• Gabriela F. Cretu, Janak J. Parekh, Ke Wang, Salvatore J. Stolfo "Intrusion and Anomaly Detection Model Exchange for Mobile Ad-Hoc Networks" [ PDF ]
  
  
• Ke Wang, Gabriela Cretu, Salvatore J. Stolfo "Anomalous Payload-based Worm Detection and Signature Generation1" [ PDF ]
  
  
• Wei-Jen Li, Ke Wang, Salvotore J. Stolfo, "Fileprints: Identifying File Types by n-gram Analysis." 2005 IEEE Information Assurance Workshop [ PDF ]
  
  
• Wei-Jen Li, Shlomo Hershkop, Salvotore J. Stolfo, "Email Archive Analysis Through Graphical Visualization." ACM CCS VizSEC/DMSEC'04 [ PDF ]
  
  
• Salvotore J. Stolfo, Wei-Jen Li, Shlomo Hershkop, Ke Wang, Chia-Wei Hu, Olivier Nimeskern, "Detecting Viral Propagations Using Email Behavior Profiles " ACM Transactions on Internet Technology (TOIT) , May 2004. [ PDF ]
  
  
• Michael E. Locasto, Janak J. Parekh, Salvatore J. Stolfo, Angelos D. Keromytis, Tal Malkin, Vishal Misra. "Collaborative Distributive Intrusion Detection". CU Tech Report CUCS-012-04, 2004. [ PDF ]
  
  
• Salvatore J. Stolfo, Wenke Lee, Philip K. Chan, Wei Fan, Eleazar Eskin. "Data mining-based intrusion detectors: an overview of the columbia IDS project". ACM Portal, 2001 [ HTML, PDF ]
  
  
• Steve Ulfelder. "Spam-busters". Network World March 22, 2004 [ HTML, DOC ]
  
  
• Salvatore J. Stolfo, Frank Apap, Eleazar Eskin, Katherine Heller, Shlomo Hershkop, Andrew Honig, and Krysta Svore. "A comparative Evaluation of Two Algorithms for Windows Registry Anomaly Detection". CU Tech Report Feb. 23, 2004. [ PDF ]
  

• Ke Wang, Salvatore J. Stolfo. "Anomalous Payload-based Network Intrusion Detection". RAID, Sept., 2004. [ PDF ]
  

• Eric Roston. "The Code Warriors". Time Magazine Nov. 10, 2003 Vol. 162, Iss. 19; pg. S2. [ HTML, DOC ]
  

• Salvatore J. Stolfo, Wei-Jen Li, Shlomo Hershkop, Ke Wang, Chia-Wei Hu, Olivier Nimeskern. "Detecting Viral Propagations Using Email Behavior Profiles". CU Tech Report 2003. [ PDF]
  
  
• Salvatore J. Stolfo,Shlomo Hershkop, Ke Wang, Olivier Nimeskern and Chia-Wei Hu. "A Behavior-based Approach to Securing Email Systems". "Mathematical Methods, Models and Architectures for Computer Networks Security", Proceedings published by Springer Verlag, Sept. 2003. [ PDF]
  
  
• Salvatore J. Stolfo, Chia-Wei Hu, Wei-Jen Li, Shlomo Hershkop, Ke Wang, and Olivier Nimeskern. "Combining Behavior Models to Secure Email Systems". CU Tech Report April 2003. [ PDF]
  
  
• Shlomo Hershkop, Ryan Ferster, Linh H. Bui, Ke Wang and Salvatore J. Stolfo. "Host-based Anomaly Detection Using Wrapping File Systems". CU Tech Report April 2004. [ PDF]
  
  
• Ke Wang, Salvatore J. Stolfo. "One Class Training for Masquerade Detection ". 3rd IEEE Conf Data Mining Workshop on Data Mining for Computer Security, Florida, Nov. 19, 2003 [ PDF]
  
  
• Katherine A Heller, Krysta M Svore, Angelos D. Keromytis, and Salvatore J. Stolfo. "One Class Support Vector Machines for Detecting Anomalous Window Registry Accesses". 3rd IEEE Conference Data Mining Workshop on Data Mining for Computer Security, Florida, November 19, 2003. [ PDF]
  
  
• Salvatore J. Stolfo, Shlomo Hershkop, Ke Wang, Olivier Nimeskern, and Chia-Wei Hu. ``Behavior Profiling of Email" 1st NSF/NIJ Symposium on Intelligence & Security Informatics(ISI 2003). June 2-3,2003,Tucson,Arizona,USA. [full paper, PDF]
  
  
• Salvatore J. Stolfo, Eric Johnson, Tomislav Pavlicic, and Stephen Jan. ``Citizen's Attitudes about Privacy While Accessing Government Websites: Results of an Online Study" . [ PDF]
  
  
• Seth Robertson, Eric V. Siegel, Matt Miller, and Salvatore J. Stolfo. ``Surveillance Detection in High Bandwidth Environments.'' In Proceedings of the 2003 DARPA DISCEX III Conference. April, 2003. [ PDF]
  
  
• Manasi Bhattacharyya, Shlomo Hershkop, Eleazar Eskin, and Salvatore J. Stolfo. ``MET: An Experimental System for Malicious Email Tracking.'' In Proceedings of the 2002 New Security Paradigms Workshop (NSPW-2002). Virginia Beach, VA: September 23rd - 26th, 2002. [full paper, PDF]
  
  
• Frank Apap, Andrew Honig, Shlomo Hershkop, Eleazar Eskin, Salvatore J. Stolfo. ``Detecting Malicious Software by Monitoring Anomalous Windows Registry Accesses.'' In Proceedings of the Fifth International Symposium on Recent Advances in Intrusion Detection (RAID-2002). Zurich, Switzerland: October 16-18, 2002. [full paper, PDF]
  
  
• Suhail Mohiuddin, Shlomo Hershkop, Rahul Bhan, Salvatore J. Stolfo. ``Defending against a large Scale Denial of Service Attack'' In Proceedings of the 3rd Annual IEEE Information Assurance Workshop . United States Military Academy West Point, New York: June 17-19, 2002. [full paper, PDF]
  
  
• Eleazar Eskin, Andrew Arnold, Michael Prerau, Leonid Portnoy and Salvatore Stolfo. ``A Geometric Framework for Unsupervised Anomaly Detection: Detecting Intrusions in Unlabeled Data.'' Data Mining for Security Applications. Kluwer 2002. [full paper, PDF]
  
  
• Andrew Honig, Andrew Howard, Eleazar Eskin, and Salvatore Stolfo. ``Adaptive Model Generation: An Architecture for the Deployment of Data Mining-based Intrusion Detection Systems.'' Data Mining for Security Applications. Kluwer 2002. [full paper, PDF]
  
  
• Adhitya Chittur. ``Model Generation for an Intrusion Detection System Using Genetic Algorithms.'' High School Honors Thesis. [full paper, PDF]
  
  
• Leonid Portnoy, Eleazar Eskin and Salvatore J. Stolfo. ``Intrusion detection with unlabeled data using clustering'' Proceedings of ACM CSS Workshop on Data Mining Applied to Security (DMSA-2001). Philadelphia, PA: November 5-8, 2001. [ full paper, PDF]
  
  
• Eleazar Eskin, Wenke Lee and Salvatore J. Stolfo. ``Modeling System Calls for Intrusion Detection with Dynamic Window Sizes.'' Proceedings of DISCEX II. June 2001. [ full paper, PDF]
  
  
• Wenke Lee, Salvatore J. Stolfo, Philip K. Chan, Eleazar Eskin, Wei Fan, Matthew Miller, Shlomo Hershkop and Junxin Zhang. ``Real Time Data Mining-based Intrusion Detection.'' Proceedings of DISCEX II. June 2001. [ full paper, PDF]
  
  
• Matthew G. Schultz, Eleazar Eskin, and Salvatore J. Stolfo. ``Malicious Email Filter - A UNIX Mail Filter that Detects Malicious Windows Executables.'' Proceedings of USENIX Annual Technical Conference - FREENIX Track. Boston, MA: June 2001. (Best Student Paper Award) [ full paper, PDF]
  
  
• Matthew G. Schultz, Eleazar Eskin, Erez Zadok, and Salvatore J. Stolfo. ``Data Mining Methods for Detection of New Malicious Executables'' Proceedings of IEEE Symposium on Security and Privacy. Oakland, CA: May 2001. [ full paper, PDF]
  
  
• Leonid Portnoy. ``Intrusion Detection with Unlabeled Data using Clustering'' Undergraduate Thesis. Columbia University: December, 2000. [ full paper, PDF]
  
  
• Eleazar Eskin, Matthew Miller, Zhi-Da Zhong, George Yi, Wei-Ang Lee, Sal Stolfo. ``Adaptive Model Generation for Intrusion Detection Systems'' Workshop on Intrusion Detection and Prevention, 7th ACM Conference on Computer Security, Athens, GR: November, 2000. [full paper]
  
  
• Wenke Lee, Wei Fan, Matthew Miller, Sal Stolfo, and Erez Zadok. ``Toward Cost-Sensitive Modeling for Intrusion Detection and Response'' Workshop on Intrusion Detection and Prevention, 7th ACM Conference on Computer Security, Athens, GR: November, 2000. [full paper]
  
  
• Eskin, Eleazar. ``Anomaly Detection over Noisy Data using Learned Probability Distributions'' ICML00, Palo Alto, CA: July, 2000. [abstract, full paper]
  
  
• Wei Fan, Wenke Lee, Sal Stolfo, and Matthew Miller. ``A Multiple Model Cost-Sensitive Approach for Intrusion Detection'' Eleventh European Conference on Machine Learning (ECML '00) 2000. [ full paper]
  
  
• Sal Stolfo, Wei Fan, Wenke Lee, Andreas Prodromidis, and Phil Chan. ``Cost-based Modeling for Fraud and Intrusion Detection: Results from the JAM Project'' In Proceedings of the 2000 DARPA Information Survivability Conference and Exposition (DISCEX '00), 2000 [ full paper]
  
  
• Wenke Lee, Matthew Miller, Sal Stolfo, Kahil Jallad, Christoper Park, Erez Zadok, and Vijay Prabhakar. ``Toward Cost-Sensitive Modeling for Intrusion Detection'' Columbia University Computer Science Technical Report CUCS-002-00. [full paper]
  
  
• Matthew Miller. ``Learning Cost-Sensitive Classification Rules for Network Intrusion Detection using RIPPER'' Columbia University Computer Science Technical Report CUCS-035-1999. [full paper]
  
  
• Wenke Lee, Sal Stolfo, and Kui Mok. ``Mining in a Data-flow Environment: Experience in Network Intrusion Detection'' In Proceedings of the 5th ACM SIGKDD International Conference on Knowledge Discovery & Data Mining (KDD '99), San Diego, CA, August, 1999 [ full paper]
  
  
• Wenke Lee, Sal Stolfo, and Kui Mok. ``A Data Mining Framework for Building Intrusion Detection Models'' In Proceedings of the 1999 IEEE Symposium on Security and Privacy, Oakland, CA, May 1999 [ full paper]
  
  
• Wenke Lee, Chris Park, and Sal Stolfo. ``Towards Automatic Intrusion Detection using NFR'' In Proceedings of the 1st USENIX Workshop on Intrusion Detection and Network Monitoring, April 1999 [ full paper]
  
  
• Wenke Lee, Sal Stolfo, and Kui Mok. ``Mining Audit Data to Build Intrusion Detection Models'' In Proceedings of the Fourth International Conference on Knowledge Discovery and Data Mining (KDD '98), New York, NY, August 1998 [ full paper]
  
  
• Wenke Lee and Sal Stolfo. ``Data Mining Approaches for Intrusion Detection'' In Proceedings of the Seventh USENIX Security Symposium (SECURITY '98), San Antonio, TX, January 1998 [ full paper]
  
  
• Wenke Lee, Sal Stolfo, and Phil Chan. ``Learning Patterns from Unix Process Execution Traces for Intrusion Detection'' AAAI Workshop: AI Approaches to Fraud Detection and Risk Management, July 1997 [ full paper]