|
|
Networking and Security |
Back
|
|
Engin KIRDA
Professor
|
|
|
|
|
|
|
|
Resume |
Education Habilitation (Priv.Doz.) in the area of applied computer science, 2007, Technical University of Vienna, Austria Dr.techn (Ph.D.), 2002, Technical University of Vienna, Austria Dipl.-Ing (BSc+Msc), 1999, Technical University of Vienna, Austria
Teaching
He has recently joined the Corporate Communications Department at EURECOM as a senior assistant professor. He is currently adjunct associate professor at the Technical University of Vienna. During his time at the Technical University of Vienna, he taught introductory courses on distributed systems and internet security as well as advanced courses on applied system security. As a part of the security courses, students can participate in an inter-university "capture-the-flag" hacking contest in which they can prove their knowledge of security and system management by competing with their peers. Industrial Experience
He is currenly active as a senior systems engineer and scientific consultant at the Secure Business Austria competence center. He has been active as a consultant to the Austrian National Bank, Bankaustria-Creditanstalt, and BAWAG in Vienna. He currently manages local and international research projects with several industrial partners that are involved in computer security. From 1998 to 1999, he worked at Siemens Austria as a software engineer and researcher. From 1997 to 1998, he worked for a small Vienna-based company and was a software engineer in the Web4Groups EU project where EURECOM was also a project partner. Major Research Interests
His current research interest are software and network security with focus on Web vulnerability detection and prevention, binary analysis, and malware detection [e.g., spyware]. Before that, he was mainly interested in distributed systems, software engineering and software architectures.
Visibility, Membership, Committee
He regularly serves as programme committee member and reviewer in major security conferences and journals. In 2008, he is programme co-chair of the Recent Advances in Intrusion Detection (RAID) conference. In 2009, he will be the RAID programme chair. He is a member of IEEE and USENIX. | Additional information | Current research topics He is currently involved in the Analysing Unknown Binaries (ANUBIS) project that is well-known by the malware analysis community and that aims to automatically analyze and cluster malware samples. Distinctions He co-received the 2005 Award of the Austrian Federal Economic Chamber for his work on malware detection and analysis.
The Technical University of Vienna student team that he co-managed won the UCSB 2006 Capture the Flag Contest among 25 university teams.
He received the best paper award at ISC 2007 and EICAR 2006. Selected publications Clemens Kolbitsch, Paolo Milani Comparetti, Christopher Kruegel, Engin Kirda, Xiaoyong Zhou, and Xiaofeng Wang, Effective and Efficient Malware Detection at the End Host, in USENIX Security ‘09, Montreal, Canada, August 2009 Gilbert Wondracek, Thorsten Holz, Engin Kirda, Christopher Kruegel, A Practical Attack to De-Anonymize Social Network Users, IEEE Security and Privacy, Oakland, May 2010
Leyla Bilge, Thorsten Strufe, Davide Balzarotti, and Engin Kirda, All Your Contacts Are Belong to Us: Automated Identity Theft Attacks on Social Networks, 18th International World Wide Web Conference (WWW 2009), Madrid, April 2009 Andreas Moser, Christopher Kruegel, and Engin Kirda, Exploring Multiple Execution Paths for Malware Analysis, IEEE Symposium on Security and Privacy, Oakland, May 2007
|
|
|
|
|
Publications |
| Eurecom Reference | 2012 |
| 3550 |
Scholte, Theodoor; Balzarotti, Davide; Robertson, William; Kirda, Engin
An empirical analysis of input validation mechanisms in web applications and languages
SAC 2012, 27th ACM Symposium On Applied Computing (SAC), Security Track, March 26-30, 2012, Trento, Italy
Details
BibTeX
|
| 3548 |
Balduzzi, Marco; Zaddach, Jonas; Balzarotti, Davide; Kirda, Engin; Loureiro, Sergio
A security analysis of amazon's elastic compute cloud service
SAC@SAC 2012, 11th edition of the Computer Security track at the 27th ACM Symposium on Applied Computing, March 26-30, 2012, Trento, Italy
Details
BibTeX
|
| 3553 |
Onarlioglu, Kaan; Ozan Yilmaz, Utku; Balzarotti, Davide; Kirda, Engin
Insights into user behavior in dealing with internet attacks
NDSS'12, 19th Annual Network and Distributed System Security Symposium, February 5-8, 2012, San Diego, CA, USA
Details
BibTeX
|
| Eurecom Reference | 2011 |
| 3611 |
Scholte, Theodoor; Balzarotti, Davide; Kirda, Engin
Have things changed now? An empirical study on input validation vulnerabilities in web applications
"Computers and Security", 2012, ISSN: 0167-4048
Details
BibTeX
DOI
|
| 3402 |
Irani, Danesh; Balduzzi, Marco; Balzarotti, Davide; Kirda, Engin; Pu, Calton
Reverse social engineering attacks in online social networks
DIMVA 2011, 8th Conference on Detection of Intrusions and Malware & Vulnerability Assessment, July 7-8th, 2011
Amsterdam, The Netherlands / Also published in "Lecture Notes in Computer Science", Vol 6739/2011
, pp 55-74
Details
BibTeX
DOI
|
| 3277 |
Scholte, Theodoor; Balzarotti, Davide; Kirda, Engin
Quo vadis ? A study of the evolution of input validation vulnerabilities in Web applications
FC 2011, 15th International Conference on Financial Cryptography and Data Security, February 28-March 4, 2011
Bay Gardens Beach Resort, St. Lucia
Details
BibTeX
|
| 3281 |
Bilge, Leyla; Kirda, Engin; Kruegel, Christopher; Balduzzi, Marco
EXPOSURE : Finding malicious domains using passive DNS analysis
NDSS'11, 18th Annual Network & Distributed System Security Symposium, 6-9 February 2011, San Diego, CA, USA
Details
BibTeX
|
| 3234 |
Balduzzi, Marco; Torrano Gimenez, Carmen; Balzarotti, Davide; Kirda, Engin
Automated discovery of parameter pollution vulnerabilities in web applications
NDSS'11, 8th Annual Network and Distributed System Security Symposium, 6-9 February 2011, San Diego, CA, USA
 Distinguished Paper Award
Details
BibTeX
|
| 3282 |
Egele, Manuel; Kruegel, Christopher; Kirda, Engin; Vigna, Giovanni
PiOS : Detecting privacy leaks in iOS applications
NDSS'11, 18th Annual Network and Distributed System Security Symposium, 6-9 February 2011, San Diego, CA, USA
Details
BibTeX
|
| Eurecom Reference | 2010 |
| 3304 |
Andrey, Laurent; Festor, Olivier; Dacier, Marc; Gras, Emmanuel; Kirda, Engin; Leita, Corrado
VAMPIRE : Future internet vulnerability assessment, monitoring and prevention
ARN "Colloque « Télécommunications ? réseaux du futur et services", December 6-8, 2010, Rennes, France
Details
BibTeX
|
| 3235 |
Onarlioglu, Kaan; Bilge, Leyla; Lanzi, Andrea; Balzarotti, Davide; Kirda, Engin
G-Free : defeating return-oriented programming through gadget-less binaries
ACSAC'10, Annual Computer Security Applications Conference, December 6-10, 2010, Austin, Texas, USA
, pp 49-58
Details
BibTeX
DOI
|
| 3236 |
Lanzi, Andrea; Balzarotti, Davide; Kruegel, Christopher; Christodorescu, Mihai; Kirda, Engin
AccessMiner: using system-centric models for malware protection
CSS'10, 17th ACM Conference on Computer and Communications Security, October 4-8, 2010, Chicago, IL, USA
, pp 399-412
Details
BibTeX
DOI
|
| 3138 |
Balduzzi, Marco; Platzer, Christian; Holz, Thorsten; Kirda, Engin; Balzarotti, Davide; Kruegel, Christopher
Abusing social networks for automated user profiling
RAID'2010, 13th International Symposium on Recent Advances in Intrusion Detection, September 15-17, 2010, Ottawa, Canada / Also published in "LNCS", Volume 6307/2010
, pp 422-441
Details
BibTeX
DOI
|
| 3348 |
Bilge, Leyla; Balduzzi, Marco; Balzarotti, Davide; Kirda, Engin
A summary of two practical attacks against social networks
ITWDC'11, 21st International Tyrrhenian Workshop on Digital Communications: Trustworthy Internet, September 6-8, 2010, Island of Ponza, Italy / Also published as chapter book 13 of "Trustworthy internet", Springer, ISBN: 978-8847018174
, pp 171-185
Details
BibTeX
DOI
|
| 3237 |
Jovanovic, Nenad; Kruegel, Christopher; Kirda, Engin
Static analysis for detecting taint-style vulnerabilities in web applications
Journal of Computer Security, Vol 18, N°5, August 2010
, pp 861-907
Details
BibTeX
DOI
|
| 3224 |
Leita, Corrado; Bayer, Ulrich; Kirda, Engin
Exploiting diverse observation perspectives to get insights on the malware landscape
DSN 2010, 40th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, June 28-July 1, 2010, Fairmont Chicago, USA
, pp 393-402
Details
BibTeX
DOI
|
| 3278 |
Wondracek, Gilbert; Holz, Thorsten; Platzer, Christian; Kirda, Engin; Kruegel, Christopher
Is the internet for porn? An insight into the online adult industry
WEIS'10, 9th Workshop on the Economics of Information Security, 7-8 June 2010, Boston, MA, USA
Details
BibTeX
|
| 3020 |
Comparetti, Paolo Milani; Salvaneschi, Guido;Kolbitsch, Clemens; Kruegel, Christopher; Kirda, Engin; Zanero, Stefano
Identifying dormant functionality in malware programs
31st IEEE Symposium on Security and Privacy, May 16-19, 2010, Oakland, CA, USA
, pp 61-76
Details
BibTeX
DOI
|
| 3019 |
Kolbitsch, Clemens; Holz, Thorsten; Kruegel, Christopher; Kirda, Engin
Inspector Gadget : automated extraction of proprietary gadgets from malware binaries
SP'10, 31st IEEE Symposium on Security and Privacy, May 16-19, 2010, Oakland, CA, USA
, pp 29-44
Details
BibTeX
DOI
|
| 3017 |
Wondracek, Gilbert ;Holz, Thorsten; Kirda, Engin ;Kruegel, Christopher
A practical attack to de-anonymize social network users
31st IEEE Symposium on Security and Privacy, May 16-19, 2010, Oakland, CA, USA
, pp 223-238
Details
BibTeX
DOI
|
| 3210 |
Lauinger, Tobias; Pankakoski, Veikko; Balzarotti, Davide; Kirda, Engin
Honeybot, your man in the middle for automated social engineering
LEET'10, 3rd USENIX Workshop on Large-Scale Exploits and Emergent Threats, 27 April, 2010, San Jose, USA
Details
BibTeX
|
| 3280 |
Kolbitsch, Clemens; Kruegel, Christopher; Kirda, Engin
Extending Mondrian memory protection
NATO RTO IST-091 Symposium, April 2010, Antalya, Turkey
Details
BibTeX
|
| 2994 |
Balduzzi, Marco; Egele, Manuel; Kirda, Engin; Balzarotti, Davide; Kruegel, Christopher
A solution for the automated detection of clickjacking attacks
AsiaCCS 2010, 5th Symposium on Information Computer and Communications Security, April 13-16, 2010, Beijing, China
Details
BibTeX
DOI
|
| 3023 |
Egele, Manuel; Bilge, Leyla; Kirda, Engin; Kruegel, Christopher
CAPTCHA smuggling : Hijacking web browsing sessions to create CAPTCHA farms
SAC 2010, 25th ACM Symposium On Applied Computing, March 22-26, 2010, Sierre, Switzerland
, pp 1865-1870
Details
BibTeX
DOI
|
| 3018 |
Bayer, Ulrich; Kirda, Engin; Kruegel, Christopher
Improving the efficiency of dynamic malware analysis
SAC 2010, 25th ACM Symposium On Applied Computing, March 22-26, 2010, Sierre, Switzerland
, pp 1871-1878
Details
BibTeX
DOI
|
| 3057 |
Scholte, Theodoor; Kirda, Engin
Achieving life-cycle compliance of service-oriented architectures : Open issues and challenges
Lecture Notes in Computer Science, Springer, Volume 5939/2010, ISBN: 978-3-642-11206-5
, pp 253-267
Details
BibTeX
DOI
|
| 3042 |
Balduzzi, Marco; Platzer, Christian; Holz, Thorsten; Kirda, Engin; Balzarotti, Davide ; Kruegel, Christopher
Abusing social networks for automated user profiling
Research Report RR-10-233
Details
BibTeX
|
| 3022 |
Balzarotti, Davide; Cova, Marco; Karlberger, Christoph; Kruegel, Christopher; Kirda, Engin; Vigna, Giovanni
Efficient detection of split personalities in malware
NDSS 2010, 17th Annual Network and Distributed System Security Symposium, February 28th-March 3rd, 2010, San Diego, CA, USA
Details
BibTeX
|
| Eurecom Reference | 2009 |
| 3024 |
Stone-Gross, Brett;Moser, Andreas;Kruegel, Christopher; Almaroth, Kevin; Kirda, Engin
FIRE : Finding rogue networks
ACSAC 2009, 25th Annual Computer Security Applications Conference, December 7-11, 2009, Honolulu, Hawaii, USA
, pp 231-240
Details
BibTeX
|
| 2954 |
Dacier, Marc;Leita, Corrado;Thonnard, Olivier;Pham, Van-Hau;Kirda, Engin
Assessing cybercrime through the eyes of the WOMBAT
Book chapter N°6 in "Cyber Situational Awareness : Issues and Research", Springer International Series on Advances in Information Security, Part 3, 2009. ISBN: 98-1-4419-0139-2
, pp 103-136
Details
BibTeX
DOI
|
| 2775 |
Kirda, Engin;Jovanovich, Nenad;Kruegel, Christopher;Vigna, Giovanni
Client-side cross-site scripting protection
Computers and Security Journal, Vol. 28, N°7, October 2009
, pp 592-604
Details
BibTeX
DOI
|
| 2973 |
Wurzinger, Peter; Bilge, Leyla; Holz, Thorsten; Goebel, Jan; Kruegel, Christopher; Kirda, Engin
Automatically generating models for botnet detection
ESORICS 2009, 14th European Symposium on Research in Computer Security, September 21-23, 2009, Saint-Malo, France / Also published as Springer "Lecture Notes in Computer Science", Volume 5789/2009
, pp 232-249
Details
BibTeX
DOI
|
| 2865 |
Stamminger, Andreas;Kruegel, Christopher; Vigna, Giovanni; Kirda, Engin
Automated spyware collection and analysis
ISC'09, Information Security Conference, September 7-9, 2009, Pisa, Italy / Also published in LNCS, Volume 5735/2009, ISBN: 978-3-642-04473-1
, pp 202-217
Details
BibTeX
DOI
|
| 2776 |
Egele, Manuel; Wurzinger, Peter; Kruegel, Christopher; Kirda, Engin
Defending browsers against drive-by downloads : mitigating heap-spraying code injection attacks
DIMVA'09, 6th International Conference on Detection of Intrusions and Malware & Vulnerability Assessment, July 9-10, 2009, Milano, Italy / Also published in Springer LNCS 5587/2009
, pp 88-106
Details
BibTeX
DOI
|
| 2774 |
Kolbitsch, Clemens;Comparetti, Paolo Milani;Kruegel, Christopher;Kirda, Engin;Zhou, Xiaoyong; Wang, Xiaofeng
Effective and efficient malware detection at the end host
USENIX'09, 18th Usenix Security Symposium, August 10-14, 2009, Montreal, Canada
Details
BibTeX
File request
|
| 2781 |
Comparetti, Paolo Milani;Wondracek, Gilbert;Kruegel, Christopher;Kirda, Engin
Prospex : protocol specification extraction
30th IEEE Symposium on Security and Privacy, May 17-20, 2009, The Claremont Resort, Oakland, California, USA
, pp 110-125
Details
BibTeX
DOI
|
| 2780 |
Wurzinger, Peter;Platzer, Christian;Ludl, Christian;Kirda, Engin;Kruegel, Christopher
SWAP : mitigating XSS attacks using a reverse proxy
SESS'09, 5th International Workshop on Software Engineering for Secure Systems; ICSE'09, 31st International Conference on Software Engineering, IEEE Computer Society, May 16-24, 2009, Vancouver, Canada
, pp 33-39
Details
BibTeX
DOI
|
| 2779 |
Egele, Manuel;Kruegel, Christopher;Kirda, Engin
Removing web spam links from search engine results
EICAR'09, 18th European Institute for Computer Antivirus Research Annual Conference, May 11-12, 2009, Berlin, Germany
Details
BibTeX
|
| 2860 |
Mitterhofer, Stefan; Kruegel, Christopher;Kirda, Engin;Platzer, Christian
Server-side bot detection in massively multiplayer online games
IEEE Security and Privacy, Vol 7 N°3, May-June 2009
, pp 23-36
Details
BibTeX
DOI
|
| 2777 |
Egele, Manuel;Kirda, Engin;Kruegel, Christopher
Mitigating drive-by download attacks : challenges and open problems, open research problems
INetSec 2009. Open Research Problems in Network Security. April 23-24, 2009, Zurich, Switzerland
, pp 52-62
Details
BibTeX
DOI
|
| 2778 |
Bayer, Ulrich;Habibi, Imam;Balzarotti, Davide;Kirda, Engin;Kruegel, Christopher
A view on current malware behavior
LEET'09: 2nd USENIX Workshop on Large-Scale Exploits and Emergent Threats, April 21, 2009, Boston, MA, USA
Details
BibTeX
|
| 2782 |
Bilge, Leyla;Strufe, Thorsten;Balzarotti, Davide;Kirda, Engin
All your contacts are belong to us : automated identity theft attacks on social networks
WWW'09, 18th International World Wide Web Conference, April 20-24, Madrid, Spain
, pp 551-560
Details
BibTeX
DOI
|
| 2783 |
Bayer, Ulrich;Comparetti, Paolo Milani;Hlauschek, Clemens;Kruegel, Christopher;Kirda, Engin
Scalable, behavior-based malware clustering
NDSS 2009, 16th Annual Network and Distributed System Security Symposium, February 8-11, 2009, San Diego, USA
Details
BibTeX
|
| Eurecom Reference | 2008 |
| 2648 |
Canto, Julio;Dacier, Marc;Kirda, Engin;Leita, Corrado
Large scale malware collection : lessons learned
IEEE SRDS 2008, 27th International Symposium on Reliable Distributed Systems. October 6-8, 2008, Napoli, Italy
Details
BibTeX
|
| 2515 |
Medvet, Eric;Kirda, Engin;Krügel, Christopher
Visual-similarity-based phishing detection
SecureComm 2008, 4th International Conference on Security and Privacy in Communication Networks, September 22-25th 2008, Istanbul, Turkey
Details
BibTeX
DOI
|
| 2514 |
Starnberger, Günther;Krügel, Christopher;Kirda, Engin
Overbot - A botnet protocol based on Kademlia
SecureComm 2008, 4th International Conference on Security and Privacy in Communication Networks, September 22-25, 2008, Istanbul, Turkey
Details
BibTeX
DOI
|
| 3124 |
McAllister, Sean; Kirda, Engin; Kruegel, Christopher
Leveraging user interactions for in-depth testing of web applications
Book chapter in "Recent Advances in Intrusion Detection", published as LNCS, Volume 5230/2008, 978-3-540-87402-7
, pp 191-210
Details
BibTeX
DOI
|
| 2519 |
McAllister, Sean;Kirda, Engin;Krügel, Christopher
Expanding human interactions for in-depth testing of web applications
RAID 2008, 11th Symposium on Recent Advances in Intrusion Detection, September 15-17 2008, Boston, USA | Also published as LNCS
Details
BibTeX
|
| 2521 |
Balzarotti, Davide; Cova, Marco;Felmetsger, Vika;Jovanovic, Nenad;Kirda, Engin;Krügel, Christopher;Vigna, Giovanni
Saner: composing static and dynamic analysis to validate sanitization in web applications
SP 2008, IEEE Symposium on Security and Privacy, May 18-21, 2008, Oakland, USA
, pp 387 - 401
Details
BibTeX
DOI
|
| 2520 |
Leita, Corrado;Pham, Van Hau;Thonnard, Olivier; Ramirez-Silva, Eduardo;Pouget, Fabien;Kirda, Engin;Dacier, Marc
The leurre.com project: collecting internet threats information using a worldwide distributed honeynet
WISTDCS'08, 1st WOMBAT Workshop, April 21st-22nd, 2008, Amsterdam, The Netherlands
, pp 40-57
Details
BibTeX
DOI
|
| 2516 |
Braun, Lothar;Dressler, Falko;Holz, Thorsten;Kirda, Engin;Kohlrausch, Jan;Krügel, Christopher;Limmer, Tobias;Rieck, Konrad; Sterbenz, James P G
WG Requirements for network monitoring from an IDS perspective
Dagstuhlseminar on Network Attack Detection and Defense 2008, March 2-6, 2008, Dagstuhl, Germany
Details
BibTeX
DOI
|
| 2518 |
Dacier, Marc;Debar, Hervé;Holz, Thorsten; Kirda, Engin;Kohlrausch, Jan;Krügel, Christopher; Rieck, Konrad;Sterbenz, James P G
WG Attack taxonomy
Dagstuhlseminar on Network Attack Detection and Defense 2008, March 2-6, 2008, Dagstuhl, Germany
Details
BibTeX
DOI
|
| 2522 |
Wondracek, Gilbert;Comparetti, Paolo Milani;Krügel, Christopher;Kirda, Engin
Automatic network protocol analysis
NDSS 2008, 15th Annual Network and Distributed System Security Symposium, February, 15-18 2008, San Diego, USA
Details
BibTeX
DOI
|
|
|
