Engin Kirda

About me

Currently, I am Sy and Laurie Sternberg Associate Professor for Information Assurance at the College of Computer and Information Science and the Department of Electrical and Computer Engineering of Northeastern University in Boston. I am also the new director of the Northeastern Information Assurance Institute. Previously, I was tenured faculty at Institute Eurecom (Graduate School and Research Center) in the French Riviera and before that, faculty at the Technical University of Vienna where I co-founded the Secure Systems Lab. Our lab has now become international and is distributed over five institutions and geographical locations. My current research interests are in systems, software and network security (with focus on Web security, binary analysis, malware detection). Before that, I was mainly interested in distributed systems, software engineering and software architectures. I am not interested in theoretical security or crypto. I am very fortunate to work with and have the privilege to advise some very bright Ph.D. students. I am very proud of their achievements! I personally enjoy writing code in different languages (e.g., C, Perl, C#, Java, [recently] Python) and am convinced that computer science students need to be language-independent ;-) I am trying to continue to code as much as possible -- although I have much more admin work to do now... I am also part of the Shellphish hacking group. We regularly participate at the DefCon CTF . You can follow some work I am involved in through our Twitter feed .

Prospective Students

Before you send an e-mail about becoming a Ph.D. student, please read this .

General Information

Education:	Habilitation (Priv.Doz.), Dr. techn., Dipl.-Ing. in Computer Science, Technical University of Vienna
Office Hours:	Tuesdays, 3:50-4:50pm
Email:	ek@ccs.neu.edu
Current Address:	Northeastern University - CCIS Building WVH, Room 258, 360 Huntington Ave Boston, MA, 02115 USA
Telephone:	+1 (617) 37 37 484
Member of:	IEEE, Shellphish

Company

I am one of the co-founders of Lastline Inc. , a company that focuses on providing advanced threats intelligence and detection capabilities and services to its customers.

Research Labs

I am one of the co-founders of the International Secure Systems Lab . A family of independent security research labs that collaborate closely.

I am active as a Senior Systems Engineer / Key Scientific Advisor at the Secure Business Austria competence center

Current Awarded Grants (U.S.)

DISCLOSURE: Automatic Botnet Identification Sponsor: NSF (CNS-1116777) Position: Principle Investigator

DarkDroid: Identifying malicious activity in the Android App Market Sponsor: DARPA Position: co-Principle Investigator

ZIGZAG: Secure Execution of Client-Side Web Application Components Sponsor: ONR (N000141210165) Position: Principle Investigator

Teaching Systems Security using an interactive platform Sponsor: Symantec Research Position: Principle Investigator

Past Awarded Grants (Europe)

iCode (Real-time Malicious Code Detection) Sponsor: The EU Commission Position: Principle Investigator

SysSec (Network of Excellence for Networking Systems Security Research in Europe) Sponsor: The EU Commission Position: Principle Investigator

VAMPIRE (Voice Over IP Security) Sponsor: ANR (French National Research Agency) Position: Principle Investigator

WOMBAT (Worldwide Observatory of Malicious Behaviors and Attack Threats) Sponsor: The EU Commission Position: Principle Investigator (together with Christopher Kruegel )

SECoverer (Detection of Application Logic Errors in Web Applications) Sponsor: FIT-IT Trust in IT-Systems 2. Call, Austria Position: Principle Investigator (together with Christopher Kruegel )

TRADE (Trustworthy Adaptive Quality Balancing Through Temporal Decoupling) Sponsor: FIT-IT Trust in IT-Systems 2. Call, Austria Position: Investigator

MECANOS (Smartcard Security) Sponsor: POLE de Competitivite SCS, France Position: Principle Investigator

Web-Defense: Defending Internet Users against web attacks Sponsor: Fonds zur Foerderung der wissenschaftlichen Forschung (FWF) - No. P18764 Position: Principle Investigator (together with Christopher Kruegel )

FORWARD (Managing Emerging Threats in ICT Infrastructures) Sponsor: The EU Commission Position: Principle Investigator (together with Christopher Kruegel )

Pathfinder (Malicious Code Analysis and Detection) -- also selected best project of the call Sponsor: FIT-IT Trust in IT-Systems 1. Call Position: Principle Investigator (together with Christopher Kruegel )

Software Security through Binary Analysis Sponsor: Fonds zur Foerderung der wissenschaftlichen Forschung (FWF) - No. P18157 Position: Principle Investigator (together with Christopher Kruegel )

Software Security Audit using Reverse Engineering Sponsor: Austrian Central Bank (OeNB) Position: Principle Investigator (together with Christopher Kruegel )

Omnis - Security, Components and Infrastructure for Pervasive Environments Sponsor: Fonds zur Foerderung der wissenschaftlichen Forschung (FWF) - No. P18368 Position: Principle Investigator (together with Christopher Kruegel )

Software Security Analysis Sponsor: BAWAG P.S.K. Bank Position: Consultant

Solaris and Linux Baseline Security Sponsor: Austrian Central Bank (OeNB) Position: Principal Investigator (together with Christopher Kruegel )

Publications

Workshops and Conferences (Security)

Aldo Cassola, William Robertson, Engin Kirda, and Guevara Noubir, A Practical, Targeted, and Stealthy Attack Against WPA Enterprise Authentication, 20th Annual Network and Distributed System Security Symposium, (NDSS 2013), San Diego, CA, February 2013, to appear.

Tobias Lauinger, Martin Szydlowski, Kaan Onarlioglu, Gilbert Wondracek, Engin Kirda, and Christopher Kruegel, Clickonomics: Determining the Effect of Anti-Piracy Measures for One-Click Hosting, 20th Annual Network and Distributed System Security Symposium, (NDSS 2013), San Diego, CA, February 2013, to appear.

Leyla Bilge, Davide Balzarotti, William Robertson, Engin Kirda, Christopher Kruegel, DISCLOSURE: Detecting Botnet Command and Control Servers Through Large-Scale NetFlow Analysis, Annual Computer Security Applications Conference (ACSAC), Orlando, December 2012 [download]

Tobias Lauinger, Nikolaos Laoutaris, Pablo Rodriguez, Thorsten Strufe, Ernst Biersack, and Engin Kirda. Privacy Risks in Named Data Networking: What is the Cost of Performance? Editorial Note. ACM SIGCOMM Computer Communication Review, 42(5), October 2012 [download]

Tobias Lauinger, Engin Kirda and Pietro Michiardi, Paying for Piracy? An Analysis of One-Click Hosters' Controversial Reward Schemes, 15th International Symposium on Research in Attacks, Intrusions and Defenses (RAID), Amsterdam, September 2012. [download]

Gregoire Jacob, Christopher Kruegel, Engin Kirda, Giovanni Vigna, Protecting Users and Businesses from CRAWLers, 21st USENIX Security Conference, Bellevue, WA, August 2012 [download]

Davide Canali, Andrea Lanzi, Davide Balzarotti, Mihai Christoderescu, Christopher Kruegel, Engin Kirda, A Quantitative Study of Accuracy in System Call-Based Malware Detection, International Symposium on Software Testing and Analysis (ISSTA) 2012, Minneapolis, MN, July 2012 [download]

Theodoor Scholte, William K. Robertson, Davide Balzarotti, and Engin Kirda, "Preventing Input Validation Vulnerabilities in Web Applications through Automated Type Analysis", 36th IEEE Conference on Computers, Software, and Applications (COMPSAC), Izmir, Turkey - July 2012 [download]

Kaan Onarlioglu, Utku Ozan Yilmaz, Engin Kirda, and Davide Balzarotti, Insights into User Behavior in Dealing with Internet Attacks, 19th Annual Network and Distributed System Security Symposium, (NDSS 2012), San Diego, February 2012 [download]

Marco Balduzzi, Jonnas Zaddach, Davide Balzarotti, Engin Kirda, and Sergio Loureiro, A Security Analysis of Amazon's Elastic Compute Cloud Service, 27th ACM Symposium On Applied Computing (SAC), Security Track, Trento, Italy, March 2012 [download]

Theodoor Scholte, Davide Balzarotti, William Robertson, and Engin Kirda, An Empirical Analysis of Input Validation Mechanisms in Web Applications and Languages, 27th ACM Symposium On Applied Computing (SAC), Security Track, Trento, Italy, March 2012 [download]

Clemens Kolbitsch, Engin Kirda, and Christopher Kruegel, The Power of Procrastination: Detection and Mitigation of Execution-Stalling Malicious Code, 18th ACM Conference on Computer and Communications Security (CCS), Chicago, October 2011 [download]

Engin Kirda, Cross Site Scripting Attacks, Encyclopedia of Cryptography and Security (2nd Ed.) 275-277, 2011

Engin Kirda, Malware Behavior Clustering, Encyclopedia of Cryptography and Security (2nd Ed.), 751-752, 2011

Danesh Irani, Marco Balduzzi, Davide Balzarotti, Engin Kirda, Carlton Pu, Reverse Social Engineering Attacks in Online Social Networks, Eighth Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA), Amsterdam, Netherlands, July 2011 [ download ]

Manuel Egele, Andreas Moser, Christopher Kruegel, Engin Kirda, PoX: Protecting Users from Malicious Facebook Applications, 3rd IEEE International Workshop on SEcurity and SOCial Networking (SESOC), Seattle, WA, March 2011 [ download ]

Theodoor Scholte, Davide Balzarotti, Engin Kirda, Quo Vadis? A Study of the Evolution of Input Validation Vulnerabilities in Web Applications, Fifteenth International Conference on Financial Cryptography and Data Security '11, St. Lucia, February 2011 [ download ]

Leyla Bilge, Engin Kirda, Christopher Kruegel, Marco Balduzzi, EXPOSURE: Finding Malicious Domains Using Passive DNS Analysis, 18th Annual Network and Distributed System Security Symposium, (NDSS 2011), San Diego, February 2011 [ download ]

Marco Balduzzi, Carmen Torrano Gimenez, Davide Balzarotti, Engin Kirda, Automated Discovery of Parameter Pollution Vulnerabilities in Web Applications, 18th Annual Network and Distributed System Security Symposium, (NDSS 2011), San Diego, February 2011 ( Distinguished Paper Award ) [ download ]

Manuel Egele, Christopher Kruegel, Engin Kirda, Giovanni Vigna, PiOS: Detecting Privacy Leaks in iOS Applications, 18th Annual Network and Distributed System Security Symposium, (NDSS 2011), San Diego, February 2011 ( Distinguished Paper Award ) [ download ]

Kaan Onarlioglu, Leyla Bilge, Andrea Lanzi, Davide Balzarotti, Engin Kirda, G-Free: Defeating Return-Oriented Programming through Gadget-less Binaries, 26th Annual Computer Security Applications Conference (ACSAC), Austin, Texas, December 2010 [ download ]

Andrea Lanzi, Davide Balzarotti, Christopher Kruegel, Mihai Christoderescu, Engin Kirda, AccessMiner: Using System-Centric Models for Malware Protection, 17th ACM Conference on Computer and Communications Security (CCS), Chicago, October 2010 [ download ]

Marco Balduzzi, Christian Platzer, Thorsten Holz, Engin Kirda, Davide Balzarotti, Christopher Kruegel, Abusing Social Networks for Automated User Profiling, International Symposium on Recent Advances in Intrusion Detection (RAID 2010), Ottowa, Canada, September 2010 [ download ]

Gilbert Wondracek, Thorsten Holz, Christian Platzer, Engin Kirda, Christopher Kruegel, Is the Internet for Porn? An Insight Into the Online Adult Industry, The Ninth Workshop on the Economics of Information Security (WEIS 2010), Boston, MA, June 2010 [ download ]

Tobias Lauinger, Veikko Pankakoski, Davide Balzarotti, Engin Kirda, Honeybot: Your Man in the Middle for Automated Social Engineering, 3nd USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET), San Jose, April 2010 [ download ]

Corrado Leita, Ulrich Bayer, Engin Kirda, Exploiting diverse observation perspectives to get insights on the malware landscape, International Conference on Dependable Systems and Networks (DSN 2010), Chicago, June 2010 [ download ]

Clemens Kolbitsch, Christopher Kruegel, Engin Kirda, Extending Mondrian Memory Protection, NATO RTO IST-091 Symposium, Antalya, Turkey, April 2010 [ download ]

Clemens Kolbitsch, Thorsten Holz, Christopher Kruegel, Engin Kirda, Inspector Gadget: Automated Extraction of Proprietary Gadgets from Malware Binaries, IEEE Security and Privacy, Oakland, May 2010 [ download ]

Gilbert Wondracek, Thorsten Holz, Engin Kirda, Christopher Kruegel, A Practical Attack to De-Anonymize Social Network Users, IEEE Security and Privacy, Oakland, May 2010 [ download ]

Paolo Milani Comparetti, Guido Salvaneschi, Clemens Kolbitsch, Christopher Kruegel, Engin Kirda, Stefano Zanero, Identifying Dormant Functionality in Malware Programs, IEEE Security and Privacy, Oakland, May 2010 [ download ]

Marco Balduzzi, Manuel Egele, Davide Balzarotti, Engin Kirda, and Christopher Kruegel, A Solution for the Automated Detection of Clickjacking Attacks, ASIACCS, Beijing, China, April 2010 [ download ]

Davide Balzarotti, Marco Cova, Christoph Karlberger, Christopher Kruegel, Engin Kirda, and Giovanni Vigna, Efficient Detection of Split Personalities in Malware, 17th Annual Network and Distributed System Security Symposium (NDSS 2010), San Diego, February 2010 [ download ]

Manuel Egele, Leyla Bilge, Engin Kirda, Christopher Kruegel, CAPTCHA Smuggling: Hijacking Web Browsing Sessions to Create CAPTCHA Farms, 25th Symposium On Applied Computing (SAC), Track on Information Security Research and Applications, Lusanne, Switzerland, March 2010 [ download ]

Ulrich Bayer, Engin Kirda, Christopher Kruegel, Improving the Efficiency of Dynamic Malware Analysis, 25th Symposium On Applied Computing (SAC), Track on Information Security Research and Applications, Lusanne, Switzerland, March 2010 [ download ]

Brett Stone-Gross, Andreas Moser, Christopher Kruegel, Kevin Almaroth, Engin Kirda, FIRE: FInding Rogue nEtworks, 25th Annual Computer Security Applications Conference (ACSAC), Honolulu, December 2009 [download]

Peter Wurzinger, Leyla Bilge, Thorsten Holz, Jan Goebel, Christopher Kruegel, Engin Kirda, Automatically Generating Models for Botnet Detection, 14th European Symposium on Research in Computer Security (ESORICS 2009), Saint Malo, Brittany, France, September 2009 [ download ]

Andreas Stamminger, Christopher Kruegel, Giovanni Vigna, Engin Kirda, "Automated Spyware Collection and Analysis", Information Security Conference (ISC) 2009, Pisa, Italy, September 2009 [ download ]

Clemens Kolbitsch, Paolo Milani Comparetti, Christopher Kruegel, Engin Kirda, Xiaoyong Zhou, and Xiaofeng Wang, Effective and Efficient Malware Detection at the End Host, in USENIX Security '09, Montreal, Canada, August 2009 [ download ]

Manuel Egele, Peter Wurzinger, Christopher Kruegel, and Engin Kirda, Defending Browsers against Drive-by Downloads: Mitigating Heap-spraying Code Injection Attacks, Sixth Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA), Milan, Italy, June 2009 [ download ]

Manuel Egele, Engin Kirda, and Christopher Kruegel, Mitigating Drive-by Download Attacks: Challenges and Open Problems, Open Research Problems in Network Security Workshop (iNetSec 2009), Zurich, April 2009 [ download ]

Ulrich Bayer, Imam Habibi, Davide Balzarotti, Engin Kirda, and Christopher Kruegel, Insights Into Current Malware Behavior, 2nd USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET), Boston, MA, April 2009 [ download ]

Paolo Milani Comparetti, Gilbert Wondracek, Christopher Kruegel, and Engin Kirda, Prospex: Protocol Specification Extraction, IEEE Security and Privacy, Oakland, May 2009 [ download ]

Manuel Egele, Christopher Kruegel, Engin Kirda, Removing Web Spam Links from Search Engine Results, 18th European Institute for Computer Antivirus Research (EICAR 2009) Annual Conference, Berlin, May 2009 [ download ]

Peter Wurzinger, Christian Platzer, Christian Ludl, Engin Kirda, and Christopher Kruegel, SWAP: Mitigating XSS Attacks using a Reverse Proxy, The 5th International Workshop on Software Engineering for Secure Systems (SESS'09), 31st International Conference on Software Engineering (ICSE), IEEE Computer Society, Vancouver, Canada, May 2009 [ download ]

Leyla Bilge, Thorsten Strufe, Davide Balzarotti, and Engin Kirda, All Your Contacts Are Belong to Us: Automated Identity Theft Attacks on Social Networks, 18th International World Wide Web Conference (WWW 2009), Madrid, April 2009 [ download ]

Ulrich Bayer, Paolo Milani, Clemens Hlauschek, Christopher Kruegel, and Engin Kirda, Scalable, Behavior-Based Malware Clustering, 16th Annual Network and Distributed System Security Symposium (NDSS 2009), San Diego, February 2009 [ download ]

Julio Canto, Marc Dacier, Engin Kirda, and Corrado Leita, Large Scale Malware Collection: Lessons Learned, IEEE SRDS Workshop on Sharing Field Data and Experiment Measurements on Resilience of Distributed Computing Systems, Naples, Italy, October 2008 [ download ]