Publications

Books

Intrusion Detection and Correlation - Challenges and Solutions
Christopher Kruegel, Fredrik Valeur, and Giovanni Vigna
Advances in Information Security, Vol. 14, Springer Verlag, ISBN 0-387-23398-9.
January 2005.
[ Book ]

Einfuehrung in die Technische Informatik (Introduction to Technical Computer Science), German Language
Gerhard-Helge Schildt, Daniela Kahn, Christopher Kruegel, and Christian Moerz
Springers Lehrbuecher der Informatik (Textbooks on Computer Science), Springer Verlag, ISBN 3-211-24346-1.
April 2005.
[ Book ]

Journal Publications

Extending .NET Security to Unmanaged Code
Patrick Klinkoff, Christopher Kruegel, Engin Kirda, and Giovanni Vigna
International Journal of Information Security, Volume 6, Number 6, Springer Computer Science Journal.
October 2007.
[ Article ]

Dynamic Analysis of Malicious Code
Ulrich Bayer, Andreas Moser, Christopher Kruegel, and Engin Kirda
Journal in Computer Virology, Volume 2, Number 1, Springer Computer Science Journal.
August 2006.
[ Article ]

Anomalous System Call Detection
Darren Mutz, Fredrik Valeur, Christopher Kruegel, and Giovanni Vigna
ACM Transactions on Information and System Security, Volume 9, Number 1, ACM Press.
February 2006.
[ Article ]

Protecting Users Against Phishing Attacks with AntiPhish
Engin Kirda and Christopher Kruegel
The Computer Journal, Volume 49, Number 5, Oxford University Press.
January 2006.
[ Article ]

A multi-model approach to the detection of web-based attacks
Christopher Kruegel, Giovanni Vigna, and William Robertson
Computer Networks, Volume 48, Number 5, Elsevier.
July 2005.
[ Article ]

Using Alert Verification to Identify Successful Intrusion Attempts
Christopher Kruegel, William Robertson, and Giovanni Vigna
Practice in Information Processing and Communication (PIK), Volume 27, Number 4, K.G. Saur Verlag.
October 2004.
[ Article ]

A Comprehensive Approach to Intrusion Detection Alert Correlation
Fredrik Valeur, Giovanni Vigna, Christopher Kruegel, and Richard Kemmerer
IEEE Transactions on Dependable and Secure Computing, Volume 1, Number 3.
July 2004.
[ Article ]

Conference Publications

Automatic Network Protocol Analysis
Gilbert Wondracek, Paulo Milani, Christopher Kruegel, and Engin Kirda
Network and Distributed System Security Symposium (NDSS), Internet Society.
USA, February 2008.
[ Article ]

Limits of Static Analysis for Malware Detection
Andreas Moser, Christopher Kruegel, and Engin Kirda
23rd Annual Computer Security Applications Conference (ACSAC), IEEE Computer Society Press.
USA, December 2007.
[ Article ]

Improving Signature Testing Through Dynamic Data Flow Analysis
Davide Balzarotti, William Robertson, Christopher Kruegel, and Giovanni Vigna
23rd Annual Computer Security Applications Conference (ACSAC), IEEE Computer Society Press.
USA, December 2007.
[ Article ]

Secure Input for Web Applications
Martin Szydlowski, Christopher Kruegel, and Engin Kirda
23rd Annual Computer Security Applications Conference (ACSAC), IEEE Computer Society Press.
USA, December 2007.
[ Article ]

Panorama: Capturing System-wide Information Flow for Malware Detection and Analysis
Heng Yin, Dawn Song, Manuel Egele, Christopher Kruegel, and Engin Kirda
14th ACM Conference on Computer and Communications Security (CCS), ACM Press.
USA, October 2007.
[ Article ]

Detecting System Emulators
Thomas Raffetseder, Christopher Kruegel, and Engin Kirda
10th Information Security Conference (ISC), Lecture Notes in Computer Science, Springer Verlag.
Chile, October 2007.
This paper won the best student paper award.
[ Article ]

Mining Specifications of Malicious Behavior
Mihai Christodorescu, Somesh Jha, and Christopher Kruegel
6th Joint Meeting of the European Software Engineering Conference and the ACM SIGSOFT Symposium on the Foundations of Software Engineering (ESEC/FSE), ACM Press.
Croatia, September 2007.
[ Article ]

A Layout-Similarity-Based Approach for Detecting Phishing Pages
Angelo Rosiello, Engin Kirda, Christopher Kruegel, and Fabrizio Ferrandi
IEEE International Conference on Security and Privacy for Emerging Areas in Communication Networks (Securecomm), IEEE Computer Society Press.
France, September 2007.
[ Article ]

On the Effectiveness of Techniques to Detect Phishing Sites
Christian Ludl, Sean McAllister, Engin Kirda, and Christopher Kruegel
Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA), Lecture Notes in Computer Science, Springer Verlag.
Switzerland, July 2007.
[ Article ]

Dynamic Spyware Analysis
Manuel Egele, Christopher Kruegel, Engin Kirda, Heng Yin, and Dawn Song
Usenix Annual Technical Conference.
USA, June 2007.
[ Article ]

Exploring Multiple Execution Paths for Malware Analysis
Andreas Moser, Christopher Kruegel, and Engin Kirda
IEEE Symposium on Security and Privacy, IEEE Computer Society Press.
USA, May 2007.
[ Article ]

Cross Site Scripting Prevention with Dynamic Data Tainting and Static Analysis
Philipp Vogt, Florian Nentwich, Nenad Jovanovic, Engin Kirda, Christopher Kruegel, and Giovanni Vigna
Network and Distributed System Security Symposium (NDSS), Internet Society.
USA, February 2007.
[ Article ]

Extending .NET Security to Unmanaged Code
Patrick Klinkoff, Christopher Kruegel, Engin Kirda, and Giovanni Vigna
9th Information Security Conference (ISC), Lecture Notes in Computer Science, Springer Verlag.
Greece, September 2006.
[ Article ]

Preventing Cross Site Request Forgery Attacks
Nenad Jovanovic, Engin Kirda, and Christopher Kruegel
IEEE International Conference on Security and Privacy for Emerging Areas in Communication Networks (Securecomm), IEEE Computer Society Press.
USA, August 2006.
[ Article ]

Behavior-based Spyware Detection
Engin Kirda, Christopher Kruegel, Greg Banks, Giovanni Vigna, and Richard Kemmerer
15th Usenix Security Symposium.
Canada, August 2006.
[ Article ]

Using Static Program Analysis to Aid Intrusion Detection
Manuel Egele, Martin Szydlowski, Engin Kirda, and Christopher Kruegel
Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA), Lecture Notes in Computer Science, Springer Verlag.
Germany, July 2006.
[ Article ]

SecuBat: A Web Vulnerability Scanner
Stefan Kals, Engin Kirda, Christopher Kruegel, and Nenad Jovanovic
15th International World Wide Web Conference (WWW).
United Kingdom, May 2006.
[ Article ]

Pixy: A Static Analysis Tool for Detecting Web Application Vulnerabilities (Short Paper)
Nenad Jovanovic, Christopher Kruegel, and Engin Kirda
IEEE Symposium on Security and Privacy, IEEE Computer Society Press.
USA, May 2006.
[ Article ]

TTAnalyze: A Tool for Analyzing Malware
Ulrich Bayer, Christopher Kruegel, and Engin Kirda
15th Annual Conference of the European Institute for Computer Antivirus Research (EICAR).
Germany, April 2006.
This paper won the best paper award.
[ Article ]

Noxes: A Client-Side Solution for Mitigating Cross Site Scripting Attacks
Engin Kirda, Christopher Kruegel, Giovanni Vigna, and Nenad Jovanovic
21st ACM Symposium on Applied Computing (SAC), ACM Press.
France, April 2006.
[ Article ]

An Anomaly-driven Reverse Proxy for Web Applications
Fredrik Valeur, Giovanni Vigna, Christopher Kruegel, and Engin Kirda
21st ACM Symposium on Applied Computing (SAC), ACM Press.
France, April 2006.
[ Article ]

Using Generalization and Characterization Techniques in the Anomaly-based Detection of Web Attacks
William Robertson, Giovanni Vigna, Christopher Kruegel and Richard Kemmerer
Network and Distributed System Security Symposium (NDSS), Internet Society.
USA, February 2006.
[ Article ]

Polymorphic Worm Detection Using Structural Information of Executables
Christopher Kruegel, Engin Kirda, Darren Mutz, William Robertson, and Giovanni Vigna
8th Symposium on Recent Advances in Intrusion Detection (RAID), Lecture Notes in Computer Science, Springer Verlag.
USA, September 2005.
[ Article ]

Automating Mimicry Attacks Using Static Binary Analysis
Christopher Kruegel, Engin Kirda, Darren Mutz, William Robertson, and Giovanni Vigna
14th Usenix Security Symposium.
USA, August 2005.
[ Article ]

Protecting Users Against Phishing Attacks with AntiPhish
Engin Kirda and Christopher Kruegel
29th Annual International Computer Software and Applications Conference (COMPSAC), IEEE Computer Society Press.
United Kingdom, July 2005.
[ Article ]

Reverse Engineering of Network Signatures
Darren Mutz, Christopher Kruegel, William Robertson, Giovanni Vigna, and Richard Kemmerer
Information Technology Security Conference (AusCERT).
Australia, May 2005.
This paper won the best paper award.
[ Article ]

Detecting Kernel-Level Rootkits Through Binary Analysis
Christopher Kruegel, William Robertson and Giovanni Vigna
20th Annual Computer Security Applications Conference (ACSAC), IEEE Computer Society Press.
USA, December 2004.
[ Article ]

Static Disassembly of Obfuscated Binaries
Christopher Kruegel, William Robertson, Fredrik Valeur and Giovanni Vigna
13th Usenix Security Symposium.
USA, August 2004.
[ Article ]

Bayesian Event Classification for Intrusion Detection
Christopher Kruegel, Darren Mutz, William Robertson and Fredrik Valeur
19th Annual Computer Security Applications Conference (ACSAC), IEEE Computer Society Press.
USA, December 2003.
[ Article ]

Anomaly Detection of Web-based Attacks
Christopher Kruegel and Giovanni Vigna
10th ACM Conference on Computer and Communications Security (CCS), ACM Press.
USA, October 2003.
[ Article ]

On the Detection of Anomalous System Call Arguments
Christopher Kruegel, Darren Mutz, Fredrik Valeur and Giovanni Vigna
8th European Symposium on Research in Computer Security (ESORICS), Lecture Notes in Computer Science, Springer Verlag.
Norway, October 2003.
[ Article ]

Run-time Detection of Heap-based Overflows
William Robertson, Christopher Kruegel, Darren Mutz and Fredrik Valeur
17th Large Installation Systems Administration Conference (LISA), Usenix.
USA, October 2003.
[ Article ]

Using Decision Trees to Improve Signature-based Intrusion Detection
Christopher Kruegel and Thomas Toth
6th Symposium on Recent Advances in Intrusion Detection (RAID), Lecture Notes in Computer Science, Springer Verlag.
USA, September 2003.
[ Article ]

Topology-based Detection of Anomalous BGP Messages
Christopher Kruegel, Darren Mutz, William Robertson and Fredrik Valeur
6th Symposium on Recent Advances in Intrusion Detection (RAID), Lecture Notes in Computer Science, Springer Verlag.
USA, September 2003.
[ Article ]

Web Service Engineering with DIWE
Engin Kirda, Clemens Kerer, Christopher Kruegel and Roman Kurmanowytsch
29th Euromicro, IEEE Computer Society Press.
September 2003.
[ Article ]

Evaluating the Impact of Automated Intrusion Response Mechanisms
Thomas Toth and Christopher Kruegel
18th Annual Computer Security Applications Conference (ACSAC), IEEE Computer Society Press.
November 2002.
[ Article ]

Accurate Buffer Overflow Detection via Abstract Payload Execution
Thomas Toth and Christopher Kruegel
5th Symposium on Recent Advances in Intrusion Detection (RAID), Lecture Notes in Computer Science, Springer Verlag.
Switzerland, October 2002.
[ Article ]

DPS - An Architectural Style for Development of Secure Software
Pascal Fenkam, Harald Gall, Mehdi Jazayeri and Christopher Kruegel
Infrastructure Security Conference (InfraSec), Lecture Notes in Computer Science, Springer Verlag.
United Kingdom, October 2002.
[ Article ]

Stateful Intrusion Detection for High-Speed Networks
Christopher Kruegel, Fredrik Valeur, Giovanni Vigna and Richard Kemmerer
IEEE Symposium on Security and Privacy, IEEE Computer Society Press.
USA, May 2002.
[ Article ]

Service Specific Anomaly Detection for Network Intrusion Detection
Christopher Kruegel, Thomas Toth and Engin Kirda
17th ACM Symposium on Applied Computing (SAC), ACM Press.
Spain, March 2002.
[ Article ]

Distributed Pattern Detection for Intrusion Detection
Christopher Kruegel and Thomas Toth
Network and Distributed System Security Symposium (NDSS), Internet Society.
USA, February 2002.
[ Article ]

Flexible, Mobile Agent based Intrusion Detection for Dynamic Networks
Christopher Kruegel and Thomas Toth
European Wireless.
Italy, February 2002.
[ Article ]

Decentralized Event Correlation for Intrusion Detection
Christopher Kruegel, Thomas Toth and Clemens Kerer
International Conference on Information Security and Cryptology (ICISC), Lecture Notes in Computer Science, Springer Verlag.
Korea, December 2001.
[ Article ]

Sparta - A Mobile Agent based Intrusion Detection System
Christopher Kruegel, Thomas Toth, and Engin Kirda
IFIP Conference on Network Security (I-NetSec), Kluwer Academic Publishers.
Croatia, June 2001.
[ Article ]

An efficient, IP based solution to the 'Logical Timestamp Wrapping' problem
Christopher Kruegel and Thomas Toth
6th International Conference on Telecommunications (ConTEL).
Croatia, June 2001.
[ Article ]

Improved fieldbus control via middleware technolgy
Wolfgang Kastner and Christopher Kruegel
4th Conference on Automatic Control (Controlo).
Portugal, October 2000.
[ Article ]

Jini connectivity for EIB home and building networks - from design to implementation
Wolfgang Kastner and Christopher Kruegel
EIB Scientific Conference.
Germany, October 1999.
[ Article ]

Jini: Ein guter Geist fuer die Gebaeudesystemtechnik, German Language
Wolfgang Kastner, Christopher Kruegel and Heinrich Reiter
Java Informations Tage (JIT).
Germany, September 1999.
[ Article ]

Workshop Publications

Exploiting Redundancy in Natural Language to Penetrate Bayesian Spam Filters
Christoph Karlberger, Guenter Bayler, Christopher Kruegel, and Engin Kirda
Usenix Workshop on Offensive Technologies (WOOT).
USA, August 2007.
[ Article ]

Building Anti-Phishing Browser Plug-Ins: An Experience Report
Thomas Raffetseder, Engin Kirda, and Christopher Kruegel
ICSE Workshop on Software Engineering for Secure Systems (SESS), IEEE Computer Society Press.
USA, May 2007.
[ Article ]

Precise Alias Analysis for Static Detection of Web Application Vulnerabilities
Nenad Jovanovic, Christopher Kruegel, and Engin Kirda
ACM Workshop on Programming Languages and Analysis for Security (PLAS), ACM Special Interest Group for Programming Languages (SIGPLAN) Notices.
USA, June 2006.
[ Article ]

Alert Verification - Determining the Success of Intrusion Attempts
Christopher Kruegel and William Robertson
Workshop on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA).
Germany, July 2004.
[ Article ]

Connection-history based anomaly detection
Thomas Toth and Christopher Kruegel
3rd IEEE Information Assurance Workshop, IEEE Computer Society Press.
USA, June 2002.
[ Article ]

XGuide - A Practical Guide to XML-based Web Engineering
Engin Kirda, Clemens Kerer and Christopher Kruegel
International Workshop on Web Engineering, Lecture Notes in Computer Science, Springer Verlag.
Italy, May 2002.
[ Article ]

Supporting multi-device enabled services: Challenges and open problems
Engin Kirda, Clemens Kerer, Mehdi Jazayeri and Christopher Kruegel
10th IEEE Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE), IEEE Computer Society Press.
USA, June 2001.
[ Article ]

Applying Mobile Agent Technology to Intrusion Detection
Christopher Kruegel and Thomas Toth
ICSE Workshop on Software Engineering and Mobility.
Canada, May 2001.
[ Article ]

A new approach for Java in embedded networks
Wolfgang Kastner and Christopher Kruegel
3rd IEEE Workshop on Factory Communication Systems, IEEE Computer Society Press.
Portugal, September 2000.
[ Article ]

Book Chapters

Host-Based Intrusion Detection
Giovanni Vigna and Christopher Kruegel
Handbook of Information Security, John Wiley and Sons, ISBN 0-471-64833-7.
December 2005.
[ Article ] [ Book ]

Characterizing the Behavior and Structure of Malicious Executables
Christopher Kruegel
Special Workshop on Malware Detection, Advances in Information Security, Springer Verlag, ISBN: 978-0-387-32720-4 .
USA, August 2005.
[ Article ] [ Book ]

Internet Security
Christopher Kruegel
The Industrial Communication Technology Handbook, CRC Press, ISBN 0-8493-3077-7.
February 2005.
[ Article ] [ Book ]

Network Security and Secure Applications
Christopher Kruegel
The Industrial Information Technology Handbook, CRC Press, ISBN 0-8493-1985-4.
November 2004.
[ Article ] [ Book ]

Editorships

Proceedings of the 10th International Symposium on Recent Advances in Intrusion Detection
Christopher Kruegel, Richard Lippmann, and Andrew Clark (Eds.)
Lecturen Notes in Computer Science (LNCS), Vol. 4637, Springer Verlag, ISBN 978-3-540-74319-4.
September 2007.
[ Book ]

Proceedings of the 9th International Symposium on Recent Advances in Intrusion Detection
Diego Zamboni and Christopher Kruegel (Eds.)
Lecturen Notes in Computer Science (LNCS), Vol. 4219, Springer Verlag, ISBN 978-3-540-39723-6.
September 2006.
[ Book ]

Proceedings of the 2nd International Conference on Intrusion and Malware Detection and Vulnerability Assessment
Klaus Julisch and Christopher Kruegel (Eds.)
Lecturen Notes in Computer Science (LNCS), Vol. 3548, Springer Verlag, ISBN 3-540-26613-5.
July 2005.
[ Book ]

Proceedings of the 6th International Symposium on Recent Advances in Intrusion Detection
Giovanni Vigna, Erland Jonsson and Christopher Kruegel (Eds.)
Lecturen Notes in Computer Science (LNCS), Vol. 2820, Springer Verlag, ISBN 3-540-40878-9.
September 2003.
[ Book ]

Created by Christopher Kruegel (© 2004, using Apache Cocoon).