Publications

• Salvatore J. Stolfo, Frank Apap, Eleazar Eskin, Katherine Heller, Shlomo Hershkop, Andrew Honig, and Krysta Svore.
  A Comparative Evaluation of Two Algorithms for Windows Registry Anomaly Detection.
  Journal of Computer Security, Vol 13, No 4, 2005. [ PDF ]
  


• Salvatore J. Stolfo, Shlomo Hershkop, Chia-Wei Hu, Wei-Jen Li, Olivier Nimeskern, Ke Wang.
  Behavior-based modeling and its application to Email analysis
  ACM Transactions on Internet Technology, vol. 6, no. 2, pp. 187 . 221, May 2006 [ PDF ]
  


• Salvatore J. Stolfo, German Creamer, and Shlomo Hershkop
  A Temporal Based Forensic Analysis of Electronic Communication
  2006, Digital Government Proceedings San Diego, CA [ PDF ]
  


• Shlomo Hershkop, Salvatore J Stolfo.
  Email Mining Toolkit. project highlights
  2005, Digital Government Proceedings Atlanta, GA
  


• Shlomo Hershkop
  Behavior-based Email Analysis with Application to Spam Detection
  PhD Thesis, Columbia University, 2006. [ PDF ]


• Shlomo Hershkop, Ke Wang, Salvatore J Stolfo
  Using Account Behavior to Prioritize Email Messages
  in submission.


• Shlomo Hershkop, Salvatore j Stolfo
  Combining Email Models for False Positive Reduction
  KDD 2005. Aug 21-24, Chicago Il. [ PDF ]


• Wei-Jen Li, Shlomo Hershkop, Salvotore J. Stolfo
  Email Archive Analysis Through Graphical Visualization.
  Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security
  Washington DC, USA, 2004 [ PDF ]


• Shlomo Hershkop, Salvatore J Stolfo
  Identifying Spam without Peeking at the Contents
  ACM Crossroads Journal, Winter 2005


• Richard Segal, Jeff Kephart, Shlomo Hershkop, V.T. Rajan, and Mark Wegman
  Classifier Aggregation
  MIT SPAM conference 2005 [ Link ]


• Salvatore J. Stolfo,Shlomo Hershkop, Ke Wang, Olivier Nimerkern and Chia-Wei Hu.
  "A Behavior-based Approach to Securing Email Systems".
  "Mathematical Methods, Models and Architectures for Computer Networks Security",
  Proceedings published by Springer Verlag, Sept. 2003. [PDF]


• Salvatore J. Stolfo, Chia-Wei Hu, Wei-Jen Li, Shlomo Hershkop, Ke Wang, and Olivier Nimeskern.
  "Combining Behavior Models to Secure Email Systems".
  in submission April 2003. [ PDF]


• Salvatore J. Stolfo, Shlomo Hershkop, Linh H. Bui, Ryan Ferster, and Ke Wang.
  "Anomaly Detection in Computer Security and an Application to File System Accesses"
  ISMIS 2005. [ PDF]


• Salvatore J. Stolfo, Shlomo Hershkop, Ke Wang, Olivier Nimeskern, and Chia-Wei Hu.
  "Behavior Profiling of Email"
  1st NSF/NIJ Symposium on Intelligence , Security Informatics(ISI 2003).
  June 2-3,2003,Tucson,Arizona,USA. [ PDF]


• Haunt - multiple model approach to IDS


• Suhail Mohiuddin, Shlomo Hershkop, Rahul Bhan, and Sal Stolfo.
  "Defending against a Large Scale Denial of Service Attack".
  In Proceedings of IEEE Information Assurance, West Point NY, June 2002. [full paper]


• Shlomo Hershkop, Frank Apap, Eli Glanz, Tania D'alberti, Eleazer Eskin, and Sal Stolfo.
  "HoBIDS: A Data Mining Approach to Host Based Intrusion Detection"
  Unpublished Manuscript. [full paper]


• Frank Apap, Andrew Honig, Shlomo Hershkop, Eleazar Eskin, Salvatore J. Stolfo.
  "Detecting Malicious Software by Monitoring Anomalous Windows Registry Accesses."
  RAID 2002. Oct 2003 [ PDF]


• Manasi Bhattacharyya, Matthew G. Schultz, Eleazar Eskin, Shlomo Hershkop, and Salvatore J. Stolfo.
  "MET: An Experimental System for Malicious Email Tracking."
  NSPW 2002. [ PDF ]


• Wenke Lee, Salvatore J. Stolfo, Philip K. Chan, Eleazar Eskin, Wei Fan, Matthew Miller, Shlomo Hershkop and Junxin Zhang.
  "Real Time Data Mining-based Intrusion Detection."
  In Proceedings of DARPA Information Survivabilty Conference and Exposition II (DISCEX II).
  Anaheim, CA: June 12-14 2001. [ PDF]