Reading List (new papers will be added...)

• "Keyboard emanations revisited," L. Zhuang, F. Zhou, J. D. Tygar., CCS 2005, PDF

• "Mining Anomalies Using Traffic Feature Distributions," A. Lakhina, M. Crovella, and C. Diot, SIGCOMM 2005, PDF

• "Scaling Up Crowd-Sourcing to Very Large Datasets: A Case for Active Learning", Barzan Mozafari, Purna Sarkar, Michael Franklin, Michael Jordan, Samuel Madden, PVLDB 2014, PDF

• "Adversarial Machine Learning", Ling Huang, Anthony Joseph, Blaine Nelson, B. Rubinstein, J. D. Tygar, AISec 2011, PDF

• "Poisoning Attacks against Support Vector Machines," Battista Biggio, Blaine Nelson, Pavel Laskov, ICML 2012, PDF

• "Bayesian Watermark Attacks," Ivo Shterev, David Dunson, ICML 2012, PDF

• "Learning to Identify Regular Expressions that Describe Email Campaigns," Paul Prasse, Christoph Sawade, Niels Landwehr, Tobias Scheffer, ICML 2012, PDF

• "Finding Botnets Using Minimal Graph Clusterings," Peter Haider, Tobias Scheffer, ICML 2012, PDF

• "Towards evaluating the robustness of neural networks," Carlini, N., And Wagner, D., IEEE SP 2017, PDF

• "Practical black-box attacks against machine learning," Papernot, N., Mcdaniel, P. D., Goodfellow, I. J., Jha, S., Celik, Z. B., And Swami, A., ASIA CCS 2017, PDF

• "Approaches to adversarial drift," Kantchelian, A., Afroz, S., Huang, L., Islam, A. C., Miller, B., Tschantz, M. C., Green- Stadt, R., Joseph, A. D., And Tygar, J. D., AISec 2013, PDF

• "Automatically evading classifiers," W Xu, Y Qi, D Evans, NDSS 2016, PDF

• "Adversarial classification," Dalvi, N., Domingos, P., Mausam, Sanghai, S., And Verma, D., KDD 2004, PDF

• "Antidote: understanding and defending against poisoning of anomaly detectors," Rubinstein, B. I., Nelson, B., Huang, L., Joseph, A. D., Lau, S.-H., Rao, S., Taft, N., And Tygar, J. D., IMC 2009, PDF

• "Transcend: Detecting Concept Drift in Malware Classification Models", Roberto Jordaney, Royal Holloway, Kumar Sharad, Santanu K. Dash, Zhi Wang, Davide Papini, Ilia Nouretdinov, Lorenzo Cavallaro, Royal Holloway, USENIX Security 2017, PDF

• "Why should i trust you?: Explaining the predictions of any classifier," Ribeiro, M. T., Singh, S., And Guestrin, C., KDD 2016, PDF

• "MagNet: a Two-Pronged Defense against Adversarial Examples," Dongyu Meng, Hao Chen, CCS 2017, PDF

• "Evading Classifiers by Morphing in the Dark," Hung Dang, Yue Huang, Ee-Chien Chang, CCS 2017, PDF

• "Hidden Voice Commands," Nicholas Carlini, Pratyush Mishra, Tavish Vaidya, Yuankai Zhang, Micah Sherr, Clay Shields, David Wagner, Wenchao Zhou, USENIX Security 2016, PDF

• "Accessorize to a Crime: Real and Stealthy Attacks on State-of-the-Art Face Recognition," Mahmood Sharif, Sruti Bhagavatula, Lujo Bauer, Michael K. Reiter, CCS 2016, PDF

• "Detecting Credential Spearphishing in Enterprise Settings," Grant Ho, Aashish Sharma, Mobin Javed, Vern Paxson, David Wagner, USENIX Security 2017, PDF

• "SAMPLES: Self Adaptive Mining of Persistent Lexical Snippets for Classifying Mobile Application Traffic," Hongyi Yao, Gyan Ranjan, Alok Tongaonkar, Yong Liao, Z. Morley Mao, Mobicom 2015, PDF

• "Deep neural networks are easily fooled: High confidence predictions for unrecognizable images," A. Nguyen, J. Yosinski, J. Clune, CVPR 2015 PDF

• "Distillation as a Defense to Adversarial Perturbations Against Deep Neural Networks," N. Papernot, P. McDaniel, X. Wu, S. Jha and A. Swami, IEEE SP 2016, PDF

• "Behavioral clustering of HTTP-based malware and signature generation using malicious network traces," Roberto Perdisci, Wenke Lee, and Nick Feamster, NSDI 2010, PDF

• "Doppelgänger Finder: Taking Stylometry to the Underground," Sadia Afroz, Aylin Caliskan Islam, Ariel Stolerman, Rachel Greenstadt, and Damon McCoy, IEEE SP 2014, PDF

• "Distillation as a Defense to Adversarial Perturbations Against Deep Neural Networks," N. Papernot, P. McDaniel, X. Wu, S. Jha, and A. Swami., IEEE SP 2016, PDF

• "Vulnerability disclosure in the age of social media: Exploiting Twitter for predicting real-world exploits," C. Sabottke, O. Suciu, and T. Dumitras, USENIX Security 2015, PDF