Harm Griffioen
Harm Griffioen
Home
Publications
Contact
Light
Dark
Automatic
paper-conference
Have you SYN me? characterizing ten years of Internet scanning
Port scanning is the de-facto method to enumerate active hosts and potentially exploitable services on the Internet. Over the last …
Harm Griffioen
,
Giorgos Koursiounis
,
Georgios Smaragdakis
,
Christian Doerr
Cite
How to Operate a Meta-Telescope in your Spare Time
Unsolicited traffic sent to advertised network space that does not host active services provides insights about misconfigurations as …
Daniel Wagner
,
Sahil Ashish Ranadive
,
Harm Griffioen
,
Michalis Kallitsis
,
Alberto Dainotti
,
Georgios Smaragdakis
,
Anja Feldmann
Cite
SIP Bruteforcing in the Wild - An Assessment of Adversaries, Techniques and Tools
Over the last two decades, Voice-over-IP (VoIP) and specifically SIP have become standard solutions to realize voice telephony in …
Harm Griffioen
,
Huangcheng Hu
,
Christian Doerr
Cite
Could you clean up the Internet with a Pit of Tar? Investigating tarpit feasibility on Internet worms
Botnets often spread through massive Internet-wide scanning, identifying and infecting vulnerable Internet-facing devices to grow their …
Harm Griffioen
,
Christian Doerr
Cite
Scan, test, execute: Adversarial tactics in amplification DDoS attacks
Amplification attacks generate an enormous flood of unwanted traffic towards a victim and are generated with the help of open, …
Harm Griffioen
,
Kris Oosthoek
,
Paul van der Knaap
,
Christian Doerr
Cite
DOI
Analysis and takeover of the bitcoin-coordinated pony malware
Malware, like all products and services, evolves with bursts of innovation. These advances usually happen whenever security controls …
Tsuyoshi Taniguchi
,
Harm Griffioen
,
Christian Doerr
Cite
Examining mirai's battle over the internet of things
Using hundreds of thousands of compromised IoT devices, the Mirai botnet emerged in late 2016 as a game changing threat actor, capable …
Harm Griffioen
,
Christian Doerr
Cite
Quality evaluation of cyber threat intelligence feeds
In order to mount an effective defense, information about likely adversaries, as well as their techniques, tactics and procedures is …
Harm Griffioen
,
Tim Booij
,
Christian Doerr
Cite
Quantifying autonomous system ip churn using attack traffic of botnets
To connect to the Internet, hosts are assigned an IP address by their network provider by which they exchange data. As such, IP …
Harm Griffioen
,
Christian Doerr
Cite
Quantifying TCP SYN DDoS Resilience: A Longitudinal Study of Internet Services
One of the most prevalent attacks in the Internet are TCP SYN floods, during which a massive number of malicious connection requests is …
Harm Griffioen
,
Christian Doerr
Cite
»
Cite
×