Vern Paxson | Academic Influence

Vern Paxson's AcademicInfluence.com Rankings

Vern Paxson

Computer Science

#479

World Rank

#497

Historical Rank

#265

USA Rank

Database

#625

World Rank

#655

Historical Rank

#228

USA Rank

computer-science Degrees

Download Badge

Computer Science

Vern Paxson's Degrees

PhD Computer Science University of California, Berkeley
Masters Computer Science University of California, Berkeley
Bachelors Computer Science University of California, Berkeley

Similar Degrees You Can Earn

Why Is Vern Paxson Influential?

(Suggest an Edit or Addition)

According to Wikipedia, Vern Edward Paxson is a Professor of Computer Science at the University of California, Berkeley. He also leads the Networking and Security Group at the International Computer Science Institute in Berkeley, California. His interests range from transport protocols to intrusion detection and worms. He is an active member of the Internet Engineering Task Force community and served as the chair of the IRTF from 2001 until 2005. From 1998 to 1999 he served on the IESG as Transport Area Director for the IETF.

(See a Problem?)

Vern Paxson's Published Works

Number of citations in a given year to any of this author's works

Total number of citations to an author for the works they published in a given year. This highlights publication of the most important work(s) by the author

Published Works

Bro: a system for detecting network intruders in real-time (1998) (2904)
Wide area traffic: the failure of Poisson modeling (1995) (2621)
Wide-area traffic: the failure of Poisson modeling (1994) (2511)
TCP Congestion Control (1999) (2204)
End-to-end Internet packet dynamics (1997) (1431)
How to Own the Internet in Your Spare Time (2002) (1348)
Outside the Closed World: On Using Machine Learning for Network Intrusion Detection (2010) (1338)
Inside the Slammer Worm (2003) (1067)
Computing TCP's Retransmission Timer (2000) (1022)
Controlling high bandwidth aggregates in the network (2002) (875)
Difficulties in simulating the internet (2001) (846)
Fast portscan detection using sequential hypothesis testing (2004) (789)
Measurements and analysis of end-to-end Internet dynamics (1997) (739)
Empirically derived analytic models of wide-area TCP connections (1994) (719)
@spam: the underground on 140 characters or less (2010) (630)
The Matter of Heartbleed (2014) (622)
End-to-end routing behavior in the Internet (1996) (584)
End-to-end routing behavior in the internet (2006) (559)
Design and Evaluation of a Real-Time URL Spam Filtering Service (2011) (529)
A taxonomy of computer worms (2003) (525)
An analysis of using reflectors for distributed denial-of-service attacks (2001) (504)
Framework for IP Performance Metrics (1998) (503)
Suspended accounts in retrospect: an analysis of twitter spam (2011) (502)
On dominant characteristics of residential broadband internet traffic (2009) (500)
Network Intrusion Detection: Evasion, Traffic Normalization, and End-to-End Protocol Semantics (2001) (499)
Fast, approximate synthesis of fractional Gaussian noise for generating self-similar network traffic (1997) (471)
Detecting Stepping Stones (2000) (449)
On estimating end-to-end network path properties (2001) (444)
What's New About Cloud Computing Security? (2010) (443)
An inquiry into the nature and causes of the wealth of internet miscreants (2007) (441)
Self-similarity and heavy tails: structural modeling of network traffic (1998) (430)
Why We Don't Know How To Simulate The Internet (1997) (427)
Characteristics of internet background radiation (2004) (416)
On the characteristics and origins of internet flow rates (2002) (398)
Netalyzr: illuminating the edge network (2010) (376)
WHERE MATHEMATICS MEETS THE INTERNET (1998) (348)
The Spread of the Sapphire/Slammer Worm (2003) (327)
On calibrating measurements of packet transit times (1998) (321)
Very Fast Containment of Scanning Worms (2004) (318)
Automated packet trace analysis of TCP implementations (1997) (317)
Spamalytics: an empirical analysis of spam marketing conversion (2009) (299)
Measuring Pay-per-Install: The Commoditization of Malware Distribution (2011) (299)
Enhancing byte-level network intrusion detection signatures with context (2003) (289)
Click Trajectories: End-to-End Analysis of the Spam Value Chain (2011) (287)
An architecture for large-scale Internet measurement (1998) (277)
End-to-end internet packet dynamics (1999) (266)
Trafficking Fraudulent Accounts: The Role of the Underground Market in Twitter Spam and Abuse (2013) (265)
The devil and packet trace anonymization (2006) (264)
Manufacturing compromise: the emergence of exploit-as-a-service (2012) (247)
A first look at modern enterprise traffic (2005) (242)
An architecture for a global Internet host distance estimation service (1999) (240)
Inferring link loss using striped unicast probes (2001) (236)
The top speed of flash worms (2004) (228)
Multiscale Stepping-Stone Detection: Detecting Pairs of Jittered Interactive Streams by Exploiting Maximum Tolerable Delay (2002) (228)
Prudent Practices for Designing Malware Experiments: Status Quo and Outlook (2012) (226)
Scaling phenomena in the Internet: Critically examining criticality (2002) (225)
A high-level programming environment for packet trace anonymization and transformation (2003) (213)
The use of end-to-end multicast measurements for characterizing internal network behavior (2000) (200)
Spamalytics: an empirical analysis of spam marketing conversion (2008) (188)
Protocol-Independent Adaptive Replay of Application Dialog (2006) (187)
Fast approximation of self-similar network traffic (1995) (186)
Strategies for sound internet measurement (2004) (186)
The Stationarity of Internet Path Properties: Routing, Loss, and Throughput (2000) (178)
Operational experiences with high-volume network intrusion detection (2004) (177)
On the Potential of Proactive Domain Blacklisting (2010) (171)
Active mapping: resisting NIDS evasion without altering traffic (2003) (169)
IETF Criteria for Evaluating Reliable Multicast Transport and Application Protocols (1998) (168)
The NIDS Cluster: Scalable, Stateful Network Intrusion Detection on Commodity Hardware (2007) (168)
binpac: a yacc for writing application protocol parsers (2006) (166)
Growth trends in wide-area TCP connections (1994) (159)
A Large-Scale Empirical Study of Security Patches (2017) (151)
Data Breaches, Phishing, or Malware?: Understanding the Risks of Stolen Credentials (2017) (147)
Blocking-resistant communication through domain fronting (2015) (144)
The Security Impact of HTTPS Interception (2017) (136)
Hulk: Eliciting Malicious Behavior in Browser Extensions (2014) (130)
A brief history of scanning (2007) (128)
Show Me the Money: Characterizing Spam-advertised Revenue (2011) (128)
Notices of the American Mathematical Society (1998) (123)
Detecting and Analyzing Automated Activity on Twitter (2011) (121)
An Analysis of the Privacy and Security Risks of Android VPN Permission-enabled Apps (2016) (118)
Building a time machine for efficient recording and retrieval of high-volume network traffic (2005) (117)
Using Honeynets for Internet Situational Awareness (2005) (115)
Enriching network security analysis with time travel (2008) (115)
Spamcraft: An Inside Look At Spam Campaign Orchestration (2009) (114)
Issues and etiquette concerning use of shared measurement data (2007) (111)
Long-Range Dependence and Data Network Traffic (2001) (111)
Ad Injection at Scale: Assessing Deceptive Advertisement Modifications (2015) (110)
An architecture for exploiting multi-core processors to parallelize network intrusion prevention (2007) (109)
Detecting Backdoors (2000) (107)
Experiences with NIMI (2002) (107)
On the Spam Campaign Trail (2008) (105)
PREDATOR: Proactive Recognition and Elimination of Domain Abuse at Time-Of-Registration (2016) (101)
Known TCP Implementation Problems (1999) (100)
Understanding the domain registration behavior of spammers (2013) (98)
Examining How the Great Firewall Discovers Hidden Circumvention Servers (2015) (95)
Robust TCP Stream Reassembly in the Presence of Adversaries (2005) (95)
Insights from the Inside: A View of Botnet Management from Infiltration (2010) (95)
You've Got Vulnerability: Exploring Effective Vulnerability Notifications (2016) (94)
Global Measurement of DNS Manipulation (2017) (92)
IPPM Metrics for Measuring Connectivity (1999) (91)
Cyber defense technology networking and evaluation (2004) (91)
Adapting Social Spam Infrastructure for Political Censorship (2012) (90)
Botnet Judo: Fighting Spam with Itself (2010) (89)
What's Clicking What? Techniques and Innovations of Today's Clickbots (2011) (88)
Enabling an Energy-Efficient Future Internet Through Selectively Connected End Systems (2007) (86)
Shunting: a hardware/software architecture for flexible, high-performance network intrusion prevention (2007) (82)
Detecting Forged TCP Reset Packets (2009) (81)
The shunt: an FPGA-based accelerator for network intrusion prevention (2007) (77)
Preliminary results using scale-down to explore worm dynamics (2004) (76)
Haystack: In Situ Mobile Traffic Analysis in User Space (2015) (74)
Semi-automated discovery of application session structure (2006) (74)
Predicting the resource consumption of network intrusion detection systems (2008) (74)
Fathom: a browser-based network measurement platform (2012) (73)
Tools for Automated Analysis of Cybercriminal Markets (2017) (73)
Exploiting underlying structure for detailed reconstruction of an internet-scale event (2005) (73)
Network loss tomography using striped unicast probes (2006) (72)
Observed Structure of Addresses in IP Traffic (2002) (71)
A Worst-Case Worm (2004) (70)
Detecting stealthy, distributed SSH brute-forcing (2013) (69)
Here Be Web Proxies (2014) (68)
Do You See What I See? Differential Treatment of Anonymous Users (2016) (67)
Characterizing Large-Scale Click Fraud in ZeroAccess (2014) (66)
When Governments Hack Opponents: A Look at Actors and Technology (2014) (66)
Consequences of Connectivity: Characterizing Account Hijacking on Twitter (2014) (66)
Network System Challenges in Selective Sharing and Verification for Personal, Social, and Urban-Scale Sensing Applications (2006) (64)
GQ: practical containment for measuring modern malware systems (2011) (64)
Bro Intrusion Detection System (2006) (63)
Detecting Credential Spearphishing in Enterprise Settings (2017) (63)
Automating analysis of large-scale botnet probing events (2009) (63)
Enhancing the Accuracy of Network-Based Intrusion Detection with Host-Based Context (2005) (63)
Opportunistic Measurement: Extracting Insight from Spurious Traffic (2005) (60)
Towards Situational Awareness of Large-Scale Botnet Probing Events (2011) (60)
A Multi-perspective Analysis of Carrier-Grade NAT Deployment (2016) (60)
Detecting and Characterizing Lateral Phishing at Scale (2019) (59)
An Analysis of China's "Great Cannon" (2015) (58)
Redirecting DNS for Ads and Profit (2011) (58)
Beyond the Radio: Illuminating the Higher Layers of Mobile Networks (2015) (57)
Towards Illuminating a Censorship Monitor's Model to Facilitate Evasion (2013) (56)
Controlling High Bandwidth Aggregates in the Network (Extended Version) (2001) (56)
Rethinking Hardware Support for Network Analysis and Intrusion Prevention (2006) (56)
Target generation for internet-wide IPv6 scanning (2017) (55)
SoK: Towards Grounding Censorship Circumvention in Empiricism (2016) (55)
Practical Comprehensive Bounds on Surreptitious Communication over DNS (2013) (53)
Augur: Internet-Wide Detection of Connectivity Disruptions (2017) (53)
Proceedings of the 2002 conference on Applications, technologies, architectures, and protocols for computer communications (2002) (49)
Remedying Web Hijacking: Notification Effectiveness and Webmaster Comprehension (2016) (48)
An analysis of the witty outbreak: exploiting underlying structure for detailed reconstruction of an internet-scale event (2005) (47)
Cloud Terminal: Secure Access to Sensitive Applications from Untrusted Systems (2012) (46)
A Longitudinal View of HTTP Traffic (2010) (45)
Exploiting independent state for network intrusion detection (2005) (44)
A Primer on IPv4 Scarcity (2014) (43)
Efficient and Robust TCP Stream Normalization (2008) (43)
IANA Allocation Guidelines For Values In the Internet Protocol and Related Headers (2000) (42)
On the adaptive real-time detection of fast-propagating network worms (2007) (42)
Large Scale Malicious Code: A Research Agenda (2003) (41)
Observed structure of addresses in IP traffic (2006) (41)
Worms vs. perimeters: the case for hard-LANs (2004) (39)
A Tangled Mass: The Android Root Certificate Stores (2014) (39)
Hold-On : Protecting Against On-Path DNS Poisoning (2012) (38)
Wireless Urban Sensing Systems (2006) (37)
GQ : Realizing a System to Catch Worms in a Quarter Million Places (2006) (36)
Malware (2004) (35)
Characterizing the Nature and Dynamics of Tor Exit Blocking (2018) (33)
A Look at the Consequences of Internet Censorship Through an ISP Lens (2014) (33)
Fighting Coordinated Attackers with Cross-Organizational Information Sharing (2006) (33)
Employing Honeynets For Network Situational Awareness (2010) (32)
Haystack: A Multi-Purpose Mobile Vantage Point in User Space (2015) (32)
VAST: A Unified Platform for Interactive Network Forensics (2016) (31)
An Assessment of Overt Malicious Activity Manifest in Residential Networks (2011) (31)
Towards a Framework for Defining Internet Performance Metrics (2006) (30)
Exploring Privacy Preservation in Outsourced K-Nearest Neighbors with Multiple Data Owners (2015) (29)
Implications of Netalyzr ’ s DNS Measurements (2011) (29)
Forwarding-Loop Attacks in Content Delivery Networks (2016) (29)
Measurements and Models of Wide Area TCP Conversions (1991) (29)
HILTI: an Abstract Execution Environment for Deep, Stateful Network Traffic Analysis (2014) (28)
Header Enrichment or ISP Enrichment?: Emerging Privacy Threats in Mobile Networks (2015) (28)
The Underground on 140 Characters or Less ∗ (2010) (28)
Temporal Lensing and Its Application in Pulsing Denial-of-Service Attacks (2015) (27)
Host of Troubles: Multiple Host Ambiguities in HTTP Implementations (2016) (26)
Enhancing Network Intrusion Detection with Integrated Sampling and Filtering (2006) (26)
Glish: A User-Level Software Bus for Loosely-Coupled Distributed Systems (1993) (24)
Identifying Products in Online Cybercrime Marketplaces: A Dataset for Fine-grained Domain Adaptation (2017) (24)
Ethical Concerns for Censorship Measurement (2015) (23)
The BIZ Top-Level Domain: Ten Years Later (2012) (23)
Detecting DNS Root Manipulation (2016) (23)
Scanning the Internet for Liveness (2018) (22)
Detecting Credential Spearphishing Attacks in Enterprise Settings (2017) (22)
A Reactive Measurement Framework (2008) (21)
Proceedings of the 1st ACM SIGCOMM Workshop on Internet measurement (2001) (20)
A Preliminary Analysis of TCP Performance in an Enterprise Network (2010) (18)
Principles for Developing Comprehensive Network Visibility (2008) (17)
We Still Don't Have Secure Cross-Domain Requests: an Empirical Study of CORS (2018) (17)
Very Fast Containment of Scanning Worms, Revisited (2007) (17)
A Tool for Offline and Live Testing of Evasion Resilience in Network Intrusion Detection Systems (2008) (16)
Composition Kills: A Case Study of Email Sender Authentication (2020) (16)
A Survey of Support For Implementing Debuggers (2005) (14)
Social Engineering Attacks on Government Opponents: Target Perspectives (2017) (14)
Exploring Server-side Blocking of Regions (2018) (13)
Practical Containment for Measuring Modern Malware Systems (2011) (12)
Securing Mediated Trace Access Using Black-box Permutation Analysis (2009) (12)
RFC 2581 TCP Congestion Control (2018) (12)
A Bestiary of Blocking: The Motivations and Modes behind Website Unavailability (2018) (12)
The Network Oracle (2005) (12)
End-to-End Packet Dynamics (1999) (11)
Experiences from Netalyzr with engaging users in end-system measurement (2011) (11)
Aggregate-Based Congestion Control (2002) (11)
On the Potential Abuse of IGMP (2017) (10)
Towards Mining Latent Client Identifiers from Network Traffic (2016) (10)
Toward Continual Measurement of Global Network-Level Censorship (2018) (10)
Packetlab: a universal measurement endpoint interface (2017) (10)
Profiling underground merchants based on network behavior (2016) (9)
The Strengths of Weaker Identities: Opportunistic Personas (2007) (9)
Aggregate congestion control (2002) (9)
pktd : A Packet Capture and Injection Daemon (2010) (8)
Hypervisors as a Foothold for Personal Computer Security: An Agenda for the Research Community (2012) (8)
Opportunistic Measurement : Spurious Network Events as a Light in the Darkness (8)
Detecting Hidden Causality in Network Connections (2005) (8)
GFlux: A google-based system for Fast Flux detection (2015) (8)
A unified approach to building accelerator simulation software for the SSC (1989) (8)
Measurement and Analysis of Traffic Exchange Services (2015) (8)
The ZeroAccess Auto-Clicking and Search-Hijacking Click Fraud Modules (2013) (8)
Spamalytics: An Empirical Analysis of Spam Marketing (2009) (8)
Discussion of "Heavy Tail Modeling and Teletraffic Data" by S.R. Resnick (1997) (7)
On Modeling the Costs of Censorship (2014) (7)
Proceedings of the 2004 ACM Workshop on Rapid Malcode, WORM 2004, Washington, DC, USA, October 29, 2004 (2004) (7)
Defending against network IDS evasion (1999) (7)
On calibrating enterprise switch measurements (2009) (7)
A scientific workstation operator-interface for accelerator control (1987) (6)
Using strongly typed networking to architect for tussle (2010) (6)
Work in Progress: Bro-LAN Pervasive Network Inspection and Control for LAN Traffic (2006) (6)
Native actors (2014) (6)
Internet Research : Comments on Formulating the Problem Gathered by Sally Floyd , with contributions from (1998) (5)
TCP Processing of the IPv4 Precedence Field (2000) (5)
THE IMPACT OF NEW COMPUTER TECHNOLOGY ON ACCELERATOR CONTROL (1987) (5)
Framework for IP Provider Metrics (1996) (4)
Hopper: Modeling and Detecting Lateral Movement (2021) (4)
Glish: a software bus for high-level control (1994) (4)
Lumen: Fine-Grained Visibility and Control of Mobile Traffic in User-Space (2017) (4)
Keynote: Reflections on Measurement Research: Crooked Lines, Straight Lines, and Moneyshots (2011) (3)
Traffic Jams on the Internet (1998) (3)
Measuring adversaries (2004) (3)
Measurement in the Internet (1997) (3)
Proposal Center for Internet Epidemiology and Defenses (2004) (2)
Browser Exploits as a Service: The Monetization of Driveby Downloads (2012) (2)
A language, server and C++ class library for event sequencing (1990) (2)
Mapping the Underground: Towards Automatic Discovery of Cybercrime Supply Chains (2018) (2)
Proposal TWC : Frontier : Collaborative : Beyond Technical Security : Developing an Empirical Basis for Socio-Economic Perspectives (2012) (2)
IAB Thoughts on the Role of the Internet Research Task Force (IRTF) (2006) (2)
Turnplot-a graphical tool for analyzing tracking data (1991) (2)
Wide Area Trdfie: The Failure of Poisson Modeling (1995) (2)
Center for Internet Epidemiology and Defenses (2009) (1)
Towards portability in model-based control software (1987) (1)
A Program for Testing IEEE Decimal–Binary Conversion (2008) (1)
Global-Scale Measurement of DNS Manipulation (2017) (1)
Hopper: Modeling and Detecting Lateral Movement (Extended Report) (2021) (1)
Incoming editor's message (2005) (1)
Hilti: an Abstract Execution Environment for High‐performance Network Traffic Analysis (1)
HILTI : An Abstract Execution Environment for Concurrent , Stateful Network Traffic Analysis (2012) (1)
Adapting to Wide-Area Network Dynamics (1995) (1)
Modeling the SCC (1989) (0)
Lawrence Berkeley National Laboratory Recent Work Title Fast Approximation of Self-Similar Network Traffic Permalink (2013) (0)
Detecting and Blocking Network Attacks at Ultra High Speeds (2010) (0)
Measuring Online Information Controls: From Theory to Practice (2015) (0)
The GLISH 2.4 User Manual (1994) (0)
Offline and Live Testing of Evasion Resilience in Network Intrusion Detection Systems (2009) (0)
Netalyzr: Illuminating Edge Network Neutrality, Security, and Performance (0)
CS294-28 - Network Security - Spring 2008 Anonymity (2008) (0)
TCP Tahoe with More Realistic Time Simulation and Packet Reordering (2010) (0)
The Useof End-to-endMulticast Measurementsfor Characterizing Inter nal Network Behavior � (0)
Lawrence Berkeley National Laboratory Recent Work Title Fast Approximation of Self-Similar Network Traffic Permalink (2013) (0)
Chapter 5 Employing Honeynets For Network Situational Awareness (2012) (0)
PacketLab : A Universal Measurement Endpoint Interface Kirill Levchenko (2017) (0)
Demands placed on the SSC laboratory control system by the engineering and operational requirements of the accelerators (1990) (0)
Towards Methodical Calibration: A Case Study of Enterprise Switch Measurements (2013) (0)
Optimisation transparente pour un controle de flux tcp (2004) (0)
Public for Scanning the Internet for Liveness (2018) (0)
A dissertation submitted in partial satisfaction of the requirements for the degree Doctor of Philosophy in Computer Science (2003) (0)
Documentation for “ Fathom : A Browser-based Network Measurement Platform ” (0)
Publication I Boris Nechaev (2014) (0)
Selecting the 2008 sigcomm test-of-time awardwinner(s) (2009) (0)
Guest Editor's Introduction: 2005 IEEE Symposium on Security and Privacy (2005) (0)
A PORTALBE, PUBLIC DOMAIN LEX FOR THE SOFTWARE TOOLS (1984) (0)
GENERALIZATION OF TEAPOT TO NONPLANAR LATTICES (1988) (0)
Publication IV (2014) (0)
NeTS-FIND : Network Innovations for Personal , Social , and Urban Sensing Applications (2006) (0)
On estimating end-to-end network path properties (2001) (0)
Network Traffic Measurement and Modelling (Panel) (1995) (0)
A First Look at Modern Enterprise Traf(cid:2)c (cid:3) (2005) (0)
Network Working Group (2006) (0)
Keynote Speaker (2015) (0)
The Spread of the Sapphire / Slammer Worm By ( in alphabetical order ) (0)
Generalization of TEAPOT (Thin Element Accelerator Program for Optics and Tracking) to nonplanar lattices (1988) (0)
Session details: Security (2006) (0)
Characterizing End-to-end Internet Performance Biographical Sketch I Spent One and a Half Years Visiting the At&t Center for Internet Research at Icsi (aciri). I Had a Wonderful Time with the Stellar Team of Networking Re- Searchers at Aciri, Including (2001) (0)

This paper list is powered by the following services:

Other Resources About Vern Paxson

en.wikipedia.org

What Schools Are Affiliated With Vern Paxson?

Vern Paxson is affiliated with the following schools: