Selected Publications (For full publication record: Google Scholar)

  1. [Usenix Security '17] Manos Antonakakis, Tim April, Michael Bailey, Matt Bernhard, Elie Bursztein, Jaime Cochran, Zakir Durumeric, J. Alex Halderman, Luca Invernizzi, Michalis Kallitsis, Deepak Kumar, Chaz Lever, Zane Ma, Joshua Mason, Damian Menscher, Chad Seaman, Nick Sullivan, Kurt Thomas, Yi Zhou, “Understanding the Mirai Botnet“, In the 26th USENIX Security Symposium, 2017. [pdf|cite]
  2. [DIMVA '17] Yizheng Chen, Yacin Nadji, Rosa Romero-Gomez, Manos Antonakakis, and David Dagon, "Measuring Network Reputation in the Ad-Bidding Process", In the 14th Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), Bonn, Germany, July 6-7, 2017. [pdf|cite]
  3. [Oakland '17] Charles Lever,  Platon Kotzias, Davide Balzarotti, Juan Caballero, Manos Antonakakis, ”A lustrum of malware network communication: Evolution and insights”, In the 38th IEEE Symposium on Security and Privacy, 2017. [pdf|cite]
  4. [ESORICS '16Bharat Srinivasan, Payas Gupta, Manos Antonakakis and Mustaque Ahamad,”Understanding Cross-Channel Abuse with SMS-Spam Support Infrastructure Attribution”, In the 21st European Symposium on Research in Computer Security, Heraklion, Greece, September 28-30, 2016. [pdf|cite]
  5. [RAID '16] Athanasios Kountouras, Panagiotis Kintis, Chaz Lever, Yizheng Chen, Yacin Nadji, David Dagon, Manos Antonakakis, and Rodney Joffe, “Enabling Network Security Through Active DNS Datasets”, In the 19th International Symposium on Research in Attacks, Intrusions and Defenses, September 19-21 at Telecom SudParis, Evry, France. [pdf|cite|data]
  6. [USENIX Security '16] Terry Nelms, Roberto Perdisci, Manos Antonakakis, and Mustaque Ahamad, “Towards Measuring and Mitigating Social Engineering Software Download Attacks”, In the 25th USENIX Security Symposium, 2016. [pdf|cite]
  7. [DIMVA '16] Yizheng Chen, Panagiotis Kintis, Manos Antonakakis, Yacin Nadji, David Dagon, Wenke Lee and Michael Farrell, "Financial Lower Bounds of Online Advertising Abuse", In the 13th Conference on Detection of Intrusions and Malware & Vulnerability Assessment, Donostia-San Sebastián, Spain, July 7-8, 2016. [pdf|cite|TDSS-TDL4 Domains]
  8. [DIMVA '16] Panagiotis Kintis, Yacin Nadji, David Dagon, Michael Farrell and Manos Antonakakis, "Understanding the Privacy Implications of ECS", In the 13th Conference on Detection of Intrusions and Malware & Vulnerability Assessment, Donostia-San Sebastián, Spain, July 7-8, 2016. [pdf|cite]
  9. [Oakland '16] Charles Lever, Robert Walls, Yacin Nadji, David Dagon, Patrick McDaniel, Manos Antonakakis, ”Domain-Z: 28 Registrations Later --- Measuring the Exploitation of Residual Trust in Domains”, In the 37th IEEE Symposium on Security and Privacy, 2016. [pdf|cite]
  10. [USENIX Security '15] Terry Nelms, Roberto Perdisci, Manos Antonakakis, Mustaque Ahamad. "WebWitness: Investigating, Categorizing, and Mitigating Malware Download Paths." In the USENIX Security Symposium, 2015.  [pdf|cite]
  11. [DSN '15] Babak Rahbarinia, Roberto Perdisci, Manos Antonakakis. "Segugio: Efficient Behavior-Based Tracking of New Malware-Control Domains in Large ISP Networks." In the 45th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, Rio de Janeiro, Brazil, June 22-25, 2015. [pdf|cite] 
  12. [DSN '14] Yizheng Chen, Manos Antonakakis, Roberto Perdisci, Yacin Nadji, David Dagon, Wenke Lee. "DNS Noise: Measuring the Pervasiveness of Disposable Domains in Modern DNS Traffic." In the 44th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, June 23 - 26, 2014 Atlanta, Georgia USA. [pdf|cite]
  13. [CCS '13] Yacin Nadji, Manos Antonakakis, Roberto Perdisci, Wenke Lee, David Dagon. "Beheading Hydras: Performing Effective Botnet Takedowns." In the 20th ACM Conference on Computer and Communications Security, November 4 – 8, Berlin, Germany. [pdf|cite]
  14. [LEET '13] Babak Rahbarinia, Roberto Perdisci, Manos Antonakakis, David Dagon, "SinkMiner: Mining Botnet Sinkholes for Fun and Profit", In the 6th USENIX Workshop on Large-Scale Exploits and Emergent Threats, Washington-DC, August 14-16, 2013. [pdf|slides|cite]
  15. [ESORICS '13] Phani Vadrevu, Babak Rahbarinia, Roberto Perdisci, Kang Li, Manos Antonakakis. "Measuring and Detecting Malware Downloads in Live Network Traffic." In the 18th European Symposium on Research in Computer Security, RHUL, Egham, UK, 2013. [pdf|cite] (Source code for Amico is here: https://code.google.com/p/amico/)
  16. [RAID '13] Yacin Nadji, Manos Antonakakis, Roberto Perdisci, and Wenke Lee. "Connected Colors: Unveiling the Structure of Criminal Networks." In the 16th International Symposium on Research in Attacks, Intrusions and Defenses, St. Lucia, October 23-25, 2013. [pdf|cite]
  17. [NDSS '13] Charles Lever, Manos Antonakakis, Bradley Reaves, Patrick Traynor and Wenke Lee. "The Core of the Matter: Analyzing Malicious Traffic in Cellular Carriers", In the Proceedings of The 20th Annual Network and Distributed System Security Symposium, San Diego, CA, 24-27 February 2013. [pdf|slides|cite]
  18. [USENIX Security '12] Manos Antonakakis, Roberto Perdisci, Yacin Nadji, Nikolaos Vasiloglou, Saeed Abu-Nimeh, Wenke Lee,  David Dagon, "From Throw-Away Traffic to Bots: Detecting the Rise of DGA-Based Malware", In the 21th USENIX Security Symposium, Bellevue, WA, August 8–10, 2012. [pdf|slides|cite]
  19. [ACSAC '11] Yacin Nadji, Manos Antonakakis, Roberto Perdisci, Wenke Lee, "Understanding the Prevalence and Use of Alternative Plans in Malware with Network Games", In the Proceedings of The 27th Annual Computer Security Applications Conference, Orlando, FL, December 2011. [pdf|slides|cite]
  20. [USENIX Security '11] Manos Antonakakis, Roberto Perdisci, Wenke Lee, Nikolaos Vasiloglou, David Dagon, "Detecting Malware Domains at the Upper DNS Hierarchy", in the 20th USENIX Security Symposium, San Francisco, CA, August 8-12, 2011. [pdf|slides|cite]
  21. [RAID '10] Manos Antonakakis, David Dagon, Luo Xiapu, Roberto Perdisci, Wenke Lee and Justin Bellmor. "A Centralized Monitoring Infrastructure for Improving DNS Security", In the 13th International Symposium on Recent Advances in Intrusion Detection, Ottawa, Ontario, Canada, September 15-17, 2010. [pdf|slides|cite]
  22. [USENIX Security '10] Manos Antonakakis, Roberto Perdisci, David Dagon, Wenke Lee and Nick Feamster. "Building a Dynamic Reputation System for DNS", In the 19th USENIX Security Symposium, Washington D.C., August 11, 2010. (Recipient of Google Research Award, liaison at Google; Niels Provos.) [pdf|slides|cite]
  23. [DSN '09] Roberto Perdisci, Manos Antonakakis, Xiapu Luo and Wenke Lee. "WSEC DNS: Protecting Recursive DNS Resolvers from Poisoning Attacks", In the Proceedings of Dependable Computing and Communications Symposium at  the International Conference on Dependable Systems and Networks, Estoril, Lispon, June 29 - July 2 2009. [pdf|slides|cite]
  24. [NDSS '09] David Dagon, Manos Antonakakis, Kevin Day, Xiapu Luo, Christopher P.Lee, and Wenke Lee. "Recursive DNS Architectures and Vulnerability Implications", In the Proceedings of The 16th Annual Network and Distributed System Security Symposium, San Diego, CA, February 2009. [pdf|cite]
  25. [CCS '08] David Dagon, Manos Antonakakis, Paul Vixie, Tatuya Jinmei, Wenke Lee, "Increased DNS Forgery Resistance Through 0x20-Bit Encoding",  In the 15th ACM Computer and Communications Security Conference, Alexandria, VA, USA, October 2008. [pdf|cite]

Journals

  1. Yizheng Chen, Panagiotis Kintis, Manos Antonakakis, Yacin Nadji, David Dagon, Michael Farrell, "Measuring Lower Bounds of the Financial Abuse to Online Advertisers", Computers & Security, 2017 [pdf|cite]
  2. Charles Lever, Robert Walls, Yacin Nadji, David Dagon, Patrick McDaniel, Manos Antonakakis, "Dawn of the Dead Domain: Hungry for Abuse", IEEE Security & Privacy ,SPSI-2016-08-0153, 2017 [pdf|cite]
  3. Babak Rahbarinia, Roberto Perdisci, Manos Antonakakis. "Efficient and Accurate Behavior-Based Tracking of Malware-Control Domains in Large ISP Networks." ACM Transactions on Privacy and Security, 2016. [cdf|cite]
  4. Yacin Nadji, Roberto Perdisci, Manos Antonakakis, "Still Beheading Hydras: Botnet Takedowns Then and Now," in Dependable and Secure Computing, IEEE Transactions on , vol.PP, no.99, pp.1-1 doi: 10.1109/TDSC.2015.2496176 [pdf|cite]
  5. Manos Antonakakis, Roberto Perdisci, Nikolaos Vasiloglou, and Wenke Lee. "Detecting and Tracking the Rise of DGA-Based Malware". Usenix ;login: Magazine, December 2012, Volume 37, Number 6. [pdf]

Patents 

  1. Manos Antonakakis, Roberto Perdisci, Wenke Lee, and Nikolaos Vasiloglou, “Method and systems for detecting DGA-based malware”, U.S. Provisional Application 61/590,633 - 361917-000042, January 24, 2013. 
  2. Manos Antonakakis, Roberto Perdisci, Wenke Lee, and Nikolaos Vasiloglou, “Method and systems  for detecting malicious domain names at the upper DNS hierarchy”, U.S. Provisional Application 61/438,492 - 361917-000032, February 1, 2011. 
  3. Manos Antonakakis, R. Perdisci, D. Dagon and W. Lee. “Method and System for Determining Whether Domain Names are Legitimate or Malicious”, U.S. Provisional Patent Application No. 13/205,928 - 361917-000033, May 1st, 2010. 
  4. Manos Antonakakis, and G. Ollmann, “Method and systems for detecting malware”, U.S. Provisional Patent Application 61/292,592 - 61/295,060, November 6, 2010. 

Technical Reports, Posters & Misc.

  1. Manos Antonakakis, David Dagon, Michael Farrell, Paul Vixie, Paul Mockapetris, Tom Byrnes: “Comments on NPRM 16-39”, NPRM 16-39, 2016. [pdf]
  2. Panagiotis Kintis, Athanasios Kountouras, Nikolaos Pitropakis, David Dagon, Manos Antonakakis, Chris Markou, Pascal Buchner, “Poster: Secure and Scalable Identity Management for the Aviation Industry”, 37th IEEE Symposium on Security and Privacy (Oakland), 2016. [pdf]
  3. Manos Antonakakis, Brett Stone-Gross, Jeremy Demar, Kevin Stevens, and David Dagon. “Unveiling The Latest Variant of Pushdo Mv20: A case study on the new Pushdo-DGA.” Technical Report, Damballa Inc., Dell SecureWorks CTU, Georgia Institute of Technology (GTISC), September 2012. [pdf]
  4. Manos Antonakakis, Jeremy Demar, Kevin Stevens and David Dagon. “Unveiling the Network Criminal Infrastructure of TDSS/TDL4 DGAv14: A case study on a new TDSS/TDL4 variant.” Technical Report, Damballa Inc.,Georgia Institute of Technology (GTISC), September 2012. [pdf|site]
  5. Manos Antonakakis, Christopher Elisan, Aldrich de Mata, Gunter Ollmann and Erik Wu. “The IMDDOS Botnet: Discovery and Analysis” Technical Report, Damballa Inc., September 2010. [pdf|site]
  6. Manos Antonakakis, Christopher Elisan, David Dagon, Gunter Ollmann and Erik Wu. “The Command Structure of the Aurora Botnet.” Technical Report, Damballa Inc., March 2009. [pdf]
  7. Roberto Perdisci, Manos Antonakakis, and Wenke Lee. “Solving the DNS Cache Poisoning Problem Without Changing the Protocol.” Technical Report, GTISC, Georgia Institute of Technology, May 16, 2008. [pdf]