The DETERLab community has published various papers detailing work at least in part enabled by DETERLab. You can view peer-reviewed publications, other publications, theses, student projects and press articles below.

Peer-reviewed Publications

2017

• Trustworthy DDoS Defense: Design, Proof of Concept Implementation and Testing. Mohamad Samir A. Eid and Hitoshi Aida. Article in IEICE Transactions on Information and Systems, Volume E100.D (2017), Issue 8, pp. 1738-1750, released on J-STAGE: August 1, 2017.
• Secure Double-Layered Defense against HTTP-DDoS Attacks. Mohamad Samir A. Eid and Hitoshi Aida. In Proceedings of the IEEE 41st Annual Computer Software and Applications Conference (COMPSAC), pp. 572-577, Turin, Italy, July 4-8, 2017.
• Characterization and Comparison of DDoS Attack Tools and Traffic Generators - A Review. Sunny Behal and Krishan Kumar Saluja. Article in International Journal of Network Security 19(3):383-393, DOI: 10.6633/IJNS.201703.19(3).07), April 2017.

2016

• Trends in Validation of DDoS Research. Sunny Behal and Krishan Kumar Saluja. Article in Procedia Computer Science. DOI: 10.1016/j.procs.2016.05.170, December 2016.
• Cyber Targets Water Management. Pieter Burghouwt, Marinus Maris, Sjaak van Peski, Eric Luiijf, Imelda van de Voorde, and M. Spruit. In Proceedings of the 11th International Conference on Critical Information Infrastructure Security (CRITIS), Paris, France, October 10-12, 2016.
• Micro-CI: A Critical Systems Testbed for Cyber-Security Research. William Hurst, Nathan Shone, Qi Shi, and Behnam Bazli. In Proceedings of the Eighth International Conference on Emerging Networks and Systems Intelligence, Volume: Special Session on Big Data Analytics in Critical Systems (BDA-CS), Venice, Italy, October 9-13, 2016.
• Performance Analysis of Web Services under HTTP Attack Using GENI Testbed. Ajitpal Kaur, Daljeet Kaur, Krishan Kumar, and Sunny Behal. Article in International Journal of Control Theory and Applications 9(22):67-74, October 2016.
• A Security Analysis and Revised Security Extension for the Precision Time Protocol. Eyal Itkin and Avishai Wool. In Proceedings of the 2016 International IEEE Symposium on Precision Clock Synchronization for Measurement, Control and Communication (ISPCS), Stockholm, Sweden, September 7-9, 2016.
• The Robotarium: A remotely accessible swarm robotics research testbed. Daniel Pickem, Paul Glotfelter, Li Wang, Mark Mote, Aaron Ames, Eric Feron, and Magnus Egerstedt. Paper arXiv:1609.04730v1 [cs.RO], September 2016.
• Cyber-Physical System Security of a Power Grid: State-of-the-Art. Chih-Che Sun, Chen-Ching Liu, and Jing Xie. Article in Electronics, 5(3), 40; DOI:10.3390/electronics5030040, July 2016.
• Keeping Authorities "Honest or Bust" with Decentralized Witness Cosigning. Ewa Syta, Iulia Tamas, Dylan Visher, David Isaac Wolinsky, Philipp Jovanovic, Linus Gasser, Nicolas Gailly, Ismail Khoffi, and Bryan Ford. In Proceedings of the 37th Annual IEEE Symposium on Security and Privacy, The Fairmont, San Jose, California, May 23-25, 2016.
• A Characterization of Cybersecurity Simulation Scenarios. Hamdi Kavak, Jose J Padilla, Daniele Vernon-Bido, and Saikou Y. Diallo. In Proceedings of the 19th Communications and Networking Simulation Symposium (CNS '16), Pasadena, California, April 3-6, 2016.
• Proposing 3SEMCS- Three Step Encryption Method for Cyber Security in Modern Cryptography. Manraj Singh, Amit Kumar, Shubham Chuchra, Navreet Kaur, and Sajan Dhawan. In the International Journal of Computer Applications (0975 – 8887), Volume 139 – No.6, DOI: 10.5120/ijca2016908302, April 2016.
• Safe, Remote-Access Swarm Robotics Research on the Robotarium. Daniel Pickem, Li Wang, Paul Glotfelter, Yancy Diaz-Mercado, Mark Mote, Aaron Ames, Eric Feron, and Magnus Egerstedt. In Manuscript Draft arXiv:1604.00640v1 [cs.RO], April 3, 2016. 

2015

• Cyber Security Teaching and Learning Laboratories: A Survey. Luke Topham, Kashif Kifayat, Younis A. Younis, Qi Shi, and Bob Askwith. Published in Information & Security: An International Journal, Vol. 35, December 2015.
• Using the Cloud to Teach Computer Networks. Khaled Salah and M. Bazzaza. In Proceedings of the 8th IEEE/ACM International Conference on Utility and Cloud Computing (UCC '15), St. Raphael Resort, Limassol, Cyrus, December 2015.
• Towards a Self-Adaptive Middleware for Building Reliable Publish/Subscribe Systems. Sisi Duan, Jingtao Sun, and Sean Peisert. Published in Internet and Distributed Computing Systems, Lecture Notes in Computer Science, Vol. 9258 2015, Springer International Publishing, (proceedings of) 8th International Conference, IDCS 2015, Windsor, United Kingdom, September 2-4, 2015.
• Teaching Cybersecurity using the Cloud. Khaled Salah, Mohammad Hammoud, and Sherali Zeadally. In the Preprint/Early Access section in IEEEXplore, IEEE Transactions on Learning Technologies, Vol. 8., Issue No. 4, pp. 383-392, October - December 2015.
• Metrics for V&V of Cyber Defenses. Martin S. Feather, Joel M. Wilf, and Joseph Priest. Published in Innovations in Systems and Software Engineering: A NASA Journal, Springer-Verlag London, October 2015.
• Requirements and Challenges for Buidling a National Open Security Lab. Izzat M. Alsmadi, Mohammed N. Al-Kabi, and Emad Abu-Shanab. In Proceedings of the First Summit on Countering Cyber Crimes, Naif Arab University for Security Sciences, Riyadh, Kingdom of Saudi Arabia, October 2015.
• Analyzing the Cyber-Physical Impact of Cyber Events on the Power Grid. Ren Liu, Ceeman Vellaithurai, Saugata S. Biswas, Thoshitha T. Gamage, and Anurag K. Srivastava. Published in IEEE Transactions on Smart Grid, Vol. 6, No. 5, pp. 2444-2453, September 2015.
• Towards a Self-Adaptive Middleware for Building Reliable Publish/Subscribe Systems. Sisi Duan, Jingtao Sun, and Sean Peisert. In Proceedings of the 8th International Conference of Internet and Distributed Computing Systems (IDCS), Berkshire, United Kingdom, Springer, pp. 157-168, DOI: 10.1007/978-3-319-23237-9_14, September 2015.
• KYPO: A Tool for Collaborative Study of Cyberattacks in Safe Cloud Environment. Zdenek Eichler, Radek Ošlejšek, and Dalibor Toth. Published in Human Aspects of Information Security, Privacy and Trust, Volume 9190 of the series Lecture Notes in Computer Science, pp. 190-199, July 2015.
• Timed Consistent Network Updates. Tal Mizrahi, Efi Saat, and Yoram Moses. In Proceedings of the ACM SIGCOMM Symposium on SDN Research (SOSR '15), Santa Clara, California, June 2015.
• Riposte: An Anonymous Messaging System Handling Millions of Users. Henry Corrigan-Gibbs, Dan Boneh, and David Mazières. In Proceedings of the 36th IEEE Symposium on Security and Privacy, The Fairmont, San Jose, California, May 2015.
• Tor Experimentation Tools. Fatemeh Shirazi, Matthias Goehring, and Claudia Diaz. In Proceedings of the 2015 IEEE Security and Privacy Workshops (SPW '15), pp. 206-213, San Jose, California, May 2015.
• An Effective Git and Org-Mode Based Workflow For Reproducilbe Research. Luka Stanisic, Arnaud Legrand, and Vincent Danjean. Published in ACM SIGOPS: Operating Systems Review, Vol. 49, pp. 61-70, January 2015.

2014

• TESTREX: a Testbed for Repeatable Exploits. Stanislav Dashevskyi, Daniel Ricardo dos Santos, Fabio Massacci, and Antonino Sabetta. In Proceedings of the 7th Workshop on Cyber Security Experimentation and Test (CSET '14), San Diego, California, August 2014.
• DCAFE: A Distributed Cyber Security Automation Framework for Experiments. George Rush, Daniel R. Tauritz, and Alexander D. Kent. In Proceedings of the IEEE 38th Annual International Computers, Software and Applications Conference Workshops (COMPSACW), pp. 134-139, Vasteras, Sweden, July 2014.
• Firecycle: A Scalable Test Bed for Large-Scale LTE Security Research. Jill Jermyn, Roger Piqueras Jover, Mikhail Istomin, and Ilona Murynets. In Proceedings of the IEEE International Conference on Communications (IEEE ICC '14), Sydney Australia, June 2014.
• Greenbench: A Benchmark for Observing Power Grid Vulnerability Under Data-Centric Threats. Mingkui Wei and Wenye Wang. In Proceedings of the 2014 IEEE Infocom - International Conference on Computer Communications, Toronto, Canada, April 27 - May 2, 2014.
• Cyber Defense of Space-Based Assets: Verifying and Validating Defensive Designs and Implementations. DJ Byrne, David Morgan, Kymie Tan, Bryan Johnson, and Chris Dorros. In Proceedings of the 2014 Conference on Systems Engineering Research (CSER '14), Redondo Beach, California, March 2014.
• Harnessing the Cloud for Teaching Cybersecurity. Khaled Salah. In Proceedings of the 45th ACM Technical Symposium on Computer Science Education (SIGCSE '14), Atlanta, Georgia, March 2014.
• A Framework for Generating Realistic Traffic for Distributed Denial-of-Service Attacks and Flash Events. Sajal Bhatia, Desmond Schmidt, George Mohay, and Alan Tickle. Published in Computers and Security Journal, Volume 40, pp. 95-107, February 2014.
• User Traffic Profile for Traffic Reduction and Effective Bot C&C Detection. Soniya Balram and M. Wilsey. In the International Journal of Network Security, Vol. 16, No. 1, pp. 37-43, January 2014.

2013

• A Cybernetics Paradigms Framework for CyberSpace: Key lens to CyberSecurity. T. Vinnakota. In Proceedings of the 2013 IEEE International Conference on Computational Intelligence and Cybernetics (CYBERNETICSCOM), Yogyakarta, Indonesia, December 2013.
• GISOO: A Virtual Testbed for Wireless Cyber-Physical Systems. Behdad Aminian, José Araújo, Mikael Johansson, and Karl H. Johansson. In Proceedings of the 39th Annual Conference of the IEEE Industrial Electronics Society (IECON '13), Vienna, Austria, November 2013.
• PacketCloud: an Open Platform for Elastic In-network Services. Yang Chen, Bingyang Liu, Yu Chen, Ang Li, Xiaowei Yang, and Jun Bi. In Proceedings of the 8th ACM Workshop on Mobility in the Evolving Internet Architecture (MobiArch '13), Miami, Florida, October 2013.
• Smart Grid Security Educational Training with ThunderCloud: A Virtual Security Test Bed. Joseph Stites, Ambareen Siraj, and Eric L. Brown. In Proceedings of the Information Security Curriculum Development Conference (InfoSecCD '13), Kennesaw, Georgia, October 2013.
• Efficient Verification of Distributed Protocols Using Stateful Model Checking. Habib Saissi, Peter Bokor, Can Arda Muftuoglu, Neeraj Suri, and Marco Serafini. In Proceedings of the IEEE 32nd International Symposium on Reliable Distributed Systems (SRDS '13), Braga, Portugal, September / October 2013.
• Proactively Accountable Anonymous Messaging in Verdict. Henry Corrigan-Gibbs, David Isaac Wolinsky, and Bryan Ford. In Proceedings of the 22nd USENIX Security Symposium (USENIX Security '13), Washington, D.C., August 2013.
• Wireless Sensor Networks TestBed: ASNTbed. Angeline G. Dludla, Adnan M. Abu-Mahfouz, Carel P. Kruger, and John S. Isaac. In Proceedings of IST-Africa Conference and Exhibition (IST-Africa) '13, Nairobi, Kenya, May 2013.
• PhishCage: Reproduction of Fraudulent Websites in the Emulated Internet. Daisuke Miyamoto, Yuzo Taenaka, Toshiyuki Miyachi, and Hiroaki Hazeyama. In Proceedings of EMUTools 2013, Cannes, France, March 2013.
• Spread Identity: A New Dynamic Address Remapping Mechanism for Anonymity and DDoS Defense. Dhananjay Phatak, Alan T. Sherman, Nikhil Joshi, Bhushan Sonawane, Vivek Relan, and Amol Dawalbhakta. Abridged version appears in The Journal of Computer Security, Vol. 21, No. 2, pp. 233-281, March 2013.
• Bio-Inspired Cyber Security for Smart Grid Deployments. A. David McKinnon, Seth R. Thompson, Ruslan A. Doroshchuk, Glenn A. Fink, and Errin W. Fulp. In Proceedings of Innovative Smart Grid Technologies (ISGT), 2013 IEEE PES, Washington DC, February 2013.
• Emulating Internet Topology Snapshots in Deterlab. Graciela Perera, Nathan Miller, John Mela, Michael P. McGarry, and Jamie C. Acosta. In Proceedings of the Third ACM Conference on Data and Application Security and Privacy (CODASPY '13), San Antonio, Texas, February 2013.

2012

• Backward Traffic Throttling to Mitigate Bandwidth Floods. Yehoshua Gev, Moti Geva, and Amir Herzberg. In Proceedings of the IEEE Global Communications Conference, Exhibition and Industry Forum (GLOBECOM '12), Anaheim, California, December 2012.
• One Year of Internet SSL Measurement. Olivier Levillain, Arnaud Ébalard, Benjamin Morin, and Hervé Debar. In Proceedings of the 2012 Annual Computer Security Applications Conference (ACSAC), Orlando, Florida, December 2012.
• Cyber Analysis System Toolkit: A High-Fidelity, Virtual Cyber Test-Bed for Network Modeling and Experimentation. Bala Chidambaram and Yueli Yang. In Proceedings of the IEEE Military Communications Conference (MILCOM '12), Orlando, Florida, October 29 - November 1, 2012.
• Dissent in Numbers: Making Strong Anonymity Scale. David Isaac Wolinsky, Henry Corrigan-Gibbs, Bryan Ford, and Aaron Johnson. In Proceedings of OSDI '12, Hollywood, California, October 2012.
• AMICI: An Assessment Platform for Multi-Domain Security Experimentation on Critical Infrastructure. Béla Genge, Christos Siaterlis, and Marc Hohenadel. In Proceedings of Critical Information Infrastructures Security: 7th International Workshop (revised selected papers), pp. 228-239, CRITIS 2012, Lillehammer, Norway, September 2012.
• DeTail: Reducing the Flow Completion Time Tail in Datacenter Networks. David Zats, Tathagata Das, Prashanth Mohan, Dhruba Borthakur, and Randy Katz. In Proceedings of SIGCOMM '12, Helsinki, Finland, August 2012.
• FairCloud: Sharing the Network in Cloud Computing. Lucian Popa, Gautam Kumar, Mosharaf Chowdhury, Arvind Krishnamurthy, Sylvia Ratnasamy, and Ion Stoica. In Proceedings of the ACM SIGCOMM Conference on applications, technologies, architectures, and protocols for computer communication (SIGCOMM '12), pp. 187-198, Helsinki, Finland, August 2012.
• Towards a Framework for Evaluating BGP Security. Olaf Maennel, Iain Phillips, Debbie Perouli, Randy Bush, Rob Austein, and Askar Jaboldinov. In Proceedings of the 5th Workshop on Cyber Security Experimentation and Test (CSET '12), Bellevue, Washington, August 2012.
• Experience with Heterogenous Clock-Skew based Device Fingerprinting. Swati Sharma, Alefiya Hussain, and Huzur Saran. In Proceedings of LASER '12, Arlington, Virginia, July 2012.
• Mitigating Denial-of-Service Flooding Attacks with Source Authentication. Xin Liu. In Dissertation at Duke University Department of Computer Science, Durham, North Carolina, July 2012.
• DARD: Distributed Adaptive Routing for Datacenter Networks. Xin Wu and Xiaowei Yang. Published in Distributed Computing Systems, 32nd IEEE International Conference on Distributed Computing Systems (ICDCS '12), pp. 32-41, Macau, China, June 2012.
• Integrated Simulation and Emulation Platform for Cyber-Physical System Security Experimentation. Wei Yan, Yuan Xue, Xiaowei Li, Jiannian Weng, Timothy Busch, and Janos Sztipanovits. In Proceedings of the 1st ACM International Conference on High Confidence Networked Systens (HiCoNS '12), pp. 81-88, Beijing, China, April 2012.
• NCS Security Experimentation using DETER. Alefiya Hussain and Saurabh Amin. In Proceedings of HiCoNS '12, Beijing, China, April 2012.
• Scalable Anonymous Group Communication in the Anytrust Model. David Isaac Wolinsky, Henry Corrigan-Gibbs, Bryan Ford, and Aaron Johnson. In Proceedings of EUROSEC '12, Bern, Switzerland, April 2012.
• Receiver Driven Rate Adaptation for Wireless Multimedia Applications. Daniel Havey, Roman Chertov, and Kevin Almeroth. In Proceedings of MMSys '12, Chapel Hill, North Carolina, February 2012.

2011

• Automatic Selection of Routers for Placing Early Filters of Malicious Traffic. Chin-Tser Huang. In Proceedings of IEEE GLOBECOM '11, Houston, Texas, December 2011.
• A Passive Solution to the CPU Resource Discovery Problem in Cluster Grid Networks. Lanier Watkins, William H. Robinson and Raheem Beyah. In IEEE Transactions on Parallel and Distributed Systems, Vol. 22, No. 12, pp. 2000-2007, December 2011.
• Supporting Doman-Specific State Space Reductions through Local Partial-Order Reduction. Péter Bokor, Johannes Kinder, Marco Serafini and Neeraj Suri. In Proceedings of ASE 2011: 26th IEEE/ACM International Conference On Automated Software Engineering, Lawrence, Kansas, November 2011.
• Mediating Cyber and Physical Threat Propagation in Secure Smart Grid Architectures. Clifford Neuman and Kymie Tan. In Proceedings of IEEE SmartGridComm 2011, Brussels, Belgium, October 2011.
• ExperimenTor: A Testbed for Safe and Realistic Tor Experimentation. Kevin Bauer and Micah Sherr. In Proceedings of CSET '11: 4th Workshop on Cyber Security Experimentation and Test, San Francisco, California, August 2011.
• Managing Data Transfers in Computer Clusters with Orchestra. Mosharaf Chowdhury, Matei Zaharia, Justin Ma, Michael I. Jordan and Ion Stoica. In Proceedings of SIGCOMM '11, Toronto, Ontario, August 2011.
• Deep packet pre-filtering and finite state encoding for adaptive intrusion detection system. Ning Weng, Luke Vespa and Benfano Soewito. In Computer Networks, Vol. 55, Issue 8, pp. 1648-1661, June 2011.
• Efficient Model Checking of Fault-Tolerant Distributed Protocols. Péter Bokor, Johannes Kinder, Marco Serafini and Neeraj Suri. In Proceedings of 2011 IEEE/IFIP 41st International Conference on Dependable Systems & Networks (DSN), Hong Kong, June 2011.
• Disk-Locality in Datacenter Computing Considered Irrelevant. Ganesh Ananthanarayanan, Ali Ghodsi, Scott Shenker and Ion Stoica. In Proceedings of USENIX HotOS XIII, Napa, California, May 2011.
• To Crash or Not To Crash: Efficient Modeling of Fail-Stop Faults. Habib Saissi, Péter Bokor, Marco Serafini and Neeraj Suri. In White Paper from Technische Universität Darmstadt - Research Library, Germany, May 2011.
• Ant-Based Cyber Security. Jerome N. Haack, Glenn A. Fink, Wendy M. Maiden, A. David McKinnon, Steven J. Templeton and Errin W. Fulp. In Proc. 8th Int. Conf. on Information Technology: New Generations (ITNG), Las Vegas, Nevada, April 2011.
• Game Theory-based Defense Mechanisms against DDoS Attacks on TCP/TCP-friendly Flows. Harkeerat Singh Bedi, Sankardas Roy and Sajjan Shiva. In IEEE Symposium on Computational Intelligence in Cyber Security (CICS), Paris, France, April 2011.
• QoSoDoS: If You Can't Beat Them, Join Them! Moti Geva and Amir Herzberg. In Proceedings of IEEE INFOCOM '11, Shanghai, China, April 2011.
• Scarlett: Coping with Skewed Content Popularity in MapReduce Clusters. Ganesh Ananthanarayanan, Sameer Agarwal, Srikanth Kandula, Albert Greenberg, Ion Stoica, Duke Harlan and Ed Harris. In Proceedings of the sixth conference on Computer systems (EuroSys '11), Salzburg, Austria, April 2011.
• Networked Control System Emulation: Analysis Of Controller Design. John N. Mela. In Proceedings of The National Conference on Undergraduate Research (NCUR) 2011, Ithaca, New York, March - April 2011.
• Replicating Abilene's Daily Traffic using DETER. John N. Mela. In Proceedings of The National Conference on Undergraduate Research (NCUR) 2011, Ithaca, New York, March - April 2011.
• Bootstrapping Accountability in the Internet We Have. Ang Li, Xin Liu and Xiaowei Yang. In Paper at Duke University Department of Computer Science, March 2011.
• A Holistic Game Inspired Defense Architecture. Sajjan Shiva, Harkeerat Singh Bedi, Chris Simmons, Marc Fisher II and Ramya Dharam. In International Conference on Data Engineering and Internet Technology (DEIT), Bali, Indonesia, March 2011.
• Forwarding Devices: From Measurements to Simulations. Roman Chertov and Sonia Fahmy. In ACM Transactions on Modeling and Computer Simulation (TOMACS), Vol. 21, No. 2, Article 12, Publication date: February 2011.
• Application-Aware Secure Multicast for Power Grid Communications. Jianqing Zhang and Carl A. Gunter. In International Journal of Security and Networks (IJSN), Vol. 6, No. 1, 2011.

2010

• A Passive Solution to the Memory Resource Discovery Problem in Computational Clusters. Lanier Watkins, William H. Robinson and Raheem Beyah. In IEEE Transactions on Network and Service Management, Vol. 7, No. 4, December 2010.
• Application-Aware Secure Multicast for Power Grid Communications. Jianqing Zhang and Carl A. Gunter. In IEEE International Conference on Smart Grid Communications (SmartGridComm '10), Gaithersburg, Maryland, October 2010.
• Input Generation via Decomposition and Re-Stitching: Finding Bugs in Malware. Juan Caballero, Pongsin Poosankam, Stephen McCamant, Domagoj Babic and Dawn Song. In Proceedings of the 17th ACM Conference on Computer and Communication Security, Chicago, Illinois, October 2010.
• Behavior-based Worm Detectors Compared. Shad Stafford and Jun Li. In 13th International Symposium on Recent Advances in Intrusion Detection (RAID), Ottawa, Ontario, September 2010.
• Evading Stepping Stone Detection Under the Cloak of Streaming Media with SNEAK. Jaideep Padhye, Kush Kothari, Madhu Venkateshaiah and Matthew Wright. In Computer Networks: The International Journal of Computer and Telecommunications Networking, Vol. 54, No. 13, pp. 2310-2325, September 2010.
• Traffic Analysis Against Low-Latency Anonymity Networks Using Available Bandwidth Estimation. Sambuddho Chakravarty, Angelos Stavrou and Angelos D. Keromytis. In Proceedings of European Symposium on Research in Computer Security (ESORICS 2010), Athens, Greece, September 2010.
• NetFence: Preventing Internet Denial of Service from Inside Out. Xin Liu, Xiaowei Yang and Yong Xia. In Proceedings of ACM SIGCOMM '10, New Delhi, India, August - September 2010.
• A Taxonomy and Comparative Evaluation of Algorithms for Parallel Anomaly Detection. Shashank Shanbhag, Yu Gu and Tilman Wolf. In Proceedings of the Nineteenth IEEE International Conference on Computer Communications and Networks (ICCCN), Zurich, Switzerland, August 2010.
• HookScout: Proactive Binary-Centric Hook Detection. Heng.Yin, Pongsin Poosankam, Steve Hanna and Dawn Song. In Proceedings of the Seventh Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), Bonn, Germany, July 2010.
• On Efficient Models for Model Checking Message-Passing Distributed Protocols. Peter Bokor, Marco Serafini and Neeraj Suri. In International Federation for Information Processing (IFIP) Conference on Formal Techniques for Distributed Systems (FMOODS & FORTE), pp. 216-223, Amsterdam, The Netherlands, June 2010.
• Using BGP in a Satellite-Based Challenged Network Environment. Roman Chertov and Kevin Almeroth. In Proceedings of IEEE Communications Society Conference on Sensor, Mesh and Ad Hoc Communications and Networks (SECON), Boston, Massachusetts, June 2010.
• A Symbolic Execution Framework for JavaScript. Prateek Saxena, Devdatta Akhawe, Steve Hanna, Stephen McCamant, Feng Mao and Dawn Song. In Proceedings of the IEEE Symposium on Security and Privacy, pp. 513-528, Oakland, California, May 2010.
• Dr. Multicast: Rx for Data Center Communication Scalability. Ymir Vigfusson, Hussam Abu-Libdeh, Mahesh Balakrishnan, Robert Burgess, Ken Birman, Gregory Chockler, Haoyuan Li and Yoav Tock. In Proceedings of EuroSys: 2010 European Conference on Computer Systems, Paris, France, April 2010.
• Tumbling Down the Rabbit Hole: Exploring the Idiosyncrasies of Botmaster Systems in a Multi-Tier Botnet Infrastructure. C. Nunnery, G. Sinclair and B. Kang, In Proceedings of the 3rd USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET), San Jose, California, April 2010.
• MSET: A Mobility Satellite Emulation Testbed. Roman Chertov, Daniel Havey and Kevin Almeroth In Proceedings of IEEE International Conference on Computer Communications (INFOCOM), San Diego, March 2010.
• A Learning-Based Approach to Reactive Security. Adam Barth, Benjamin I. P. Rubinstein, Mukund Sundararajan, John C. Mitchell, Dawn Song and Peter Bartlett. In Proceedings of the Financial Cryptography and Data Security '10, Fourteenth International Conference, Tenerife, Canary Islands, January 2010.

2009

• RAD: Reflector Attack Defense Using Message Authentication Codes. E. Kline, M. Beaumont-Gay, J. Mirkovic and P. Reiher. In Proceedings of the Annual Computer Security Applications Conference (ACSAC), 2009.
• Role-Based Symmetry Reduction of Fault-tolerant Distributed Protocols with Language Support. Peter Bokor, Marco Serafini, Neeraj Suri and Helmut Veith. In International Conference on Formal Engineering Methods (ICFEM), pp. 147-166, 2009.
• The Waledac Protocol: The How and Why. G. Sinclair, C. Nunnery and B. Kang. In Proceedings of the 4th IEEE International Conference on Malicious and Unwanted Software (IEEE Malware), 2009.
• Towards Complete Node Enumeration in a Peer-to-Peer Botnet. B. Kang, E. Chan-Tin, C. Lee, J. Tyra, H. Kang, C. Nunnery, Z. Wadler, G. Sinclair, N. Hopper, D. Dagon and Y. Kim. In ACM Symposium on Information, Computer & Communication Security (ASIACCS), 2009.
• Interactive Simulation Tools for Information Assurance Education. H. Yu, K. Williams, J. Xu, X. Yuan, B. Chu, B. Kang and T. Kombol. In Proceedings of the Second Annual Conference on Education in Information Security (ACEIS), 2009.
• Detecting Malicious Packet Losses. Alper Mizrak, Stefan Savage and Keith Marzullo. In IEEE Transactions on Parallel and Distributed System, Vol. 20, No. 2, February 2009.
• A Framework for Mitigating Attacks Against Measurement-Based Adaptation Mechanisms in Unstructured Multicast Overlay Networks. A. Walters, D. Zage and C. Nita-Rotaru. In IEEE/ACM Transactions on Networking, February 2009.
• How to Test DoS Defenses. J. Mirkovic, S. Fahmy, P. Reiher and R. Thomas. In Proceedings of the Cybersecurity Applications & Technology Conference for Homeland Security (CATCH 2009), March 2009.
• Towards The Perfect DDoS Attack: The Perfect Storm. A. Shevtekar, N. Ansari and R. Karrer. In Proceedings of IEEE Sarnoff '09, pp. 1-5, Princeton, New Jersey, April 2009.
• Accurately Measuring Denial of Service in Simulation and Testbed Experiments. J. Mirkovic, A. Hussain, S. Fahmy, P. Reiher and R. Thomas. In IEEE Transactions on Dependable and Secure Computing, Vol. 6, No. 2, pp. 81-95, April - June 2009.
• Tools for Worm Experimentation on the DETER testbed. S. Wei, C. Ko, J. Mirkovic and A. Hussain. In Proceedings of Tridentcom, 2009.
• AnomBench: A Benchmark for Volume-Based Internet Anomaly Detection. Shashank Shanbhag and Tilman Wolf. In Proceedings of IEEE Global Communications Conference (GLOBECOM), Honolulu, HI, December 2009.
• Understanding TCP Incast Throughput Collapse in Datacenter Networks. Yanpei Chen, Rean Griffith, Junda Liu, Randy H. Katz and Anthony D. Joseph. In Proceedings of the 1st ACM Workshop on Research on Enterprise Networking (WREN '09), 2009.

2008

• On the Impacts of Low Rate DoS Attacks on VoIP Traffic. A. Shevtekar, J. Stille and N. Ansari. In Wiley Security and Communication Networks, Vol. 1, No. 1, pp. 45-56, January - February 2008.
• A Model of the Spread of Randomly Scanning Internet Worms that Saturate Access Links. G. Kesidis, I. Hamadeh, Y. Jin, S. Jiwasurat and M. Vojnovic. In ACM Transactions on Modeling and Computer Simulation (TOMACS), Vol. 18, Issue 2, April 2008.
• SWOON: A Testbed for Secure Wireless Overlay Networks. Y.L. Huang, J.D. Tygar, H.Y. Lin, L.Y. Yeh, H.Y. Tsai, K. Sklower, S.P. Shieh, C.C. Wu, P.H. Lu, S.Y. Chien, Z.S. Lin, L.W. Hsu, C.W. Hsu, C.T. Hsu, Y.C. Wu and M.S. Leong. In Proceedings of the CyberSecurity Experimentation and Test (CSET) Workshop, July 2008.
• To Filter or to Authorize: Network-Layer DoS Defense Against Multimillion-node Botnets. Xin Liu, Xiaowei Yang and Yanbin Lu. In ACM SIGCOMM, August 2008.
• Fidelity of Network Simulation and Emulation: A Case Study of TCP-Targeted Denial of Service Attacks. Roman Chertov, Sonia Fahmy and Ness B. Shroff. In ACM Transactions on Modeling and Computer Simulation (TOMACS), Vol. 19, Issue 1, pp. 4:1-4:29, December 2008.
• Mencius: Building Efficient Replicated State Machines for WANs. Yanhua Mao, Flavio P. Junqueira and Keith Marzull. In Proceedings of the 8th USENIX Symposium on Operating Systems Design and Implementation (OSDI '08), San Deigo, California, December 2008.
• BitBlaze: A New Approach to Computer Security via Binary Analysis. Dawn Song, David Brumley, Heng Yin, Juan Caballero, Ivan Jager, Min Gyung Kang, Zhenkai Liang, James Newsome, Pongsin Poosankam and Prateek Saxena. In Proceedings of the 4th International Conference on Information Systems Security, Keynote Invited Paper, December 2008.
• TVA: a DoS-limiting Network Architecture. Xiaowei Yang, David Wetherall and Tom Anderson. In IEEE/ACM Transactions on Networking (ToN), Vol. 16, Issue 6, December 2008.
• Passport: Secure and Adoptable Source Authentication. Xin Liu, Ang Li, Xiaowei Yang and David Wetherall. In Proceedings of USENIX/ACM Symposium on Networked Systems Design and Implementation, 2008.

2007

• Renovo: A Hidden Code Extractor for Packed Executables. Min Gyung Kang, Pongsin Poosankam and Heng Yin. In ACM Conference on Computer and Communications Security (CCS), November 2007.
• Panorama: Capturing System-wide Information Flow for Malware Detection and Analysis. Heng Yin, Dawn Song, Manuel Egele, Engin Kirda and Christopher Kruegel. In Proceedings of ACM Conference on Computer and Communications Security (CCS), October 2007.
• The Shunt: An FPGA-Based Accelerator for Network Intrusion Prevention. Nicholas Weaver, Vern Paxson and Jose M. Gonzalez. In ACM/SIGDA International Symposium on Field Programmable Gate Arrays (FPGA), February 2007.
• DDoS Benchmarks and Experimenter's Workbench for the DETER Testbed. Jelena Mirkovic, Songjie Wei, Alefiya Hussain, Brett Wilson, Roshan Thomas, Stephen Schwab, Sonia Fahmy, Roman Chertov and Peter Reiher. In Proceedings of Tridentcom (International Conference on Testbeds and Research Infrastructures for the Development of Networks & Communities), May 2007.
• CLID: A general approach to validate security policies in a dynamic network. Yanyan Yang, C. Martel and S. F. Wu. In 10th IFIP/IEEE International Symposium on Integrated Network Management, May 2007.
• Collaborative Detection of DDoS Attacks over Multiple Network Domains. Yu Chen, Kai Hwang and Wei-Shinn Ku. In IEEE Transactions on Parallel and Distributed Systems, June 2007.
• SEER: A Security Experimentation EnviRonment for DETER. Stephen Schwab, Brett Wilson, Calvin Ko and Alefiya Hussain. In Proceedings of the DETER Community Workshop on Cyber Security Experimentation and Test, August 2007.
• A Hypervisor Based Security Testbed. Dan Duchamp and Greg DeAngelis. In Proceedings of the DETER Community Workshop on Cyber Security Experimentation and Test, August 2007.
• Automating DDoS Experimentation. Jelena Mirkovic, Brett Wilson, Alefiya Hussain, Sonia Fahmy, Peter Reiher, Roshan Thomas and Stephen Schwab. In Proceedings of the DETER Community Workshop on Cyber Security Experimentation and Test, August 2007.
• Evaluation of collaborative worm containments on DETER testbed. L. Li, P. Liu, Y.C. Jhi and G. Kesidis. In Proceedings of the DETER Community Workshop on Cyber Security Experimentation and Test, August 2007.
• Design and Implementation of an Isolated Sandbox with Mimetic Internet Used to Analyze Malwares. Shinsuke Miwa, Toshiyuki Miyachi, Masashi Eto, Masashi Yoshizumi and Yoichi Shinoda. In Proceedings of the DETER Community Workshop on Cyber Security Experimentation and Test, August 2007.
• Distributed Change-Point Detection of DDoS Attacks: Experimental Results on DETER Testbed. Yu Chen, Kai Hwang and Wei-Shinn Ku. In Proceedings of the DETER Community Workshop on Cyber Security Experimentation and Test, August 2007.
• Dependency-based Distributed Intrusion Detection. Ji Li, Dah-Yoh Lim and Karen Sollins. In Proceedings of the DETER Community Workshop on Cyber Security Experimentation and Test, August 2007.
• Stress Testing Cluster Bro. Nicholas Weaver and Robin Sommer. In Proceedings of the DETER Community Workshop on Cyber Security Experimentation and Test, August 2007.
• A Plan for Malware Containment in the DETER Testbed. Ron Ostrenga, Stephen Schwab and Robert Braden. In Proceedings of the DETER Community Workshop on Cyber Security Experimentation and Test, August 2007.
• When is Service Really Denied? A User-Centric DoS Metric. Jelena Mirkovic, Alefiya Hussain, Brett Willson, Sonia Fahmy, Wei-Min Yao, Peter Reiher, Stephen Schwab and Roshan Thomas. In Proceedings of the 2007 ACM SIGMETRICS International Conference on Measurement and Modeling of Computer Systems, pp. 357-358, 2007.
• Towards User-Centric Metrics for Denial-Of-Service Measurement. Jelena Mirkovic, Alefiya Hussain, Brett Wilson, Sonia Fahmy, Peter Reiher, Roshan Thomas, Wei-Min Yao and Stephen Schwab. In Proceedings of the 2007 Workshop on Experimental Computer Science, 2007.
• Very Fast Containment of Scanning Worms, Revisited. Nicholas Weaver, Stuart Staniford and Vern Paxson. In Malware Detection, Springer Verlag, Vol. 27, pp. 113-145, 2007.

2006

• A distributed host-based worm detection system. Senthilkumar G. Cheetancheri, John Mark Agosta, Denver H. Dash, Karl N. Levitt, Jeff Rowe and Eve M. Schooler. In Proceedings of the 2006 SIGCOMM workshop on Large-scale attack defense (LSAD '06), 2006.
• In Vini Veritas: Realistic and Controlled Network Experimentation. Andy Bavier, Nick Feamster, Mark Huang, Larry Peterson and Jennifer Rexford. In Proceedings of ACM SIGCOMM, 2006.
• Emulating sequential scanning worms on the DETER testbed. Lunquan Li, Soranun Jiwasurat, Peng Liu, George Kesidis and Clifford Neuman. In Proceedings of Tridentcom (International Conference on Testbeds and Research Infrastructures for the Development of Networks & Communities), March 2006.
• A Dynamic Countermeasure Method for Large-Scale Network Attacks. Zhaoyu Liu and Roopesh Uppala. In Proceedings of 2nd IEEE International Symposium on Dependable, Autonomic and Secure Computing (DASC'06), pp. 163-170, 2006.
• Experience with DETER: A Testbed for Security Research. Terry Benzel, Robert Braden, Dongho Kim, Clifford Neuman, Anthony Joseph, Keith Sklower, Ron Ostrenga and Stephen Schwab. In Proceedings of Tridentcom (International Conference on Testbeds and Research Infrastructures for the Development of Networks & Communities), March 2006.
• Emulation versus Simulation: A Case Study of TCP-Targeted Denial of Service Attacks. Roman Chertov, Sonia Fahmy and Ness Shroff. In Proceedings of Tridentcom (International Conference on Testbeds and Research Infrastructures for the Development of Networks & Communities), March 2006.
• Running Live Self-Propagating malware on the DETER Testbed. Clifford Neuman, Chinmay Shah and Kevin Lahey. In Proceedings of the DETER Community Workshop, Arlington Virginia, June 2006.
• Visual toolkit for network security experiment specification and data analysis. L. Li, P. Liu and G. Kesidis. In Proceedings of the 3rd International Workshop on Visualization for Computer Security, pp. 7-14, 2006.
• Collaborative detection and filtering of shrew DDoS attacks using spectral analysis. Yu Chen and Kai Hwang. In Journal of Parallel and Distributed Computing, Vol. 66, Issue 9, pp. 1137-1151, June 2006.
• Fatih: Detecting and Isolating Malicious Routers via Traffic Validation. Alper Mizrak, Yu-Chung Cheng, Keith Marzullo, and Stefan Savage. In IEEE Transactions on Dependable and Secure Computing 3(3), July 2006.
• Benchmarks for DDoS Defense Evaluation. Jelena Mirkovic, Erinc Arikan, Songjie Wei, Sonia Fahmy, Roshan Thomas and Peter Reiher. In Proceedings of MILCOM, October 2006.
• Measuring Denial of Service. Jelena Mirkovic, Peter Reiher, Sonia Fahmy, Roshan Thomas, Alefiya Hussain, Stephen Schwab and Calvin Ko. In Proceedings of the 2nd ACM Workshop on Quality of Protection, pp. 53-58, 2006.
• Increasing TCP Throughput with an Enhanced Internet Control Plane. Andy Bavier, Larry Peterson, Jack Brassil, Rick McGeer, David Reed, Puneet Sharma, Praveen Yalagandula, Alex Henderson, Larry Roberts, Stephen Schwab, Roshan Thomas, Eric Wu, Brian Mark, Ben Zhao and Anthony Joseph. In Proceedings of MILCOM, October 2006.
• Mitigating Attacks Against Measurement-Based Adaptation Mechanisms in Unstructured Multicast Overlay Networks. AAron Walters, Kevin Bauer and Cristina Nita-Rotaru. In The 14th IEEE International Conference on Network Protocols (ICNP), 2006.

2005

• InFilter: Predictive Ingress Filtering to Detect Spoofed IP Traffic. Abhrajit Ghosh, Larry Wong, Giovanni Di Crescenzo, Rajesh Talpade. In Proceedings of the Second International Workshop on Security in Distributed Computing Systems (SDCS) (ICDCSW '05), Vol. 2, pp.99-106, 2005.
• Coupled Kermack-McKendrick Models for Randomly Scanning and Bandwidth-Saturating Interent Worms. G. Kesidis, I. Hamadeh and S. Jiwasurat, Lecture Notes In Computer Science, Vol. 3375, pp. 101-109, 2005.
• Modeling and Automated Containment of Worms. S. Sellke, N.B. Shroff and S. Bagchi, In Proceedings of the International Conference on Dependable Systems and Networks (DSN), Yokohama, Japan, June - July 2005.
• Emulation of Single Packet UDP Scanning Worms in Large Enterprises. Lunquan Li, Soranun Jiwasurat, Peng Liu and George Kesidis. In Proceedings of the 19 International Teletraffic Congress (ITC), August 2005.
• A DoS-limiting Network Architecture. Xiaowei Yang, David Wetherall and Tom Anderson. In Proceedings of ACM SIGCOMM, Philadelphia, Pennsylvania, August 2005.
• Methodologies and Metrics for the Testing and Analysis of Distributed Denial of Service Attacks and Defenses. S. Schwab, B. Wilson and R. Thomas. In Proceedings of MILCOM, October 2005.
• Performing BGP Experiments on a Semi-realistic Internet Testbed Environment. Ke Zhang, Soon-Tee Teoh, Shih-Ming Tseng, Rattapon Limprasittipom, Kwan-Liu Ma, S. Felix Wu and Chen-Nee Chuah. In Second International Workshop on Security in Distributed Computing Systems (SDCS), pp. 130-136, 2005.

2004

• Cyber defense technology networking and evaluation. R. Bajcsy, T. Benzel, M. Bishop, B. Braden, C. Brodley, S. Fahmy, S. Floyd, W. Hardaker, A. Joseph, G. Kesidis, K. Levitt, B. Lindell, P. Liu, D. Miller, R. Mundy, C. Neuman, R. Ostrenga, V. Paxson, P. Porras, C. Rosenberg, J. D. Tygar, S. Sastry, D. Sterne and S. F. Wu. In Communications of the ACM, Special issue on Emerging Technologies for Homeland Security, Vol. 47, Issue 3, pp. 58-61, March 2004.
• A hybrid quarantine defense. P. Porras, L. Biesemeister, K. Levitt, J. Rowe, K. Skinner and A. Ting. In Proceedings of ACM WORM, Washington, DC, October 2004.
• Combining visual and automated data mining for near-real-time anomaly detection and analysis in BGP. S.T. Teoh, K. Zhang, S.-M. Tseng, K.-L. Ma and S. F. Wu. In Proceedings of ACM VizSEC/CMSEC-04, Washington, DC, October 2004.
• Preliminary results using scale-down to explore worm dynamics. Nicholas Weaver, Ihab Hamadeh, George Kesidis and Vern Paxson. In Proceedings of the 2004 ACM workshop on Rapid malcode, pp. 65-72, 2004.

Other Publications

2013

• Using Network Traffic to Remotely Identify the Type of Applications Executing on Mobile Devices. Lanier Watkins, Cherita Corbett, Benjamin Salazar, Kevin Fairbanks, and William H. Robinson. Slide presentation at Mobile Security Technologies (MOST '13), held as part of the IEEE Computer Society Security and Privacy Workshops in conjunction with the IEEE Symposium on Security and Privacy, San Francisco, California, May 2013.

2012

• Teaching Cybersecurity at a Distance. Marian Petre, Arosha Bandara, and Blaine Price. Published in ACM Inroads magazine, volume 3, issue 4, pp. 20-21, December 2012.
• Understanding TCP Incast and Its Implications for Big Data Workloads. Yanpei Chen, Rean Griffit, David Zats, and Randy H. Katz. Technical Report No. UCB/EECS-2012-40, University of California at Berkeley, Department of Electrical Engineering and Computer Sciences, April 2012.

2009

• National Malware Collaboratory Investigation (NMCI). John Wroclawski, Terry Benzel and Ted Faber. National Science Foundation SGER Final Report, August 2009.

2008

• Machine Learning in the Presence of an Adversary: Attacking and Defending the SpamBayes Spam Filter. Udam Saini. Technical Report No. UCB/EECS-2008-62, University of California at Berkeley, Department of Electrical Engineering and Computer Sciences, May 2008.

2007

• Agent Organization and Request Propagation in the Knowledge Plane. Ji Li and Karen Sollins, MIT CSAIL Techical Report, MIT-CSAIL-TR-2007-039, July 2007.

2006

• DDoS Experiment Methodology. Alefiya Hussain, Stephen Schwab, Roshan Thomas, Sonia Fahmy and Jelena Mirkovic. In Proceedings of the DETER Community Workshop on Cyber Security Experimentation and Test, June 2006.
• Benchmarks for DDoS Defense Evaluation. Jelena Mirkovic, Erinc Arikan, Songjie Wei, Sonia Fahmy, Roshan Thomas and Peter Reiher. In Proceedings of the DETER Community Workshop on Cyber Security Experimentation and Test, June 2006.
• Towards Systematic IDS Evaluation. Calvin Ko, Alefiya Hussain, Stephen Schwab, Roshan Thomas and Brett Wilson. In Proceedings of the DETER Community Workshop on Cyber Security Experimentation and Test, June 2006.
• Measuring Impact of DoS Attacks. Jelena Mirkovic, Sonia Fahmy, Peter Reiher, Roshan Thomas, Alefiya Hussain, Steven Schwab and Calvin Ko. In Proceedings of the DETER Community Workshop on Cyber Security Experimentation and Test, June 2006.
• High Fidelity Denial of Service (DoS) Experimentation. Roman Chertov, Sonia Fahmy and Ness B. Shroff. In Proceedings of the DETER Community Workshop on Cyber Security Experimentation and Test, June 2006.
• Preliminary BGP Multiple-Origin Autonomous Systems (MOAS) Experiments on the DETER Testbed. Glenn Carl, George Kesidis, Shashi Phoha and Bharat Madan. In Proceedings of the DETER Community Workshop on Cyber Security Experimentation and Test, June 2006.
• BGPRV: A Library for Fast and Efficient Routing Data Manipulation. Kevin Butlter, Patrick D. McDaniel and Sophie Y. Qiu In Proceedings of the DETER Community Workshop on Cyber Security Experimentation and Test, June 2006.
• ELISHA: A Visual and Interactive Tool for BGP Anomaly Detection and Analysis. Shih-Ming Tseng, S. Felix Wu, Kwan-Liu Ma, Chen-Nee Chuah, Soon-Tee Teoh, Ke Zhang and Xiaoliang Leon Zhao. In Proceedings of the DETER Community Workshop on Cyber Security Experimentation and Test, June 2006.
• Testing Large Scale BGP Security in Replayable Network Environments. Kevin Butler and Patrick McDaniel. In Proceedings of the DETER Community Workshop on Cyber Security Experimentation and Test, June 2006.
• Formally Specifying Design Goals of Worm Defense Strategies. Linda Briesemeister and Phillip A. Porras. In Proceedings of the DETER Community Workshop on Cyber Security Experimentation and Test, June 2006.
• Evaluation of a Collaborative End-Host Worm Defense System. Senthil Cheetancheri, Karl Levitt, Jeff Rowe, John Mark Agosta, Denver Dash and Eve Schoole. In Proceedings of the DETER Community Workshop on Cyber Security Experimentation and Test, June 2006.
• Scanning worm emulation on the DETER testbed. Lunquan Li, George Kesidis and Peng Liu. In Proceedings of the DETER Community Workshop on Cyber Security Experimentation and Test, June 2006.
• Application of DETER in Large-Scale Cyber Security Exercises. Ron Ostrenga and Paul Walczak. In Proceedings of the DETER Community Workshop on Cyber Security Experimentation and Test, June 2006.
• Running Live Self-Propagating Malware on the DETER Testbed. Cliff Neuman, Chinmay Shah and Kevin Lahey. In Proceedings of the DETER Community Workshop on Cyber Security Experimentation and Test, June 2006.
• Stress-Testing a Gbps Intrusion Prevention Device on DETER. Nicholas Weaver and Vern Paxson. In Proceedings of the DETER Community Workshop on Cyber Security Experimentation and Test, June 2006.
• Security Experimenters Workbench. Stephen Schwab and Terry Benzel. In Proceedings of the DETER Community Workshop on Cyber Security Experimentation and Test, June 2006.
• Topology Generation, Instrumentation, and Experimental Control Tools for Emulation Testbeds. Roman Chertov, Sonia Fahmy, Pankaj Kumar, David Bettis, Abdallah Khreishah and Ness B. Shroff. In Proceedings of the DETER Community Workshop on Cyber Security Experimentation and Test, June 2006.
• Multidimensional Flow Mining for Digesting, Visualization, Anomaly Detection, and Signature Extraction. Jisheng Wang, David J. Miller and George Kesidis. In Proceedings of the DETER Community Workshop on Cyber Security Experimentation and Test, June 2006.
• Programmatically Generating Topologies and Configurations. Wesley Griffin and Ron Ostrenga. In Proceedings of the DETER Community Workshop on Cyber Security Experimentation and Test, June 2006.
• An Integrated Experiment Specification and Visualization Tool for Testbed Emulation. Lunquan Li, Peng Liu and George Kesidis. In Proceedings of the DETER Community Workshop on Cyber Security Experimentation and Test, June 2006.

2002

• Justifications and Requirements for a National DDoS Defense Technology Evaluation Facility. Wes Hardaker, Darrell Kindred, Ron Ostrenga, Dan Sterne and Roshan Thomas. In Network Associates Laboratories Report #02-052, July 2002.

MS and PhD Theses

2013

• Dynamic Analysis of Malicious Software. Joan Calvet, PhD Thesis, Cryptography and Security, Université de Lorraine, Nancy, France, December 2013.
• Lightweight Change Detection and Response Inspired by Biological Systems. Vinod Balachandran, MS Thesis, Department of Computer Science, University of California, Davis, September 2013.
• Ensuring QoS During Bandwidth DDoS Attacks. Moti Geva, PhD Thesis, Department of Computer Science, Bar-Ilan University, Ramat-Gan, Israel, April 2013.

2012

• SUBROSA 2: An Experimental Evaluation of Timing Analysis Attacks and Defenses in Anonymity Systems. Payap Sirinam, MS Thesis, University of Texas at Arlington, August 2012.
• Predicting Application Performance in the Cloud. Xuanran Zong. Master's Thesis, Duke University, Durham, North Carolina, January 2012.

2011

• Attribute-Based Access Control for Distributed Systems. David J. B. Cheperdak. Master's Thesis, Univeristy of Victoria, British Columbia, 2011.  
• Experimental evaluation and implementation of Spread Identity Framework. Nikhil Dinkar Joshi. Master's Thesis, University of Maryland, Baltimore County, 2011.
• Methods for Secure Decentralized Routing in Open Networks. Nathan S. Evans. Dissertation, Network Architectures and Services, Department of Computer Science, Technische Universität München, Germany, 2011.

2010

• Behavior-based Worm Detection. Shad Stafford. PhD Thesis, University of Oregon, in progress.
• Using network traffic to infer CPU and memory utilization for cluster grid computing. Lanier Watkins. PhD Thesis, Georgia State University, January 2010.
• Operating Systems Abstractions for Software Packet Processing in Datacenters. Tudor Marian. PhD Thesis, Cornell University, August 2010.
• Secure Multicast for Power Grid Communications. Jianqing Zhang. Doctoral Thesis, University of Illinois, September 2010.

2009

• Detecting Anomalous Internet Clients with Behavior Profiles and Reputations. Songjie Wei. PhD Thesis, University of Delaware, Newark, Delaware, January 2009.

2008

• Protecting Communication Infrastructures Against Attacks with Programmable Networking Technology. Andreas Hess. PhD Dissertation, Technischen Universität Berlin (Berlin Institute of Technology), Germany, June 2008.
• Measurement-based models of Internet forwarding devices. Roman Chertov. PhD Thesis, Purdue University, May 2008.

2007

• Collaborative Defense Against Zero-Day and Polymorphic Worms: Detection, Response and an Evaluation Framework. Senthilkumar G Cheetancheri. PhD Dissertation, University of California, Davis, 2007.
• Detecting Malicious Routers. Alper Mizrak. PhD Dissertation, University of California, San Diego, 2007.

2006

• Attack Profiling for DDoS Benchmarks. Erinc Arikan. Mater's Thesis, University of Delaware, Newark, Summer 2006.
• Mitigating Attacks Against Measurement-Based Adaptation Mechanisms in Overlay Networks. AAron Walters. Mater's Thesis, Purdue University, West Lafayette, Indiana, May 2006.
• Co-ordinated Port Scans: A Model, A Detector and An Evaluation Methodology. Carrie Gates. PhD Thesis, Dalhousie University, Halifax, Nova Scotia, February 2006.

Student Projects

2008

• On the Impacts of Low Rate DoS Attacks on VoIP Traffic. J. Stille. Undergraduate Project, New Jersey Institute of Technology, 2008.

2007

• Implementing RoQ (Reduction of Quality) attack mitigation system on DETERlab. Cynthia Haidar. Undergraduate Summer Intern Project, Lebanese American University, Beirut, 2007.

In the Press

2009

• Using DETER for a project with Northrop Grumman on partitioning experiments. A news story about the project in Purdue University Newsroom, 2009.