Bibtex of Guofei's Publications
@inproceedings{AUTOVAC_ICDCS13,
title = {{AUTOVAC}: Towards Automatically Extracting System Resource Constraints and Generating Vaccines for Malware Immunization},
author = {Zhaoyan Xu and Jialong Zhang and Guofei Gu and Zhiqiang Lin},
year = {2013},
month = {July},
booktitle = {Proc. of the 33rd International Conference on Distributed Computing Systems (ICDCS'13)}
}
@inproceedings{FLOVER_ICC13,
title = {Model Checking Invariant Security Properties in OpenFlowProc},
author = {Sooel Son and Seungwon Shin and Vinod Yegneswaran and Phillip Porras and Guofei Gu},
year = {2013},
month = {June},
booktitle = {Proceedings of 2013 IEEE International Conference on Communications (ICC'13)}
}
@inproceedings{FRESCO_NDSS13,
title = {FRESCO: Modular Composable Security Services for Software-Defined Networks},
author = {Seungwon Shin and Phil Porras and Vinod Yegneswaran and Martin Fong and Guofei Gu and Mabry Tyson},
year = {2013},
month = {February},
booktitle = {Proceedings of the 20th Annual Network and Distributed System Security Symposium (NDSS'13)}
}
@inproceedings{NeighborWatcher_NDSS13,
title = {NeighborWatcher: A Content-Agnostic Comment Spam Inference System},
author = {Jialong Zhang and Guofei Gu},
year = {2013},
month = {February},
booktitle = {Proceedings of the 20th Annual Network and Distributed System Security Symposium (NDSS'13)}
}
@inproceedings{CATS_COMSNETS13,
title = {CATS: Characterizing Automation of Twitter Spammers},
author = {Amit Amaleswarm and A. L. Narasimha Reddy and Sandep Yadav and Guofei Gu and Chao Yang},
year = {2013},
month = {Jan.},
booktitle = {Proceedings of the 5th International Conference on COMmunication Systems and NETworkS (COMSNETS’13)}
}
@inproceedings{CloudWatcher_NPSec12,
title = {CloudWatcher: Network Security Monitoring Using OpenFlow in Dynamic Cloud Networks (or: How to Provide Security Monitoring as a Service in Clouds?)},
author = {Seungwon Shin and Guofei Gu},
year = {2012},
month = {October},
booktitle = {Proceedings of the 7th Workshop on Secure Network Protocols (NPSec’12), co-located with IEEE ICNP’12}
}
@inproceedings{SmartDroid_SPSM12,
title = {SmartDroid: An Automatic System for Revealing UI-based Trigger Conditions in Android Applications},
author = {Cong Zheng and Shixiong Zhu and Shuaifu Dai and Guofei Gu and Xiaorui Gong and Wei Zou},
year = {2012},
month = {October},
booktitle = {Proceedings of the 2nd ACM CCS Workshop on Security and Privacy in Smartphones and Mobile Devices (SPSM’12)}
}
@inproceedings{PeerPress_CCS12,
title = {{PeerPress}: Utilizing Enemies' P2P Strength against Them},
author = {Zhaoyan Xu and Lingfeng Chen and Guofei Gu and Christopher Kruegel},
year = {2012},
month = {October},
booktitle = {Proceedings of the 19th ACM Conference on Computer and Communications Security (CCS'12)}
}
@Article{ETSniffer_TIFS12,
author = {Chao Yang and Yimin Song and Guofei Gu},
title = {Active, User-side Evil Twin Access Point Detection Using Statistical Techniques},
journal = {IEEE Transactions on Information Forensics and Security},
year = {2012},
volume = {},
number = {},
month = {},
pages = {},
}
@inproceedings{PoisonAmplifier_RAID12,
title = {{PoisonAmplifier}: A Guided Approach of Discovering Compromised Websites through Reversing Search Poisoning Attacks},
author = {Jialong Zhang and Chao Yang and Zhaoyan Xu and Guofei Gu},
year = {2012},
month = {September},
booktitle = {Proceedings of the 15th International Symposium on Research in Attacks, Intrusions and Defenses (RAID'12)}
}
@inproceedings{FortNOX_HotSDN12,
title = {A Security Enforcement Kernel for OpenFlow Networks},
author = {Phillip Porras and Seungwon Shin and Vinod Yegneswaran and Martin Fong and Mabry Tyson and Guofei Gu},
year = {2012},
month = {August},
booktitle = {Proceedings of ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking (HotSDN'12)}
}
@inproceedings{BinCarver_DFRWS12,
title = {{Bin-Carver}: Automatic Recovery of Binary Executable Files},
author = {Scott Hand and Zhiqiang Lin and Guofei Gu and Bhavani Thuraisingham},
year = {2012},
month = {August},
booktitle = {Proceedings of the 12th Annual Digital Forensics Research Conference (DFRWS'12)}
}
@inproceedings{Yang_WWW12_Ecosystem,
title = {Analyzing Spammers' Social Networks For Fun and Profit -- A Case Study of Cyber Criminal Ecosystem on Twitter},
author = {Chao Yang and Robert Harkreader and Jialong Zhang and Suengwon Shin and Guofei Gu},
year = {2012},
month = {April},
booktitle = {Proceedings of the 21st International World Wide Web Conference (WWW'12)}
}
@Article{Shin_TIFS12_Conficker,
author = {Seungwon Shin and Guofei Gu and Narasimha Reddy and Christopher Lee},
title = {A Large-Scale Empirical Study of Conficker},
journal = {IEEE Transactions on Information Forensics and Security},
year = {2012},
volume = {},
number = {},
month = {},
pages = {},
}
@Article{ShadowAttack_JiCV2012,
author = {Weiqin Ma and Pu Duan and Sanmin Liu and Guofei Gu and Jyh-Charn Liu},
title = {Shadow Attacks: Automatically Evading System-Call-Behavior based Malware Detection},
journal = {Springer Journal in Computer Virology},
year = {2012},
volume = {},
number = {},
month = {},
pages = {},
}
@Article{Wang_TISSEC12_TaintScope,
author = {Tielei Wang and Tao Wei and Guofei Gu and Wei Zou},
title = {Checksum-Aware Fuzzing Combined with Dynamic Taint Analysis and Symbolic Execution},
journal = {ACM Transactions on Information and System Security (TISSEC)},
year = {2011},
volume = {14},
number = {2},
month = {September},
pages = {15:1-15:28},
}
@inproceedings{Shin_Infocom12_EFFORT,
title = {{EFFORT: Efficient and Effective Bot Malware Detection}},
author = {Seungwon Shin and Zhaoyan Xu and Guofei Gu},
year = {2012},
month = {March},
booktitle = {Proceedings of the 31th Annual IEEE Conference on Computer Communications (INFOCOM'12) Mini-Conference}
}
@inproceedings{Vikram_ACSAC11_SEMAGE,
title = {{SEMAGE: A New Image-based Two-Factor CAPTCHA}},
author = {Shardul Vikram and Yinan Fan and Guofei Gu},
year = {2011},
month = {December},
booktitle = {Proceedings of 2011 Annual Computer Security Applications Conference (ACSAC'11)}
}
@inproceedings{Yang_RAID11_TwitterML,
title = {Die Free or Live Hard? Empirical Evaluation and New Design for Fighting Evolving Twitter Spammers},
author = {Chao Yang and Robert Harkreader and Guofei Gu},
year = {2011},
month = {September},
booktitle = {Proceedings of the 14th International Symposium on Recent Advances in Intrusion Detection ({RAID}'11))}
}
@inproceedings{Shin_RAID11_CrossAnalysis,
title = {Cross-Analysis of Botnet Victims: New Insights and Implications},
author = {Seungwon Shin and Raymond Lin and Guofei Gu},
year = {2011},
month = {September},
booktitle = {Proceedings of the 14th International Symposium on Recent Advances in Intrusion Detection ({RAID}'11))}
}
@inproceedings{Chen_ASIACCS11_WebPatrol,
title = {{WebPatrol}: Automated Collection and Replay of Web-based Malware Scenarios},
author = {Kevin Zhijie Chen and Guofei Gu and Jose Nazario and Xinhui Han and Jianwei Zhuge},
year = {2011},
month = {March},
booktitle = {Proceedings of the 2011 {ACM} Symposium on Information, Computer, and Communication Security ({ASIACCS}'11)}
}
@inproceedings{Zhang_ASIACCS11_Boosting,
title = {Boosting the Scalability of Botnet Detection Using Adaptive Traffic Sampling},
author = {Junjie Zhang and Xiapu Luo and Roberto Perdisci and Guofei Gu and Wenke Lee and Nick Feamster},
year = {2011},
month = {March},
booktitle = {Proceedings of the 2011 {ACM} Symposium on Information, Computer, and Communication Security ({ASIACCS}'11)}
}
@inproceedings{Shin_ACSAC10_Conficker,
title = {Conficker and Beyond: A Large-Scale Empirical Study},
author = {Seungwon Shin and Guofei Gu},
year = {2010},
month = {December},
booktitle = {Proceedings of 2010 Annual Computer Security Applications Conference (ACSAC'10)}
}
@inproceedings{Song_DSN10_ETSniffer,
title = {Who Is Peeping at Your Passwords at Starbucks? -- To Catch an Evil Twin Access Point},
author = {Yimin Song and Chao Yang and Guofei Gu},
year = {2010},
month = {June},
booktitle = {Proceedings of the 40th Annual IEEE/IFIP International Conference on Dependable Systems
and Networks (DSN'10)}
}
@inproceedings{Wang_Oakland10_TaintScope,
title = {TaintScope: A Checksum-Aware Directed Fuzzing Tool for Automatic Software Vulnerability Detection},
author = {Tielei Wang and Tao Wei and Guofei Gu and Wei Zou},
year = {2010},
month = {May},
booktitle = {Proceedings of the 31st IEEE Symposium on Security and Privacy (Oakland'10)}
}
@inproceedings{Gu_ACSAC09_botProber,
title = {Active Botnet Probing to Identify Obscure Command and Control Channels},
author = {Guofei Gu and Vinod Yegneswaran and Phillip Porras and Jennifer Stoll and Wenke Lee},
year = {2009},
month = {December},
booktitle = {Proceedings of 2009 Annual Computer Security Applications Conference (ACSAC'09)}
}
@inproceedings{Gu_Scurity08_BotMiner,
title = {{BotMiner}: Clustering Analysis of Network Traffic for Protocol- and Structure-Independent Botnet Detection},
author = {Guofei Gu and Roberto Perdisci and Junjie Zhang and Wenke Lee},
year = {2008},
booktitle = {Proceedings of the 17th USENIX Security Symposium (Security'08)}
}
@inproceedings{Gu_ASIACCS08_idsfusion,
title = {Principled Reasoning and Practical Applications of Alert Fusion in Intrusion Detection Systems},
author = {Guofei Gu and Alvaro A. Cardenas and Wenke Lee},
year = {2008},
month = {March},
booktitle = {Proceedings of the 2006 {ACM} Symposium on Information, Computer, and Communication Security ({ASIACCS}'08)}
}
@inproceedings{Gu_NDSS08_botsniffer,
title = {{BotSniffer}: Detecting Botnet Command and Control Channels in Network Traffic},
author = {Guofei Gu and Junjie Zhang and Wenke Lee},
year = {2008},
month = {February},
booktitle = {Proceedings of the 15th Annual Network and Distributed System Security Symposium (NDSS'08)}
}
@inproceedings{Dagon_ACSAC07_botax,
title = {A Taxonomy of Botnet Structures},
author = {David Dagon and Guofei Gu and Chris Lee and Wenke Lee},
year = {2007},
month = {December},
booktitle = {Proceedings of the 23 Annual Computer Security Applications Conference (ACSAC'07)}
}
@inproceedings{Gu_Securecomm07_whitehole,
title = {Misleading and Defeating Importance-Scanning Malware Propagation},
author = {Guofei Gu and Zesheng Chen and Phillip Porras and Wenke Lee},
year = {2007},
month = {September},
booktitle = {Proceedings of the 3rd International Conference on Security and Privacy in Communication Networks (SecureComm'07)}
}
@inproceedings{Gu_Scurity07_BotHunter,
title = {{BotHunter}: Detecting Malware Infection Through IDS-Driven Dialog Correlation},
author = {Guofei Gu and Phillip Porras and Vinod Yegneswaran and Martin Fong and Wenke Lee},
year = {2007},
month = {August},
booktitle = {Proceedings of the 16th USENIX Security Symposium (Security'07)}
}
@inproceedings{Perdisci_ICDM06_HardenPAYL,
title = {Using an Ensemble of One-Class SVM Classifiers to Harden Payload-based Anomaly Detection Systems},
author = {Roberto Perdisci and Guofei Gu and Wenke Lee},
year = {2006},
month = {December},
booktitle = {Proceedings of the IEEE International Conference on Data Mining ({ICDM'06})}
}
@inproceedings{Gu_ESORICS06_Framework,
title = {Towards an Information-Theoretic Framework for Analyzing Intrusion Detection Systems},
author = {Guofei Gu and Prahlad Fogla and David Dagon and Wenke Lee and Boris Skoric},
year = {2006},
month = {September},
booktitle = {Proceedings of the 11th European Symposium on Research in Computer Security ({ESORICS}'06)}
}
@inproceedings{Gu_ACNS06_DSO,
title = {{DSO: Dependable Signing Overlay}},
author = {Guofei Gu and Prahlad Fogla and Wenke Lee and Douglas Blough},
year = {2006},
month = {June},
booktitle = {Proceedings of the 2006 International Conference on Applied Cryptography and Network Security ({ACNS}'06)}
}
@inproceedings{Gu_ASIACCS06_CID,
title = {Measuring Intrusion Detection Capability: An Information-Theoretic Approach},
author = {Guofei Gu and Prahlad Fogla and David Dagon and Wenke Lee and Boris Skoric},
year = {2006},
month = {March},
booktitle = {Proceedings of the 2006 {ACM} Symposium on Information, Computer, and Communication Security ({ASIACCS}'06)}
}
@inproceedings{Shi_HPCA06_Infoshield,
title = {{InfoShield}: A Security Architecture for Protecting Information Usage in Memory},
author = {Weidong Shi and Hsien-Hsin Lee and Guofei Gu and Laura Falk and Trevor Mudge and Mrinmoy Ghosh},
year = {2006},
month = {March},
booktitle = {Proceedings of the 12th International Symposium on High-Performance Computer Architecture ({HPCA}'06)}
}
@inproceedings{Shi_ICAC05_Multiprocessor,
author = {Weidong Shi and Hsien-Hsin Lee and Guofei Gu and Laura Falk and Trevor Mudge and Mrinmoy
Ghosh},
title = {An Intrusion-Tolerant and Self-Recoverable Network Service System Using A Security Enhanced Chip Multiprocessor},
booktitle = {Proceedings of the Second International Conference on Automatic Computing ({ICAC}'05: )},
year = {2005},
isbn = {0-7965-2276-9},
pages = {263--273},
doi = {http://dx.doi.org/10.1109/ICAC.2005.8},
publisher = {IEEE Computer Society},
address = {Washington, DC, USA},
}
@inproceedings{Gu_ACSAC04_worm,
author = {Guofei Gu and Monirul Sharif and Xinzhou Qin and David Dagon and Wenke Lee and George Riley},
title = {Worm Detection, Early Warning and Response Based on Local Victim Information},
booktitle = {Proceedings of the 20th Annual Computer Security Applications Conference ({ACSAC}'04)},
year = {2004},
isbn = {0-7695-2252-1},
pages = {136--145},
doi = {http://dx.doi.org/10.1109/CSAC.2004.51},
publisher = {IEEE Computer Society},
address = {Washington, DC, USA},
}
@inproceedings{Dagon_RAID04_Honeystat,
title = {{HoneyStat}: Local Worm Detection Using Honeypots},
author = {David Dagon and Xinzhou Qin and Guofei Gu and Wenke Lee and Julian Grizzard and John Levine and Henry Owen},
year = {2004},
month = {September},
booktitle = {Proceedings of the 7th International Symposium on Recent Advances in Intrusion Detection ({RAID}'04)}
}
@inproceedings{Gu_ACNS03_PLI,
title = {{PLI: A New Framework to Protect Digital Content for P2P Networks}},
author = {Guofei Gu and Bin Zhu and Shipeng Li and Shiyong Zhang},
year = {2003},
month = {October},
booktitle = {Proceedings of the 2003 International Conference on Applied Cryptography and Network Security ({ACNS}'03)}
}