Giovanni Vigna - Publications
- Are Your Votes Really Counted?
Testing the Security of Real-world Electronic Voting Systems
D. Balzarotti, G. Banks, M. Cova,
V. Felmetsger, R. Kemmerer, W. Robertson, F. Valeur, and
G. Vigna Proceedings of the International
Symposium on Software Testing and Analysis Seattle, WA
July 2008 PDF,
BibTeX
entry
- Saner: Composing Static and Dynamic
Analysis to Validate Sanitization in Web Applications D. Balzarotti, M. Cova, V. Felmetsger, N. Jovanovic, E. Kirda, C. Kruegel, and G.
Vigna Proceedings of the IEEE Symposium on Security and Privacy Oakland, CA May
2008 PDF,
BibTeX
entry
- ClearShot: Eavesdropping on Keyboard Input
from Video D. Balzarotti, M. Cova,
and G. Vigna Proceedings of the IEEE
Symposium on Security and Privacy Oakland, CA May
2008 PDF, BibTeX
entry
- EVEREST: Evaluation and Validation of
Election-Related Equipment, Standards and Testing P. McDaniel, M. Blaze, G. Vigna, et al. Ohio Secretary of State's EVEREST Report December 2007 PDF, BibTeX entry
- Feature Omission Vulnerabilities: Thwarting
Signature Generation for Polymorphic Worms M. Van Gundy, H. Chen, Z. Su, and G. Vigna Proceedings of the Annual Computer Security Applications
Conference (ACSAC) Miami, FL December 2007 PDF, BibTeX
entry
- Improving Signature Testing Through Dynamic
Data Flow Analysis C.Kruegel,
D. Balzarotti, W. Robertson, and G. Vigna Proceedings of the Annual Computer Security Applications
Conference (ACSAC) Miami, FL December 2007 PDF, BibTeX
entry
- Security Evaluation of the Sequoia Voting
System G. Vigna, R. Kemmerer, D.
Balzarotti, G. Banks, M. Cova, V. Felmetsger, W. Robertson, and
F. Valeur California Secretary of State's
Top-To-Bottom Review of the California Voting Machines July 2007 PDF,
BibTeX
entry
- Multi-Module Vulnerability
Analysis of Web-based Applications D. Balzarotti, M. Cova, V. Felmetsger, and G.
Vigna Proceedings of the ACM
Conference on Computer and Communications Security
(CCS) Alexandria, VA
October 2007 PDF,
BibTeX
entry
- Swaddler: An Approach for the
Anomaly-based Detection of State Violations in Web
Applications M. Cova, D.
Balzarotti, V. Felmetsger, and G. Vigna Proceedings of the International Symposium on
Recent Advances in Intrusion Detection (RAID)
Gold Coast, Australia
September 2007 PDF,
BibTeX
entry
- Exploiting Execution Context for
the Detection of Anomalous System Calls D. Mutz, W. Robertson, G. Vigna, and R.
Kemmerer Proceedings of the
International Symposium on Recent Advances in Intrusion
Detection (RAID) Gold Coast,
Australia September 2007
PDF,
BibTeX
entry
- Catch Me, If You Can: Evading
Network Signatures with Web-based Polymorphic Worms
M. Van Gundy, D. Balzarotti, and G.
Vigna Proceedings of the First
USENIX Workshop on Offensive Technologies (WOOT)
Boston, MA August 2007 PDF, BibTeX
entry
- Extending .NET Security to
Unmanaged Code P. Klinkoff,
E. Kirda, C. Kruegel, and G. Vigna International Journal of Information
Security 2007
PDF,
BibTeX
entry
- Is Code Still Moving Around? Looking Back at
a Decade of Code Mobility A. Carzaniga,
G.P. Picco, and G. Vigna Proceedings of the
International Conference on Software Engineering (ICSE)Minneapolis, MN May
2007 PDF, BibTeX entry
- Cross-Site Scripting Prevention
with Dynamic Data Tainting and Static Analysis
P. Vogt, F. Nentwich, N. Jovanovic,
E. Kirda, C. Kruegel, and G. Vigna Proceeding of the Network and Distributed System
Security Symposium (NDSS) San
Diego, CA February 2007
PDF,
BibTeX entry
- Vulnerability Analysis of Web
Applications M. Cova, V.
Felmetsger, and G. Vigna Testing
and Analysis of Web Services (L. Baresi and E. Dinitto
Eds.) Springer
2007 PDF, BibTeX
entry
- Using a Virtual Security Testbed
for Digital Forensic Reconstruction A. Arnes, P. Haas, G. Vigna, and R.
Kemmerer Journal in Computer
Virology, vol. 2, no. 4 Springer February
2007 PDF, BibTeX
entry
- Static Disassembly and Code
Analysis G. Vigna
Malware Detection (M. Christodorescu,
S. Jha, D. Maughan, D. Song, and C. Wang Eds.)
2007 PDF, BibTeX entry
- Vulnerability Analysis of MMS User
Agents C. Mulliner and G.
Vigna Proceedings of the Annual
Computer Security Applications Conference (ACSAC)
Miami, Florida December 2006 PDF, BibTeX entry
- Static Detection of
Vulnerabilities in x86 Executables M. Cova, V. Felmetsger, G. Banks, and G.
Vigna Proceedings of the Annual
Computer Security Applications Conference (ACSAC)
Miami, Florida December 2006 PDF,
BibTeX
entry
- Using Hidden Markov Models to
Evaluate the Risks of Intrusions: System Architecture and
Model Validation A. Arnes, F.
Valeur, G. Vigna, and R. Kemmerer Proceedings of the International Symposium on
Recent Advances in Intrusion Detection (RAID)
Hamburg, Germany September 2006
PDF, BibTeX
entry
- Behavior-based Spyware
Detection E. Kirda, C.
Kruegel, G. Banks, G. Vigna, and R. Kemmerer
Proceedings of the USENIX Security
Symposium Vancouver,
Canada August 2006
PDF,
BibTeX
entry
- Extending .NET Security to
Unmanaged Code P. Klinkoff,
C. Kruegel, E. Kirda, and G. Vigna Proceedings of the Information Security Conference
(ISC) Samos, Greece
August 2006 PDF, BibTeX
entry
- SNOOZE: toward a Stateful NetwOrk
prOtocol fuzZEr G. Banks, M.
Cova, V. Felmetsger, K. Almeroth, R. Kemmerer, and G.
Vigna Proceedings of the
Information Security Conference (ISC) Samos, Greece August
2006 PDF,
BibTeX
entry
- Using Labeling to Prevent
Cross-Service Attacks Against Smart Phones
C. Mulliner, G. Vigna, D. Dagon, and
W. Lee Proceedings of the
Conference on Detection of Intrusions and Malware and
Vulnerability Assessment (DIMVA) Berlin, Germany July
2006 PDF, BibTeX
entry
- Digital Forensic Reconstruction
and the Virtual Security Testbed ViSe A. Arnes, P. Haas, G. Vigna, and R.
Kemmerer Proceedings of the
Conference on Detection of Intrusions and Malware and
Vulnerability Assessment (DIMVA) Berlin, Germany July
2006 PDF, BibTeX
entry
- An Anomaly-driven Reverse Proxy
for Web Applications F.
Valeur, G. Vigna, C. Kruegel, and E. Kirda
Proceedings of the ACM Symposium on
Applied Computing (SAC) Dijon,
France April 2006
PDF, BibTeX
entry
- Noxes: A Client-Side Solution for
Mitigating Cross-Site Scripting Attacks E. Kirda, C. Kruegel, G. Vigna, and N.
Jovanovic Proceedings of the ACM
Symposium on Applied Computing (SAC) Dijon, France April
2006 PDF,
BibTeX
entry
- Anomalous System Call
Detection D. Mutz, F. Valeur,
C. Kruegel, and G. Vigna ACM
Transactions on Information and System Security
ACM Press 2006
PDF,
BibTeX
entry
- Using Generalization and
Characterization Techniques in the Anomaly-based Detection of
Web Attacks W. Robertson, G.
Vigna, C. Kruegel, and R. Kemmerer Proceeding of the Network and Distributed System
Security (NDSS) Symposium San
Diego, CA February 2006
PDF,
BibTeX
entry
- Host-based Intrusion Detection
Systems G. Vigna and C.
Kruegel The Handbook of
Information Security, Volume III
John Wiley & Sons December 2005 BibTeX
entry
- Hi-DRA: Intrusion Detection for
Internet Security R. Kemmerer
and G. Vigna IEEE
Proceedings vol. 93, no.
10 1848-1857
IEEE October 2005 PDF,BibTeX
entry
- Polymorphic Worm Detection Using
Structural Information of Executables C. Kruegel, E. Kirda, D. Mutz, W. Robertson, and
G. Vigna Proceedings of the
International Symposium on Recent Advances in Intrusion
Detection (RAID) 207-226
LNCS, Springer-Verlag
Seattle, WA September 2005
PDF, BibTeX
entry
- A Multi-model Approach to the
Detection of Web-based Attacks C. Kruegel, G. Vigna, and
W. Robertson Computer
Networks vol. 48, no. 5
717-738 August 2005 PDF, BibTeX
entry
- Automating Mimicry Attacks Using
Static Binary Analysis C. Kruegel, E. Kirda, D. Mutz,
W. Robertson, and G. Vigna Proceedings of the USENIX Security Symposium
Baltimore, MD August 2005 PDF,
BibTeX
entry
- A Learning-Based Approach to the
Detection of SQL Attacks F. Valeur, D. Mutz, and
G. Vigna Proceedings of the
Conference on Detection of Intrusions and Malware &
Vulnerability Assessment (DIMVA)
Vienna, Austria July 2005 PDF, BibTeX
entry
- Detecting Malicious JavaScript
Code in Mozilla O. Hallaraker and G. Vigna
Proceedings of the IEEE International
Conference on Engineering of Complex Computer Systems
(ICECCS) 85-94
Shanghai, China June 2005 PDF, BibTeX
entry
- Exploiting OS-level Mechanisms to
Implement Mobile Code Security V. Felmetsger and G. Vigna
Proceedings of the IEEE International
Conference on Engineering of Complex Computer Systems
(ICECCS) 234-243
Shanghai, China June 2005 PDF, BibTeX
entry
- Reverse Engineering of Network
Signatures C. Kruegel,
D. Mutz, W. Robertson, G. Vigna, and
R. Kemmerer Proceedings of
the AusCERT Asia Pacific Information Technology Security
Conference
Gold Coast, Australia
May 2005 Best Paper Award PDF,
BibTeX
entry
- Intrusion Detection and
Correlation: Challenges and Solutions C. Kruegel, F. Valeur, and
G. Vigna Springer-Verlag 0-387-233398-9 2005 BibTeX
entry
- Sensor Families for Intrusion
Detection Infrastructures R.A. Kemmerer and G. Vigna
Managing Cyber Threats: Issues,
Approaches and Challenges Springer-Verlag January 2005 PDF, BibTeX
entry
- Detecting Kernel-Level Rootkits
Through Binary Analysis C. Kruegel, W. Robertson, and
G. Vigna Proceedings of the
Annual Computer Security Applications Conference
(ACSAC) 91-100
Tucson, AZ December 2004 PDF, BibTeX
entry
- Detecting Attacks That Exploit
Application-Logic Errors Through Application-Level
Auditing J. Zhou and
G. Vigna Proceedings of the
Annual Computer Security Applications Conference
(ACSAC) 168-178
Tucson, AZ December 2004 PDF, BibTeX entry
- An Intrusion Detection Tool for
AODV-based Ad Hoc Wireless Networks G. Vigna, S. Gwalani, K. Srinivasan,
E. Belding-Royer, and R. Kemmerer Proceedings of the Annual Computer Security
Applications Conference (ACSAC) 16-27 Tucson,
AZ December 2004
PDF,
BibTeX
entry
- Using Alert Verification to
Identify Successful Intrusion Attempts C. Kruegel, W. Robertson, and
G. Vigna Practice in
Information Processing and Communication (PIK)
vol. 27, no. 4 219-227 October/December, 2004 PDF,
BibTeX
entry
- Testing Network-based Intrusion
Detection Signatures Using Mutant Exploits
G. Vigna, W. Robertson,
and D. Balzarotti Proceedings of the ACM Conference on Computer and
Communication Security (ACM CCS) 21-30 Washington,
DC October 2004
PDF, BibTeX
entry
- A Comprehensive Approach to
Intrusion Detection Alert Correlation F. Valeur, G. Vigna, C. Kruegel,
and R. Kemmerer IEEE
Transactions on Dependable and Secure
Computingvol. 1, no.
3146-169 July-September 2004 PDF,
BibTeX
entry
- Static Disassembly of Obfuscated
Binaries C. Kruegel,
W. Robertson, F. Valeur, and G. Vigna
Proceedings of USENIX Security
2004 255-270
San Diego, CA August 2004 PDF,
BibTeX
entry
- Mobile Agents: Ten Reasons For
Failure G. Vigna
Proceedings of MDM 2004
298-299 Berkeley, CA January
2004 PDF, BibTeX entry
- A Stateful Intrusion Detection
System for World-Wide Web Servers G. Vigna, W. Robertson, V. Kher,
and R.A. Kemmerer Proceedings of the Annual Computer Security
Applications Conference (ACSAC) 34-43 Las Vegas,
NV December 2003
PDF,
BibTeX
entry
- An Experience Developing an IDS
Stimulator for the Black-Box Testing of Network Intrusion
Detection Systems D. Mutz, G. Vigna, and
R.A. Kemmerer Proceedings
of the Annual Computer Security Applications Conference
(ACSAC) 374-383
Las Vegas, NV December 2003 PDF, BibTeX
entry
- Anomaly Detection of Web-based
Attacks C. Kruegel and
G. Vigna Proceedings of the
10th ACM Conference on Computer and Communication Security
(CCS '03) 251-261
ACM Press Washington, DC October 2003 PDF, BibTeX entry
- On the Detection of Anomalous
System Call Arguments C. Kruegel, D. Mutz, F. Valeur,
and G. Vigna Proceedings of
ESORICS 2003 326-343
LNCS, Springer-Verlag
Gjovik, Norway October 2003 PDF,
BibTeX
entry
- Teaching Hands-On Network
Security: Testbeds and Live Exercises G. Vigna Journal of Information Warfare
vol. 3, no. 2 8-25 2003
PDF,
BibTeX entry
- A Topological Characterization of
TCP/IP Security G. Vigna Proceedings of the 12th International FME
Symposium 914-940
LNCS 2805, Springer-Verlag
Pisa, Italy September 2003 PDF, BibTeX entry
- Proceedings of the 6th
International Symposium on Recent Advances in Intrusion
Detection (RAID) G. Vigna, E. Jonsson, and
C. Kruegel (Editors) LNCS 2820, Springer-Verlag Pittsburgh, PA September 2003 BibTeX
entry
- Designing and Implementing A
Family of Intrusion Detection Systems G. Vigna, F. Valeur, and
R.A. Kemmerer Proceedings
of the European Conference on Software Engineering
(ESEC) 88-97
Helsinki, Finland September 2003 PDF,
BibTeX
entry
- Teaching Network Security Through
Live Exercises G. Vigna Proceedings of the Third Annual World Conference on
Information Security Education (WISE 3) 3-18 Kluwer
Academic Publishers Monterey,
CA June 2003 PDF, BibTeX entry
- Detecting Malicious Java Code
Using Virtual Machine Auditing S. Soman, C. Krintz, and
G. Vigna Proceedings of the
12th USENIX Security Symposium 153-167 Washington,
DC August 2003
PDF, BibTeX
entry
- Composable Tools For Network
Discovery and Security Analysis G. Vigna, F. Valeur, J. Zhou, and
R.A. Kemmerer Proceedings
of the Annual Computer Security Applications Conference
(ACSAC) 14-24
IEEE Press Las Vegas, NV December 2002 PDF,
BibTeX
entry
- Designing and Implementing Network
Short-Term Memory G. Vigna and A. Mitchell
Proceedings of ICECCS '02
91-100 IEEE Press Greenbelt, MD December 2002 PDF, BibTeX
entry
- An Intrusion Detection System for
Aglets G. Vigna,
B. Cassell, and D. Fayram Proceedings of the International Conference on
Mobile Agents (MA '02) 64-77 LNCS 2535,
Springer-Verlag Barcelona,
Spain October 2002
PDF, BibTeX
entry
- Sensor-Based Intrusion Detection
for Intra-Domain Distance-Vector Routing V. Mittal and G. Vigna
Proceedings of the ACM Conference on
Computer and Communication Security (CCS'02)
127-137 ACM Press Washington, DC November 2002 PDF, BibTeX entry
- STATL: An Attack Language for
State-based Intrusion Detection S.T. Eckmann, G. Vigna, and R.A. Kemmerer
Journal of Computer Security
vol. 10, no. 1/2 71-104 IOS
Press 2002 PostScript,
BibTeX
entry
- Proceedings of the 5th
International Symposium on Recent Advances in Intrusion
Detection (RAID) A. Wespi, G. Vigna, and L. Deri,
(Editors) LNCS 2516,
Springer-Verlag Zurich,
Switzerland October 2002
BibTeX
entry
- Stateful Intrusion Detection for
High-Speed Networks C.
Kruegel, F. Valeur, G. Vigna, and R.A. Kemmerer
Proceedings of the IEEE Symposium on
Research on Security and Privacy 285-293 IEEE
Press Oakland, CA
May 2002 PDF,
BibTeX
entry
- Intrusion Detection: A Brief
History and Overview R.A.
Kemmerer and G. Vigna IEEE
Computer Special Issue on
Security and Privacy 27-30 IEEE
Press April 2002
PDF,
BibTeX
entry Russian translation
appeared on the Russian computer science journal Open Systems, November 2002. PDF
- MASSA: Mobile Agents Security
through Static/Dynamic Analysis A. Orso, M.J. Harrold, and G. Vigna
Proceedings of the First ICSE Workshop
on Software Engineering and Mobility (WSEM 2001)
Toronto, Canada April 2001 PDF, BibTeX
entry
- Security Testing of an Online
Banking Service A.L.M. dos
Santos, G. Vigna, and R.A. Kemmerer E-Commerce Security and Privacy 3-15 Kluwer
Academic Publisher 2001
BibTeX
entry
- Evaluating the Security Of Three
Java-Based Mobile Agent Systems S. Fischmeister, G. Vigna, and R.A.
Kemmerer Proceedings of the
International Conference on Mobile Agents (MA 2001)
31-41 LNCS 2240, Springer-Verlag Atlanta, GA December
2001 PDF, BibTeX
entry
- Designing a Web of
Highly-Configurable Intrusion Detection Sensors
G. Vigna, R.A. Kemmerer, and P.
Blix Proceedings of the 4th
International Symposium on Recent Advances in Intrusion
Detection (RAID 2001) 69-84 LNCS 2212,
Springer-Verlag Davis,
CA October 2001
PDF, BibTeX
entry
- Security Testing of the Online
Banking Service of a Large International Bank
A.L.M. dos Santos, G. Vigna, and
R.A. Kemmerer Proceedings of the
First Workshop on Security and Privacy in E-Commerce
(WSPEC) 1-13
Athens, Greece November 2000 PDF, BibTeX
entry
- STATL: An Attack Language for
State-based Intrusion Detection S.T. Eckmann, G. Vigna, and R.A. Kemmerer
Proceedings of the ACM Workshop on
Intrusion Detection Athens,
Greece November 2000
PDF, BibTeX
entry
- Attack Languages
G. Vigna, S.T. Eckmann, and R.A.
Kemmerer Proceedings of the IEEE
Information Survivability Workshop (ISW 2000)
163-166 Boston, MA October
2000 PS,
BibTeX
entry
- The STAT Tool Suite
G. Vigna, S.T. Eckmann, and R.A.
Kemmerer Proceedings of DISCEX
2000 46-55 IEEE Press Hilton Head, SC January 2000 PostScript,
BibTeX
entry
- NetSTAT: A Network-based Intrusion
Detection System G. Vigna and
R. Kemmerer Journal of
Computer Security 7(1)
37-71 IOS Press 1999 PDF, BibTeX entry
- NetSTAT: A Network-based Intrusion
Detection Approach G. Vigna
and R. Kemmerer Proceedings of
the 14th Annual Computer Security Application
Conference 25-34
IEEE Press Scottsdale, AZ December 1998 Outstanding Paper Award PDF,
BibTeX
entry
- Software Engineering Issues in
Network Computing C. Ghezzi
and G. Vigna Requirements
Targeting Software and System Engineering 101-123 LNCS
1526, Springer-Verlag August
1998 Postscript, BibTeX entry
- Mobile Agents and Security
G. Vigna (Editor)
LNCS 1419, Springer-Verlag
June 1998 Book cover,
Table of Contents,
BibTeX
entry
- Cryptographic Traces for Mobile
Agents G. Vigna
Mobile Agents and Security
137-153 LNCS 1419, Springer-Verlag June 1998 PDF, BibTeX entry
- A Model-Centered Electronic
Commerce Middleware G. Vigna
and L. Bonomi Proceedings of the
International Working Conference on Electronic
Commerce Hamburg,
Germany June 1998
PDF, BibTeX entry
- Understanding Code Mobility
A. Fuggetta, G.P. Picco, and G.
Vigna IEEE Transactions on
Software Engineering 24(5)
342-361 May 1998 PDF,
BibTeX
entry
- Towards a Software Engineering
Approach to Web Site Development F. Coda, C. Ghezzi, G. Vigna, and F.
Garzotto Proceedings of the
9th International Workshop on Software
Specification and Design 8-17 IEEE
Press Ise-Shima, Japan
April 1998 PDF,
BibTeX
entry
- Mobile Code Technologies,
Paradigms, and Applications G. Vigna PhD
Thesis Politecnico di Milano,
Italy February 1998
PDF, BibTeX entry
- Protecting Mobile Agents through
Tracing G. Vigna
Proceedings of the Third Workshop on
Mobile Object Systems Jyvaskyla, Finland June 1997 PDF, BibTeX entry
- Designing Distributed Applications
with Mobile Code Paradigms A.
Carzaniga, G. P. Picco, and G. Vigna Proceedings of the 19th International
Conference on Software Engineering 22-32 ACM
Press Boston, MA
April 1997 PDF, Powerpoint
presentation, BibTeX
entry
- Mobile Code Paradigms and
Technologies: A Case Study C.
Ghezzi and G. Vigna Proceeding
of the First International Workshop on Mobile Agents (MA
'97) 39-49 LNCS 1219, Springer-Verlag Berlin, Germany April
1997 PDF, BibTeX entry
- Analyzing Mobile Code
Languages G. Cugola, C.
Ghezzi, G.P. Picco, and G. Vigna Mobile Object Systems: Towards the Programmable
Internet 93-111
LNCS 1222, Springer-Verlag
April 1997 PDF,
BibTeX
entry
- A Characterization of Mobility and
State Distribution in Mobile Code Languages
G. Cugola, C. Ghezzi, G. P. Picco,
and G. Vigna Special Issues in
Object-Oriented Programming: Workshop Reader of the
10th European Conference on Object-Oriented
Programming (ECOOP'96) 309-318 dpunkt Linz,
Austria July 1996
PDF, BibTeX
entry
- Archetype: Addressing
Configuration Issues in Software Architectures
S. Bandinelli, A. Carzaniga, and G.
Vigna Proceedings of the First
International Workshop on Architectures for Software Systems,
17th International Conference on Software
Engineering Seattle,
Washington April 1995
PDF, BibTeX
entry
- Inspect: A Distributed Approach To
Automated Audit Trail Analysis G. Vigna Technical
Report, Politecnico di Milano, Italy 1995 BibTeX entry
- Designing and Implementing
Inter-Client Communication in the O2 Database
Management System A.
Carzaniga, G. Picco, and G. Vigna Proceedings of the International Symposium on
Object-Oriented Methodologies and Systems ISOOMS'94
53-64 LNCS vol. 858, Springer-Verlag
Palermo, Italy September 1994 PDF,
BibTeX
entry
- The Design and Implementation of
SPADE-1 2.0 A. Carzaniga and
G. Vigna Master's Thesis
Politecnico di Milano, Italy
July 1994 PDF, BibTeX
entry
