| Understanding the mirai botnet M Antonakakis, T April, M Bailey, M Bernhard, E Bursztein, J Cochran, ... 26th {USENIX} security symposium ({USENIX} Security 17), 1093-1110, 2017 | 667 | 2017 |
| State of the art: Automated black-box web application vulnerability testing J Bau, E Bursztein, D Gupta, J Mitchell 2010 IEEE Symposium on Security and Privacy, 332-345, 2010 | 365 | 2010 |
| Text-based CAPTCHA strengths and weaknesses E Bursztein, M Martin, J Mitchell Proceedings of the 18th ACM conference on Computer and communications …, 2011 | 329 | 2011 |
| How good are humans at solving CAPTCHAs? A large scale evaluation E Bursztein, S Bethard, C Fabry, JC Mitchell, D Jurafsky 2010 IEEE symposium on security and privacy, 399-413, 2010 | 266 | 2010 |
| The first collision for full SHA-1 M Stevens, E Bursztein, P Karpman, A Albertini, Y Markov Annual International Cryptology Conference, 570-596, 2017 | 231 | 2017 |
| An Analysis of Private Browsing Modes in Modern Browsers. G Aggarwal, E Bursztein, C Jackson, D Boneh USENIX security symposium, 79-94, 2010 | 223 | 2010 |
| Busting frame busting: a study of clickjacking vulnerabilities at popular sites G Rydstedt, E Bursztein, D Boneh, C Jackson IEEE Oakland Web 2 (6), 2010 | 188 | 2010 |
| Kamouflage: Loss-resistant password management H Bojinov, E Bursztein, X Boyen, D Boneh European symposium on research in computer security, 286-302, 2010 | 134 | 2010 |
| The end is nigh: Generic solving of text-based captchas E Bursztein, J Aigrain, A Moscicki, JC Mitchell 8th {USENIX} Workshop on Offensive Technologies ({WOOT} 14), 2014 | 99 | 2014 |
| Ad injection at scale: Assessing deceptive advertisement modifications K Thomas, E Bursztein, C Grier, G Ho, N Jagpal, A Kapravelos, D McCoy, ... 2015 IEEE Symposium on Security and Privacy, 151-167, 2015 | 98 | 2015 |
| The failure of noise-based non-continuous audio captchas E Bursztein, R Beauxis, H Paskov, D Perito, C Fabry, J Mitchell 2011 IEEE symposium on security and privacy, 19-31, 2011 | 95 | 2011 |
| Framing dependencies introduced by underground commoditization K Thomas, D Huang, D Wang, E Bursztein, C Grier, TJ Holt, C Kruegel, ... | 94 | 2015 |
| The Security Impact of HTTPS Interception. Z Durumeric, Z Ma, D Springall, R Barnes, N Sullivan, E Bursztein, ... NDSS, 2017 | 85 | 2017 |
| Neither snow nor rain nor MITM... an empirical analysis of email delivery security Z Durumeric, D Adrian, A Mirian, J Kasten, E Bursztein, N Lidzborski, ... Proceedings of the 2015 Internet Measurement Conference, 27-39, 2015 | 85 | 2015 |
| Decaptcha: breaking 75% of eBay audio CAPTCHAs E Bursztein, S Bethard Proceedings of the 3rd USENIX conference on Offensive technologies 1 (8), 8, 2009 | 77 | 2009 |
| Users really do plug in USB drives they find M Tischer, Z Durumeric, S Foster, S Duan, A Mori, E Bursztein, M Bailey 2016 IEEE Symposium on Security and Privacy (SP), 306-319, 2016 | 73 | 2016 |
| Data breaches, phishing, or malware? Understanding the risks of stolen credentials K Thomas, F Li, A Zand, J Barrett, J Ranieri, L Invernizzi, Y Markov, ... Proceedings of the 2017 ACM SIGSAC conference on computer and communications …, 2017 | 72 | 2017 |
| XCS: cross channel scripting and its impact on web applications H Bojinov, E Bursztein, D Boneh Proceedings of the 16th ACM conference on Computer and communications …, 2009 | 72 | 2009 |
| We need a research data census F Berman Communications of the ACM 53 (12), 39-41, 2010 | 71* | 2010 |
| Handcrafted fraud and extortion: Manual account hijacking in the wild E Bursztein, B Benko, D Margolis, T Pietraszek, A Archer, A Aquino, ... Proceedings of the 2014 conference on internet measurement conference, 347-358, 2014 | 70 | 2014 |
Kurt ThomasResearch Scientist @ GoogleVerified email at google.com
