Papers

Please see our Canvas page for the course to download papers mentioned below.

Pertinent History

• 1988, Spafford, The Internet Worm Program: An Analysis, Technical Report CSD-TR-823, Purdue University
• 2000, Bishop, Analysis of the ILOVEYOU Worm
• 2001, Berghel, The Code Red Worm, Communications of the ACM, Vol. 44, No. 12, pp. 15-19
• 2003, Moore et al., Inside the Slammer Worm, IEEE Security and Privacy, Vol. 1, No. 4, pp. 33-39
• 2005, Bailey et al., The Blaster Worm: Then and Now, IEEE Security and Privacy, Vol. 3, No. 4, pp. 26-31
• 2009, Lawton, On the Trail of the Conficker Worm, IEEE Computer, Vol. 42, No. 6, pp. 19-22
• 2011, Falliere et al., W32.Stuxnet Dossier, Symantec Security Response, version 1.4
• 2013, Kushner, The Real Story of Stuxnet, IEEE Spectrum, Vol. 50, No. 3, pp 48-53
• 2014, Carvalho et al., Heartbleed 101, IEEE Security and Privacy, Vol. 12, No. 4, pp. 63-67
• 2014, Durumeric et al., The Matter of Heartbleed, ACM Proceedings of the 2014 Conference on Internet Measurement, pp. 475-488
• 2015, Delamore et al., A Global, Empirical Analysis of the Shellshock Vulnerability in Web Applications, IEEE Trustcom/BigDataSE/ISPA, pp. 1129-1135
• 2016, Saiyed, Cryptolocker, ISSA Journal, Vol. 14, No. 4, pp. 15-18
• 2017, Seri and Livne, Exploiting BlueBorne in Linux-based IoT devices, Armis
• 2017, Microsoft Defender ATP Research Team, Exploring the crypt: Analysis of the WannaCrypt ransomware SMB exploit propagation
• 2017, Grossman, ETERNALBLUE – EVERYTHING THERE IS TO KNOW, Checkpoint
• 2018, Stolyarov et al., The King is dead. Long live the King!, Kaspersky SecureList
• 2018, Lipp et al., Meltdown: Reading Kernel Memory from User Space, Proceedings of the 27th USENIX Security Symposium, pp. 973-990
• 2019, Kocher et al., Spectre Attacks: Exploiting Speculative Execution, IEEE Symposium on Security and Privacy
• 2022, Everson et al., Log4shell: Redefining the Web Attack Surface, Workshop on Measurements, Attacks, and Defenses for the Web