@inproceedings{raid2024-iot-backends,
  title     = {{Large-Scale Security Analysis of Real-World Backend Deployments Speaking IoT-Focused Protocols}},
  author    = {Tagliaro, Carlotta and Komsic, Martina and Continella, Andrea and Borgolte, Kevin and Lindorfer, Martina},
  booktitle = {Proceedings of the 27th International Symposium on Recent Advances in Intrusion Detection (RAID)},
  series    = {Lecture Notes in Computer Science (LNCS)},
  date      = {2024-09},
  doi       = {https://doi.org/10.1145/3678890.3678899},
  edition   = {27},
  editor    = {Aafer, Yousra and Fratantonio, Yanick},
  isbn      = {979-8-4007-0959},
  location  = {Padua, Italy},
  publisher = {Springer International Publishing},
  url       = {https://doi.org/10.1145/3678890.3678899}
}

@inproceedings{wtmc2024are-you-sure-you-want-to-do-cvd,
  title     = {{Are You Sure You Want To Do Coordinated Vulnerability Disclosure?}},
  author    = {Chen, Ting-Han and Tagliaro, Carlotta and Lindorfer, Martina and Borgolte, Kevin and van der Ham-de Vos, Jeroen},
  booktitle = {Proceedings of the 9th International Workshop on Traffic Measurements for Cybersecurity (WTMC)},
  date      = {2024-07-08},
  edition   = {9},
  location  = {Vienna, Austria},
  publisher = {Institute of Electrical and Electronics Engineers (IEEE)}
}

@inproceedings{ccs2023-iotflow,
  title     = {{IoTFlow: Inferring IoT Device Behavior at Scale through Static Mobile Companion App Analysis}},
  author    = {Schmidt, David and Tagliaro, Carlotta and Borgolte, Kevin and Lindorfer, Martina},
  booktitle = {Proceedings of the 30th ACM SIGSAC Conference on Computer and Communications Security (CCS)},
  date      = {2023-11},
  doi       = {10.1145/3576915.3623211},
  edition   = {30},
  editor    = {Cremers, Cas and Kirda, Engin},
  location  = {Copenhagen, Denmark},
  publisher = {Association for Computing Machinery (ACM)},
  url       = {https://doi.org/10.1145/3576915.3623211}
}

@article{giq2023-pushing-boundaries,
  title     = {{Pushing Boundaries: An Empirical View on the Digital Sovereignty of Six Governments in the Midst of Geopolitical Tensions}},
  author    = {Jansen, Bernardus and Kadenko, Natalia and Broeders, Dennis and van Eeten, Michel and Borgolte, Kevin and Fiebig, Tobias},
  date      = {2023-08-21},
  doi       = {10.1016/j.giq.2023.101862},
  issn      = {0740-624X},
  journal   = {Government Information Quarterly (GIQ)},
  number    = {4},
  pages     = {101862},
  publisher = {Elsevier},
  url       = {https://doi.org/10.1016/j.giq.2023.101862},
  volume    = {40}
}

@inproceedings{ccs2021-out-of-sight-out-of-mind,
  title     = {{Out of Sight, Out of Mind: Detecting Orphaned Web Pages at Internet-Scale}},
  author    = {Pletinckx, Stijn and Borgolte, Kevin and Fiebig, Tobias},
  booktitle = {Proceedings of the 28th ACM SIGSAC Conference on Computer and Communications Security (CCS)},
  date      = {2021-11},
  doi       = {10.1145/3460120.3485367},
  edition   = {28},
  editor    = {Shi, Elaine and Vigna, Giovanni},
  isbn      = {978-1-4503-8454-4},
  location  = {Seoul, South Korea},
  publisher = {Association for Computing Machinery (ACM)},
  url       = {https://doi.org/10.1145/3460120.3485367}
}

@inproceedings{hotnets2021-designing-for-tussle-in-encrypted-dns,
  title     = {{Designing for Tussle in Encrypted DNS}},
  author    = {Hounsel, Austin and Schmitt, Paul and Borgolte, Kevin and Feamster, Nick},
  booktitle = {Proceedings of the 20th Workshop on Hot Topics in Networking (HotNets)},
  date      = {2021-11-10},
  doi       = {10.1145/3484266.3487383},
  edition   = {20},
  editor    = {Yu, Minlan and Vanbever, Lauren},
  location  = {Online},
  publisher = {Association for Computing Machinery (ACM)},
  url       = {https://doi.org/10.1145/3484266.3487383}
}

@article{phrack2021-cyber-grand-shellphish,
  title     = {{Cyber Grand Shellphish}},
  author    = {Bianchi, Antonio and Borgolte, Kevin and Corbetta, Jacopo and Disperati, Francesco and Dutcher, Andrew and Grosen, John and Grosen, Paul and Machiry, Aravind and Salls, Christopher and Shoshitaishvili, Yan and Stephens, Nick and Vigna, Giovanni and Wang, Ruoyu},
  date      = {2021-10-05},
  journal   = {Phrack},
  number    = {70},
  publisher = {The Phrack Staff},
  url       = {http://phrack.org/papers/cyber_grand_shellphish.html},
  volume    = {15}
}

@inproceedings{anrw2021-encryption-without-centralization,
  title     = {{Encryption without Centralization: Distributing DNS Queries Across Recursive Resolvers}},
  author    = {Hounsel, Austin and Schmitt, Paul and Borgolte, Kevin and Feamster, Nick},
  booktitle = {Proceedings of the 2021 Applied Networking Research Workshop (ANRW)},
  date      = {2021-07-24},
  doi       = {10.1145/3472305.3472318},
  editor    = {Lutu, Andra and Feamster, Nick},
  location  = {Online},
  publisher = {Association for Computing Machinery (ACM)},
  url       = {https://doi.org/10.1145/3472305.3472318}
}

@inproceedings{pam2021-can-encrypted-dns-be-fast,
  title       = {{Can Encrypted DNS Be Fast?}},
  author      = {Hounsel, Austin and Schmitt, Paul and Borgolte, Kevin and Feamster, Nick},
  booktitle   = {Proceedings of the 22nd Passive and Active Measurement (PAM)},
  series      = {Lecture Notes in Computer Science (LNCS)},
  date        = {2021-03},
  doi         = {10.1007/978-3-030-72582-2_26},
  editor      = {Levin, Dave and Lutu, Andra},
  eprint      = {2007.06812},
  eprintclass = {cs.NI},
  eprinttype  = {arxiv},
  location    = {Virtual (COVID-19)},
  publisher   = {Springer International Publishing},
  url         = {https://doi.org/10.1007/978-3-030-72582-2_26}
}

@inproceedings{weis2020-those-who-know-dont,
  title     = {{Those Who Know Don't, Those Who Don't Know Deploy: Understanding Security Awareness in the Adoption of Industrial IoT}},
  author    = {Schrama, Verena and Gañán, Carlos H. and Aschenbrenner, Doris and de Reuver, Mark and Borgolte, Kevin and Fiebig, Tobias},
  booktitle = {Proceedings of the 20th Workshop on the Economics of Information Security (WEIS)},
  date      = {2020-12},
  editor    = {Christin, Nicolas},
  location  = {Brussels, Belgium},
  url       = {https://weis2020.econinfosec.org/wp-content/uploads/sites/8/2020/06/weis20-final23.pdf}
}

@inproceedings{foci2020-identifying-disinformation,
  title       = {{Identifying Disinformation Websites Using Infrastructure Features}},
  author      = {Hounsel, Austin and Holland, Jordan and Kaiser, Ben and Borgolte, Kevin and Feamster, Nick and Mayer, Jonathan},
  booktitle   = {Proceedings of the 10th USENIX Workshop on Free and Open Communications on the Internet},
  date        = {2020-08},
  edition     = {10},
  editor      = {Ensafi, Roya and Klein, Hans},
  eprint      = {2003.07684},
  eprintclass = {cs.CY},
  eprinttype  = {arxiv},
  publisher   = {USENIX Association},
  url         = {https://www.usenix.org/conference/foci20/presentation/hounsel}
}

@inproceedings{www2020-privacy-extensions,
  title     = {{Understanding The Performance Costs and Benefits of Privacy-focused Browser Extensions}},
  author    = {Borgolte, Kevin and Feamster, Nick},
  booktitle = {Proceedings of the 29th The Web Conference (TheWebConf, formerly known as WWW)},
  date      = {2020-04},
  doi       = {10.1145/3366423.3380292},
  edition   = {29},
  editor    = {Liu, Tie-Yan and van Steen, Maarten},
  location  = {Taiwan, Taipei},
  publisher = {International World Wide Web Conference Committee (IW3C2)},
  url       = {https://doi.org/10.1145/3366423.3380292}
}

@inproceedings{www2020-dns-dot-doh,
  title       = {{Comparing the Effects of DNS, DoT, and DoH on Web Performance}},
  author      = {Hounsel, Austin and Borgolte, Kevin and Schmitt, Paul and Holland, Jordan and Feamster, Nick},
  booktitle   = {Proceedings of the 29th The Web Conference (TheWebConf, formerly known as WWW)},
  date        = {2020-04},
  doi         = {10.1145/3366423.3380139},
  edition     = {29},
  editor      = {Liu, Tie-Yan and van Steen, Maarten},
  eprint      = {1907.08089v3},
  eprintclass = {cs.NI},
  eprinttype  = {arxiv},
  location    = {Taiwan, Taipei},
  publisher   = {International World Wide Web Conference Committee (IW3C2)},
  url         = {https://doi.org/10.1145/3366423.3380139}
}

@inproceedings{tprc2019-doh-policy,
  title     = {{How DNS over HTTPS is Reshaping Privacy, Performance, and Policy in the Internet Ecosystem}},
  author    = {Borgolte, Kevin and Chattopadhyay, Tithi and Feamster, Nick and Kshirsagar, Mihir and Holland, Jordan and Hounsel, Austin and Schmitt, Paul},
  booktitle = {Proceedings of the 47th Research Conference on Communications, Information and Internet Policy (TPRC)},
  date      = {2019-09},
  doi       = {10.2139/ssrn.3427563},
  edition   = {12},
  location  = {Washington, D.C., USA},
  publisher = {TPRC},
  url       = {https://doi.org/10.2139/ssrn.3427563}
}

@inproceedings{anrw2019-analyzing-the-costs-of-dns-dot-doh,
  title     = {{Analyzing the Costs (and Benefits) of DNS, DoT, and DoH for the Modern Web}},
  author    = {Hounsel, Austin and Borgolte, Kevin and Schmitt, Paul and Holland, Jordan and Feamster, Nick},
  booktitle = {Proceedings of the 2019 Applied Networking Research Workshop (ANRW)},
  date      = {2019-07-22},
  doi       = {10.1145/3340301.3341129},
  editor    = {Gill, Phillipa and Iyengar, Jana},
  location  = {Montréal, QC, Canada},
  publisher = {Association for Computing Machinery (ACM)},
  url       = {https://doi.org/10.1145/3340301.3341129}
}

@inproceedings{ccs2018-security-misconfigurations,
  title     = {{Investigating Operators' Perspective on Security Misconfigurations}},
  author    = {Dietrich, Constanze and Krombholz, Katharina and Borgolte, Kevin and Fiebig, Tobias},
  booktitle = {Proceedings of the 25th ACM SIGSAC Conference on Computer and Communications Security (CCS)},
  date      = {2018-10},
  doi       = {10.1145/3243734.3243794},
  edition   = {25},
  editor    = {Backes, Michael and Wang, XiaoFeng},
  isbn      = {978-1-4503-5693-0},
  location  = {Toronto, ON, Canada},
  publisher = {Association for Computing Machinery (ACM)},
  url       = {https://doi.org/10.1145/3243734.3243794}
}

@inproceedings{sec2018-rampart,
  title     = {{Rampart: Protecting Web Applications from CPU-Exhaustion Denial-of-Service Attacks}},
  author    = {Meng, Wei and Qian, Chenxiong and Hao, Shuang and Borgolte, Kevin and Vigna, Giovanni and Kruegel, Christopher and Lee, Wenke},
  booktitle = {Proceedings of the 27th USENIX Security Symposium (USENIX Security)},
  date      = {2018-08},
  edition   = {27},
  editor    = {Enck, William and Porter Felt, Adrienne},
  location  = {Baltimore, MD, USA},
  publisher = {USENIX Association},
  url       = {https://www.usenix.org/conference/usenixsecurity18/presentation/meng}
}

@inproceedings{anrw2018-cloud-strife,
  title     = {{Cloud Strife: Mitigating the Security Risks of Domain-Validated Certificates}},
  author    = {Borgolte, Kevin and Fiebig, Tobias and Hao, Shuang and Kruegel, Christopher and Vigna, Giovanni},
  booktitle = {Proceedings of the 2018 Applied Networking Research Workshop (ANRW)},
  date      = {2018-07-16},
  doi       = {10.1145/3232755.3232859},
  editor    = {Choffnes, David and Goldberg, Sharon},
  isbn      = {978-1-4503-5585-8},
  location  = {Montréal, QC, Canada},
  publisher = {Association for Computing Machinery (ACM)},
  url       = {https://doi.org/10.1145/3232755.3232859}
}

@inproceedings{sp2018-enumerating-ipv6,
  title     = {{Enumerating Active IPv6 Hosts for Large-scale Security Scans via DNSSEC-signed Reverse Zones}},
  author    = {Borgolte, Kevin and Hao, Shuang and Fiebig, Tobias and Vigna, Giovanni},
  booktitle = {Proceedings of the 39th IEEE Symposium on Security \& Privacy (S\&P)},
  date      = {2018-05},
  doi       = {10.1109/SP.2018.00027},
  edition   = {39},
  editor    = {Parno, Bryan and Kruegel, Christopher},
  isbn      = {978-1-5386-4353-2},
  issn      = {2375-1207},
  location  = {San Francisco, CA, USA},
  pages     = {438--452},
  publisher = {Institute of Electrical and Electronics Engineers (IEEE)},
  url       = {https://doi.org/10.1109/SP.2018.00027}
}

@article{spm2018-mechanical-phish,
  title     = {{Mechanical Phish: Resilient Autonomous Hacking}},
  author    = {Shoshitaishvili, Yan and Bianchi, Antonio and Borgolte, Kevin and Cama, Amat and Corbetta, Jacopo and Disperati, Francesco and Dutcher, Andrew and Grosen, John and Grosen, Paul and Machiry, Aravind and Salls, Christopher and Stephens, Nick and Wang, Ruoyu and Vigna, Giovanni},
  date      = {2018-03/2018-04},
  doi       = {10.1109/MSP.2018.1870858},
  issn      = {1558-4046},
  journal   = {IEEE Security \& Privacy},
  number    = {2},
  pages     = {12--22},
  publisher = {Institute of Electrical and Electronics Engineers (IEEE)},
  url       = {https://doi.org/10.1109/MSP.2018.1870858},
  volume    = {16}
}

@inproceedings{pam2018-in-rdns-we-trust,
  title     = {{In rDNS We Trust: Revisiting a Common Data-Source's Reliability}},
  author    = {Fiebig, Tobias and Borgolte, Kevin and Hao, Shuang and Kruegel, Christopher and Vigna, Giovanni and Feldmann, Anja},
  booktitle = {Proceedings of the 19th Passive and Active Measurement (PAM)},
  series    = {Lecture Notes in Computer Science (LNCS)},
  date      = {2018-03},
  doi       = {10.1007/978-3-319-76481-8_10},
  edition   = {19},
  editor    = {Beverly, Robert and Smaragdakis, Georgios},
  isbn      = {978-3-319-54327-7},
  location  = {Berlin, Germany},
  pages     = {131--145},
  publisher = {Springer International Publishing},
  url       = {https://doi.org/10.1007/978-3-319-76481-8_10},
  volume    = {10771}
}

@inproceedings{ndss2018-cloud-strife,
  title     = {{Cloud Strife: Mitigating the Security Risks of Domain-Validated Certificates}},
  author    = {Borgolte, Kevin and Fiebig, Tobias and Hao, Shuang and Kruegel, Christopher and Vigna, Giovanni},
  booktitle = {Proceedings of the 25th Network and Distributed System Security Symposium (NDSS)},
  date      = {2018-02},
  doi       = {10.14722/ndss.2018.23327},
  edition   = {25},
  editor    = {Traynor,  Patrick and Oprea, Alina},
  isbn      = {1891562-49-5},
  location  = {San Diego, CA, USA},
  publisher = {Internet Society (ISOC)},
  url       = {https://doi.org/10.14722/ndss.2018.23327}
}

@inproceedings{pam2017-something-from-nothing-there,
  title     = {{Something From Nothing (There): Collecting Global IPv6 Datasets From DNS}},
  author    = {Fiebig, Tobias and Borgolte, Kevin and Hao, Shuang and Kruegel, Christopher and Vigna, Giovanni},
  booktitle = {Proceedings of the 18th Passive and Active Measurement (PAM)},
  series    = {Lecture Notes in Computer Science (LNCS)},
  date      = {2017-03},
  doi       = {10.1007/978-3-319-54328-4_3},
  edition   = {18},
  editor    = {Kâafar, Mohamed Ali and Uhlig, Steve and Johanna Amann},
  isbn      = {978-3-319-54328-4},
  location  = {Sydney, Australia},
  pages     = {30--43},
  publisher = {Springer International Publishing},
  url       = {https://doi.org/10.1007/978-3-319-54328-4_3},
  volume    = {10176}
}

@inproceedings{ccs2015-drops-for-stuff,
  title     = {{Drops for Stuff: An Analysis of Reshipping Mule Scams}},
  author    = {Hao, Shuang and Borgolte, Kevin and Nikiforakis, Nick and Stringhini, Gianluca and Egele, Manuel and Eubanks, Michael and Krebs, Brian and Vigna, Giovanni},
  booktitle = {Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security (CCS)},
  acmid     = {2813620},
  date      = {2015-10},
  doi       = {10.1145/2810103.2813620},
  edition   = {22},
  editor    = {Li, Ninghui and Kruegel, Christopher},
  isbn      = {978-1-4503-3832-5},
  location  = {Denver, CO, USA},
  numpages  = {12},
  pages     = {1081--1092},
  publisher = {Association for Computing Machinery (ACM)},
  url       = {https://doi.org/10.1145/2810103.2813620}
}

@inproceedings{sec2015-meerkat,
  title     = {{Meerkat: Detecting Website Defacements through Image-based Object Recognition}},
  author    = {Borgolte, Kevin and Kruegel, Christopher and Vigna, Giovanni},
  booktitle = {Proceedings of the 24th USENIX Security Symposium (USENIX Security)},
  date      = {2015-08},
  edition   = {24},
  editor    = {Jung, Jaeyeon Jung and Holz, Thorsten},
  isbn      = {978-1-931971-232},
  location  = {Washington, D.C., USA},
  pages     = {595--610},
  publisher = {USENIX Association},
  url       = {https://www.usenix.org/conference/usenixsecurity15/technical-sessions/presentation/borgolte}
}

@article{tifs2015-what-you-submit-is-who-you-are,
  title     = {{What You Submit is Who You Are: A Multi-Modal Approach for Deanonymizing Scientific Publications}},
  author    = {Payer, Mathias and Huang, Ling and Gong, Neil Zhenqiang and Borgolte, Kevin and Frank, Mario},
  date      = {2015-01},
  doi       = {10.1109/TIFS.2014.2368355},
  issn      = {1556-6013},
  journal   = {IEEE Transactions on Information Forensics and Security (TIFS)},
  number    = {1},
  pages     = {200--212},
  publisher = {Institute of Electrical and Electronics Engineers (IEEE)},
  url       = {https://doi.org/10.1109/TIFS.2014.2368355},
  volume    = {10}
}

@inproceedings{raid2014-protecting-websso,
  title     = {{Protecting Web Single Sign-on against Relying Party Impersonation Attacks through a Bi-directional Secure Channel with Authentication}},
  author    = {Cao, Yinzhi and Shoshitaishvili, Yan and Borgolte, Kevin and Kruegel, Christopher and Vigna, Giovanni and Chen, Yan},
  booktitle = {Proceedings of the 17th International Symposium on Recent Advances in Intrusion Detection (RAID)},
  series    = {Lecture Notes in Computer Science (LNCS)},
  date      = {2014-09},
  doi       = {10.1007/978-3-319-11379-1_14},
  edition   = {17},
  editor    = {Stavrou, Angelos and Bos, Herbert and Portokalidis, Georgios},
  isbn      = {978-3-319-11379-1},
  location  = {Gothenburg, Sweden},
  pages     = {276--298},
  publisher = {Springer International Publishing},
  url       = {https://doi.org/10.1007/978-3-319-11379-1_14},
  volume    = {8688}
}

@inproceedings{3gse2014-10-years-of-ictf,
  title     = {{Ten Years of iCTF: The Good, The Bad, and The Ugly}},
  author    = {Vigna, Giovanni and Borgolte, Kevin and Corbetta, Jacopo and Doupé, Adam and Fratantonio, Yanick and Invernizzi, Luca and Kirat, Dhilung and Shoshitaishvili, Yan},
  booktitle = {Proceedings of the 1st USENIX Summit on Gaming, Games and Gamification in Security Education (3GSE)},
  date      = {2014-08},
  edition   = {1},
  editor    = {Peterson, Zachary N. J.},
  location  = {San Diego, CA},
  publisher = {USENIX Association},
  url       = {https://www.usenix.org/conference/3gse14/summit-program/presentation/vigna}
}

@inproceedings{wwwdev2014-relevant-change-detection,
  title     = {{Relevant Change Detection: Framework for the Precise Extraction of Modified and Novel Web-based Content as a Filtering Technique for Analysis Engines}},
  author    = {Borgolte, Kevin and Kruegel, Christopher and Vigna, Giovanni},
  booktitle = {Proceedings of the 23rd World Wide Web Conference (WWW)},
  series    = {WWW Companion},
  acmid     = {2578039},
  date      = {2014-04},
  doi       = {10.1145/2567948.2578039},
  edition   = {23},
  editor    = {Broder, Andrei Z. and Shim, Kyuseok and Suel, Torsten},
  isbn      = {978-1-4503-2745-9},
  location  = {Seoul, Republic of Korea},
  numpages  = {4},
  pages     = {595--598},
  publisher = {International World Wide Web Conference Committee (IW3C2)},
  url       = {https://doi.org/10.1145/2567948.2578039}
}

@inproceedings{ccs2013-delta,
  title     = {{Delta: Automatic Identification of Unknown Web-based Infection Campaigns}},
  author    = {Borgolte, Kevin and Kruegel, Christopher and Vigna, Giovanni},
  booktitle = {Proceedings of the 20th ACM SIGSAC Conference on Computer and Communications Security (CCS)},
  acmid     = {2516725},
  date      = {2013-11},
  doi       = {10.1145/2508859.2516725},
  edition   = {20},
  editor    = {Gligor, Virgil D. and Yung, Moti},
  isbn      = {978-1-4503-2477-9},
  location  = {Berlin, Germany},
  numpages  = {12},
  pages     = {109--120},
  publisher = {Association for Computing Machinery (ACM)},
  url       = {https://doi.org/10.1145/2508859.2516725}
}