Engin Kirda
#155,976
Most Influential Person Now
Engin Kirda's AcademicInfluence.com Rankings
Engin Kirdacomputer-science Degrees
Computer Science
#8584
World Rank
#9025
Historical Rank
Programming
#88
World Rank
#91
Historical Rank
Database
#5581
World Rank
#5791
Historical Rank
Download Badge
Computer Science
Why Is Engin Kirda Influential?
(Suggest an Edit or Addition)Engin Kirda's Published Works
Number of citations in a given year to any of this author's works
Total number of citations to an author for the works they published in a given year. This highlights publication of the most important work(s) by the author
Published Works
- Limits of Static Analysis for Malware Detection (2007) (859)
- A survey on automated dynamic malware-analysis techniques and tools (2012) (833)
- Panorama: capturing system-wide information flow for malware detection and analysis (2007) (792)
- Pixy: a static analysis tool for detecting Web application vulnerabilities (2006) (732)
- Scalable, Behavior-Based Malware Clustering (2009) (715)
- All your contacts are belong to us: automated identity theft attacks on social networks (2009) (639)
- EXPOSURE: Finding Malicious Domains Using Passive DNS Analysis (2011) (584)
- Exploring Multiple Execution Paths for Malware Analysis (2007) (575)
- Cross Site Scripting Prevention with Dynamic Data Tainting and Static Analysis (2007) (567)
- PiOS: Detecting Privacy Leaks in iOS Applications (2011) (555)
- Effective and Efficient Malware Detection at the End Host (2009) (524)
- Saner: Composing Static and Dynamic Analysis to Validate Sanitization in Web Applications (2008) (415)
- Polymorphic Worm Detection Using Structural Information of Executables (2005) (413)
- A Practical Attack to De-anonymize Social Network Users (2010) (387)
- Service specific anomaly detection for network intrusion detection (2002) (384)
- Cutting the Gordian Knot: A Look Under the Hood of Ransomware Attacks (2015) (374)
- Noxes: a client-side solution for mitigating cross-site scripting attacks (2006) (352)
- UNVEIL: A large-scale, automated approach to detecting ransomware (keynote) (2016) (329)
- Dynamic Analysis of Malicious Code (2006) (309)
- Prospex: Protocol Specification Extraction (2009) (278)
- Disclosure: detecting botnet command and control servers through large-scale NetFlow analysis (2012) (277)
- G-Free: defeating return-oriented programming through gadget-less binaries (2010) (274)
- Exposure: A Passive DNS Analysis Service to Detect and Report Malicious Domains (2014) (270)
- SecuBat: a web vulnerability scanner (2006) (263)
- Dynamic Spyware Analysis (2007) (255)
- LAVA: Large-Scale Automated Vulnerability Addition (2016) (252)
- Behavior-based Spyware Detection (2006) (251)
- Beehive: large-scale log analysis for detecting suspicious activity in enterprise networks (2013) (246)
- Detecting System Emulators (2007) (237)
- Automatic Network Protocol Analysis (2008) (229)
- Automating Mimicry Attacks Using Static Binary Analysis (2005) (215)
- Efficient Detection of Split Personalities in Malware (2010) (212)
- AccessMiner: using system-centric models for malware protection (2010) (204)
- Preventing Cross Site Request Forgery Attacks (2006) (195)
- On the Effectiveness of Techniques to Detect Phishing Sites (2007) (192)
- Automatically Generating Models for Botnet Detection (2009) (190)
- A View on Current Malware Behaviors (2009) (189)
- Precise alias analysis for static detection of web application vulnerabilities (2006) (186)
- Abusing Social Networks for Automated User Profiling (2010) (181)
- Defending Browsers against Drive-by Downloads: Mitigating Heap-Spraying Code Injection Attacks (2009) (179)
- Visual-similarity-based phishing detection (2008) (169)
- Protecting users against phishing attacks with AntiPhish (2005) (168)
- A quantitative study of accuracy in system call-based malware detection (2012) (148)
- A layout-similarity-based approach for detecting phishing pages (2007) (148)
- A security analysis of Amazon's Elastic Compute Cloud service (2012) (145)
- Reverse Social Engineering Attacks in Online Social Networks (2011) (142)
- Thou Shalt Not Depend on Me: Analysing the Use of Outdated JavaScript Libraries on the Web (2018) (127)
- TriggerScope: Towards Detecting Logic Bombs in Android Applications (2016) (126)
- SWAP: Mitigating XSS attacks using a reverse proxy (2009) (119)
- Identifying Dormant Functionality in Malware Programs (2010) (116)
- Inspector Gadget: Automated Extraction of Proprietary Gadgets from Malware Binaries (2010) (114)
- FIRE: FInding Rogue nEtworks (2009) (113)
- Protecting Users against Phishing Attacks (2006) (108)
- The power of procrastination: detection and mitigation of execution-stalling malicious code (2011) (107)
- Redemption: Real-Time Protection Against Ransomware at End-Hosts (2017) (94)
- Improving the efficiency of dynamic malware analysis (2010) (91)
- Client-side cross-site scripting protection (2009) (86)
- A solution for the automated detection of clickjacking attacks (2010) (86)
- Experiences in Engineering Flexible Web Services (2001) (82)
- Leveraging User Interactions for In-Depth Testing of Web Applications (2008) (78)
- Overbot: a botnet protocol based on Kademlia (2008) (77)
- Privacy risks in named data networking: what is the cost of performance? (2012) (74)
- Automated Discovery of Parameter Pollution Vulnerabilities in Web Applications (2011) (72)
- Have things changed now? An empirical study on input validation vulnerabilities in web applications (2012) (71)
- A Look at Targeted Attacks Through the Lense of an NGO (2014) (69)
- Static analysis for detecting taint-style vulnerabilities in web applications (2010) (66)
- PatchDroid: scalable third-party security patches for Android devices (2013) (66)
- Is the Internet for Porn? An Insight Into the Online Adult Industry (2010) (64)
- Preventing Input Validation Vulnerabilities in Web Applications through Automated Type Analysis (2012) (63)
- A Practical, Targeted, and Stealthy Attack Against WPA Enterprise Authentication (2013) (58)
- Reducing errors in the anomaly-based detection of web-based attacks through the combined analysis of web requests and SQL queries (2009) (57)
- A service architecture for mobile teamwork (2002) (55)
- PUBCRAWL: Protecting Users and Businesses from CRAWLers (2012) (54)
- Mitigating Drive-By Download Attacks: Challenges and Open Problems (2009) (53)
- Server-Side Bot Detection in Massively Multiplayer Online Games (2009) (51)
- PoX: Protecting users from malicious Facebook applications (2011) (50)
- Quo Vadis? A Study of the Evolution of Input Validation Vulnerabilities in Web Applications (2011) (48)
- The Leurre.com Project: Collecting Internet Threats Information Using a Worldwide Distributed Honeynet (2008) (44)
- EmailProfiler: Spearphishing Filtering with Header and Stylometric Features of Emails (2016) (44)
- Surveylance: Automatically Detecting Online Survey Scams (2018) (42)
- Towards an access control system for mobile peer-to-peer collaborative environments (2002) (42)
- CuriousDroid: Automated User Interface Interaction for Android Application Analysis Sandboxes (2016) (40)
- Exploiting Redundancy in Natural Language to Penetrate Bayesian Spam Filters (2007) (39)
- SPARTA, a Mobile Agent Based Instrusion Detection System (2001) (38)
- Optical Delusions: A Study of Malicious QR Codes in the Wild (2014) (38)
- Kratos: multi-user multi-device-aware access control system for the smart home (2019) (37)
- Insights into User Behavior in Dealing with Internet Attacks (2012) (37)
- A Web-based peer-to-peer architecture for collaborative nomadic working (2001) (37)
- An empirical analysis of input validation mechanisms in web applications and languages (2012) (37)
- Privacy Implications of Ubiquitous Caching in Named Data Networking Architectures (2012) (37)
- Layout, Content and Logic Separation in Web Engineering (2001) (36)
- CAPTCHA smuggling: hijacking web browsing sessions to create CAPTCHA farms (2010) (36)
- How Tracking Companies Circumvented Ad Blockers Using WebSockets (2018) (35)
- VirtualSwindle: an automated attack against in-app billing on android (2014) (35)
- Secure Input for Web Applications (2007) (34)
- An anomaly-driven reverse proxy for web applications (2006) (33)
- Honeybot, Your Man in the Middle for Automated Social Engineering (2010) (32)
- Hypervisor-based malware protection with AccessMiner (2015) (31)
- Building Anti-Phishing Browser Plug-Ins: An Experience Report (2007) (30)
- PrivExec: Private Execution as an Operating System Service (2013) (30)
- Clickonomics: Determining the Effect of Anti-Piracy Measures for One-Click Hosting (2013) (30)
- HotFuzz: Discovering Algorithmic Denial-of-Service Vulnerabilities Through Guided Micro-Fuzzing (2020) (30)
- On the Effectiveness of Type-based Control Flow Integrity (2018) (28)
- Protecting against Ransomware: A New Line of Research or Restating Classic Ideas? (2018) (28)
- SoK: Cryptojacking Malware (2021) (28)
- Clustering and the Weekend Effect: Recommendations for the Use of Top Domain Lists in Security Research (2019) (25)
- It's Not what It Looks Like: Measuring Attacks and Defensive Registrations of Homograph Domains (2019) (23)
- DICE: Automatic Emulation of DMA Input Channels for Dynamic Firmware Analysis (2020) (21)
- WHOIS Lost in Translation: (Mis)Understanding Domain Name Expiration and Re-Registration (2016) (20)
- Using Static Program Analysis to Aid Intrusion Detection (2006) (20)
- ZigZag: Automatically Hardening Web Applications Against Client-side Validation Vulnerabilities (2015) (19)
- Ex-Ray: Detection of History-Leaking Browser Extensions (2017) (19)
- ShareMe: running a distributed systems lab for 600 students with three faculty members (2005) (19)
- Speculator: a tool to analyze speculative execution attacks and mitigations (2019) (19)
- Insights into current malware behavior (2009) (19)
- Web engineering device independent Web services (2001) (19)
- Exploiting diverse observation perspectives to get insights on the malware landscape (2010) (18)
- Securing Legacy Firefox Extensions with SENTINEL (2013) (17)
- Cached and Confused: Web Cache Deception in the Wild (2019) (17)
- Evaluation of a publish/subscribe system for collaborative and mobile working (2002) (17)
- OMNIX: A Topology-Independent P2P Middleware (2003) (16)
- On the Security and Engineering Implications of Finer-Grained Access Controls for Android Developers and Users (2015) (16)
- CrossFire: An Analysis of Firefox Extension-Reuse Vulnerabilities (2016) (15)
- TrueClick: automatically distinguishing trick banners from genuine download links (2014) (14)
- Extending .NET security to unmanaged code (2006) (14)
- SENTINEL: Securing Legacy Firefox Extensions (2015) (14)
- Cross Site Scripting Attacks (2011) (14)
- A Longitudinal Analysis of the ads.txt Standard (2019) (14)
- A Generic Content-Management Tool for Web Databases (2002) (14)
- Semi-automated discovery of server-based information oversharing vulnerabilities in Android applications (2017) (12)
- Automated Spyware Collection and Analysis (2009) (12)
- Building and managing XML/XSL-powered Web sites: an experience report (2001) (12)
- MyXML: An XML based template engine for the generation of flexible web content (2000) (12)
- Holiday Pictures or Blockbuster Movies? Insights into Copyright Infringement in User Uploads to One-Click File Hosters (2013) (11)
- Assessing Cybercrime Through the Eyes of the WOMBAT (2010) (11)
- Overhaul: Input-Driven Access Control for Better Privacy on Traditional Operating Systems (2016) (11)
- Supporting multi-device enabled Web services: challenges and open problems (2001) (10)
- Let ’ s Not Speculate : Discovering and Analyzing Speculative Execution Attacks (2018) (10)
- Large-Scale Analysis of Style Injection by Relative Path Overwrite (2018) (10)
- Hidden GEMs: Automated Discovery of Access Control Vulnerabilities in Graphical User Interfaces (2014) (10)
- BabelCrypt: The Universal Encryption Layer for Mobile Messaging Applications (2015) (10)
- Future threats to future trust (2009) (9)
- Proceedings of the First Workshop on Building Analysis Datasets and Gathering Experience Returns for Security (2011) (9)
- Paying for Piracy? An Analysis of One-Click Hosters' Controversial Reward Schemes (2012) (9)
- An Analysis of Malware Trends in Enterprise Networks (2019) (8)
- What's in an Exploit? An Empirical Analysis of Reflected Server XSS Exploitation Techniques (2020) (8)
- Bypassing memory safety mechanisms through speculative control flow hijacks (2020) (7)
- T-Reqs: HTTP Request Smuggling with Differential Fuzzing (2021) (7)
- Multi-User Multi-Device-Aware Access Control System for Smart Home (2019) (7)
- Preventing server-side request forgery attacks (2021) (6)
- MOTION: a peer-to-peer platform for mobile teamwork support (2002) (6)
- Practical Security Aspects of Digital Signature Systems (2006) (6)
- From Deletion to Re-Registration in Zero Seconds: Domain Registrar Behaviour During the Drop (2018) (6)
- Recent Advances in Intrusion Detection, 11th International Symposium, RAID 2008, Cambridge, MA, USA, September 15-17, 2008. Proceedings (2008) (6)
- Using XML / XSL to Build Adaptable Database Interfaces for Web Site Content Management (2001) (6)
- XGuide - A Practical Guide to XML-Based Web Engineering (2002) (5)
- Anticipating Security Threats to a Future Internet (2009) (5)
- Web service engineering with DIWE (2003) (5)
- Web Cache Deception Escalates! (2022) (5)
- Trellis: Privilege Separation for Multi-user Applications Made Easy (2016) (5)
- USBESAFE: An End-Point Solution to Protect Against USB-Based Attacks (2019) (4)
- Getting Under Alexa's Umbrella: Infiltration Attacks Against Internet Top Domain Lists (2019) (4)
- TWSAPI: a generic teamwork services application programming interface (2002) (4)
- Recent advances in intrusion detection : 12th International Symposium, RAID 2009, Saint-Malo, France, September 23-25, 2009 : proceedings (2009) (4)
- Who’s Controlling My Device? Multi-User Multi-Device-Aware Access Control System for Shared Smart Home Environment (2022) (4)
- DIWE: A Framework for Constructing Device-Independent Web Applications (2004) (4)
- Evolution of an organizational Web site: migrating to XML/XSL (2001) (4)
- In-Browser Cryptomining for Good: An Untold Story (2021) (4)
- Defending Browsers against Drive-by Downloads (2009) (3)
- Malware Behavior Clustering (2011) (3)
- Efficient and Stealthy Instruction Tracing and Its Applications in Automated Malware Analysis: Open Problems and Challenges (2011) (3)
- Distributed Product Development in Virtual Communities (2003) (3)
- Eraser: Your Data Won't Be Back (2018) (3)
- Conceptual Modeling (2012) (3)
- Recent Advances in Intrusion Detection, 10th International Symposium, RAID 2007, Gold Goast, Australia, September 5-7, 2007, Proceedings (2007) (3)
- Towards a hierarchical, semantic peer-to-peer topology (2002) (3)
- Cellular Network Security (2011) (3)
- D-Box: DMA-enabled Compartmentalization for Embedded Applications (2022) (3)
- Integrating Publish/Subscribe into a Mobile Teamwork Support Platform (2003) (2)
- Proceedings of the 12th International Symposium on Recent Advances in Intrusion Detection (2008) (2)
- Speculator (2019) (2)
- SCRUTINIZER: Detecting Code Reuse in Malware via Decompilation and Machine Learning (2021) (2)
- Runtime Integrity Checking for Exploit Mitigation on Lightweight Embedded Devices (2016) (2)
- Kratos (2020) (2)
- Supporting collaboration in the development of tools and dies in manufacturing networks (2003) (2)
- You've Got (a Reset) Mail: A Security Analysis of Email-Based Password Reset Procedures (2021) (2)
- Traffic Measurements for Cyber Security (2017) (2)
- Engineering of Web services with XML and XSL (2001) (2)
- A summary of two practical attacks against social networks (2011) (2)
- Supporting Mobile Users and Distributed Teamwork (2001) (2)
- Supporting Mobile Users and Distributed Teamwork (2001) (2)
- FADE: Detecting Fake News Articles on the Web (2021) (2)
- GhostBuster: understanding and overcoming the pitfalls of transient execution vulnerability checkers (2021) (1)
- SoK: All or Nothing - A Postmortem of Solutions to the Third-Party Script Inclusion Permission Model and a Path Forward (2022) (1)
- Forward White Book: Emerging ICT Threats (2010) (1)
- Browserprint: an Analysis of the Impact of Browser Features on Fingerprintability and Web Privacy (2021) (1)
- Holiday Pictures or Blockbuster Movies? Copyright Infringement in User Uploads to One-Click File Hosters (2013) (1)
- e-Game of FAME: Automatic Detection of FAke MEmes (2021) (1)
- XGuide - Concurrent Web Engineering with Contracts (2004) (1)
- WebCUS: A generic Web-based Database Management Tool powered by XML (2002) (1)
- Proceedings of the 5th USENIX conference on Large-Scale Exploits and Emergent Threats (2012) (1)
- BTLab: A System-Centric, Data-Driven Analysis and Measurement Platform for BitTorrent Clients (2011) (1)
- Extending Mondrian memory protection (2010) (1)
- FORWARD Threat Report (2009) (0)
- Assistant Professor (1995) (0)
- Cryptographic Protocol (2011) (0)
- Behavior Based Malware Analysis and Detection (2011) (0)
- MQ or Multivariate Quadratic Public-Key Cryptosystem (MQPKC) (2011) (0)
- Proceedings of the Third European Workshop on System Security, EUROSEC 2010, Paris, France, April 13, 2010 (2010) (0)
- Credential Verification (2011) (0)
- On the Complexity of the Web's PKI: Evaluating Certificate Validation of Mobile Browsers (2023) (0)
- On the misuse of graphical user interface elements to implement security controls (2017) (0)
- XGuide-Concurrent Web Engineering with Contracts and XML (0)
- Seventh Framework Programme Information & Communication Technologies Secure, Dependable and Trusted Infrastructures Coordination Action Managing Emerging Threats in Ict Infrastructures Deliverable D2.1.x Threat Reports Deliverable Security Class Public Editors Working Group Leaders Contributors Forw (0)
- 8102 Working Group -- Attack Taxonomy (2008) (0)
- Experiences in Engineering Web Services (2001) (0)
- Experience Report on the Challenges and Opportunities in Securing Smartphones Against Zero-Click Attacks (2022) (0)
- DARKDROID : EXPOSING THE DARK SIDE OF ANDROID (2016) (0)
- 4. 8102 Working Group -- Attack Taxonomy (2008) (0)
- Extending .NET Security to Native Code (2005) (0)
- 08102 Working Group -- Requirements for Network Monitoring from an IDS Perspective (2008) (0)
- Detecting Bots with Automatically Generated Network Signatures (2010) (0)
- FORWARD -- Second Workshop Report (2009) (0)
- DarkDroid - Exposing the Dark Side of Malicious Mobile Applications (2013) (0)
- DARKDROID: Exposing the Dark Side of Android Marketplaces (2016) (0)
- A Recent Year On the Internet: Measuring and Understanding the Threats to Everyday Internet Devices (2022) (0)
- HotFuzz: Discovering Temporal and Spatial Denial-of-Service Vulnerabilities Through Guided Micro-Fuzzing (2022) (0)
- Session details: Sandboxing (2010) (0)
- FRAMESHIFTER: Security Implications of HTTP/2-to-HTTP/1 Conversion Anomalies (2022) (0)
- Root Cause Analysis for Cybersecurity (2017) (0)
- NSDI '12 and LEET '12 (2012) (0)
- Achieving Life-Cycle Compliance of Service-Oriented Architectures: Open Issues and Challenges (2009) (0)
- Seventh Framework Programme Information & Communication Technologies Secure, Dependable and Trusted Infrastructures Coordination Action Managing Emerging Threats in Ict Infrastructures Deliverable D1.2/1.3: First Workshop Report, and First " Threats on the Internet " Seminar Report Contractual Date (2008) (0)
This paper list is powered by the following services:
What Schools Are Affiliated With Engin Kirda?
Engin Kirda is affiliated with the following schools:
