| Anomalous payload-based worm detection and signature generation K Wang, G Cretu, SJ Stolfo International Workshop on Recent Advances in Intrusion Detection, 227-246, 2005 | 400 | 2005 |
| Casting out demons: Sanitizing training data for anomaly sensors GF Cretu, A Stavrou, ME Locasto, SJ Stolfo, AD Keromytis 2008 IEEE Symposium on Security and Privacy (sp 2008), 81-95, 2008 | 199 | 2008 |
| Detecting anomalies in cellular networks using an ensemble method GF Ciocarlie, U Lindqvist, S Nováczki, H Sanneck Proceedings of the 9th international conference on network and service …, 2013 | 70 | 2013 |
| Communication pattern monitoring: Improving the utility of anomaly detection for industrial control systems MK Yoon, GF Ciocarlie NDSS Workshop on Security of Emerging Networking Technologies, 2014 | 56 | 2014 |
| Methods, systems and media for software self-healing ME Locasto, AD Keromytis, SJ Stolfo, A Stavrou, G Cretu, S Sidiroglou, ... US Patent 7,962,798, 2011 | 51 | 2011 |
| MCI: Modeling-based Causality Inference in Audit Logging for Attack Investigation. Y Kwon, F Wang, W Wang, KH Lee, WC Lee, S Ma, X Zhang, D Xu, S Jha, ... NDSS, 2018 | 45 | 2018 |
| Hunting for problems with Artemis GF Creţu-Ciocârlie, M Budiu, M Goldszmidt Proceedings of the First USENIX conference on Analysis of system logs, 39-2008, 2008 | 45 | 2008 |
| Methods, media, and systems for securing communications between a first node and a second node SJ Stolfo, GF Ciocarlie, V Frias-Martinez, J Parekh, AD Keromytis, ... US Patent 9,419,981, 2016 | 43 | 2016 |
| Method and apparatus for detecting vulnerabilities and bugs in software applications VC Sreedhar, GF Cretu, JT Dolby US Patent App. 11/668,889, 2008 | 34 | 2008 |
| From STEM to SEAD: Speculative execution for automated defense ME Locasto, A Stavrou, GF Cretu, AD Keromytis | 34 | 2007 |
| Anomaly detection and diagnosis for automatic radio network verification GF Ciocarlie, C Connolly, CC Cheng, U Lindqvist, S Nováczki, H Sanneck, ... International Conference on Mobile Networks and Management, 163-176, 2014 | 31 | 2014 |
| Systems, methods, and media for generating sanitized data, sanitizing anomaly detection models, and/or generating sanitized anomaly detection models G Cretu, A Stavrou, SJ Stolfo, AD Keromytis, ME Locasto US Patent 8,407,160, 2013 | 30 | 2013 |
| Intrusion and anomaly detection model exchange for mobile ad-hoc networks GF Cretu, JJ Parekh, K Wang, S Stolfo | 28 | 2006 |
| Systems, methods, and media for recovering an application from a fault or attack ME Locasto, AD Keromytis, A Stavrou, GF Ciocarlie US Patent 8,924,782, 2014 | 26 | 2014 |
| On the feasibility of deploying cell anomaly detection in operational cellular networks G Ciocarlie, U Lindqvist, K Nitz, S Nováczki, H Sanneck 2014 IEEE Network Operations and Management Symposium (NOMS), 1-6, 2014 | 26 | 2014 |
| Kernel-supported cost-effective audit logging for causality tracking S Ma, J Zhai, Y Kwon, KH Lee, X Zhang, G Ciocarlie, A Gehani, ... 2018 {USENIX} Annual Technical Conference ({USENIX}{ATC} 18), 241-254, 2018 | 25 | 2018 |
| Jumping the air gap: Modeling cyber-physical attack paths in the Internet-of-Things I Agadakos, CY Chen, M Campanelli, P Anantharaman, M Hasan, ... Proceedings of the 2017 Workshop on Cyber-Physical Systems Security and …, 2017 | 25 | 2017 |
| Data sanitization: Improving the forensic utility of anomaly detection systems GF Cretu, A Stavrou, S Stolfo, AD Keromytis | 21 | 2007 |
| Building hardened Internet-of-Things clients with language-theoretic security P Anantharaman, M Locasto, GF Ciocarlie, U Lindqvist 2017 IEEE Security and Privacy Workshops (SPW), 120-126, 2017 | 17 | 2017 |
| Quantifying Application Behavior Space for Detection and Self-Healing ME Locasto, A Stavrou, GF Cretu, AD Keromytis, S Stolfo | 14 | 2006 |
