TU Wien Informatics

Christopher Krügel

Privatdoz. Dipl.-Ing. Dr.techn.

Research Areas

  • Security, Intrusion Detection, Malware Detection, Operating Systems, Networks

Role

Note: Due to the rollout of TU Wien’s new publication database, the list below may be slightly outdated. Once the migration is complete, everything will be up to date again.

2011

2010

  • Abusing Social Networks for Automated User Profiling / Balduzzi, M., Platzer, C., Holz, T., Kirda, E., Balzarotti, D., & Krügel, C. (2010). Abusing Social Networks for Automated User Profiling. In Recent Advances in Intrusion Detection (RAID 2010) (p. 20). Springer. http://hdl.handle.net/20.500.12708/53362 / Project: WOMBAT

2009

  • Server-Side Bot Detection in Massively Multiplayer Online Games / Mitterhofer, S. K., Platzer, C., Kirda, E., & Krügel, C. (2009). Server-Side Bot Detection in Massively Multiplayer Online Games. IEEE Security and Privacy, 7(3), 29–36. https://doi.org/10.1109/msp.2009.78
  • Mitigating Drive-by Download Attacks: Challenges and Open Problems / Egele, M., Kirda, E., & Krügel, C. (2009). Mitigating Drive-by Download Attacks: Challenges and Open Problems. In Open Research Problems in Network Security Workshop. Open Research Problems in Network Security Workshop, Zurich, EU. http://hdl.handle.net/20.500.12708/52883
  • Removing Web Spam Links from Search Engine Results / Kirda, E., Egele, M., & Krügel, C. (2009). Removing Web Spam Links from Search Engine Results. In EICAR proceedings. Conference of the European Institute for Computer Antivirus Research (EICAR), Germany, EU. http://hdl.handle.net/20.500.12708/52881 / Projects: SECoverer, WOMBAT
  • Scalable, Behavior-Based Malware Clustering / Bayer, U., Kirda, E., Krügel, C., Milani Comparetti, P., & Hlauschek, C. (2009). Scalable, Behavior-Based Malware Clustering. In 16th Annual Network and Distributed System Security Symposium (NDSS 2009). Network and Distributed System Security Symposium (NDSS), USA, Non-EU. NDSS Proceedings. http://hdl.handle.net/20.500.12708/52860 / Projects: Pathfinder, WOMBAT

2007

  • Extending .NET Security to Unmanaged Code / Klinkoff, P., Krügel, C., Kirda, E., & Vigna, G. (2007). Extending .NET Security to Unmanaged Code. International Journal of Information Security, 6(6), 417–428. http://hdl.handle.net/20.500.12708/169715
  • Improving Signature Testing Through Dynamic Data Flow Analysis / Balzarotti, D., Robertson, W., Krügel, C., & Vigna, G. (2007). Improving Signature Testing Through Dynamic Data Flow Analysis. In Proceedings of the 23rd Annual Computer Security Applications Conference (ACSAC) (pp. 22–32). http://hdl.handle.net/20.500.12708/52154
  • Limits of Static Analysis for Malware Detection / Moser, A., Krügel, C., & Kirda, E. (2007). Limits of Static Analysis for Malware Detection. In Proceedings of the 23rd Annual Computer Security Applications Conference (ACSAC) (pp. 12–21). http://hdl.handle.net/20.500.12708/52153
  • Secure Input for Web Applications / Szydlowski, M., Krügel, C., & Kirda, E. (2007). Secure Input for Web Applications. In Proceedings of the 23rd Annual Computer Security Applications Conference (ACSAC) (pp. 1–11). http://hdl.handle.net/20.500.12708/52152
  • Panorama: Capturing System-wide Information Flow for Malware Detection and Analysis / Yin, H., Song, D., Egele, M., Krügel, C., & Kirda, E. (2007). Panorama: Capturing System-wide Information Flow for Malware Detection and Analysis. In Proceedings of the 14th ACM Conference on Computer and Communications Security (CCS) (pp. 1–12). http://hdl.handle.net/20.500.12708/52151
  • Exploiting Redundancy in Natural Language to Penetrate Bayesian Spam Filters / Karlberger, C., Bayler, G., Krügel, C., & Kirda, E. (2007). Exploiting Redundancy in Natural Language to Penetrate Bayesian Spam Filters. In Usenix Workshop on Offensive Technologies (WOOT) (pp. 1–7). http://hdl.handle.net/20.500.12708/52150
  • Detecting System Emulators / Raffetseder, T., Krügel, C., & Kirda, E. (2007). Detecting System Emulators. In Proceedings of the Information Security Conference (ISC ) (pp. 1–18). http://hdl.handle.net/20.500.12708/52149
  • Mining Specifications of Malicious Behavior / Christodorescu, M., Jha, S., & Krügel, C. (2007). Mining Specifications of Malicious Behavior. In Proceedings of the European Software Engineering Conference (ESEC) (pp. 1–10). http://hdl.handle.net/20.500.12708/52148
  • A Layout-Similarity-Based Approach for Detecting Phishing Pages / Rosiello, A., Krügel, C., Kirda, E., & Ferrandi, F. (2007). A Layout-Similarity-Based Approach for Detecting Phishing Pages. In Proceedings of the IEEE International Conference on Security and Privacy in Communication Networks (SecureComm) (pp. 1–10). http://hdl.handle.net/20.500.12708/52147
  • Dynamic Spyware Analysis / Egele, M., Krügel, C., Kirda, E., Yin, H., & Song, D. (2007). Dynamic Spyware Analysis. In Proceedings of the Usenix Annual Technical Conference (pp. 1–14). http://hdl.handle.net/20.500.12708/52146
  • On the Effectiveness of Techniques to Detect Phishing Sites / Ludl, C., McAllister, S., Kirda, E., & Krügel, C. (2007). On the Effectiveness of Techniques to Detect Phishing Sites. In Proceedings of the Detection of Intrusions and Malware and Vulnerability Assessment Conference (DIMVA) (pp. 1–20). http://hdl.handle.net/20.500.12708/52145
  • Building Anti-Phishing Browser Plug-Ins: An Experience Report / Raffetseder, T., Kirda, E., & Krügel, C. (2007). Building Anti-Phishing Browser Plug-Ins: An Experience Report. In 3rd International Workshop on Software Engineering for Secure Systems (SESS) (pp. 1–7). IEEE Computer Society. http://hdl.handle.net/20.500.12708/52144
  • Exploring Multiple Execution Paths for Malware Analysis / Moser, A., Krügel, C., & Kirda, E. (2007). Exploring Multiple Execution Paths for Malware Analysis. In Proceedings of the IEEE Symposium on Security and Privacy (pp. 1–15). http://hdl.handle.net/20.500.12708/52143
  • Cross Site Scripting Prevention with Dynamic Data Tainting and Static Analysis / Vogt, P., Nentwich, F., Jovanovic, N., Krügel, C., Kirda, E., & Vigna, G. (2007). Cross Site Scripting Prevention with Dynamic Data Tainting and Static Analysis. In Proceedings of the Network and Distributed System Security Symposium (NDSS) (pp. 1–12). http://hdl.handle.net/20.500.12708/52142

2006

  • Protecting Users Against Phishing Attacks with AntiPhish / Kirda, E., & Krügel, C. (2006). Protecting Users Against Phishing Attacks with AntiPhish. The Computer Journal, 49(5). http://hdl.handle.net/20.500.12708/173448
  • Anomalous System Call Detection / Mutz, D., Valeur, F., Krügel, C., & Vigna, G. (2006). Anomalous System Call Detection. ACM Transactions on Information and System Security, 9(1). http://hdl.handle.net/20.500.12708/173447
  • Dynamic Analysis of Malicious Code / Bayer, U., Moser, A., Krügel, C., & Kirda, E. (2006). Dynamic Analysis of Malicious Code. Journal in Computer Virology, 2(1). http://hdl.handle.net/20.500.12708/173446
  • Malicious Code Analysis / Krügel, C. (2006). Malicious Code Analysis. Habilitationskolloquium, Wien, Austria. http://hdl.handle.net/20.500.12708/84565
  • Vulnerabilities in Web Applications / Krügel, C. (2006). Vulnerabilities in Web Applications. TERENA Networking Conference, Italy, EU. http://hdl.handle.net/20.500.12708/84564
  • Malicious Code Analysis / Krügel, C. (2006). Malicious Code Analysis. Talk at the Computer Science Colloquium, Carleton University, Ottawa, Canada, Non-EU. http://hdl.handle.net/20.500.12708/84563
  • Bahavior-based Spyware Detection / Kirda, E., Krügel, C., Banks, G., Vigna, G., & Kemmerer, R. (2006). Bahavior-based Spyware Detection. In Proc. 15th USENIX Security Symposium (pp. 273–288). http://hdl.handle.net/20.500.12708/51798
  • Using Generalization and Characterization Techniques in the Anomaly-based Detection of Web Attacks / Robertson, W., Vigna, G., Krügel, C., & Kemmerer, R. (2006). Using Generalization and Characterization Techniques in the Anomaly-based Detection of Web Attacks. In Proc. Network and Distributed System Security Symposium (NDSS) (pp. 31–46). Internet Society. http://hdl.handle.net/20.500.12708/51702
  • An Anomaly-driven Reverse Proxy for Web Applications / Valeur, F., Vigna, G., Krügel, C., & Kirda, E. (2006). An Anomaly-driven Reverse Proxy for Web Applications. In Proc. 21st ACM Symposium on Applied Computing (SAC) (pp. 361–369). ACM Press. http://hdl.handle.net/20.500.12708/51701
  • Noxes: A Client-Side Solution for Mitigating Cross Site Scripting Attacks / Kirda, E., Krügel, C., Vigna, G., & Jovanovic, N. (2006). Noxes: A Client-Side Solution for Mitigating Cross Site Scripting Attacks. In Proc. 21st ACM Symposium on Applied Computing (SAC) (pp. 330–338). ACM Press. http://hdl.handle.net/20.500.12708/51700
  • TTAnalyze: A Tool for Analyzing Malware / Bayer, U., Krügel, C., & Kirda, E. (2006). TTAnalyze: A Tool for Analyzing Malware. In Proc. 15th Annual Conference of the European Institute for Computer Antivirus Research (EICAR) (pp. 180–192). http://hdl.handle.net/20.500.12708/51699
  • SecuBat: A Web Vulnerability Scanner / Kals, S., Kirda, E., Krügel, C., & Jovanovic, N. (2006). SecuBat: A Web Vulnerability Scanner. In Proc. 15th International World Wide Web Conference (WWW) (pp. 247–257). http://hdl.handle.net/20.500.12708/51698
  • Using Static Program Analysis to Aid Intrusion Detection / Egele, M., Szydlowski, M., Kirda, E., & Krügel, C. (2006). Using Static Program Analysis to Aid Intrusion Detection. In Proc. Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA), Lecture Notes in Computer Science (pp. 17–37). Springer-Verlag. http://hdl.handle.net/20.500.12708/51697
  • Extending .NET Security to Unmanaged Code / Klinkoff, P., Krügel, C., Kirda, E., & Vigna, G. (2006). Extending .NET Security to Unmanaged Code. In Proc. 9th Information Security Conference (ISC), Lecture Notes in Computer Science (pp. 1–16). Springer-Verlag. http://hdl.handle.net/20.500.12708/51696
  • Preventing Cross Site Request Forgery Attacks / Jovanovic, N., Kirda, E., & Krügel, C. (2006). Preventing Cross Site Request Forgery Attacks. In 2nd International Conference on Security and Privacy in Communication Networks & the Workshops. SecureComm 2006, Baltimore, MD, USA, Non-EU. IEEE. http://hdl.handle.net/20.500.12708/51397
  • Pixy: A static Analysis Tool for Detecting web Application Vulnerabilities / Jovanovic, N., Krügel, C., & Kirda, E. (2006). Pixy: A static Analysis Tool for Detecting web Application Vulnerabilities. In Proceedings of the 2006 IEEE Symposium on Security and Privacy (pp. 258–263). IEEE Inc. http://hdl.handle.net/20.500.12708/51372
  • Precise Alias Analysis for Static Detection of Web Application Vulnerabilities / Jovanovic, N., Krügel, C., & Kirda, E. (2006). Precise Alias Analysis for Static Detection of Web Application Vulnerabilities. In Proceedings of the 2006 Programming Languages and Analysis for Security Workshop (pp. 27–36). ACM Inc. http://hdl.handle.net/20.500.12708/51371

2005

  • A multi-model approach to the detection of web-based attacks / Krügel, C., Vigna, G., & Robertson, W. (2005). A multi-model approach to the detection of web-based attacks. Computer Networks, 48(5), 717–738. http://hdl.handle.net/20.500.12708/173353
  • Analysing and Detecting Malicious Code / Krügel, C. (2005). Analysing and Detecting Malicious Code. Informatik Kolloquium, TU Muenchen, Garching, Deutschland, Austria. http://hdl.handle.net/20.500.12708/84467
  • Malicious Code Analysis: Detecting Metamorphic Worms / Krügel, C. (2005). Malicious Code Analysis: Detecting Metamorphic Worms. Informatik Kolloquium, TU Muenchen, Garching, Deutschland, Austria. http://hdl.handle.net/20.500.12708/84466
  • Malicious Code Analysis: Detecting Metamorphic Worms / Krügel, C. (2005). Malicious Code Analysis: Detecting Metamorphic Worms. Technische Universität Berlin, Austria. http://hdl.handle.net/20.500.12708/84465
  • Advanced Techniques for Malicious Code Detection / Krügel, C. (2005). Advanced Techniques for Malicious Code Detection. NATO ASI Workshop, Yerevan, Armenien, Non-EU. http://hdl.handle.net/20.500.12708/84464
  • Identification of Anomalous System Calls for Intrusion Detection / Krügel, C. (2005). Identification of Anomalous System Calls for Intrusion Detection. Informatik Kolloquium, TU Muenchen, Garching, Deutschland, Austria. http://hdl.handle.net/20.500.12708/84463
  • Intrusion Detection und Korrelation / Krügel, C. (2005). Intrusion Detection und Korrelation. FH Hagenberg, Hagenberg, Austria. http://hdl.handle.net/20.500.12708/84462
  • Reverse Engineering of Network Signatures / Mutz, D., Krügel, C., Robertson, W., Vigna, G., & Kemmerer, R. (2005). Reverse Engineering of Network Signatures. In Proceedings of the Information Technology Security Conference. AusCERT, Gold Coast, Australia, Non-EU. http://hdl.handle.net/20.500.12708/51184
  • Polymorphic Worm Detection Using Structural Information of Executables / Krügel, C., Kirda, E., Mutz, D., Robertson, W., & Vigna, G. (2005). Polymorphic Worm Detection Using Structural Information of Executables. In Proceedings of the 8th Symposium on Recent Advances in Intrusion Detection (RAID). RAID International Symposium on Recent Advances in Intrusion Detection 2002, USA, Non-EU. Springer-Verlag. http://hdl.handle.net/20.500.12708/51179
  • Protecting Users Against Phishing Attacks with AntiPhish / Kirda, E., & Krügel, C. (2005). Protecting Users Against Phishing Attacks with AntiPhish. In Proceedings of the 29th Anual International Computer Software and Applications Conference (pp. 517–524). IEEE Computer Society. http://hdl.handle.net/20.500.12708/51050
  • Automating Mimicry Attacks Using Static Binary Analysis / Krügel, C., Kirda, E., Mutz, D., Robertson, W., & Vigna, G. (2005). Automating Mimicry Attacks Using Static Binary Analysis. In Proceedings of the 14th USENIX Security Symposium (pp. 161–176). USENIX Assoication. http://hdl.handle.net/20.500.12708/51049
  • Internet Security / Krügel, C. (2005). Internet Security. In The Industrial Communication Technology Handbook (pp. 1–14). CRC Press. http://hdl.handle.net/20.500.12708/25364
  • Host-Based Intrusion Detection / Vigna, G., & Krügel, C. (2005). Host-Based Intrusion Detection. In Handbook of Information Security (pp. 1–12). John Wiley and Sons. http://hdl.handle.net/20.500.12708/25363
  • Einführung in die Technische Informatik / Schildt, G.-H., Kahn, D., Krügel, C., & Mörz, C. (2005). Einführung in die Technische Informatik. Springer-Verlag. http://hdl.handle.net/20.500.12708/22288

2004

 

Note: Due to the rollout of TU Wien’s new publication database, the list below may be slightly outdated. Once the migration is complete, everything will be up to date again.

  • Smart fuzzing / Raffetseder, T. (2010). Smart fuzzing [Diploma Thesis, Technische Universität Wien]. reposiTUm. http://hdl.handle.net/20.500.12708/161537
  • TTAnalyze : a tool for analyzing malware / Bayer, U. (2005). TTAnalyze : a tool for analyzing malware [Diploma Thesis]. reposiTUm. https://resolver.obvsg.at/urn:nbn:at:at-ubtuw:1-17334
  • Wirtschaftskammerpreis
    2005 / Wirtschaftskammern / Austria
  • EIB Scientific Award for Excellent Diploma Thesis
    2000 / Germany

Soon, this page will include additional information such as reference projects, activities as journal reviewer and editor, memberships in councils and committees, and other research activities.

Until then, please visit Christopher Krügel’s research profile in TISS .