| Understanding the mirai botnet M Antonakakis, T April, M Bailey, M Bernhard, E Bursztein, J Cochran, ... 26th {USENIX} security symposium ({USENIX} Security 17), 1093-1110, 2017 | 988 | 2017 |
| State of the art: Automated black-box web application vulnerability testing J Bau, E Bursztein, D Gupta, J Mitchell 2010 IEEE symposium on security and privacy, 332-345, 2010 | 410 | 2010 |
| Text-based CAPTCHA strengths and weaknesses E Bursztein, M Martin, J Mitchell Proceedings of the 18th ACM conference on Computer and communications …, 2011 | 371 | 2011 |
| How good are humans at solving CAPTCHAs? A large scale evaluation E Bursztein, S Bethard, C Fabry, JC Mitchell, D Jurafsky 2010 IEEE symposium on security and privacy, 399-413, 2010 | 293 | 2010 |
| The first collision for full SHA-1 M Stevens, E Bursztein, P Karpman, A Albertini, Y Markov Annual International Cryptology Conference, 570-596, 2017 | 285 | 2017 |
| An Analysis of Private Browsing Modes in Modern Browsers. G Aggarwal, E Bursztein, C Jackson, D Boneh USENIX security symposium, 79-94, 2010 | 246 | 2010 |
| Busting frame busting: a study of clickjacking vulnerabilities at popular sites G Rydstedt, E Bursztein, D Boneh, C Jackson IEEE Oakland Web 2 (6), 2010 | 201 | 2010 |
| Kamouflage: Loss-resistant password management H Bojinov, E Bursztein, X Boyen, D Boneh European symposium on research in computer security, 286-302, 2010 | 143 | 2010 |
| The end is nigh: Generic solving of text-based captchas E Bursztein, J Aigrain, A Moscicki, JC Mitchell 8th {USENIX} Workshop on Offensive Technologies ({WOOT} 14), 2014 | 120 | 2014 |
| The Security Impact of HTTPS Interception. Z Durumeric, Z Ma, D Springall, R Barnes, N Sullivan, E Bursztein, ... NDSS, 2017 | 118 | 2017 |
| Framing dependencies introduced by underground commoditization K Thomas, D Huang, D Wang, E Bursztein, C Grier, TJ Holt, C Kruegel, ... | 110 | 2015 |
| Ad injection at scale: Assessing deceptive advertisement modifications K Thomas, E Bursztein, C Grier, G Ho, N Jagpal, A Kapravelos, D McCoy, ... 2015 IEEE Symposium on Security and Privacy, 151-167, 2015 | 109 | 2015 |
| Neither snow nor rain nor MITM... an empirical analysis of email delivery security Z Durumeric, D Adrian, A Mirian, J Kasten, E Bursztein, N Lidzborski, ... Proceedings of the 2015 Internet Measurement Conference, 27-39, 2015 | 105 | 2015 |
| The failure of noise-based non-continuous audio captchas E Bursztein, R Beauxis, H Paskov, D Perito, C Fabry, J Mitchell 2011 IEEE symposium on security and privacy, 19-31, 2011 | 103 | 2011 |
| Data breaches, phishing, or malware? Understanding the risks of stolen credentials K Thomas, F Li, A Zand, J Barrett, J Ranieri, L Invernizzi, Y Markov, ... Proceedings of the 2017 ACM SIGSAC conference on computer and communications …, 2017 | 95 | 2017 |
| Tracking ransomware end-to-end DY Huang, MM Aliapoulios, VG Li, L Invernizzi, E Bursztein, K McRoberts, ... 2018 IEEE Symposium on Security and Privacy (SP), 618-631, 2018 | 92 | 2018 |
| Users really do plug in USB drives they find M Tischer, Z Durumeric, S Foster, S Duan, A Mori, E Bursztein, M Bailey 2016 IEEE Symposium on Security and Privacy (SP), 306-319, 2016 | 89 | 2016 |
| Decaptcha: breaking 75% of eBay audio CAPTCHAs E Bursztein, S Bethard Proceedings of the 3rd USENIX conference on Offensive technologies 1 (8), 8, 2009 | 88 | 2009 |
| We need a research data census F Berman Communications of the ACM 53 (12), 39-41, 2010 | 85* | 2010 |
| Handcrafted fraud and extortion: Manual account hijacking in the wild E Bursztein, B Benko, D Margolis, T Pietraszek, A Archer, A Aquino, ... Proceedings of the 2014 conference on internet measurement conference, 347-358, 2014 | 79 | 2014 |
Kurt ThomasResearch Scientist @ GoogleVerified email at google.com
