CIS Home  |   Penn Engineering  |   Penn

QTM: Group Publications




The following is a list of the the papers, book chapters, etc. that have been produced by the Quantitiative Trust Management (QTM) group (they are sorted reverse chronologically):

Book Chapters
  • West, A.G., Lee, I., Kannan, S., & Sokolsky, O. (2010). An Evaluation Framework for Reputation Management Systems. Book chapter in Trust Modeling and Management in Digital Environments: From Social Concept to System Development (Zheng Yan, ed.), pp. 282-308. Information Science Reference, Hershey, PA, USA. [PDF] [ABSTRACT-TXT]
  • Jonathan M. Smith. (2008). Cognitive Techniques - Three Types of Network Awareness.Cognitive Radio Technology, 2nd Edition, Bruce A. Fette (Ed.), Elsevier. [PDF]
Journal Papers, Periodicals
  • Jian Chang, Krishna K. Venkatasubramanian, Andrew G. West, Sampath Kannan, Insup Lee, Boon Thau Loo, and Oleg Sokolsky (2013). AS-CRED: Reputation and Alert Service for Inter-domain Routing. IEEE Systems Journal, Vol. 7(3), pp. 396-409, (September 2013). [PDF]
  • West, A.G., Chang, J., Venkatasubramanian, K., and Lee, I. (2012). Trust in Collaborative Web Applications. In Future Generation Computer Systems, special section on Trusting Software Behavior, 28(8): pp. 1238-1251, Elsevier Press. (A preliminary version was published as UPenn Technical Report MS-CIS-10-33). [PDF] [ABSTRACT-TXT]
  • West, A.G., and Lee, I. (2012). Open Wikis and the Protection of Instiutional Welfare. Research Bulletin, EDUCAUSE Center for Applied Research, Boulder, CO, USA. [LINK]
  • Blaze, M., Kannan, S., Keromytis, A.D., Lee, I., Lee, W., Sokolsky, O., and Smith, J.M. (2009). Dynamic Trust Management. IEEE Computer, 40(2) : pp. 44-52, (February 2009). [PDF]
  • Perdisci R., Ariu D., Fogla P., Giacinto G., and Lee W. (2009). McPAD: A Multiple Classifier System for Accurate Payload-Based Anomaly Detection. Computer Networks, Vol. 53. [PDF]
  • Anderson P., Gunter C. A., Kalmanek C. R., Narain S., Smith J. M., Talpade R., and Xie G. G. (2009). Guest Editorial. IEEE Journal on Selected Areas in Communications (Special Issue on Network Infrastructure Configuration), Vol. 27(3), pp. 249-252, (April 2009). [PDF]
  • Dinesh, N., Joshi, J.K., Lee, I., and Sokolsky, O. (2009). Permission to Speak: A Logic for Access Control and Conformance. In submission. [PDF] A preliminary version appeared as an invited paper in the Workshop on Formal Languages for Contract-Oriented Software (FLACOS). [PDF] [ABSTRACT-TXT]
  • Perdisci R., Lanzi A., and Lee W. (2008).Classification of Packed Executables for Accurate Computer Virus Detection. Pattern Recognition Letters, Vol. 29, No. 14, (October 2008). [PDF]
  • Miltchev S., Smith J. M., Prevelakis V., Keromytis A., and Ioannidis S. (2008). Decentralized Access Control in Distributed File Systems. ACM Computing Surveys, Vol. 40(3), pp. 1-30, (August 2008). [PDF]
  • Keromytis A. D. and Smith J. M. (2007). Requirements for Scalable Access Control and Security Management Architectures. ACM Transactions on Internet Technology, Vol. 7(2), (May 2007) [PDF}
Conference & Workshop Papers
  • West, A.G., and Lee, I. (2012). Towards Content-driven Reputation for Collaborative Code Repositories. In WikiSym '12: Proceedings of the Eighth International Symposium on Wikis and Open Collaboration, pp. 13:1-13:4, Linz, Austria. August 2012. [ABSTRACT-TXT] [PDF] [SLIDES-PDF] [SLIDES-PPT]
  • West, A.G., Hayati, P., Potdar, V., and Lee, I. (2012). Spamming for Science: Active Measurement in Web 2.0 Abuse Research. In WECSR '12: Proceedings of the Third Workshop on Ethics in Computer Security Research, LNCS 7398 (J. Blythe, S. Dietrich, and L.J. Camp eds.), pp. 98-111. Kralendijk, Bonaire. March 2012. [PDF] [ABSTRACT-TXT] [SLIDES-PDF] [SLIDES-PPT]
  • Chang, J., Venkatasubramanian, K. K., West, A.G., Kannan, S., Sokolsky, O., Kim, M.J., and Lee, I. (2011) ToMaTo: A Trustworthy Code Mashup Development Tool. In MASHUPS '11: Proceedings of the 5th International Workshop on Web APIs and Service Mashups, Lugano, Switzerland. September 2011. [PDF-PENDING]
  • West, A.G., Agrawal, A., Baker, P., Exline, B., and Lee, I. (2011). Autonomous Link Spam Detection in Purely Collaborative Environments. In WikiSym '11: Proceedings of the Seventh International Symposium on Wikis and Open Collaboration, pp. 91-100, Mountain View, CA, USA. October 2011. [ABSTRACT-TXT] [PDF] [SLIDES-PDF] [SLIDES-PPT]
  • West, A.G., and Lee, I. (2011). What Wikipedia Deletes: Characterizing Dangerous Collaborative Content. In WikiSym '11: Proceedings of the Seventh International Symposium on Wikis and Open Collaboration, pp. 25-28, Mountain View, CA, USA. October 2011. [ABSTRACT-TXT] [PDF] [SLIDES-PDF] [SLIDES-PPT]
  • West, A.G., Chang, J., Venkatasubramanian, K., Sokolsky, O., and Lee, I. (2011). Link Spamming Wikipedia for Profit. In CEAS '11: Proceedings of the Eighth Annual Collaboration, Electronic Messaging, Anti-Abuse, and Spam Conference, pp. 152-161, Perth, AUS. September 2011. (co-Best Paper Award). [ABSTRACT-TXT] [PDF] [SLIDES-PDF] [SLIDES-PPT]
  • West, A.G., and Lee, I. (2011). Towards the Effective Temporal Association Mining of Spam Blacklists. In CEAS '11: Proceedings of the Eighth Annual Collaboration, Electronic Messaging, Anti-Abuse, and Spam Conference, pp. 73-82, Perth, AUS. September 2011. [ABSTRACT-TXT] [PDF] [SLIDES-PDF] [SLIDES-PPT]
  • West, A.G., and Lee, I. (2011). Multilingual Vandalism Detection using Language-Independent & Ex Post Facto Evidence. In PAN-CLEF '11: Notebook Papers on Uncovering Plagiarism, Authorship, and Social Software Misuse, Amsterdam, Netherlands. September 2011. [ABSTRACT-TXT] [PDF] [SLIDES-PDF] [SLIDES-PPT]
  • Chang, J., Venkatasubramanian, K., West, A.G., Kannan, S., Loo, B.T., Sokolsky, O., Lee, I. (2011). AS-TRUST: A Trust Quantification Scheme for Autonomous Systems in BGP. In TRUST '11: Proceedings of the 4th International Conference on Trust and Trustworthy Computing, Pittsburgh, PA, June, 2011. [PDF]
  • Sundaram, S., Chang, J., Venkatasubramanian, K., Enyioha, C., Lee. I., Pappas, G. (2011). Reputation-based Networked Control with Data-Corrupting Channels. In HSCC'11: Proceedings of the 14th International Conference on Hybrid Systems: Computation and Control, Chicago, IL, April, 2011. [PDF]
  • Adler, B.T., de Alfaro, L., Mola-Velasco, S.M., Rosso, P., and West, A.G. (2011). Wikipedia Vandalism Detection: Combining Natural Language, Metadata, and Reputation Features. In CICLing '11: Proceedings of the 12th International Conference on Intelligent Text Processing and Computational Linguistics, LNCS 6609, pp. 277-288. Tokyo, Japan. [PDF] [ABSTRACT-TXT]
  • West, A.G., Aviv, A.J., Chang, J., & Lee, I. (2010). Spam Mitigation using Spatio-Temporal Reputations from Blacklist History. In ACSAC '10: Proceedings of the 26th Annual Computer Security Applications Conference, pp. 161-170. Austin, Texas, USA. (A preliminarily version was published as UPENN-MS-CIS-10-04). [PDF] [ABSTRACT-TXT] [SLIDES]
  • West, A.G., Kannan, S., & Lee, I. (2010). Detecting Wikipedia Vandalism via Spatio-Temporal Analysis of Revision Metadata. In EUROSEC '10: Proceedings of the Third European Workshop on System Security. Paris, France, April 2010. (A preliminary version was published as UPENN-MS-CIS-10-05). [PDF] [ABSTRACT-TXT] [SLIDES]
  • Sherman A., Stavrou A., Nieh J., Stein C., and Keromytis A. D. (2009). Adding Trust to P2P Distribution of Paid Content. In Proceedings of the 12th Information Security Conference (ISC), Pisa, Italy, September 2009. [PDF]
  • Burnside M. and Keromytis A. D. (2009). F3ildCrypt: End-to-End Protection of Sensitive Information in Web Services. In Proceedings of the 12th Information Security Conference (ISC), Pisa, Italy, September 2009. [PDF]
  • Sherr M., Blaze M., and Loo B. T. (2009). Scalable Link-Based Relay Selection for Anonymous Routing. 9th Privacy Enhancing Technologies Symposium (PETS 2009), LNCS 5672, pp. 73-93, August 2009. [PDF]
  • May, M.J., Gunter, C.A., Lee, I., and Zdancewic, S. (2009). Strong and Weak Policy Relations. IEEE International Symposium on Policies for Distributed Systems and Networks (POLICY). London, July 2009. [PDF] [ABSTRACT-TXT]
  • Perdisci R., Antonakakis M., Luo X., and Lee W. (2009). WSEC DNS: Protecting Recursive DNS Resolvers from Poisoning Attacks. In Proceedings of The 39th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2009), Lisbon, Portugal, June 2009. [PDF]
  • Sherr M., Blaze M., and Loo B. T. (2009). Veracity: Practical Secure Network Coordinates via Vote-based Agreements. In USENIX Annual Technical Conference (USENIX 09), San-Diego, CA, June 2009. [PDF]
  • Sharif M., Lanzi A., Giffin J., and Lee W. (2009). Automatic Reverse Engineering of Malware Emulators. Proceedings of The 2009 IEEE Symposium on Security and Privacy, Oakland, CA, May 2009. [PDF]
  • Clark S., McDaniel P., and Blaze M. (2009). Below the Salt: The Dangers of Unfulfilled Physical Media Assumptions. In Proceedings of Seventeenth International Workshop on Security Protocols (SPW 2009), Cambridge, England, April 2009.
  • West, A.G., Aviv, A.J., Chang, J., Prabhu, V.S., Blaze, M., Kannan, S., Lee, I., Smith, J.M., & Sokolsky, O. (2009). QuanTM: A Quantitative Trust Management System. In EUROSEC '09: Proceedings of the Second European Workshop on System Security, pp. 28-35. Nuremburg, Germany, March 2009. [PDF] [ABSTRACT-TXT]
  • Lanzi A., Sharif M., and Lee W. (2009). K-Tracer: A System for Extracting Kernel Malware Behavior. Proceedings of The 16th Annual Network and Distributed System Security Symposium (NDSS 2009), San Diego, CA, February 2009. [PDF]
  • Dagon D., Antonakakis M., Day K., Luo X., Lee C. P., and Lee W. (2009) Recursive DNS Architectures and Vulnerability Implications. Proceedings of The 16th Annual Network and Distributed System Security Symposium (NDSS 2009), San Diego, CA, February 2009. [PDF]
  • Frias-Martinez V., Stolfo S. J., and Keromytis A. D. (2008). Behavior-Profile Clustering for False Alert Reduction in Anomaly Detection Sensors. Proceedings of the 24th Annual Computer Security Applications Conference (ACSAC), pp. 367 - 376. Anaheim, California, December 2008. [PDF]
  • Perdisci R., Lanzi A., and Lee W. (2008). McBoost: Boosting Scalability in Malware Collection and Analysis Using Statistical Classification of Executables. Proceedings of the 24th Annual Computer Security Applications Conference (ACSAC), pp. 367 - 376. Anaheim, California, December 2008. [PDF]
  • Burnside M., Lu M., and Keromytis A. D. (2008). Authentication on Untrusted Remote Hosts with Public-key Sudo. Proceedings of the 22nd USENIX Large Installation Systems Administration (LISA) Conference, pp. 103 - 107. San Diego, CA, November 2008. [PDF]
  • Burnside M. and Keromytis A. D. (2008). Asynchronous Policy Evaluation and Enforcement. Proceedings of the 2nd Computer Security Architecture Workshop (CSAW), pp. 45 - 50. Fairfax, VA, October 2008. [PDF]
  • Dinaburg A., Royal P., Sharif M., and Lee W. (2008). Ether: Malware Analysis via Hardware Virtualization Extensions. Proceedings of The 15th ACM Conference on Computer and Communications Security (CCS 2008), Alexandria, VA, October 2008. [PDF]
  • Dagon D., Antonakakis M., Vixie P., Jinmei T., and Lee W. (2008). Increased DNS Forgery Resistance Through 0x20-Bit Encoding. Proceedings of The 15th ACM Conference on Computer and Communications Security (CCS 2008), Alexandria, VA, October 2008. [PDF]
  • Sharif M., Yegneswaran V., Saidi H., Porras P., and Lee W. (2008). Eureka: A Framework for Enabling Static Malware Analysis. Proceedings of The 13th European Symposium on Research in Computer Security (ESORICS), Malaga, Spain, October 2008. [PDF]
  • Burnside M. and Keromytis A. D. (2008). Path-based Access Control for Enterprise Networks. Proceedings of the 11th Information Security Conference (ISC), pp. 191 - 203. Taipei, Taiwan, September 2008. [PDF]
  • Dinesh, N., Joshi, J.K., Lee, I., and Sokolsky O. (2008). Reasoning about Conditions and Exceptions to Laws in Regulatory Conformance Checking. Presented at the Ninth International Conference on Deontic Logic in Computer Science (DEON'08), July, 2008. [PDF] [ABSTRACT-TXT]
  • Gu G., Perdisci R., Zhang J., and Lee W. (2008). BotMiner: Clustering Analysis of Network Traffic for Protocol- and Structure-Independent Botnet Detection. Proceedings of The 17th USENIX Security Symposium (Security'08), San Jose, CA, July 2008. [PDF]
  • Singh K., Srivastava A., Giffin J., and Lee W. (2008). Evaluating Email's Feasibility for Botnet Command and Control. Proceedings of The 38th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2008), Anchorage, Alaska, June 2008. [PDF]
  • Payne B. D., Carbone M., Sharif M., and Lee W. (2008). Lares: An Architecture for Secure Active Monitoring Using Virtualization. Proceedings of The 2008 IEEE Symposium on Security and Privacy, Oakland, CA, May 2008. [PDF]
  • Dinesh, N., Joshi, J.K., Lee, I., and Sokolsky O. (2008). Checking Traces for Regulatory Conformance. Presented at RV'08 - Eighth Workshop on Runtime Verification, a satellite workshop of ETAPS'08. March 2008. [PDF] [ABSTRACT-TXT]
  • Sherr M., Loo B. T., and Blaze M. (2008). Veracity: A Fully Decentralized Service for Securing Network Coordinate Systems. 7th International Workshop on Peer-to-Peer Systems (IPTPS 2008), Tampa Bay, Florida, February 2008. [PDF]
  • Dagon D., Provos N., Lee C., and Lee W. (2008). Corrupted DNS Resolution Paths: The Rise of a Malicious Resolution Authority. Proceedings of The 15th Annual Network and Distributed System Security Symposium (NDSS 2008), San Diego, CA, February 2008. [PDF]
  • Gu G., Zhang J., and Lee W. (2008). BotSniffer: Detecting Botnet Command and Control Channels in Network Traffic. Proceedings of The 15th Annual Network and Distributed System Security Symposium (NDSS 2008), San Diego, CA, February 2008. [PDF]
  • Sharif M., Lanzi A.., Giffin J., and Lee W. (2008). Impeding Malware Analysis using Conditional Code Obfuscation. Proceedings of The 15th Annual Network and Distributed System Security Symposium (NDSS 2008), San Diego, CA, February 2008.
  • Mao Y., Jamjoom H., Tao S., and Smith J. M. (2007). NetworkMD: Topology Inference and Failure Diagnosis in the Last Mile. 7th ACM SIGCOMM Conference on Internet Measurement, pp. 189-202, October 2007. [PDF]
  • Burnside M. and Keromytis A. D. (2007). Arachne: Integrated Enterprise Security Management. Proceedings of the 8th Annual IEEE SMC Information Assurance Workshop (IAW), pp. 214 - 220. West Point, NY, June 2007. [PDF]
Technical Reports
  • West, A.G. (2010). Calculating and Presenting Trust in Collaborative Content. University of Pennsylvania Technical Report MS-CIS-10-33, October, 2010. In partial fulfillment of the UPenn WPEII requirement. [PDF] [ABSTRACT-TXT] [SLIDES]
  • Chang, J., Venkatasubramanian, K., West, A. G., Kannan, S., Lee, I., Loo, B. T., and Sokolsky O., (2010). AS-CRED: Reputation Service For Trustworthy Inter-Domain Routing. University of Pennsylvania Technical Report, CIS-MS-10-17, April, 2010. [PDF]
  • West, A.G., Kannan, S., and Lee I (2010). Detecting Wikipedia vandalism via spatio-temporal analysis of revision metadata. University of Pennsylvania Technical Report, CIS-MS-10-05, February, 2010. [PDF]
  • West, A.G., Aviv, A.J., Chang, J., and Lee, I (2010). Mitigating spam using spatio-temporal reputation, University of Pennsylvania Technical Report, CIS-MS-10-04. February, 2010. [PDF]
  • Zhou, W., Marczak, W. R., Tao, T., Zhang, Z., Sherr, M., Loo, B. T., and Lee, I (2010). Towards Secure Cloud Data Management, University of Pennsylvania Technical Report, CIS-MS-10-10. January, 2010. [PDF]
Demonstrations, Posters, Talks, etc.
  • West, A.G. (2011). Anti-Vandalism Research: The Year in Review. Presented at WikiMania `11: The International Wikimedia Conference. Presentation (w/o proceedings). Haifa, Israel, August 2011. [PDF-SLIDES] [PPT-SLIDES]
  • West, A.G. (2011).Autonomous Detection of Collaborative Link Spam. Presented at WikiMania `11: The International Wikimedia Conference. Presentation (w/o proceedings). Haifa, Israel, August 2011. [PDF-SLIDES] [PPT-SLIDES]
  • West, A.G. (2010). Spatio-Temporal Analysis of Revision Metadata and the STiki Anti-Vandalism Tool. Presented at WikiMania `10: The International Wikimedia Conference. Presentation (w/o proceedings). Gdansk, Poland, July 2010. [PDF-SLIDES]
  • West, A.G., Kannan, S., and Lee I (2010). STiki: An anti-vandalism tool for Wikipedia using spatio-temporal analysis of revision metadata. In WikiSym `10: Proceedings of the Sixth International Symposium on Wikis and Open Collaboration. Formal demonstration. Gdansk, Poland, July 2010. [PDF-SUMMARY] [PDF-SLIDES]
  • West, A.G., Kannan, S., and Lee I (2010). Spatio-temporal analysis of Wikipedia metadata and the STiki anti-vandalism tool. In WikiSym `10: Proceedings of the Sixth International Symposium on Wikis and Open Collaboration. Poster. Gdansk, Poland, July 2010. [POSTER] [POSTER-DESC]
CIS Home  |   Penn Engineering  |   Penn