Publications
An Architecture for Exploiting Multi-Core Processors to Parallelize Network Intrusion Prevention.
Concurrency and Computation: Practice and Experience. 21(10), 1255-1279.
(2009).
(2007).
(2011).
(2014).
binpac: A yacc for Writing Application Protocol Parsers.
Proceedings of the Internet Measurement Conference 2006 (IMC 2006). 289-300.
(2006). Building a Time Machine for Efficient Recording and Retrieval of High-Volume Network Traffic.
Proceedings of the Fifth ACM Conference on Internet Measurement (IMC 2005). 267-272.
(2005).
(2012).
(2015).
(2014).
(2018).
(2010).
(2010).
(2009).
Dynamic Application-Layer Protocol Analysis for Network Intrusion Detection.
Proceedings of the 15th USENIX Security Symposium (Security '06).
(2006). Enhancing Byte-Level Network Intrusion Detection Signatures with Context.
Proceedings of ACM CCS.
(2003). Enhancing the Accuracy of Network-Based Intrusion Detection with Host-Based Context.
Proceedings of Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA 2005). 206-221.
(2005).
(2008).
(2004). Exploiting Independent State For Network Intrusion Detection.
Proceedings of the 21st Annual Computer Security Applications Conference (ACSAC 2005). 59-71.
(2005).
(2013).
(2012). Exploring Tor's Activity Through Long-term Passive TLS Traffic Measurement.
Proceedings of Passive and Active Measurement Conference (PAM).
(2016).
(2012).
(2013).
(2012).