, NY: The Association for Computing Machinery, Inc., 2003, pp. 262-271.
  • R. Pang and V. Paxson, "A high-level programming environment for packet trace anonymization and transformation," in Proc. 2003 Conf. on Applications, Technologies, Architectures, and Protocols for Computer Communications (SIGCOMM '03), New York, NY: The Association for Computing Machinery, Inc., 2003, pp. 339-351.
  • U. Shankar and V. Paxson, "Active mapping: Resisting NIDS evasion without altering traffic," in Proc. 2003 IEEE Symp. on Security and Privacy (S&P 2003), Los Alamitos, CA: IEEE Computer Society, 2003, pp. 44-61.
  • J. M. Gonzalez and V. Paxson, "pktd: A packet capture and injection daemon," in Proc. 4th Passive & Active Measurement Workshop (PAM-2003), 2003, pp. 10 pg.
  • E. Kohler, J. Li, V. Paxson, and S. Shenker, "Observed structure of addresses in IP traffic," in Proc. 2nd ACM SIGCOMM Workshop on Internet Measurement (IMW '02), New York, NY: The Association for Computing Machinery, Inc., 2002, pp. 253-266.
  • Y. Zhang, L. Breslau, V. Paxson, and S. Shenker, "On the characteristics and origins of Internet flow rates," in Proc. 2002 Conf. on Applications, Technologies, Architectures, and Protocols for Computer Communications (SIGCOMM '02), New York, NY: The Association for Computing Machinery, Inc., 2002, pp. 309-322.
  • S. Staniford, V. Paxson, and N. Weaver, "How to 0wn the Internet in your spare time," in Proc. 11th USENIX Security Symp., Vol. 11, Berkeley, CA: USENIX Association, 2002, pp. 149-167.
  • R. Govindan and V. Paxson, "Estimating router ICMP generation delays," in Proc. 3rd Passive & Active Measurement Workshop (PAM-2002), 2002, pp. 8 pg.
  • V. Paxson, A. K. Adams, and M. Mathis, "Experiences with NIMI," in Proc. 2002 Symp. on Applications and the Internet Workshops (SAINT-W '02), Los Alamitos, CA: IEEE Computer Society, 2002, pp. 108-118.
  • Y. Zhang, N. Duffield, V. Paxson, and S. Shenker, "On the constancy of Internet path properties," in Proc. 1st ACM SIGCOMM Internet Measurement Workshop (IMW '01), V. Paxson, Ed., New York, NY: The Association for Computing Machinery, Inc., 2001, pp. 197-211.
  • M. Handley, V. Paxson, and C. Kreibich, "Network intrusion detection: Evasion, traffic normalization, and end-to-end protocol semantics," in Proc. 10th USENIX Security Symp., Vol. 10, Berkeley, CA: USENIX Association, 2001, pp. 115-131.
  • N. G. Duffield, F. Lo Presti, V. Paxson, and D. F. Towsley, "Inferring link loss using striped unicast probes," in Proc. 20th Annual Joint Conf. of the IEEE Computer and Communications Societies (INFOCOM 2001), Vol. 2, Piscataway, NJ: IEEE Press, 2001, pp. 915-923.
  • Y. Zhang and V. Paxson, "Detecting stepping stones," in Proc. 9th USENIX Security Symp., Vol. 9, Berkeley, CA: USENIX Association, 2000, pp. 15 pg.
  • Y. Zhang and V. Paxson, "Detecting backdoors," in Proc. 9th USENIX Security Symp., Vol. 9, Berkeley, CA: USENIX Association, 2000, pp. 15 pg.
  • V. Paxson, A. Adams, and M. Mathis, "Experiences with NIMI," in Proc. of the Active and Passive Measurement Workshop (PAM-2000), 2000, pp. 11 pg.
  • M. Allman and V. Paxson, "On estimating end-to-end network path properties," in Proc. Conf. on Applications, Technologies, Architectures, and Protocols for Computer Communication (SIGCOMM '99), New York, NY: The Association for Computing Machinery, Inc., 1999, pp. 263-274.
  • P. Francis, S. Jamin, V. Paxson, L. Zhang, D. F. Gryniewicz, and Y. Jin, "An architecture for a global Internet host distance estimation service," in Proc. 18th Annual Joint Conf. of the IEEE Computer and Communications Societies (INFOCOM '99), Vol. 1, Piscataway, NJ: IEEE Press, 1999, pp. 210-217.
  • A. Adams, J. Mahdavi, M. Mathis, and V. Paxson, "Creating a scalable architecture for Internet measurement," in Proc. 1998 Internet Society Conf. (INET '98), Reston, VA: The Internet Society, 1998.
  • V. Paxson, "On calibrating measurements of packet transit times," in Proc. ACM SIGMETRICS Joint Intl. Conf. on Measurement and Modeling of Computer Systems (SIGMETRICS '98/Performance '98), New York, NY: The Association for Computing Machinery, Inc., 1998, pp. 11-21.
  • V. Paxson, "Best Paper Award: Bro: A system for detecting network intruders in real-time," in Proc. 7th USENIX Security Symp., Vol. 7, Berkeley, CA: USENIX Association, 1998, pp. 21 pg.
  • V. Paxson and S. Floyd, "Why we don't know how to simulate the Internet," in Proc. 1997 Winter Simulation Conf. (WSC '97), S. Andradottir, K. J. Healy, D. H. Withers, and B. L. Nelson, Eds., Piscataway, NJ: IEEE Press, 1997, pp. 1037-1044.
  • V. Paxson, "Automated packet trace analysis of TCP implementations," in Proc. 1997 ACM SIGCOMM Conf. on Applications, Technologies, Architectures, and Protocols for Computer Communication (SIGCOMM '97), M. Steenstrup, Ed., New York, NY: The Association for Computing Machinery, Inc., 1997, pp. 169-179.
  • V. Paxson, "End-to-end Internet packet dynamics," in Proc. ACM SIGCOMM 1997 Conf. on Applications, Technologies, Architectures, and Protocols for Computer Communication (SIGCOMM '97), M. Steenstrup, Ed., New York, NY: The Association for Computing Machinery, Inc., 1997, pp. 139-152.
  • V. Paxson, "End-to-end routing behavior in the Internet," in Proc. 1996 ACM SIGCOMM Conf. on Applications, Technologies, Architectures, and Protocols for Computer Communication (SIGCOMM '96), New York, NY: The Association for Computing Machinery, Inc., 1996, pp. 25-38.
  • C. L. Williamson, V. Paxson, W. Willinger, and B. Melamed, "Panel: Network Traffic Measurement and Modeling," in Proc. 1995 ACM SIGMETRICS Joint Intl. Conf. on Measurement and Modeling of Computer Systems (SIGMETRICS '95), New York, NY: The Association for Computing Machinery, Inc., 1995, pp. 56-57.
  • V. Paxson and S. Floyd, "Wide-area traffic: The failure of Poisson modeling," in Proc. Conf. on Communications Architectures, Protocols and Applications (SIGCOMM '94), New York, NY: The Association for Computing Machinery, Inc., 1994, pp. 257-268.
  • L. Schachinger and V. Paxson, "A software system for modeling and controlling accelerator physics parameters at the Advanced Light Source," in Proc. 1993 IEEE Intl. Conf. on Particle Accelerators (PAC '93), S. T. Corneliussen, Ed., Vol. 3, New York, NY: IEEE Press, 1993, pp. 1940-1942.
  • V. Paxson and C. Saltmarsh, "Glish: A user-level software bus for loosely-coupled distributed systems," in USENIX Winter 1993 Conf. Proc., Berkeley, CA: USENIX Association, 1993, pp. 141-155. [abstract]
  • V. Paxson and L. Schachinger, "Turnplot -- A graphical tool for analyzing tracking data," in 1991 IEEE Particle Accelerator Conf. Record: Accelerator Science and Technology (PAC '91), Vol. 1, New York, NY: IEEE Press1, 1991, pp. 297-299.
  • V. Paxson, S. G. Peggs, and L. Schachinger, "Interactive first turn and global closed orbit correction in the SSC," in Proc. 1st European Particle Accelerator Conf. (EPAC-1), S. Tazzari, Ed., Teaneck, NJ: World Scientific Publishing Co., Inc., 1989.
  • V. Paxson, C. Aragon, S. Peggs, C. Saltmarsh, and L. Schachinger, "A unified approach to building accelerator simulation software for the SSC," in Proc. 1989 IEEE Particle Accelerator Conf.: Accelerator Science and Technology (PAC '89), F. Bennett and J. Kopta, Eds., New York, NY: IEEE Press, 1989, pp. 82-84.
  • L. Schachinger, V. Paxson, T. Sun, R. Talman, and R. Hinkins, "Modeling the SSC," in Proc. 1989 IEEE Particle Accelerator Conf.: Accelerator Science and Technology (PAC '89), F. Bennett and J. Kopta, Eds., Vol. 3, New York, NY: IEEE Press, 1989, pp. 1424-1426.
  • E. Theil, V. Jacobson, and V. Paxson, "The impact of new computer technology on accelerator control," in Proc. 1987 IEEE Particle Accelerator Conf. (PAC 1987): Accelerator Engineering and Technology, E. R. Lindstrom and L. S. Taylor, Eds., New York, NY: IEEE Press, 1987, pp. 529-532.
  • V. Paxson, V. Jacobson, E. Theil, M. Lee, and S. Clearwater, "A scientific workstation operator-interface for accelerator control," in Proc. 1987 IEEE Particle Accelerator Conf. (PAC 1987): Accelerator Engineering and Technology, E. R. Lindstrom and L. S. Taylor, Eds., New York, NY: IEEE Press, 1987, pp. 556-558.
  • M. Lee, S. Clearwater, E. Theil, and V. Paxson, "Modern approaches to accelerator simulation and on-line control," in Proc. 1987 IEEE Particle Accelerator Conf. (PAC 1987): Accelerator Engineering and Technology, E. R. Lindstrom and L. S. Taylor, Eds., New York, NY: IEEE Press, 1987, pp. 611-613.

Conference proceedings (edited)

Technical Documentation

Technical Reports

Unpublished articles

Software

  • V. Paxson, "A program for testing IEEE binary-decimal conversion," 1991.

Patents

Talks or presentations

Ph.D. Theses

Miscellaneous