• Publications
  • Influence
Understanding the Role of Sender Reputation in Abuse Reporting and Cleanup
TLDR
We present the first randomized controlled experiment into sender reputation and show that it improves cleanup rates for abuse reports. Expand
  • 34
  • 4
  • PDF
Let Me Out! Evaluating the Effectiveness of Quarantining Compromised Users in Walled Gardens
TLDR
We present the first empirical study on user behavior and remediation effectiveness of quarantining infected machines in broadband networks. Expand
  • 8
  • 3
  • PDF
Cleaning Up the Internet of Evil Things: Real-World Evidence on ISP and Consumer Efforts to Remove Mirai
TLDR
We present the first empirical study of IoT malware cleanup in the wild -- more specifically, of removing Mirai infections in the network of a medium-sized ISP. Expand
  • 20
  • 2
  • PDF
Abuse Reporting and the Fight Against Cybercrime
TLDR
We construct a model of the abuse reporting infrastructure in order to explain how voluntary action against cybercrime functions today, in hopes of improving our understanding of what works and how to make remediation more effective. Expand
  • 25
  • 2
  • PDF
An Empirical Analysis of ZeuS C&C Lifetime
TLDR
We investigate several observable characteristics of botnet command and controls (C&C) and estimate the variability in the survival rate of these C&Cs and the factors that are related to such variability. Expand
  • 22
  • 1
Tell Me You Fixed It: Evaluating Vulnerability Notifications via Quarantine Networks
TLDR
We present the first empirical study of a potentially more effective mechanism: quarantining the vulnerable resource until it is remediated, even though they can self-release from the quarantine environment. Expand
  • 2
  • 1
Using Eyetracker to Find Ways to Mitigate Ransomware
TLDR
Ransomware is a form of malware designed to prevent access to data by locking out the victims from their system or encrypting some or all of their files until a ransom has been paid to the attacker. Expand
  • 1
  • PDF