Stefan Savage

Professor

Department of Computer Science and Engineering

University of California, San Diego


Office: EBU3B 3106
Email: savage AT cs.ucsd.edu
Mail:

UCSD Dept of CSE

9500 Gilman Drive, MC 0404,

La Jolla, CA  92093-0404

Voice (858)-822-4895
FAX (858)-534-7029
Systems and Networking Group

Security Group


What's new? 

I started thinking about updating the what's new section.

Slides from an invited talk I gave at NDSS 2005 titled "Internet Outbreaks: Epidemiology and Defenses.

Kaia Savage was new back on 7/29/2004.

Cole Savage was the newest thing around back on 2/9/2002.

The Overnet host availability traces from our '02 IPTPS paper are available here.

The Denial-of-Service backscatter traces used in our '01 Usenix Security paper are available here.

Recent publications

Too LeJIT to Quit: Extending JIT Spraying to ARM, Wilson Lian, Hovav Shacham, and Stefan Savage, Proceedings of the Network and Distributed System Security Symposium (NDSS), San Diego, CA, February 2015.

Characterizing Large-Scale Click Fraud in ZeroAccess, Paul Pearce, Vacha Dave, Chris Grier, Kirill Levchenko, Saikat Guha, Damon McCoy, Vern Paxson, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the ACM Conference on Computer and Communications Security, Scottsdale, Arizona, November 2014.

On The Security of Mobile Cockpit Information Systems, Devin Lundberg, Brown Farinholt, Edward Sullivan, Ryan Mast, Stephen Checkoway, Stefan Savage, Alex C. Snoeren, and Kirill Levchenko, Proceedings of the ACM Conference on Computer and Communications Security, Scottsdale, Arizona, November 2014.

Search + Seizure: The Effectiveness of Interventions on SEO Campaigns, David Wang, Matthew Der, Mohammad Karami, Lawrence Saul, Damon McCoy, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the ACM Internet Measurement Conference, Vancouver, BC, Canada, November 2014.

Handcrafted Fraud and Extortion: Manual Account Hijacking in the Wild, Borbala Benko, Elie Bursztein, Daniel Margolis, Tadek Pietraszek, Andy Archer, Allan Aquino, Andreas Pitsillidis, and Stefan Savage, Proceedings of the ACM Internet Measurement Conference, Vancouver, BC, Canada, November 2014.

Knock It Off: Profiling the Online Storefronts of Counterfeit Merchandise, Matthew Der, Lawrence K. Saul, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the ACM SIGKDD Conference, New York, NY, August 2014.

Empirically Characterizing Domain Abuse and the Revenue Impact of Blacklisting, Neha Chachra, Damon McCoy, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the Workshop on the Economics of Information Security (WEIS), State College, PA, June 2014, pages 4:1:1-4:1:13.

XXXtortion? Inferring Registration Intent in the .XXX TLD, Tristan Halvorson, Kirill Levchenko, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the International World Wide Web Conference (WWW)`, Seoul, Korea, April 2014, pages 901-912.

Botcoin: Monetizing Stolen Cycles, Danny Yuxing Huang, Hitesh Dharmdasani, Sarah Meiklejohn, Vacha Dave, Chris Grier, Damon McCoy, Stefan Savage, Nicholas Weaver, Alex C. Snoeren, and Kirill Levchenko, Proceedings of the Network and Distributed System Security Symposium (NDSS), San Diego, CA, February 2014.

A Fistful of Bitcoins: Characterizing Payments Among Men with No Names, Sarah Meiklejohn, Marjori Pomarole, Grant Jordan, Kirill Levchenko, Damon McCoy, Geoffrey M. Voelker, and Stefan Savage, USENIX ;login: 38(6), December 2013.

A Comparison of Syslog and IS-IS for Monitoring Link State, Daniel Turner, Kirill Levchenko, Stefan Savage, and Alex C. Snoeren, Proceedings of the ACM Internet Measurement Conference, Barcelona, Spain, October 2013.

A Fistful of Bitcoins: Characterizing Payments Among Men with No Names, Sarah Meiklejohn, Marjori Pomarole, Grant Jordan, Kirill Levchenko, Damon McCoy, Geoffrey M. Voelker, and Stefan Savage, Proceedings of the ACM Internet Measurement Conference, Barcelona, Spain, October 2013, pages 127-140.

Measuring the Practical Impact of DNSSEC Deployment, Wilson Lian, Eric Rescorla, Hovav Shacham, and Stefan Savage, Proceedings of the USENIX Security Symposium, Washington D.C., August 2013.

Juice: A Longitudinal Study of an SEO Campaign, David Wang, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the Network and Distributed System Security Symposium (NDSS), San Diego, CA, February 2013, pages 7:4:1-7:4:17.

Taster's Choice: A Comparative Analysis of Spam Feeds, Andreas Pitsillidis, Chris Kanich, Geoffrey M. Voelker, Kirill Levchenko, and Stefan Savage, Proceedings of the ACM Internet Measurement Conference, Boston, MA, November 2012, pages 427-440.

Priceless: The Role of Payments in Abuse-advertised Goods, Damon McCoy, Hitesh Dharmdasani, Christian Kreibich, Geoffrey M. Voelker, and Stefan Savage, Proceedings of the ACM Conference on Computer and Communications Security, Raleigh, NC, October 2012, pages 845-856.

Manufacturing Compromise: The Emergence of Exploit-as-a-Service, Chris Grier, Lucas Ballard, Juan Caballero, Neha Chachra, Christian J. Dietrich, Kirill Levchenko, Panayiotis Mavrommatis, Damon McCoy, Antonio Nappa, Andreas Pitsillidis, Niels Provos, M. Zubair Rafique, Moheeb Abu Rajab, Christian Rossow, Kurt Thomas, Vern Paxson, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the ACM Conference on Computer and Communications Security, Raleigh, NC, October 2012, pages 821-832.

Be Conservative: Enhancing Failure Diagnosis with Proactive Logging, Ding Yuan, Soyeon Park, Peng Huang, Yang Liu, Michael Lee, Xiaoming Tang, Yuanyuan Zhou, and Stefan Savage, Proceedings of the 9th ACM/USENIX Symposium on Operating Systems Design and Implementation (OSDI), Hollywood, CA, October 2012.

PharmaLeaks: Understanding the Business of Online Pharmaceutical Affiliate Programs, Damon McCoy, Andreas Pitsillidis, Grant Jordan, Nicholas Weaver, Christian Kreibich, Brian Krebs, Geoffrey M. Voelker, Stefan Savage, and Kirill Levchenko, Proceedings of the USENIX Security Symposium, Bellevue, WA, August 2012, pages 1-16.

When Good Services Go Wild: Reassembling Web Services for Unintended Purposes, Feng Lu, Jiaqi Zhang, and Stefan Savage, Proceedings of the USENIX Workshop on Hot Topics in Security, Bellevue, WA, August 2012.

scc: Cluster Storage Provisioning Informed by Application Characteristics and SLAs, Harsha V. Madhyastha, John C. McCullough, George Porter, Rishi Kapoor, Stefan Savage, Alex C. Snoeren, and Amin Vahdat, USENIX ;login: 37(3), June 2012.

Measuring the Cost of Cybercrime, Ross Anderson, Chris Barton, Rainer Boehme, Richard Clayton, Michel J.G. van Eeten, Michael Levi, Tyler Moore, and Stefan Savage, Proceedings of the Workshop on the Economics of Information Security (WEIS), Berlin, Germany, June 2012.

Return-Oriented Programming: Systems, Languages and Applications, Ryan Roemer, Erik Buchanan, Hovav Shacham, and Stefan Savage, ACM Transactions on Information and System Security 15(1), March 2012.

Improving Software Diagnosability via Log Enhancement, Ding Yuan, Jing Zheng, Soyeon Park, Yuanyuan Zhou, and Stefan Savage, ACM Transactions on Computer Systems 30(1), February 2012.

BlueSky: A Cloud-Backed File System for the Enterprise, Michael Vrable, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the 7th USENIX Conference on File and Storage Technologies (FAST), San Jose, CA, February 2012, pages 19:1-19:14.

scc: Cluster Storage Provisioning Informed by Application Characteristics and SLAs, Harsha V. Madhyastha, John C. McCullough, George Porter, Rishi Kapoor, Stefan Savage, Alex C. Snoeren, and Amin Vahdat, Proceedings of the 7th USENIX Conference on File and Storage Technologies (FAST), San Jose, CA, February 2012.

In Planning Digital Defenses, the Biggest Obstacle is Human Ingenuity, Stefan Savage, New York Times, Dec 6 2011.

An Analysis of Underground Forums, Marti Motoyama, Damon McCoy, Kirill Levchenko, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the ACM Internet Measurement Conference, Berlin, CA, November 2011, pages 71-80.

Judging a site by its content: learning the textual, structural, and visual features of malicious Web pages, Sushma Nagesh Bannur, Lawrence K. Saul, and Stefan Savage, Proceedings of the ACM Workshop on Artificial Intelligence and Security (AISEC), Chicago, IL, October 2011.

Cloak and Dagger: Dynamics of Web Search Cloaking, David Wang, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the ACM Conference on Computer and Communications Security, Chicago, IL, October 2011, pages 477-490.

On the Empirical Performance of Self-calibrating WiFi Location Systems, Daniel Turner, Stefan Savage, and Alex C. Snoeren, Proceedings of IEEE Conference on Local Computer Networks (LCN), Bonn, Germany, October 2011.

Interview with Stefan Savage: On the Spam Payment Trail, Rik Farrow and Stefan Savage, USENIX ;login: 36(4):7-20, August 2011.

Heat of the Moment: Characterizing the Efficacy of Thermal Camera-Based Attacks, Keaton Mowery, Sarah Meiklejohn, and Stefan Savage, Proceedings of Workshop On Offensive Technologies (WOOT), August 2011.

No Plan Survives Contact: Experience with Cybercrime Measurement, Chris Kanich, Neha Chachra, Damon McCoy, Chris Grier, David Wang, Marti Motoyama, Kirill Levchenko, Stefan Savage, and Geoffrey M. Voelker, Proceedings of Workshop on Cyber Security Experimentation and Test (CSET), August 2011, pages 2:1-2:8.

Show Me the Money: Characterizing Spam-advertised Revenue, Chris Kanich, Nicholas Weaver, Damon McCoy, Tristan Halvorson, Christian Kreibich, Kirill Levchenko, Vern Paxson, Geoffrey M. Voelker, and Stefan Savage, Proceedings of the USENIX Security Symposium, San Francisco, CA, August 2011, pages 219-234.

Dirty Jobs: The Role of Freelance Labor in Web Service Abuse, Marti Motoyama, Damon McCoy, Kirill Levchenko, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the USENIX Security Symposium, San Francisco, CA, August 2011, pages 203-218.

Comprehensive Experimental Analyses of Automotive Attack Surfaces, Stephen Checkoway, Damon McCoy, Danny Anderson, Brian Kantor, Hovav Shacham, Stefan Savage, Karl Koscher, Alexei Czeskis, Franziska Roesner, and Tadayoshi Kohno, Proceedings of the USENIX Security Symposium, San Francisco, CA, August 2011.

DefenestraTor: Throwing out Windows in Tor, Mashael AlSabah, Kevin Bauer, Ian Goldberg, Dirk Grunwald, Damon McCoy, Stefan Savage, and Geoffrey M. Voelker, Privacy Enhancing Technologies Symposium, Waterloo, Canada, July 2011, pages 134-154.

Privacy-preserving Network Forensics, Mikhail Afanasyev, Tadayoshi Kohno, Justin Ma, Nick Murphy, Stefan Savage, Alex C. Snoeren, and Geoffrey M. Voelker, Communications of the Association for Computing Machinery 54(5):78-87, May 2011.

Click Trajectories: End-to-End Analysis of the Spam Value Chain, Kirill Levchenko, Andreas Pitsillidis, Neha Chachra, Brandon Enright, Márk Félegyházi, Chris Grier, Tristan Halvorson, Chris Kanich, Christian Kreibich, He Liu, Damon McCoy, Nicholas Weaver, Vern Paxson, Geoffrey M. Voelker, and Stefan Savage, Proceedings of the IEEE Symposium and Security and Privacy, Oakland, CA, May 2011, pages 431-446.

Learning to Detect Malicious URLs, Justin Ma, Lawrence K Saul, Stefan Savage, and Geoffrey M Voelker, ACM Transactions on Intelligent Systems and Technology (TIST) 2(3):30:1-30:24, April 2011.

On the Effects of Registrar-level Intervention, He Liu, Kirill Levchenko, Márk Félegyházi, Christian Kreibich, Gregor Maier, Geoffrey M. Voelker, and Stefan Savage, Proceedings of the USENIX Workshop on Large-scale Exploits and Emergent Threats (LEET), Boston, MA, March 2011, pages 1-8.

Got Traffic? An Evaluation of Click Traffic Providers, Qing Zhang, Thomas Ristenpart, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the WICOM/AIRWeb Workshop on Web Quality (WebQuality), Hyderabad, India, March 2011, pages 19-26.

Improving Software Diagnosability via Log Enhancement, Ding Yuan, Jing Zheng, Soyeon Park, Yuanyuan Zhou, and Stefan Savage, Proceedings of Architectural Support for Programming Languages and Operating Systems (ASPLOS), Newport Beach, CA, March 2011.

How to Tell an Airport from a Home: Techniques and Applications, Andreas Pitsillidis, Yinglian Xie, Fang Yu, Martin Abadi, Geoffrey M. Voelker, and Stefan Savage, Proceedings of the 9th ACM Workshop on Hot Topics in Networks (HotNets-IX), Monterey, CA, October 2010, pages 13:1-13:6.

Difference Engine: Harnessing Memory Redundancy in Virtual Machines, Diwaker Gupta, Sangmin Lee, Michael Vrable, Stefan Savage, Alex C. Snoeren, George Varghese, Geoffrey M. Voelker, and Amin Vahdat, Communications of the Association for Computing Machinery 53(10):85-93, October 2010.

California Fault Lines: Understanding the Causes and Impact of Network Failures, Daniel Turner, Kirill Levchenko, Alex C. Snoeren, and Stefan Savage, Proceedings of the ACM SIGCOMM Conference, New Delhi, India, August 2010.

Re: CAPTCHAs -- Understanding CAPTCHA-Solving from an Economic Context, Marti Motoyama, Kirill Levchenko, Chris Kanich, Damon McCoy, Geoffrey M. Voelker, and Stefan Savage, Proceedings of the USENIX Security Symposium, Washington, D.C., August 2010, pages 435-452.

Beyond Heuristics: Learning to Classify Vulnerabilities and Predict Exploits, Mehran Bozorgi, Lawrence K. Saul, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the ACM SIGKDD Conference, Washington D.C., July 2010, pages 105-114.

Measuring Online Service Availability Using Twitter, Marti Motoyama, Brendan Meeder, Kirill Levchenko, Stefan Savage, and Geoffrey M. Voelker, Proceedings of ACM Workshop on Online Social Networks (WOSN), Boston, MA, June 2010, pages 13:1-13:9.

SleepServer: A Software-Only Approach for Reducing the Energy Consumption of PCs within Enterprise Environments, Yuvraj Agarwal, Stefan Savage, and Rajesh Gupta, Proceedings of the USENIX Annual Technical Conference, Boston, MA, June 2010.

Experimental Security Analysis of a Modern Automobile, Karl Koscher, Alexei Czeskis, Franziska Roesner, Shwetak Patel, Tadayoshi Kohno, Stephen Checkoway, Damon McCoy, Brian Kantor, Danny Anderson, Hovav Shacham, and Stefan Savage, Proceedings of the IEEE Symposium and Security and Privacy, Oakland, CA, May 2010.

Neon: System Support for Derived Data Management, Qing Zhang, John McCullough, Justin Ma, Nabil Schear, Michael Vrable, Amin Vahdat, Alex C. Snoeren, Geoffrey M. Voelker, and Stefan Savage, Proceedings of the ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments, Pittsburgh, PA, March 2010, pages 63-74.

Botnet Judo: Fighting Spam with Itself, Andreas Pitsillidis, Kirill Levchenko, Christian Kreibich, Chris Kanich, Geoffrey M. Voelker, Vern Paxson, Nicholas Weaver, and Stefan Savage, Proceedings of the Network and Distributed System Security Symposium (NDSS), San Diego, CA, February 2010.

Cumulus: Filesystem Backup to the Cloud, Michael Vrable, Stefan Savage, and Geoffrey M. Voelker, ACM Transaction on Storage 5(4):1-28, December 2009.

Hey, You, Get Off of My Cloud: Exploring Information Leakage in Third-Party Compute Clouds, Thomas Ristenpart, Eran Tromer, Hovav Shacham, and Stefan Savage, Proceedings of the ACM Conference on Computer and Communications Security, Chicago, IL, November 2009.

When Private Keys are Public: Results from the 2008 Debian OpenSSL Debacle, Scott Yilek, Eric Rescorla, Hovav Shacham, Brandon Enright, and Stefan Savage, Proceedings of the ACM Internet Measurement Conference, Chicago, IL, November 2009.

Spamalytics: An Empirical Analysis of Spam Marketing Conversion, Chris Kanich, Christian Kreibich, Kirill Levchenko, Brandon Enright, Geoffrey M. Voelker, Vern Paxson, and Stefan Savage, Communications of the Association for Computing Machinery 52(9):99-107, September 2009.

Cumulus: filesystem backup to the Cloud, Michael Vrable, Stefan Savage, and Geoffrey M. Voelker, USENIX ;login: 34(4):7-13, August 2009.

Identifying Suspicious URLs: An Application of Large-Scale Online Learning, Justin Ma, Lawrence K. Saul, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the International Conference on Machine Learning, Montreal, Quebec, June 2009, pages 681-688.

Beyond Blacklists: Learning to Detect Malicious Web Sites from Suspicious URLs, Justin Ma, Lawrence K. Saul, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the ACM SIGKDD Conference, Paris, France, June 2009, pages 1245-1254.

Spamcraft: An Inside Look at Spam Campaign Orchestration, Christian Kreibich, Chris Kanich, Kirill Levchenko, Brandon Enright, Geoffrey M. Voelker, Vern Paxson, and Stefan Savage, Proceedings of the USENIX Workshop on Large-scale Exploits and Emergent Threats (LEET), Boston, MA, April 2009, pages 4:1-4:9.

Difference Engine, Diwaker Gupta, Sangmin Lee, Michael Vrable, Stefan Savage, Alex C. Snoeren, George Varghese, Geoffrey M. Voelker, and Amin Vahdat, USENIX ;login: 34(2):24-31, April 2009.

Detecting Malicious Packet Losses, Alper Mizrak, Stefan Savage, and Keith Marzullo, IEEE Transactions on Parallel and Distributed Systems 20(2), February 2009.

Cumulus: Filesystem Backup to the Cloud, Michael Vrable, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the 7th USENIX Conference on File and Storage Technologies (FAST), San Francisco, CA, February 2009, pages 225-238.

Difference Engine: Harnessing Memory Redundancy in Virtual Machines, Diwaker Gupta, Sangmin Lee, Michael Vrable, Stefan Savage, Alex C. Snoeren, George Varghese, Geoffrey M. Voelker, and Amin Vahdat, Proceedings of the 8th ACM/USENIX Symposium on Operating Systems Design and Implementation (OSDI), San Diego, CA, December 2008, pages 309-322. (Award paper).

Spamalytics: an Empirical Analysis of Spam Marketing Conversion, Chris Kanich, Christian Kreibich, Kirill Levchenko, Brandon Enright, Vern Paxson, Geoffrey M. Voelker, and Stefan Savage, Proceedings of the ACM Conference on Computer and Communications Security, Alexandria, VA, October 2008, pages 3-14.

Reconsidering Physical Key Secrecy: Teleduplication via Optical Decoding, Benjamin Laxton, Kai Wang, and Stefan Savage, Proceedings of the ACM Conference on Computer and Communications Security, Alexandria, VA, October 2008.

When Good Instructions Go Bad: Generalizing Return-oriented Programming to the SPARC, Erik Buchanan, Ryan Roemer, Hovav Shacham, and Stefan Savage, Proceedings of the ACM Conference on Computer and Communications Security, Alexandria, VA, October 2008.

XL: An Efficient Network Routing Algorithm, Kirill Levchenko, Geoffrey M. Voelker, Ramamohan Paturi, and Stefan Savage, Proceedings of the ACM SIGCOMM Conference, Seattle, WA, August 2008.

Storm: When Researchers Collide, Brandon Enright, Geoff Voelker, Stefan Savage, Chris Kanich, and Kirill Levchenko, USENIX ;login: 33(4):6-13, August 2008.

On the Spam Campaign Trail, Christian Kreibich, Chris Kanich, Kirill Levchenko, Brandon Enright, Geoffrey M. Voelker, Vern Paxson, and Stefan Savage, Proceedings of the USENIX Workshop on Large-scale Exploits and Emergent Threats (LEET), San Franciso, CA, April 2008.

The Heisenbot Uncertainty Problem: Challenges in Separating Bots from Chaff, Chris Kanich, Kirill Levchenko, Brandon Enright, Geoffrey M. Voelker, and Stefan Savage, Proceedings of the USENIX Workshop on Large-scale Exploits and Emergent Threats (LEET), San Franciso, CA, April 2008.

Detecting Compromised Routers via Packet Forwarding Behavior, Alper Mizrak, Stefan Savage, and Keith Marzullo, IEEE Network 22(2), March 2008.

An Inquiry into the Nature and Causes of the Wealth of Internet Miscreants, Jason Franklin, Vern Paxson, Adrian Perrig, and Stefan Savage, Proceedings of the ACM Conference on Computer and Communications Security, Alexandria, VA, October 2007.

Slicing Spam with Occam's Razor, Chris Fleizach, Geoffrey M. Voelker, and Stefan Savage, Proceedings of Conference on Email and Anti-Spam (CEAS), Mountain View, CA, August 2007.

Automating Cross-Layer Diagnosis of Enterprise Wireless Networks, Yu-Chung Cheng, Mikhail Afanasyev, Patrick Verkaik, Péter Benkö, Jennifer Chiang, Alex C. Snoeren, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the ACM SIGCOMM Conference, Kyoto, Japan, August 2007.

Spamscatter: Characterizing Internet Scam Hosting Infrastructure, David S. Anderson, Chris Fleizach, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the USENIX Security Symposium, Boston, MA, August 2007.

Maximizing Data Locality in Distributed Systems, Fan Chung, Ronald Graham, Ranjita Bhagwan, Geoffrey M. Voelker, and Stefan Savage, Journal of Computer and System Sciences 72(8), December 2006.

Automated Protocol Inference: Unexpected Means of Identifying Protocols, Justin Ma, Kirill Levchenko, Cristian Kriebich, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the ACM Internet Measurement Conference, Rio de Janeiro, Brazil, October 2006.

Finding Diversity in Remote Code Injection Exploits, Justin Ma, John Dunagan, Helen J. Wang, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the ACM Internet Measurement Conference, Rio de Janeiro, Brazil, October 2006.

Jigsaw: Solving the Puzzle of Enterprise 802.11 Analysis, Yu-Chung Cheng, John Bellardo, Péter Benkö, Alex C. Snoeren, Geoffrey M. Voelker, and Stefan Savage, Proceedings of the ACM SIGCOMM Conference, Pisa, Italy, September 2006, pages 39-50.

Fatih: Detecting and Isolating Malicious Routers via Traffic Validation, Alper Mizrak, Yu-Chung Cheng, Keith Marzullo, and Stefan Savage, IEEE Transactions on Dependable and Secure Computing 3(3), July 2006.

Inferring Internet Denial-of-Service Activity, David Moore, Colleen Shannon, Doug Brown, Geoffrey M. Voelker, and Stefan Savage, ACM Transactions on Computer Systems 24(2):115-139, May 2006.

Opportunistic Measurement: Extracting Insight from Spurious Traffic, Martin Casado, Tal Garfinkel, Weidong Cui, Vern Paxson, and Stefan Savage, Proceedings of the 4th ACM Workshop on Hot Topics in Networks (HotNets-IV), College Park, MD, November 2005.

Self-stopping Worms, Justin Ma, Geoffrey M. Voelker, and Stefan Savage, Proceedings of the ACM Workshop on Rapid Malcode (WORM), Washington D.C., November 2005, pages 12-21.

Scalability, Fidelity and Containment in the Potemkin Virtual Honeyfarm, Michael Vrable, Justin Ma, Jay Chen, David Moore, Erik VandeKieft, Alex C. Snoeren, Geoffrey M. Voelker, and Stefan Savage, Proceedings of the 20th ACM Symposium on Operating Systems Principles (SOSP), Brighton, UK, October 2005, pages 148-162.

Fatih: Detecting and Isolating Malicious Routers, Alper Mizrak, Yu-Chung Cheng, Keith Marzullo, and Stefan Savage, Proceedings of the IEEE Conference on Dependable Systems and Networks (DSN), Yokohama, Japan, June 2005, pages 538-547. (Award paper).

SyncScan: Practical Fast Handoff for 802.11 Infrastructure Networks, Ishwar Ramani and Stefan Savage, Proceedings of the IEEE Infocom Conference, Miami, FL, March 2005.

Automated Worm Fingerprinting, Sumeet Singh, Cristian Estan, George Varghese, and Stefan Savage, Proceedings of the 6th ACM/USENIX Symposium on Operating Systems Design and Implementation (OSDI), San Francisco, CA, December 2004, pages 45-60.

Fault-Tolerant Forwarding in the Face of Malicious Routers, Alper Mizrak, Keith Marzullo, and Stefan Savage, Proceedings of the International Workshop on the Future Directions in Distributed Computing (FuDiCo), Bertinoro, Italy, June 2004.

Monkey See, Monkey Do: A Tool for TCP Tracing and Replaying, Yu-Chung Cheng, Urs Hoelzle, Neal Cardwell, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the USENIX Annual Technical Conference, Boston, MA, June 2004, pages 87-98.

TotalRecall: System Support for Automated Availability Management, Ranjita Bhagwan, Kiran Tati, Yu-Chung Cheng, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the 1st ACM/USENIX Symposium on Networked Systems Design and Implementation (NSDI), San Francisco, CA, March 2004, pages 337-350.

In Search of Path Diversity in ISP Networks, Renata Teixeira, Keith Marzullo, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the USENIX/ACM Internet Measurement Conference, Miami, FL, October 2003, pages 313-318.

Automatically Inferring Patterns of Resource Consumption in Network Traffic, Cristian Estan, Stefan Savage, and George Varghese, Proceedings of the ACM SIGCOMM Conference, Karlsruhe, Germany, August 2003, pages 137-148.

802.11 Denial-of-Service Attacks: Real Vulnerabilities and Practical Solutions, John Bellardo and Stefan Savage, Proceedings of the USENIX Security Symposium, Washington, D.C., August 2003, pages 15-28.

Inside the Slammer Worm, David Moore, Vern Paxson, Stefan Savage, Colleen Shannon, Stuart Staniford, and Nicholas Weaver, IEEE Security and Privacy 1(4):33-39, July 2003.

Structured Superpeers: Leveraging Heterogeneity to Provide Constant-Time Lookup, Alper Mizrak, Yu-Chung Cheng, Vineet Kumar, and Stefan Savage, Proceedings of the 4th IEEE Workshop on Internet Applications, San Jose, CA, June 2003, pages 104-111.

The Phoenix Recovery System: Rebuilding from the Ashes of an Internet Catastrophe, Flavio Junqueira, Ranjita Bhagwan, Keith Marzullo, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the 9th USENIX Workshop on Hot Topics in Operating Systems (HotOS-IX), Lihue, HI, May 2003, pages 73-78.

Internet Quarantine: Requirements for Containing Self-Propagating Code, David Moore, Colleen Shannon, Geoffrey M. Voelker, and Stefan Savage, Proceedings of the IEEE Infocom Conference, San Francisco, CA, April 2003, pages 1901-1910.

Understanding Availability, Ranjita Bhagwan, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the International Workshop on Peer To Peer Systems (IPTPS), Berkeley, CA, February 2003, pages 256-267.

The Spread of the Sapphire/Slammer Worm, David Moore, Vern Paxson, Stefan Savage, Colleen Shannon, Stuart Staniford, and Nicholas Weaver, CAIDA Report, January 2003.

Measuring Packet Reordering, John Bellardo and Stefan Savage, Proceedings of the ACM/USENIX Internet Measurement Workshop (IMW), Marseille, France, November 2002, pages 97-105.

Automated Measurement of High-Volume Traffic Clusters, Cristian Estan, Stefan Savage, and George Varghese, Proceedings of the ACM/USENIX Internet Measurement Workshop (IMW), Marseille, France, November 2002, pages 77-78.

Replication Strategies for Highly Available Peer-to-Peer Storage, Ranjita Bhagwan, David Moore, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the International Workshop on the Future Directions in Distributed Computing (FuDiCo), Bertinoro, Italy, June 2002.

Robust Congestion Signaling, David Ely, Neil Spring, David Wetherall, Stefan Savage, and Tom Anderson, Proceedings of the 9th International Conference on Network Protocols (ICNP), Riverside, CA, November 2001, pages 332-341.

Inferring Internet Denial of Service Activity, David Moore, Geoffrey M. Voelker, and Stefan Savage, Proceedings of the USENIX Security Symposium, Washington, D.C., August 2001, pages 9-22. (Best paper).

Network Support for IP Traceback, Stefan Savage, David Wetherall, Anna Karlin, and Tom Anderson, IEEE/ACM Transactions on Networking 9(3):226-237, June 2001.

Alpine: A User-Level Infrastructure for Network Protocol Development, David Ely, Stefan Savage, and David Wetherall, Proceedings of the 3rd USENIX Symposium on Internet Technologies and Systems (USITS), San Francisco, CA, March 2001, pages 171-183.

Practical Network Support for IP Traceback, Stefan Savage, David Wetherall, Anna Karlin, and Tom Anderson, Proceedings of the ACM SIGCOMM Conference, Stockholm, Sweden, August 2000, pages 295-306.

Modeling TCP Latency, Neal Cardwell, Stefan Savage, and Tom Anderson, Proceedings of IEEE Infocom Conference, Tel-Aviv, Israel, March 2000, pages 1742-1751.

Understanding the Performance of TCP Pacing, Amit Aggarwal, Stefan Savage, and Tom Anderson, Proceedings of IEEE Infocom Conference, Tel-Aviv, Israel, March 2000, pages 1157-1165.

TCP Congestion Control with a Misbehaving Receiver, Stefan Savage, Neal Cardwell, David Wetherall, and Tom Anderson, ACM SIGCOMM Computer Communication Review 29(5):71-78, October 1999.

Sting: a TCP-based Network Measurement Tool, Stefan Savage, Proceedings of the 2nd USENIX Symposium on Internet Technologies and Systems (USITS), Boulder, CO, October 1999, pages 71-79. (Best student paper).

The End-to-end Effects of Internet Path Selection, Stefan Savage, Andy Collins, Eric Hoffman, John Snell, and Tom Anderson, Proceedings of the ACM SIGCOMM Conference, Cambridge, MA, September 1999, pages 289-299.

The Case for Informed Transport Protocols, Stefan Savage, Neal Cardwell, and Tom Anderson, Proceedings of the 7th IEEE Workshop on Hot Topics in Operating Systems (HotOS-VII), Rio Rico, AZ, March 1999, pages 58-63.

Detour: a Case for Informed Internet Routing and Transport, Stefan Savage, Tom Anderson, Amit Aggarwal, David Becker, Neal Cardwell, Andy Collins, Eric Hoffman, John Snell, Amin Vahdat, Geoffrey M. Voelker, and John Zahorjan, IEEE Micro 19(1):50-59, January 1999.

Eraser: A Dynamic Race Detector for Multi-Threaded Programs, Stefan Savage, Michael Burrows, Greg Nelson, Patrick Sobalvarro, and Thomas Anderson, ACM Transactions on Computer Systems 15(4):391-411, November 1997.

Eraser: A Dynamic Race Detector for Multi-Threaded Programs, Stefan Savage, Michael Burrows, Greg Nelson, PAtrick Sobalvarro, and Thomas Anderson, Proceedings of the 16th ACM Symposium on Operating Systems Principles (SOSP), Saint-Malo, France, October 1997, pages 27-37. (Award paper).

Language Support for Extensible Operating Systems, Wilson Hsieh, Marc Fiuczynski, Charles Garrett, Stefan Savage, David Becker, and Brian Bershad, Proceedings of the 1st Workshop on Compiler Support for System Software, Tucson, AZ, February 1996, pages 127-133.

Writing an Operating System with Modula-3, Emin gun Sirer, Stefan Savage, Przemyslaw Pardyak, Greg P. DeFouw, Mary Ann Alapat, and Brian Bershad, Proceedings of the 1st Workshop on Compiler Support for System Software, Tucson, AZ, February 1996, pages 134-140.

AFRAID -- A Frequently Redundany Array of Independent Disks, Stefan Savage and John Wilkes, Proceedings of the USENIX Annual Technical Conference, San Diego, CA, January 1996, pages 27-39. (Best student paper).

Extensibility, Safety and Performance in the SPIN Operating System, Brian Bershad, Stefan Savage, Przemyslaw Pardyak, Emin Gun Sirer, Marc Fiuczynski, David Becker, Craig Chamgers, and Susan Eggers, Proceedings of the 15th ACM Symposium on Operating Systems Principles (SOSP), Copper Mountain, CO, December 1995, pages 267-284.

Protection is a Software Issue, Brian Bershad, Stefan Savage, Przemyslaw Pardyak, David Becker, Marc Fiuczynski, and Emin gun Sirer, Proceedings of the 5th Workshop on Hot Topics in Operating Systems, Orcas Island, WA, May 1995, pages 62-65.

Processor Capacity Reserves: Operating System Support for Multimedia Applications, Clifford Mercer, Stefan Savage, and Hideyuki Tokuda, Proceedings of the IEEE Interational Conference on Multimedia Computing and Systems (ICMCS), Boston, MA, May 1994, pages 90-99.

Processor Capacity Reserves: An Abstraction for Managing Processor Usage, Clifford Mercer, Stefan Savage, and Hideyuki Tokuda, Proceedings of the 4th Workshop on Workstation Operating Systems, Napa, CA, October 1993, pages 129-134.

Real-time Mach Timers: Exporting Time to the User, Stefan Savage and Hideyuki Tokuda, Proceedings of the 3rd USENIX Mach Symposium, Sante Fe, NM, April 1993, pages 221-232.

More...

Research  

I'm part of the Systems & Networking and Security research groups. My interests are all over the map, ranging from the economics of e-crime, to characterizing availability, to automotive systems to routing protocols, data center virtualization and back again. I have very broad interests (i.e. try me if you have a crazy idea).

Students  
Neha Chachra
Matthew Der
Tristan Halvorson
Wilson Lian
He Liu (Lonnie)
Sarah Meiklejohn
David Wang
Danny Anderson (MS)
Stephan Chenette (MS)
Erik Buchanan (MS)
Grant Jordan (MS)

Daniel Turner (Ph.D., 2013)→TurboSquid
Andreas Pitsillidis (Ph.D., 2013)→ Google
Chris Kanich (Ph.D., 2012)→ University of Illinois, Chicago
Damon McCoy (postdoc 2009-2011) → George Mason University
Marti Motoyama (Ph.D., 2011)→ FitBit
Michael Vrable (Ph.D., 2011) → Google
Sushma Bannur (M.S., 2011) → Microsoft
Kourosh Derakshan (M.S., 2011) → Qualcomm
Justin Ma (Ph.D., 2010) → Berkeley Postdoc → Google
Ge "Grace" Wang (M.S., 2010) → Qualcomm
Ryan Roemer (M.S., 2009) → Microsoft → IP Street
Kirill Levchenko (Ph.D., 2008) → UCSD Research Scientist
David Moore (2008) → Cisco
Varun Almaula (M.S., 2008) → Cisco
Yu-Chung Cheng (Ph.D., 2007) → Google
Alper Mizrak (Ph.D., 2007) → VmWare
John Bellardo (Ph.D., 2006) → Cal Poly SLO
Sumeet Singh (2006) → NetSift → Cisco
Chris Tuttle (M.S., 2006) → Google
Ishwar Ramani (M.S., 2005) → Juniper Networks → VUDU → Wal-Mart
Ranjita Bhagwan (Ph.D., 2004) → IBM Research → Microsoft Research
Doug Brown (M.S., 2003) → NYU Law School → Asst U.S. Attorney → Chapin Fitzgerald Sillivan and Bottini LLP
Teaching  
Fall 14: CSE 221 Graduate Operating Systems
Fall 12: CSE 127 Computer Security
Spring 12: CSE 127 Computer Security
Winter 12: CSE 227 Computer Security
Fall 11: CSE 123 Computing Networking
Spring 11: IRGN 490 Cyber Security (w/Peter Cowhey), Gardner Room, IR/PS
Spring 10: CSE 227 Computer Security
Fall 09: CSE 123 Computing Networking
Fall 08: CSE 291 Internet Crime (grad seminar)
Spring 08: CSE 127 Computer Security (undergraduate)
Winter 08: CSE 227 Computer Security (graduate)
Fall 07: CSE 294 Systems and Networking Graduate Seminar
Spring 07: CSE 294 Systems and Networking Graduate Seminar
Spring 07: CSE 127 Computer Security
Winter 07: CSE 227 Computer Security (graduate)
Fall 06: CSE 294 Systems and Networking Graduate Seminar
Winter 06: CSE 127 Computer Security
Fall 05: CSE 123a Computer Networks
Fall 05: CSE 294 Systems and Networking Graduate Seminar
Spring 05: CSE 127 Computer Security
Spring 05: CSE 294 Systems and Networking Graduate Seminar
Winter 05: CSE 123a Computer Networks
Spring 04: CSE 123b Communications Software
Fall 03: CSE 221 Graduate Operating Systems
Spring 03: CSE 123b Communications Software
Winter 03: CSE 294 Systems and Networking Graduate Seminar
Winter 03: CSE 222 Computer Communications Networks
Spring 02: CSE 291 Topics in Wide Area Networking: Peer-to-Peer Systems
Spring 02: CSE 123b Communications Software
Fall 01: CSE 222 Computer Communications Networks
Winter 01:  CSE 291E  Selected Topics in Wide Area Networking.  
Professional Activities
Program Committee, 2012 USENIX Symposium on Operating System Design and Implementation (OSDI)
Program Committee, 2011 ACM SIGCOMM Conference
Program Committee, 2011 USENIX LEET Workshop
Program Committee, 2010 USENIX Networked Systems Design and Implementation (NSDI)
Program Committee, 2010 USENIX LEET Workshop
Program Committee, 2009 ACM Symposium on Operating System Principles (SOSP)
Program Committee, 2009 IEEE Symposium on Security and Privacy
Program Co-chair, 2008 ACM SIGCOMM Conference
Steering Committee,
2008-present USENIX LEET Workshop
Program Committe, 2008 USENIX WOWCS Workshop
Member, NSF GENI Science Council, 2007-2008
Program Co-chair, 2007 ACM HotNets Workshop
Program Committee, 2007 ACM Workshop on Recurring Malcode (WORM)
Program Committee, 2007 ACM Symposium on Operating System Principles (SOSP)
Program Committee, 2007 ACM SIGCOMM Conference
Program Committee, 2006 IEEE Symposium on Security and Privacy
NRC/CSTB Study: Improving Cybersecurity Research in the United States (2004-2005)
Program Committee, 2005 USENIX Networked Systems Design and Implementation (NSDI)
Program Committee, 2005 ACM Symposium on Operating System Principles (SOSP)
Program Committee, 2004 ACM Workshop on Rapid Malcode (WORM)
Program Co-chair, 2004 USENIX/ACM Networked Systems Design and Implementation (NSDI)
Co-Organizer, 2003 DIMACS Workshop on Large-Scale Internet Attacks
Program Chair, 2003 ACM Workshop on Rapid Malcode (WORM)
Program Committee, 2003 ACM Symposium on Operating System Principles (SOSP)
Program Committee, 2003 ACM SIGCOMM Conference
Program Committee, 2003 DISCEX Conference
Program Committee, 2003 ACM HotNets Workshop
Program Committee, 2002 ACM SIGCOMM Conference
Program Committee, 2001 Global Internet Symposium
Internet2 Network Research Liason Council, 2002-2004.
CSTB Research Horizons: Networking Research Workshop, 2001
DARPA ISAT Member, 2001-2004.
Misc

I got my undergrad degree in Applied History from CMU and my Ph.D. from the University of Washington (courtesy Brian Bershad and Tom Anderson). I was Co-founder and Chief Scientist at Asta Networks (now kaput), served on the Strategy Advisory Council of Rendition Networks (since acquired by OpsWare) and helped develop some of the technology used by Netsift (since acquired by Cisco). I do other consulting here and there.