Beehive: Large-scale log analysis for detecting suspicious activity in enterprise networks TF Yen, A Oprea, K Onarlioglu, T Leetham, W Robertson, A Juels, E Kirda Proceedings of the 29th annual computer security applications conference …, 2013 | 409 | 2013 |
Traffic aggregation for malware detection TF Yen, MK Reiter International Conference on Detection of Intrusions and Malware, and …, 2008 | 291 | 2008 |
Detection of early-stage enterprise infection by mining large-scale log data A Oprea, Z Li, TF Yen, SH Chin, S Alrwais 2015 45th Annual IEEE/IFIP International Conference on Dependable Systems …, 2015 | 238 | 2015 |
Host Fingerprinting and Tracking on the Web: Privacy and Security Implications. TF Yen, Y Xie, F Yu, RP Yu, M Abadi NDSS 62, 66, 2012 | 230 | 2012 |
Anomaly sensor framework for detecting advanced persistent threat attacks TF Yen, A Juels, A Kuppa, K Onarlioglu, A Oprea US Patent 9,378,361, 2016 | 125 | 2016 |
Are your hosts trading or plotting? telling p2p file-sharing and bots apart TF Yen, MK Reiter 2010 IEEE 30th International Conference on Distributed Computing Systems …, 2010 | 113 | 2010 |
An epidemiological study of malware encounters in a large enterprise TF Yen, V Heorhiadi, A Oprea, MK Reiter, A Juels Proceedings of the 2014 ACM SIGSAC conference on computer and communications …, 2014 | 87 | 2014 |
Browser fingerprinting from coarse traffic summaries: Techniques and implications TF Yen, X Huang, F Monrose, MK Reiter Detection of Intrusions and Malware, and Vulnerability Assessment: 6th …, 2009 | 74 | 2009 |
Behavioral detection of suspicious host activities in an enterprise TF Yen, A Oprea, K Onarlioglu, T Leetham, W Robertson, A Juels, E Kirda US Patent 9,516,039, 2016 | 70 | 2016 |
Identifying suspicious user logins in enterprise networks TF Yen, A Oprea US Patent 9,231,962, 2016 | 62 | 2016 |
Fast and versatile algorithm for nearest neighbor search based on a lower bound tree YS Chen, YP Hung, TF Yen, CS Fuh Pattern Recognition 40 (2), 360-375, 2007 | 60 | 2007 |
Sherlock Holmes and the case of the advanced persistent threat A Juels, TF Yen 5th USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET 12), 2012 | 36 | 2012 |
Detecting suspicious web traffic from an enterprise network TF Yen, A Oprea, K Onarlioglu US Patent 9,049,221, 2015 | 35 | 2015 |
Detecting network attacks K Chu, H Cui, A Meng, Z Wu, Y Xi, Y Xie, TF Yen, F Yu US Patent 11,522,873, 2022 | 29 | 2022 |
Understanding domain registration abuses SE Coull, AM White, TF Yen, F Monrose, MK Reiter Computers & security 31 (7), 806-815, 2012 | 29 | 2012 |
Detection of suspicious domains through graph inference algorithm processing of host-domain contacts AM Oprea, Z Li, SH Chin, TF Yen US Patent 9,635,049, 2017 | 25 | 2017 |
Modeling user working time using authentication events within an enterprise network A Oprea, TF Yen US Patent 9,338,187, 2016 | 25 | 2016 |
Credential recovery with the assistance of trusted entities A Oprea, KD Bowers, N Triandopoulos, TF Yen, A Juels US Patent 9,256,725, 2016 | 25 | 2016 |
Detecting stealthy malware using behavioral features in network traffic TF Yen Carnegie Mellon University, 2011 | 23 | 2011 |
Revisiting botnet models and their implications for takedown strategies TF Yen, MK Reiter International Conference on Principles of Security and Trust, 249-268, 2012 | 18 | 2012 |