| bpfbox: Simple Precise Process Confinement with eBPF | 0 | 0.34 | 2020 |
| Towards In-Band Non-Cryptographic Authentication. | 0 | 0.34 | 2020 |
| After the BlockCLoud Apocalypse | 0 | 0.34 | 2018 |
| Learning over subconcepts: Strategies for 1-class classification. | 0 | 0.34 | 2018 |
| Technological and Human Factors of Malware Attacks: A Computer Security Clinical Trial Approach. | 1 | 0.36 | 2018 |
| Can I believe you?: Establishing Trust in Computer Mediated Introductions. | 0 | 0.34 | 2017 |
| Measuring the health of antivirus ecosystems. | 0 | 0.34 | 2015 |
| Risk prediction of malware victimization based on user behavior | 0 | 0.34 | 2014 |
| A clinical study of risk factors related to malware infections | 26 | 1.33 | 2013 |
| Towards narrative authentication: or, against boring authentication | 3 | 0.40 | 2013 |
| Software diversity: security, entropy and game theory | 5 | 0.74 | 2012 |
| Methodology for a field study of anti-malware software | 3 | 0.48 | 2012 |
| Customer Appeasement Scheduling | 0 | 0.34 | 2010 |
| A methodology for empirical analysis of permission-based security models and its application to android | 221 | 15.32 | 2010 |
| The case for in-the-lab botnet experimentation: creating and taking down a 3000-node botnet | 9 | 0.72 | 2010 |
| Object-level recombination of commodity applications | 4 | 0.39 | 2010 |
| Visual security policy for the web | 0 | 0.34 | 2010 |
| Analysis of the 1999 DARPA/Lincoln Laboratory IDS evaluation data with NetADHICT. | 10 | 0.92 | 2009 |
| Evaluating security products with clinical trials | 5 | 0.90 | 2009 |
| The Evolution of System-Call Monitoring | 44 | 1.55 | 2008 |
| SOMA: mutual approval for included content in web pages | 33 | 2.39 | 2008 |
| NetADHICT: a tool for understanding network traffic | 7 | 0.61 | 2007 |
| Learning DFA representations of HTTP for protecting web applications | 46 | 1.80 | 2007 |
| Immunology, diversity, and homeostasis: The past and future of biologically inspired computer defenses | 2 | 0.37 | 2007 |
| The future of biologically-inspired security: is there anything left to learn? | 5 | 0.90 | 2007 |
| A methodology for designing accurate anomaly detection systems | 0 | 0.34 | 2007 |
| Securing email archives through user modeling | 1 | 0.37 | 2005 |
| Hardware-Assisted Circumvention of Self-Hashing Software Tamper Resistance | 41 | 2.55 | 2005 |
| A generic attack on checksumming-based software tamper resistance | 55 | 3.71 | 2005 |
| Towards Network Awareness | 4 | 0.94 | 2005 |
| Mitigating network denial-of-service through diversity-based traffic management | 12 | 0.80 | 2005 |
| Highlights from the 2005 New Security Paradigms Workshop | 0 | 0.34 | 2005 |
| Pass-thoughts: authenticating with our minds | 47 | 2.59 | 2005 |
| How to win an evolutionary arms race | 6 | 0.78 | 2004 |
| Automated response using system-call delays | 113 | 15.81 | 2000 |
| Intrusion detection using sequences of system calls | 567 | 55.42 | 1998 |
| Principles of a computer immune system | 104 | 13.44 | 1997 |
| Computer immunology. | 235 | 51.36 | 1997 |
| Building Diverse Computer Systems | 233 | 36.55 | 1997 |
