research.html

<!DOCTYPE html>
<html lang="en">
  <head>
    <meta charset="utf-8">
    <meta http-equiv="X-UA-Compatible" content="IE=edge">
    <meta name="viewport" content="width=device-width, initial-scale=1">
    <meta name="description" content="">
    <meta name="author" content="">
    <link rel="icon" href="favicon.ico">
    <link href='https://fonts.googleapis.com/css?family=Lato:400,300,700' rel='stylesheet' type='text/css'>

    <link href="static/css/bootstrap.min.css" rel="stylesheet">
    <link rel="stylesheet" href="static/css/font-awesome.min.css">
    <link rel="stylesheet" href="static/css/local.css">

    <title>The ZMap Project</title>
  </head>
  <body>
    <nav class="navbar navbar-inverse navbar-fixed-top">
      <div class="container">
        <div class="navbar-header">
          <button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#navbar" aria-expanded="false" aria-controls="navbar">
            <span class="sr-only">Toggle navigation</span>
            <span class="icon-bar"></span>
            <span class="icon-bar"></span>
            <span class="icon-bar"></span>
          </button>
          <a class="navbar-brand" href="/">The ZMap Project</a>
        </div>
        <div id="navbar" class="collapse navbar-collapse">
          <ul class="nav navbar-nav navbar-right">
          <li><a href="/about">About</a></li>
          <li><a href="/research">Research</a></li>
          <li><a href="https://scans.io">Scans.IO</a></li>
          </ul>
        </div><!--/.nav-collapse -->
      </div>
    </nav>

	<div class="header">
      <div class="container" style="padding-top: 10px">
        <div class="row">
          <div class="col-md-12 header">
            <h1>Research</h1>
          </div>
        </div>
      </div>
	</div>
    <div class="container page">
      <div class="row">
        <div class="col-md-10 col-md-offset-1">
      		<!-- Real Papers -->

			<p>More than five hundred academic papers have used ZMap
			measurement tools for data collection. Below, we show a sample of
			the types of research that ZMap has enabled.</p>

			<br/>
            <ul class="paper">
			<li><a href="https://zakird.com/papers/mirai.pdf"><b>Understanding the Mirai Botnet</b></a><br/>
				Manos Antonakakis, Tim April, Michael Bailey, Matt Bernhard, Elie Bursztein, Jaime Cochran,</br>
				Zakir Durumeric, J. Alex Halderman, Luca Invernizzi, Michalis Kallitsis, Deepak Kumar, Chaz Lever,</br>
			Zane Ma, Joshua Mason, Damian Menscher, Chad Seaman, Nick Sullivan, Kurt Thomas, and Yi Zhou</br>
			<i>26th USENIX Security Symposium</i> (SEC'17), August 2017</li>

			<li><a href="https://people.eecs.berkeley.edu/~pearce/papers/dns_usenix_2017.pdf">
					<b>Global Measurement of DNS Manipulation</b></a><br/>
			Paul Pearce, Ben Jones, Frank Li, Roya Ensafi, Nick Weaver, Nick Feamster, Vern Paxson<br/>
			<i>26th USENIX Security Symposium</i> (SEC'17), August 2017</li>

			<li><a href="https://people.eecs.berkeley.edu/~pearce/papers/augur_oakland_2017.pdf">
					<b>Augur: Internet-Wide Detection of Connectivity Disruptions</b></a><br/>
			Paul Pearce, Roya Ensafi, Frank Li, Nick Feamster, Vern Paxson<br/>
			<i>38th IEEE Symposium on Security and Privacy </i> (Oakland'17), May 2017</li>

			<li><a href="https://people.eecs.berkeley.edu/~pearce/papers/rats_oakland_2017.pdf">
					<b>To Catch a Ratter: Monitoring the Behavior of Amateur DarkComet RAT Operators in the Wild</b></a><br/>
				Brown Farinholt, Mohammad Rezaeirad, Paul Pearce, Hitesh Dharmdasani, </br>
				Haikuo Yiny, Stevens Le Blond, Damon McCoy, Kirill Levchenko<br/>
			<i>38th IEEE Symposium on Security and Privacy </i> (Oakland'17), May 2017</li>

			<li><a href="https://zakird.com/papers/scada.pdf">
					<b>An Internet-Wide View of ICS Devices</b></a><br/>
				Ariana Mirian, Zane Ma, David Adrian, Matthew Tischer, Thasphon Chuenchujit, Tim Yardley,</br>
				Robin Berthier, Josh Mason, Zakir Durumeric, J. Alex Halderman and Michael Bailey</br>
			<i>IEEE Conference on Privacy, Security and Trust</i> (PST'16), December 2016</li>

			<li><a href="https://drownattack.com/drown-attack-paper.pdf"><b>DROWN: Breaking TLS using SSLv2</b></a><br/>
			Nimrod Aviram, Sebastian Schinzel, Juraj Somorovsky, Nadia Heninger, Maik Dankel, Jens Steube,<br/>
			Luke Valenta, David Adrian, J. Alex Halderman, Viktor Dukhovni, Emilia Käsper,<br/>
			Shaanan Cohney, Susanne Engels, Christof Paar, and Yuval Shavitt<br/>
			<i>25th USENIX Security Symposium</i> (SEC'16), August 2016</li>

			<li><a href="https://zakird.com/papers/sec16-vuln-notifications.pdf">
					<b>You've Got Vulnerability: Exploring Effective Vulnerability Notifications</b></a><br/>
			Frank Li, Zakir Durumeric, Jakub Czyz, Mohammad Karami, Michael Bailey,<br/>
			Damon McCoy, Stefan Savage, and Vern Paxson<br/>
			<i>25th USENIX Security Symposium</i> (SEC'16), August 2016</li>

			<li><a href="https://zakird.com/papers/dsn-ftp.pdf">
					<b>FTP: The Forgotten Cloud</b></a><br/>
			Drew Springall, Zakir Durumeric, and J. Alex Halderman<br/>
			EEE/IFIP Conference on Dependable Systems and Networks<i></i> (DSN'16), June 2016</li>


			<li><a href="http://www.cl.cam.ac.uk/~sk766/publications/ndss16_tor_differential.pdf">
					<b>Do You See What I See? Differential Treatment of Anonymous Users</b></a><br/>
			Sheharbano Khattak, David Fifield, Sadia Afroz, Mobin Javed, Srikanth Sundaresan,<br/>
			Vern Paxson, Steven J. Murdoch, and Damon McCoy<br/>
			<i>23rd Network and Distributed System Security Symposium</i> (NDSS'16), February 2016</li>

			<li><a href="https://jhalderm.com/pub/papers/mail-imc15.pdf">
					<b>Neither Snow Nor Rain Nor MITM... An Empirical Analysis of Email Delivery Security</b></a><br/>
			Zakir Durumeric, David Adrian, Ariana Mirian, James Kasten, Kurt Thomas, Vijay Eranti,<br/>
			Nicholas Lidzborski, Elie Bursztein, Michael Bailey, and J. Alex Halderman<br/>
			<i>ACM Internet Measurement Conference</i> (IMC'15), October 2015</li>

			<li><a href="https://weakdh.org/imperfect-forward-secrecy-ccs15.pdf"><b>Imperfect Forward Secrecy: How Diffie-Hellman Fails in Practice</b></a><br/>
			David Adrian, Karthikeyan Bhargavan, Zakir Durumeric, Pierrick Gaudry, Matthew Green,<br/>
			J. Alex Halderman, Nadia Heninger, Drew Springall, Emmanuel Thomé, Luke Valenta,<br/>
			Benjamin VanderSloot, Eric Wustrow, Santiago Zanella-Beguelin, and Paul Zimmermann<br/>
			<i>ACM Computer and Communications Security</i> (CCS'15), October 2015</li>

			<li><a href="https://hal.inria.fr/hal-01114250/document"><b>A Messy State of the Union: Taming the Composite State Machines of TLS</b></a><br/>
			Benjamin Beurdouche, Karthikeyan Bhargavan, Antoine Delignat-Lavaud,<br/>
			Cedric Fournet, Markulf Kohlweiss, Alfredo Pironti, Pierre-Yves Strub, Jean Karim Zinzindohoue<br/>
			<i>IEEE Symposium on Security and Privacy</i>(Oakland'15), 2015</li>

			<li><a href="https://jhalderm.com/pub/papers/heartbleed-imc14.pdf"><b>The Matter of Heartbleed</b></a><br/>
			Zakir Durumeric, Frank Li, James Kasten, Johanna Amann, Jethro Beekman, Mathias Payer,<br/>
			Nicolas Weaver, David Adrian, Vern Paxson, Michael Bailey, and J. Alex Halderman<br/>
			<i>14th Internet Measurement Conference</i> (IMC'14), October 2014</li>

			<li><a href="http://www.icir.org/vern/papers/govhack.usesec14.pdf"><b>When Governments Hack Opponents: A Look at Actors and Technology</b></a><br/>
			William Marczak, John Scott-Railton, Morgan Marquis-Boire, Vern Paxson<br/>
			<i>23rd USENIX Security Symposium</i> (SEC'14), August 2014</li>

			<li><a href="https://jhalderm.com/pub/papers/scanning-sec14.pdf"><b>An Internet-Wide View of Internet-Wide Scanning</b></a><br/>
			Zakir Durumeric, Michael Bailey, and J. Alex Halderman<br/>
			<i>23rd USENIX Security Symposium</i> (SEC'14), August 2014</li>

			<li><a href="https://jhalderm.com/pub/papers/tapdance-sec14.pdf"><b>TapDance: End-to-Middle Anticensorship without Flow Blocking</b></a><br/>
			Eric Wustrow, Colleen M. Swanson, and J. Alex Halderman<br/>
			<i>23rd USENIX Security Symposium</i> (SEC'14), August 2014</li>

			<li><a href="https://jhalderm.com/pub/papers/zmap10gig-woot14.pdf"><b>Zippier ZMap: Internet-Wide Scanning at 10 Gbps</b></a><br/>
			David Adrian, Zakir Durumeric, Gulshan Singh, J. Alex Halderman<br/>
			<i>8th USENIX Workshop on Offensive Technologies</i> (WOOT'14), AUgust 2014</li>

			<li><a href="http://web.eecs.umich.edu/~jingzj/paper/jing_ndss14.pdf"><b>On the Mismanagement and Maliciousness of Networks</b></a><br/>
			Jing Zhang, Zakir Durumeric, Michael Bailey, Manish Karir, and Mingyan Liu<br/>
			<i>Network and Distributed System Security Symposium</i> (NDSS), February 2014</li>

			<li><a href="https://jhalderm.com/pub/papers/https-imc13.pdf"><b>Analysis of the HTTPS Certificate Ecosystem</b></a><br/>
			Zakir Durumeric, James Kasten, Michael Bailey, and J. Alex Halderman<br/>
			<i>Internet Measurement Conference</i> (IMC '13), Barcelona, Spain, October 2013</li>

			<li><a href="http://dualec.org/DualECTLS.pdf"><b>On the Practical Exploitability of Dual EC in TLS Implementations</b></a><br/>
			Stephen Checkoway, Matt Fredrikson, Ruben Niederhagen, Matt Green, Tanja Lange, <br/>
			Tom Ristenpart, Daniel J. Bernstein, Jake Maskiewicz, and Hovav Shacham

		        <li><b><a href="https://jhalderm.com/pub/papers/ipmi-woot13.pdf">Illuminating the Security Issues Surrounding Lights-Out Server Management</a></b><br/>
  			Anthony Bonkoski, Russ Bielawski, and J. Alex Halderman<br/>
  			<i>7th USENIX Workshop on Offensive Technologies</i> (WOOT'13), August 2013</li>

  			<li><b><a href="https://jhalderm.com/pub/papers/cage-fc13.pdf">CAge: Taming Certificate Authorities by Inferring Restricted Scopes</a></b><br/>
  			James Kasten, Eric Wustrow, and J. Alex Halderman<br/>
  			<i>17th Conference on Financial Cryptography and Data Security</i> (FC'13), April 2013</li>

  			<li><b><a href="http://cryptome.org/2013/11/ecc-practice.pdf">Elliptic Curve Cryptography in Practice</a></b><br/>
  			Joppe W Bos, J Alex Halderman, Nadia Heninger, Jonathan Moore, Michael Naehrig, Eric Wustrow<br/>
  			<i>18th Conference Financial Cryptography and Data Security</i> (FC'14), March 2014</li>

			<li><b><a href="https://factorable.net/paper.html">Mining Your Ps and Qs: Detection of Widespread Weak Keys in Network Devices</a></b><br/>
			Nadia Heninger, Zakir Durumeric, Eric Wustrow, and J. Alex Halderman<br/>
      		<i>21st USENIX Security Symposium</i> (SEC'12), August 2012</li>

			<li><a href="https://zmap.io/heartbleed"><b>Internet Heartbleed Bug Health Report</b></a><br/>
			Zakir Durumeric, David Adrian, Michael Bailey, and J. Alex Halderman<br/>

			<li><b><a href="https://citizenlab.org/2014/02/hacking-team-targeting-ethiopian-journalists/">Hacking Team and the Targeting of Ethiopian Journalists</a></b><br/>
			Bill Marczak, Claudio Guarnieri, Morgan Marquis-Boire, and John Scott-Railton</li>

		<li><b><a href="http://h30499.www3.hp.com/t5/HP-Security-Research-Blog/Hunting-Botnets-with-ZMap/ba-p/6320865#.UvzzgkJdXw1">Hunting Botnets with ZMap</a></b><br/>
			Ricky Lawshae, HP Security Research</li>

	  </ul>
		</div>
      </div>
     <hr>

      <div class="row">
        <div class="col-md-8">
      <footer>
        <p>&copy; 2019 The ZMap Team</p>
      </footer>
      </div>
	  </div>
    </div> <!-- /container -->
	<script src="https://code.jquery.com/jquery-3.2.1.slim.min.js"
		integrity="sha256-k2WSCIexGzOj3Euiig+TlR8gA0EmPjuc79OEeY5L45g="
		crossorigin="anonymous"></script>
    <script src="static/js/bootstrap.min.js"></script>
    <script async src="https://www.googletagmanager.com/gtag/js?id=UA-116194376-1"></script>
    <script>
      window.dataLayer = window.dataLayer || [];
      function gtag(){dataLayer.push(arguments);}
      gtag('js', new Date());
      gtag('config', 'UA-116194376-1');
    </script>

  </body>
</html>