|
ROLE
 Author only
AUTHOR PROFILE PAGES (BETA)
Project background
BOOKMARK & SHARE
|
|
|
|
| Export results as:
BibTeX
EndNotes
ACM Ref
|
| 2009
|
1
|
|
Botnet spam campaigns can be long lasting: evidence, implications, and analysis
Abhinav Pathak, Feng Qian, Y. Charlie Hu, Z. Morley Mao, Supranamaya Ranjan
|
|
June 2009
|
|
SIGMETRICS '09: Proceedings of the eleventh international joint conference on Measurement and modeling of computer systems
|
|
Publisher: ACM
|
|
Full text available: |
 Pdf
(1.13 MB)
|
|
|
| Bibliometrics: Downloads (6 Weeks): 84, Downloads (12 Months): 192, Citation Count: 0 |
 |
|
Accurately identifying spam campaigns launched by a large number of bots in a botnet allows for accurate spam campaign signature generation and hence is critical to defeating spamming botnets. The straight-forward approach of clustering all spam containing ...
Keywords: botnet, burstiness, distributedness, open relay, spam campaign
|
| |
|
| 2008
|
2
|
|
Ispy: detecting ip prefix hijacking on my own
Zheng Zhang, Ying Zhang, Y. Charlie Hu, Z. Morley Mao, Randy Bush
|
|
August 2008
|
|
SIGCOMM '08: Proceedings of the ACM SIGCOMM 2008 conference on Data communication
|
|
Publisher: ACM
|
|
Full text available: |
Pdf
(407.53 KB)
|
|
|
| Bibliometrics: Downloads (6 Weeks): 9, Downloads (12 Months): 182, Citation Count: 1 |
|
|
IP prefix hijacking remains a major threat to the security of the Internet routing system due to a lack of authoritative prefix ownership information. Despite many efforts in designing IP prefix hijack detection schemes, no existing design can satisfy ...
Keywords: bgp, detection, hijacking, routing
|
Also published in: |
| October 2008 |
SIGCOMM Computer Communication Review |
Volume 38 Issue 4 |
|
| |
|
3
|
|
Effective diagnosis of routing disruptions from end systems
Ying Zhang, Z. Morley Mao, Ming Zhang
|
|
April 2008
|
|
NSDI'08: Proceedings of the 5th USENIX Symposium on Networked Systems Design and Implementation
|
|
Publisher: USENIX Association
|
|
| Bibliometrics: Downloads (6 Weeks): n/a, Downloads (12 Months): n/a, Citation Count: 0 |
|
|
Internet routing events are known to introduce severe disruption to applications. So far effective diagnosis of routing events has relied on proprietary ISP data feeds, resulting in limited ISP-centric views not easily accessible by customers or other ...
|
| |
|
4
|
|
Peeking into spammer behavior from a unique vantage point
Abhinav Pathak, Y. Charlie Hu, Z. Morley Mao
|
|
April 2008
|
|
LEET'08: Proceedings of the 1st Usenix Workshop on Large-Scale Exploits and Emergent Threats
|
|
Publisher: USENIX Association
|
|
| Bibliometrics: Downloads (6 Weeks): n/a, Downloads (12 Months): n/a, Citation Count: 2 |
|
|
Understanding the spammer behavior is a critical step in the long-lasting battle against email spams. Previous studies have focused on setting up honeypots or email sinkholes containing destination mailboxes for spam collection. A spam trace collected ...
|
| |
|
| 2007
|
5
|
|
Practical defenses against BGP prefix hijacking
Zheng Zhang, Ying Zhang, Y. Charlie Hu, Z. Morley Mao
|
|
December 2007
|
|
CoNEXT '07: Proceedings of the 2007 ACM CoNEXT conference
|
|
Publisher: ACM
|
|
Full text available: |
Pdf
(198.51 KB)
|
|
|
| Bibliometrics: Downloads (6 Weeks): 20, Downloads (12 Months): 121, Citation Count: 2 |
|
|
Prefix hijacking, a misbehavior in which a misconfigured or malicious BGP router originates an IP prefix that the router does not own, is becoming an increasingly serious security problem on the Internet. In this paper, we conduct a first comprehensive ...
|
| |
|
6
|
|
Internet routing resilience to failures: analysis and implications
Jian Wu, Ying Zhang, Z. Morley Mao, Kang G. Shin
|
|
December 2007
|
|
CoNEXT '07: Proceedings of the 2007 ACM CoNEXT conference
|
|
Publisher: ACM
|
|
Full text available: |
Pdf
(407.98 KB)
|
|
|
| Bibliometrics: Downloads (6 Weeks): 14, Downloads (12 Months): 68, Citation Count: 2 |
|
|
Internet interdomain routing is policy-driven, and thus physical connectivity does not imply reachability. On average, routing on today's Internet works quite well, ensuring reachability for most networks and achieving reasonable performance across most ...
|
| |
|
7
|
|
On the impact of route monitor selection
Ying Zhang, Zheng Zhang, Zhuoqing Morley Mao, Charlie Hu, Bruce MacDowell Maggs
|
|
October 2007
|
|
IMC '07: Proceedings of the 7th ACM SIGCOMM conference on Internet measurement
|
|
Publisher: ACM
|
|
Full text available: |
Pdf
(194.62 KB)
|
|
|
| Bibliometrics: Downloads (6 Weeks): 10, Downloads (12 Months): 48, Citation Count: 3 |
|
|
Several route monitoring systems have been set up to help understand the Internet routing system. They operate by gathering real-time BGP updates from different networks. Many studies have relied on such data sources by assuming reasonably good coverage ...
Keywords: bgp, internet measurement
|
| |
|
8
|
|
Towards automated network management: network operations using dynamic views
Xu Chen, Z. Morley Mao, Jacobus van der Merwe
|
|
August 2007
|
|
INM '07: Proceedings of the 2007 SIGCOMM workshop on Internet network management
|
|
Publisher: ACM
|
|
Full text available: |
Pdf
(294.56 KB)
|
|
|
| Bibliometrics: Downloads (6 Weeks): 7, Downloads (12 Months): 50, Citation Count: 2 |
|
|
We analyze data from a Tier-1 ISP that reflect the dynamic operational tasks performed in the ISP network to build a holistic view of configuration management operations. We observe that in addition to commands that lead to persistent configuration ...
Keywords: DFA, TACACS, network management automation
|
| |
|
9
|
|
Characterizing Dark DNS Behavior
Jon Oberheide, Manish Karir, Z. Morley Mao
|
|
July 2007
|
|
DIMVA '07: Proceedings of the 4th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
|
|
Publisher: Springer-Verlag
|
|
| Bibliometrics: Downloads (6 Weeks): n/a, Downloads (12 Months): n/a, Citation Count: 0 |
|
|
Security researchers and network operators increasingly rely on information gathered from honeypots and sensors deployed on darknets, or unused address space, for attack detection. While the attack traffic gleaned from such deployments has been thoroughly ...
Keywords: DNS, darknets, honeypots, reconnaissance, sensors
|
| |
|
10
|
|
A Firewall for Routers: Protecting against Routing Misbehavior
Ying Zhang, Z. Morley Mao, Jia Wang
|
|
June 2007
|
|
DSN '07: Proceedings of the 37th Annual IEEE/IFIP International Conference on Dependable Systems and Networks
|
|
Publisher: IEEE Computer Society
|
|
|
|
| Bibliometrics: Downloads (6 Weeks): n/a, Downloads (12 Months): n/a, Citation Count: 0 |
|
|
In this work, we present the novel idea of route normalization by correcting on the fly routing traffic on behalf of a local router to protect the local network from malicious and misconfigured routing updates. Analogous to traffic normalization for ...
|
| |
|
|
|
|
|
Publisher Site