An official website of the United States government
Free, publicly-accessible full text available February 25, 2026
- Home
- Search Results
- Page 1 of 1
Search for: All records
Creators/Authors contains:
"Saltaformaggio, Brendan"
-
Total Resources6
- Resource Type
-
0006000000000000
- More
- Availability
-
51
- Author / Contributor
- Filter by Author / Creator
-
-
Saltaformaggio, Brendan (6)
-
Park, Jeman (3)
-
Xu, Haichuan (3)
-
Yao, Mingxuan (3)
-
Alrawi, Omar (2)
-
Asdar, Ehsan (2)
-
Fuller, Jonathan (2)
-
Kasturi, Ranjita Pai (2)
-
Sun, Yiting (2)
-
Zhang, Runze (2)
-
Agarwal, Saumya (1)
-
Arik, Berat (1)
-
Chabklo, Omar (1)
-
Dawoud, Mohamed (1)
-
Duan, Ruian (1)
-
Fuller, Jon (1)
-
Kwon, Yonghwi (1)
-
Pai Kasturi, Ranjita (1)
-
Rodriguez, Andres (1)
-
Sikder, Amit (1)
-
- Filter by Editor
-
-
null (1)
-
& Spizer, S. M. (0)
-
& . Spizer, S. (0)
-
& Ahn, J. (0)
-
& Bateiha, S. (0)
-
& Bosch, N. (0)
-
& Brennan K. (0)
-
& Brennan, K. (0)
-
& Chen, B. (0)
-
& Chen, Bodong (0)
-
& Drown, S. (0)
-
& Ferretti, F. (0)
-
& Higgins, A. (0)
-
& J. Peters (0)
-
& Kali, Y. (0)
-
& Ruiz-Arias, P.M. (0)
-
& S. Spitzer (0)
-
& Sahin. I. (0)
-
& Spitzer, S. (0)
-
& Spitzer, S.M. (0)
-
-
Have feedback or suggestions for a way to improve these results?
!
Note: When clicking on a Digital Object Identifier (DOI) number, you will be taken to an external site maintained by the publisher.
Some full text articles may not yet be available without a charge during the embargo (administrative interval).
What is a DOI Number?
Some links on this page may take you to non-federal websites. Their policies may differ from this site.
-
-
Xu, Haichuan; Yao, Mingxuan; Zhang, Runze; Dawoud, Mohamed; Park, Jeman; Saltaformaggio, Brendan (, 33rd USENIX Security Symposium (Security))
-
Yao, Mingxuan; Fuller, Jonathan; Sridhar, Ranjita Pai; Agarwal, Saumya; Sikder, Amit K.; Saltaformaggio, Brendan (, 32nd USENIX Conference on Security Symposium)Web applications provide a wide array of utilities that are abused by malware as a replacement for traditional attacker-controlled servers. Thwarting these Web App-Engaged (WAE) malware requires rapid collaboration between incident responders and web app providers. Unfortunately, our research found that delays in this collaboration allow WAE malware to thrive. We developed Marsea, an automated malware analysis pipeline that studies WAE malware and enables rapid remediation. Given 10K malware samples, Marsea revealed 893 WAE malware in 97 families abusing 29 web apps. Our research uncovered a 226% increase in the number of WAE malware since 2020 and that malware authors are beginning to reduce their reliance on attacker-controlled servers. In fact, we found a 13.7% decrease in WAE malware relying on attacker-controlled servers. To date, we have used Marsea to collaborate with the web app providers to take down 50% of the malicious web app content.more » « less
-
Kasturi, Ranjita Pai; Fuller, Jon; Sun, Yiting; Chabklo, Omar; Rodriguez, Andres; Park, Jeman; Saltaformaggio, Brendan (, Proceedings of the 31st USENIX Security Symposium)
-
Fuller, Jonathan; Kasturi, Ranjita Pai; Sikder, Amit; Xu, Haichuan; Arik, Berat; Verma, Vivek; Asdar, Ehsan; Saltaformaggio, Brendan (, Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security)
-
Pai Kasturi, Ranjita; Sun, Yiting; Duan, Ruian; Alrawi, Omar; Asdar, Ehsan; Zhu, Victor; Kwon, Yonghwi; Saltaformaggio, Brendan (, 2020 IEEE Symposium on Security and Privacy (SP))null (Ed.)
Full Text Available