Publications

Measuring and Characterizing (mis)compliance of the Android permission system A.Barzolevskaia, E. Branca, N. Stakhanova IEEE Transactions on Software Engineering, 2024

                                  @article{Barzolevskaia24,
                                  author = {Barzolevskaia, Anna and Branca, Enrico and Stakhanova, Natalia},
                                  title = {Measuring and Characterizing (mis)compliance of the Android permission system},
                                  year = {2024},
                                  journal = {IEEE Transactions on Software Engineering},
                                  volume = {},
                                  number = {01},
                                  issn = {1939-3520},
                                  pages = {1-23},
                                  publisher = {IEEE Computer Society},
                                  address = {Los Alamitos, CA, USA},
                                  month = {feb}

                                  }

Large Language Model vs. Stack Overflow in Addressing Android Permission Related Challenges Sahrima Oishwee, Natalia Stakhanova, Zadia Codabux International conference on Mining Software Repositories (MSR 2024)


                   @inproceedings{Jannat24,
                   	author = {Oishwee, Sahrima Jannat and Codabux, Zadia and Stakhanova, Natalia},
                   	title = {{Large Language Model vs. Stack Overflow in Addressing Android Permission Related Challenges}},
                   	year = {2024},

                   	publisher = {Association for Computing Machinery},
                   	address = {New York, NY, USA},
                   	booktitle = {Proceedings of the International conference on Mining Software Repositories (MSR 2024)},
                   	pages = {},
                   	numpages = {},
                   	location = {},

                   }

EtherShield: Time Interval Analysis for Detection of Malicious Behavior on Ethereum Bofeng Pan, Natalia Stakhanova, Zhongwen Zhu ACM Transactions on Internet Technology (ACM TIOT)


                   @article{pan23EtherShield,
                   author = {Pan, Bofeng and Stakhanova, Natalia and Zhu, Zhongwen},
                   title = {EtherShield: Time-interval Analysis for Detection of Malicious Behavior on Ethereum},
                   year = {2024},
                   issue_date = {February 2024},
                   publisher = {Association for Computing Machinery},
                   address = {New York, NY, USA},
                   volume = {24},
                   number = {1},
                   issn = {1533-5399},
                   url = {https://doi.org/10.1145/3633514},
                   doi = {10.1145/3633514},

                   journal = {ACM Trans. Internet Technol.},
                   month = {jan},
                   articleno = {2},
                   numpages = {30},
                   keywords = {Blockchain, security}
                   }

Enhancing Code Security Through Open-source Large Language Models: A Comparative Study Norah Ridley, Enrico Branca, Jadyn Kimber, Natalia Stakhanova, 16th International Symposium on Foundations & Practice of Security (FPS2023)
Best Paper Award

                   @inproceedings{Ridley23,
                   	author = { Ridley,Norah and  Branca, Enrico and  Kimber,Jadyn  and Stakhanova, Natalia},
                   	title = {{Enhancing Code Security Through Open-source Large Language Models: A Comparative Study}},
                   	year = {2023},
                   	publisher = {Association for Computing Machinery},
                   	address = {New York, NY, USA},
                   	booktitle = {Proceedings of the 16th International Symposium on Foundations \& Practice of Security (FPS2023)},
                   	pages = {},
                   	numpages = {},
                   	location = {},

                   }

Certificate reuse in Android applications Fateme Nezhadian, Enrico Branca, Natalia Stakhanova, The Information Security Conference (ISC2023)

                   @inproceedings{Nezhadian23,
                  	author = { Nezhadian, Fateme and  Branca, Enrico    and Stakhanova, Natalia},
                  	title = {Certificate reuse in {Android }applications},
                  	year = {2023},

                  	publisher = {Association for Computing Machinery},
                  	address = {New York, NY, USA},
                  	booktitle = {Proceedings of the Information Security Conference (ISC2023) },
                  	pages = {},
                  	numpages = {},
                  	location = {},

                  }

Detecting overlay attacks in Android A.Kar, N. Stakhanova, E.Branca the 14th International Conference on Emerging Ubiquitous Systems and Pervasive Networks (EUSPN)
Best Paper Award

                   @InProceedings{Kar23overlay,
                   author="Kar, Animesh and Branca, Enrico
                   and Stakhanova, Natalia",

                   title="{Detecting Overlay Attacks in Android}",
                   booktitle="Proceedings of the 14th International Conference on Emerging Ubiquitous Systems and Pervasive Networks (EUSPN)",
                   year="2023",
                   publisher="Elsevier",
                   address="",
                   pages="",

                   }

Exploiting Android Browsers. A.Kar, N. Stakhanova The International Conference on Cryptology and Network Security (CANS 2023),

                   @InProceedings{Kar23,
                   author="Kar, Animesh
                   and Stakhanova, Natalia",
                   editor="Deng, Jing
                   and Kolesnikov, Vladimir
                   and Schwarzmann, Alexander A.",
                   title="{Exploiting Android Browser}",
                   booktitle="Proceedings of the Conference on Cryptology and Network Security",
                   year="2023",
                   publisher="Springer Nature Singapore",
                   address="Singapore",
                   pages="162--185",

                   }

Learning AI coding style for software plagiarism detection. S. Ambati, E. Branca, N. Stakhanova International Conference on Security and Privacy in Communication Networks (SecureComm 2023)

                   @INPROCEEDINGS{Ambati23,

                   	author={ Ambati, Sriharita and  Branca, Enrico  and Stakhanova, Natalia},
                   	booktitle={18th EAI International Conference on Security and Privacy in Communication Networks (SecureComm 2022)},
                   	title={{Learning AI coding style for software plagiarism detection.}},
                   	year={2023},
                   	volume={},
                   	number={},
                   	pages={},

                   }

Authenticated Range Querying of Historical Blockchain Healthcare Data using Authenticated Multi-Version Skip List. S. Linoy, S. Ray and N. Stakhanova, E. Scheme ACM Distributed Ledger Technologies: Research and Practice, 2023

     @article{Linoy23,
     author = {Linoy, Shlomi and Ray, Suprio and Stakhanova, Natalia and Scheme, Erik},
     title = {{Authenticated Range Querying of Historical Blockchain Healthcare Data using Authenticated Multi-Version Index}},
     year = {2023},
     publisher = {Association for Computing Machinery},
     address = {New York, NY, USA},

     note = {Just Accepted},
     journal = {ACM Distrib. Ledger Technol.},
     month = {oct},

     }

Data provenance in security and privacy B.Pan, N. Stakhanova, S.Ray ACM Computing Surveys, 2023

                                  @article{pan23Provenance,
                                  author = {Pan, Bofeng and Stakhanova, Natalia and Ray, Suprio},
                                  title = {Data Provenance in Security and Privacy},
                                  year = {2023},
                                  publisher = {Association for Computing Machinery},
                                  address = {New York, NY, USA},
                                  issn = {0360-0300},
                                  url = {https://doi.org/10.1145/3593294},
                                  doi = {10.1145/3593294},
                                  note = {Just Accepted},
                                  journal = {ACM Comput. Surv.},
                                  month = {apr},
                                  keywords = {Threat provenance, Data provenance, Security, Privacy, Secure provenance}
                                  }

Language and platform independent attribution of heterogeneous code F. Abazari, E. Branca, E. Novikova, N. Stakhanova 18th EAI International Conference on Security and Privacy in Communication Networks (SecureComm 2022)

  @InProceedings{10.1007/978-3-031-25538-0_10,
  author="Abazari, Farzaneh
  and Branca, Enrico
  and Novikova, Evgeniya
  and Stakhanova, Natalia",
  editor="Li, Fengjun
  and Liang, Kaitai
  and Lin, Zhiqiang
  and Katsikas, Sokratis K.",
  title="Language and Platform Independent Attribution of Heterogeneous Code",
  booktitle="Security and Privacy in Communication Networks",
  year="2023",
  publisher="Springer Nature Switzerland",
  address="Cham",
  pages="173--191",
  isbn="978-3-031-25538-0"
  }

An Exploratory Study on the Relationship of Smells and Design Issues with Software Vulnerabilities S. Jannat Oishwee, Z. Codabux, N. Stakhanova The International Workshop on Mining Software Repositories Applications for Privacy and Security (MSR4P&S '22)

  @inproceedings{Sahrima22,
  author = {Oishwee, Sahrima Jannat and Codabux, Zadia and Stakhanova, Natalia},
  title = {An Exploratory Study on the Relationship of Smells and Design Issues with Software Vulnerabilities},
  year = {2022},
  isbn = {9781450394574},
  publisher = {Association for Computing Machinery},
  address = {New York, NY, USA},
  url = {https://doi.org/10.1145/3549035.3561182},
  doi = {10.1145/3549035.3561182},
  booktitle = {Proceedings of the 1st International Workshop on Mining Software Repositories Applications for Privacy and Security},
  pages = {16–20},
  numpages = {5},
  keywords = {Software Vulnerabilities, Mining Software Repositories, Code Smells, Design Issues, Software Security},
  location = {Singapore, Singapore},
  series = {MSR4P&S 2022}
  }

Authenticated Multi-Version Index for Blockchain-Based Range Queries on Historical Data S. Linoy, S.Ray, N. Stakhanova IEEE International Conference on Blockchain (IEEE Blockchain 2022)

  @INPROCEEDINGS{Linoy22,
  author={Linoy, Shlomi and Ray, Suprio and Stakhanova, Natalia},
  booktitle={2022 IEEE International Conference on Blockchain (Blockchain)},
  title={Authenticated Multi-Version Index for Blockchain-based Range Queries on Historical Data},
  year={2022},
  volume={},
  number={},
  pages={177-186},
  doi={10.1109/Blockchain55522.2022.00032}
}

HTTPFuzz: Web Server Fingerprinting with HTTP Request Fuzzing A. Kar, A. Natadze, E. Branca, and N. Stakhanova The 19th International Conference on Security and Cryptography (SECRYPT 2022)

HTTPFuzz code

                        @inproceedings{KarNBS22,
                          author       = {Animesh Kar and
                                          Andrei Natadze and
                                          Enrico Branca and
                                          Natalia Stakhanova},
                          editor       = {Sabrina De Capitani di Vimercati and
                                          Pierangela Samarati},
                          title        = {HTTPFuzz: Web Server Fingerprinting with {HTTP} Request Fuzzing},
                          booktitle    = {Proceedings of the 19th International Conference on Security and Cryptography,
                                          {SECRYPT} 2022, Lisbon, Portugal, July 11-13, 2022},
                          pages        = {261--271},
                          publisher    = {{SCITEPRESS}},
                          year         = {2022},
                          url          = {https://doi.org/10.5220/0011328900003283},
                          doi          = {10.5220/0011328900003283},

                        }

Analysis and prediction of web proxies misbehavior Z.Nezhadian, E. Branca, and N. Stakhanova The Proceedings of the 17th International Conference on Availability, Reliability and Security (ARES 2022)

@inproceedings{Nezhadian22,
author = {Nezhadian, Zahra and Branca, Enrico and Stakhanova, Natalia},
title = {Analysis and Prediction of Web Proxies Misbehavior},
year = {2022},
isbn = {9781450396707},
publisher = {Association for Computing Machinery},
address = {New York, NY, USA},
url = {https://doi.org/10.1145/3538969.3544412},
doi = {10.1145/3538969.3544412},
booktitle = {Proceedings of the 17th International Conference on Availability, Reliability and Security},
articleno = {61},
numpages = {11},
location = {Vienna, Austria},
series = {ARES '22}
}

AndroClonium: bytecode level clone detection for obfuscated Android apps A.Foroughipour N. Stakhanova, F. Abazari, B. Sistany 37th International Conference on ICT Systems Security and Privacy Protection (IFIP SEC) 2022

Simulator:
Smali Simulator
Execution trace analyzer

@article{Foroughipour22,
author = {A.Foroughipour  N. Stakhanova, F. Abazari and B. Sistany},
title = {AndroClonium: bytecode level clone detection for obfuscated Android apps},
year = {2022},
issue_date = {June 2022},
publisher="Springer International Publishing",
address="Cham",
volume = {},
number = {},
booktitle= {37th International Conference on ICT Systems Security and Privacy Protection (IFIP SEC},
month = {},
articleno = {},
numpages = {}}

Dataset characteristics for reliable code authorship attribution F. Abazari, E. Branca, N. Ridley, N. Stakhanova, M. Dalla Preda. IEEE Transactions on Dependable and Secure Computing (TDSC), 2022

@inproceedings{Abazari22,
author = {Farzaneh Abazari, Enrico Branca, Norah Ridley,  Natalia Stakhanova, Mila Dalla Preda},
title = {Dataset characteristics for reliable code authorship attribution},
year = {2022},
issue_date = {February 2022},
publisher = {IEEE},
address = {New York, NY, USA},
volume = {},
number = {},
journal = {IEEE Transactions on Dependable and Secure Computing},
month = {},
articleno = {},
numpages = {}}

EtherProv: Provenance-Aware Detection, Analysis, and Mitigation of Ethereum Smart Contract Security Issues S.Linoy, S.Ray, N. Stakhanova. IEEE International Conference on Blockchain (Blockchain 2021)

@inproceedings{Linoy21,
author = {S.Linoy, S.Ray, N. Stakhanova},
title={EtherProv: Provenance-Aware Detection, Analysis, and Mitigation of Ethereum Smart Contract Security Issues},
year = {2021},
}

Automated Security Assessment Framework for Wearable BLE-enabled Health Monitoring Devices G.Zendehdel, R. Kaur, I. Chopra, N. Stakhanova, E. Scheme. ACM Transactions on Internet Technology, 2022

@article{Zendehdel22,
author = {Zendehdel, Ghazale Amel and Kaur, Ratinder and Chopra, Inderpreet and Stakhanova, Natalia and Scheme, Erik},
title = {Automated Security Assessment Framework for Wearable BLE-Enabled Health Monitoring Devices},
year = {2021},
issue_date = {February 2022},
publisher = {Association for Computing Machinery},
address = {New York, NY, USA},
volume = {22},
number = {1},
journal = {ACM Trans. Internet Technol.},
month = {sep},
articleno = {14},
numpages = {31}
}

Origin Attribution of RSA Public Keys E. Branca, F. Abazari, R. Rivera Carranza, N. Stakhanova. EAI International Conference on Security and Privacy in Communication Networks (SecureComm 2021)

@InProceedings{Branca21,
                                    author="Branca, Enrico
                                    and Abazari, Farzaneh
                                    and Carranza, Ronald Rivera
                                    and Stakhanova, Natalia",
                                    editor="Garcia-Alfaro, Joaquin
                                    and Li, Shujun
                                    and Poovendran, Radha
                                    and Debar, Herv{\'e}
                                    and Yung, Moti",
                                    title="Origin Attribution of RSA Public Keys",
                                    booktitle="Security and Privacy in Communication Networks",
                                    year="2021",
                                    publisher="Springer International Publishing",
                                    address="Cham",
                                    pages="374--396"
                                  }

De-anonymizing Ethereum Blockchain Smart Contracts through Code Attribution S. Linoy, N. Stakhanova, S. Ray International Journal of Network Management, 2020

@article{Linoy20,
author = {Linoy, Shlomi and Stakhanova, Natalia and Ray, Suprio},
title = {De‐Anonymizing Ethereum Blockchain Smart Contracts through Code Attribution},
year = {2021},
issue_date = {January/February 2021},
publisher = {John Wiley & Sons, Inc.},
address = {USA},
volume = {31},
number = {1},
issn = {1099-1190},
journal = {Int. J. Netw. Manag.},
month = {jan},
numpages = {24}
}

Code authorship attribution: Methods and challenges V. Kalgutkar, R. Kaur, H. Gonzalez, and N. Stakhanova, A.Matyukhina ACM Computing Surveys, 2020

@article{Kalgutkar20,
                        author = {Kalgutkar, Vaibhavi and Kaur, Ratinder and Gonzalez, Hugo and Stakhanova, Natalia and Matyukhina, Alina},
                        title = {Code Authorship Attribution: Methods and Challenges},
                        year = {2020},
                        issue_date = {January 2020},
                        publisher = {Association for Computing Machinery},
                        address = {New York, NY, USA},
                        volume = {52},
                        number = {1},
                        issn = {0360-0300},
                        journal = {ACM Comput. Surv.},
                        month = {feb},
                        articleno = {3},
                        numpages = {36}

                        }

Towards Eidetic Blockchain Systems with Enhanced Provenance S. Linoy, S. Ray, N. Stakhanova Blockchain and Data Management (BlockDM'2020)

@INPROCEEDINGS{Linoy20,
                    author={Linoy, Shlomi and Ray, Suprio and Stakhanova, Natalia},
                    booktitle={2020 IEEE 36th International Conference on Data Engineering Workshops (ICDEW)},
                    title={Towards Eidetic Blockchain Systems with Enhanced Provenance},
                    year={2020},
                    volume={},
                    number={},
                    pages={7-10}
                  }

Adversarial author attribution in open-source projects A. Matyukhina, N. Stakhanova, M. Dalla Preda and C. Perley. ACM Conference on Data and Application Security and Privacy (CODASPY'19)

Datasets:
GitHub data
GoogleCodeJam data

@inbook{Matyukhina19,
                      author = {Matyukhina, Alina and Stakhanova, Natalia and Dalla Preda, Mila and Perley, Celine},
                      title = {Adversarial Authorship Attribution in Open-Source Projects},
                      year = {2019},
                      isbn = {9781450360999},
                      publisher = {Association for Computing Machinery},
                      address = {New York, NY, USA},

                      booktitle = {Proceedings of the Ninth ACM Conference on Data and Application Security and Privacy},
                      pages = {291–302},
                      numpages = {12}
                      }

Exploring Ethereum’s blockchain anonymity using smart contract code attribution S. Linoy, N. Stakhanova, A. Matyukhina. 15th International Conference on Network and Service Management (CNSM 2020)

@INPROCEEDINGS{Linoy19,
author={Linoy, Shlomi and Stakhanova, Natalia and Matyukhina, Alina},
booktitle={2019 15th International Conference on Network and Service Management (CNSM)},
title={Exploring Ethereum’s Blockchain Anonymity Using Smart Contract Code Attribution},
year={2019},
volume={},
number={},
pages={1-9},
}

PoliDOM: Mitigation of DOM-XSS by Detection and Prevention of Unauthorized DOM Tampering J. Iqbal, R. Kaur, and N. Stakhanova. International Conference on Availability, Reliability and Security (ARES '19)

@inproceedings{Iqbal19,
author = {Iqbal, Junaid and Kaur, Ratinder and Stakhanova, Natalia},
title = {PoliDOM: Mitigation of DOM-XSS by Detection and Prevention of Unauthorized DOM Tampering},
year = {2019},
isbn = {9781450371643},
publisher = {Association for Computing Machinery},
address = {New York, NY, USA},
articleno = {17},
numpages = {10},
location = {Canterbury, CA, United Kingdom},
series = {ARES '19}
  }

Scalable Privacy-Preserving Query Processing Over Ethereum Blockchain S. Linoy, H. Mahdikhani, S. Ray, R. Lu, N. Stakhanova and A. Ghorbani IEEE Symposium on Recent Advances on Blockchain and Its Applications (held in conjunction with IEEE Blockchain)

@INPROCEEDINGS{Linoy19Blockchain,
author={Linoy, Shlomi and Mahdikhani, Hassan and Ray, Suprio and Lu, Rongxing and Stakhanova, Natalia and Ghorbani, Ali},
booktitle={2019 IEEE International Conference on Blockchain (Blockchain)},
title={Scalable Privacy-Preserving Query Processing over Ethereum Blockchain},
year={2019},
volume={},
number={},
pages={398-404}}

Android authorship attribution through string analysis V. Kalgutkar, N. Stakhanova, P. Cook, and A. Matyukhina. 13th International Conference on Availability, Reliability and Security (ARES 2018)
Best Presentation Award, a runner-up nomination for Best Paper Award

Datasets:
GitHub authors source code
Github authors APKs
Benign authors APKs

@inproceedings{Kalgutkar18,
author = {Kalgutkar, Vaibhavi and Stakhanova, Natalia and Cook, Paul and Matyukhina, Alina},
title = {Android Authorship Attribution through String Analysis},
year = {2018},
publisher = {Association for Computing Machinery},
address = {New York, NY, USA},
booktitle = {Proceedings of the 13th International Conference on Availability, Reliability and Security},
articleno = {4},
numpages = {10},
keywords = {Obfuscation, String analysis, Android, Authorship attribution, Mobile malware},
location = {Hamburg, Germany},
series = {ARES 2018}
}

A Security Assessment of HCE-NFC Enabled E-Wallet Banking Android Apps R. Kaur, Y. Li, J. Iqbal, H. Gonzalezand N. Stakhanova. IEEE 42nd Annual Computer Software and Applications Conference (COMPSAC 2018)

@INPROCEEDINGS{Kaur18,
author={Kaur, Ratinder and Li, Yan and Iqbal, Junaid and Gonzalez, Hugo and Stakhanova, Natalia},
booktitle={2018 IEEE 42nd Annual Computer Software and Applications Conference (COMPSAC)},
title={A Security Assessment of HCE-NFC Enabled E-Wallet Banking Android Apps},
year={2018},
volume={02},
number={},
pages={492-497},
}

Authorship Attribution of Android Apps H. Gonzalez, N. Stakhanova, and A. A. Ghorbani. ACM Conference on Data and Application Security and Privacy (CODASPY 2018)

Dataset:

 Benigh authors apps  

@inproceedings{Gonzalez18,
author = {Gonzalez, Hugo and Stakhanova, Natalia and Ghorbani, Ali A.},
title = {Authorship Attribution of Android Apps},
year = {2018},
publisher = {Association for Computing Machinery},
address = {New York, NY, USA},
booktitle = {Proceedings of the Eighth ACM Conference on Data and Application Security and Privacy},
pages = {277–286},
numpages = {10},
location = {Tempe, AZ, USA},
series = {CODASPY '18}
}

Unmasking Android Obfuscation Tools Using Spatial Analysis R. Kaur, Y.Ning, H. Gonzalez and N. Stakhanova the Privacy, Security and Trust Conference (PST 2018)

@inproceedings{Kaur18,
author={Kaur, Ratinder and Ning, Ye and Gonzalez, Hugo and Stakhanova, Natalia},
booktitle={2018 16th Annual Conference on Privacy, Security and Trust (PST)},
title={Unmasking Android Obfuscation Tools Using Spatial Analysis},
year={2018},
volume={},
number={},
pages={1-10},
}

Understanding Android Financial Malware Attacks: Taxonomy, Characteristics, and Challenges. A. Abdul Kadir, N. Stakhanova, and A. Ghorbani Journal of Cyber Security and Mobility, 2018

Detecting HTTP-based Application Layer DoS attacks on Web Servers in the presence of sampling. H. Jazi, H. Gonzalez, N. Stakhanova, A.A. Ghorbani Computer Networks, 2017

@article{Jazi17,
title = {Detecting HTTP-based application layer DoS attacks on web servers in the presence of sampling},
journal = {Computer Networks},
volume = {121},
pages = {25-36},
year = {2017},
issn = {1389-1286},
author = {Hossein Hadian Jazi and Hugo Gonzalez and Natalia Stakhanova and Ali A. Ghorbani}
}

Measuring code reuse in Android apps. H. Gonzalez, N. Stakhanova, and A. Ghorbani. Privacy, Security and Trust Conference, 2016.

@INPROCEEDINGS{Gonzalez16,
author={Gonzalez, Hugo and Stakhanova, Natalia and Ghorbani, Ali A.},
booktitle={2016 14th Annual Conference on Privacy, Security and Trust (PST)},
title={Measuring code reuse in Android apps},
year={2016},
volume={},
number={},
pages={187-195},
}

Detecting Malicious URLs Using Lexical Analysis. M. Mamun, M. Rathore, A. Lashkari, N. Stakhanova and A. Ghorbani. International Conference on Network and System Security (NSS), 2016.

@InProceedings{Mamun16,
author="Mamun, Mohammad Saiful Islam
and Rathore, Mohammad Ahmad
and Lashkari, Arash Habibi
and Stakhanova, Natalia
and Ghorbani, Ali A.",
editor="Chen, Jiageng
and Piuri, Vincenzo
and Su, Chunhua
and Yung, Moti",
title="Detecting Malicious URLs Using Lexical Analysis",
booktitle="Network and System Security",
year="2016",
publisher="Springer International Publishing",
address="Cham",
pages="467--482"}

Android malware classication through linguistic analysis of string literals. R. Killam, N. Stakhanova, and P. Cook. Workshop on Text Analytics for Cybersecurity and Online Safety (TA-COS), 2016

A Taxonomy of Application-Layer Denial of Service (DoS) Attacks G. Mantas, N. Stakhanova, H. Gonzalez, and A. Ghorbani. International Journal of Information and Computer Security, 2015

Enriching reverse engineering through visual exploration of Android binaries. A. Jain, H. Gonzalez, and N. Stakhanova. Program Protection and Reverse Engineering Workshop (PPREW-5), 2015

Software: GitHub

A performance evaluation of hash functions for IP reputation lookup using Bloom filters. M. A. Gosselin-Lavigne, H. Gonzalez, N. Stakhanova, and A. A. Ghorbani. Conference on Availability, Reliability and Security (ARES), Workshop on Software Assurance, 2015

Android botnets: What urls are telling us. A. Abdul Kadir, N. Stakhanova, and A. Ghorbani. Conference on Network and System Security (NSS'15)

An entropy-based encrypted traffic classification using machine learning. M. S. I. Mamun, A. Ghorbani, and N. Stakhanova. Conference on Information and Communication Security (ICICS 2015)

Exploring reverse engineering symptoms in Android apps. H. Gonzalez, A. A. Kadir, N. Stakhanova, A. J. Alzahrani, and A. A. Ghorbani. European Workshop on System Security (EuroSec '15)

Characterizing Evaluation Practices of Intrusion Detection Methods for Smartphones A. J. Alzahrani, N. Stakhanova, H. Gonzalez, and A. Ghorbani Journal of Cyber Security and Mobility, 2014

The impact of application-layer denial-of-service attacks H. Gonzalez, M.A. Gosselin-Lavigne, N. Stakhanova, and A. A. Ghorbani. In Case Studies in Secure Computing: Achievements and Trends. CRC Press, Boca Raton, FL, 261--272

Detecting machine-morphed malware variants via engine attribution. R. Chouchane, N. Stakhanova, A.Walenstein, and A. Lakhotia. Journal of Computer Virology, 2013

@article{ChouchaneSWL13,
author    = {Radhouane Chouchane and
Natalia Stakhanova and
Andrew Walenstein and
Arun Lakhotia},
title     = {Detecting machine-morphed malware variants via engine attribution},
journal   = {J. Comput. Virol. Hacking Tech.},
volume    = {9},
number    = {3},
pages     = {137--157},
year      = {2013}
}

Towards cost-sensitive assessment of intrusion response selection. N. Stakhanova, C. Strasburg, S. Basu, and J. S. Wong Journal of Computer Security

Toward Credible Evaluation of Anomaly- Based Intrusion-Detection Methods M. Tavallaee, N. Stakhanova, and A. Ghorbani IEEE Transactions on Systems, Man, and Cybernetics, Part C: Applications and Reviews, 2010

@ARTICLE{Tavallaee10,
author={Tavallaee, Mahbod and Stakhanova, Natalia and Ghorbani, Ali Akbar},
journal={IEEE Transactions on Systems, Man, and Cybernetics, Part C (Applications and Reviews)},
title={Toward Credible Evaluation of Anomaly-Based Intrusion-Detection Methods},
year={2010},
volume={40},
number={5},
pages={516-524}
}

On the symbiosis of specication-based and anomaly-based detection N. Stakhanova, S. Basu, and J. Wong Computers & Security, 2010

A taxonomy of intrusion response systems N. Stakhanova, S. Basu, and J. Wong International Journal of Information and Computer Security,2007

@article{Stakhanova07,
author = {Stakhanova, Natalia and Basu, Samik and Wong, Johnny},
title = {A Taxonomy of Intrusion Response Systems},
year = {2007},
issue_date = {January 2007},
publisher = {Inderscience Publishers},
address = {Geneva 15, CHE},
volume = {1},
number = {1/2},
issn = {1744-1765},
journal = {Int. J. Inf. Comput. Secur.},
month = {jan},
pages = {169–184},
numpages = {16},

}

Software fault tree and coloured petri net based specication, design and implementation of agent-based intrusion detection systems G. Helmer, J. Wong, M. Slagell, V. Honavar, L. Miller, Y. Wang, X. Wang, and N. Stakhanova Int. Journal Information and Computer Security

Computer Security Research Lab

Publications

2024

2023

2022

2021

2020

2019

2018

Before 2018 (Selected publications)