Update:  Starting Fall 2018 I am an Associate Professor in the Electrical and Computer Engineering Department at the University of Illinois.

I was an Associate Research Scientist with the Systems and Networking group in the Computer Science department at the University of California, San Diego. My research applies evidence-based techniques to study e-crime and cyber-physical system security.


Current Students

Graduated Students


L. Freire, M. Neves, L. Leal, K. Levchenko, A. Schaeffer-Filho, and M. Barcellos. Uncovering Bugs in P4 Programs with Assertion-based Verification. ACM SOSR 2018.

D. Y. Huang, K. Levchenko, and A. C. Snoeren. Estimating Profitability of Alternative Cryptocurrencies. FC 2018.

K. Levchenko, A. Dhamdhere, B. Huffaker, kc claffy, M. Allman, and V. Paxson. PacketLab: A Universal Measurement Endpoint Interface. ACM IMC 2017.

A. Gamero-Garrido, S. Savage, K. Levchenko, and A. C. Snoeren. Quantifying the Pressure of Legal Risks on Third-party Vulnerability Research. ACM CCS 2017.

Z. Yang, B. Johannesmeyer, A. T. Olesen, S. Lerner, and K. Levchenko. Dead Store Elimination (Still) Considered Harmful. USENIX Security 2017.

M. Contag, G. Li, A. Pawlowski, F. Domke, K. Levchenko, T. Holz, and S. Savage. How They Did It: An Analysis of Emission Defeat Devices in Modern Automobiles. IEEE S&P 2017.

B. Farinholt, M. Rezaeirad, P. Pearce, H. Dharmdasani, H. Yin, S. Le Blond, D. McCoy and K. Levchenko. To Catch a Ratter: Monitoring the Behavior of Amateur DarkComet RAT Operators in the Wild. IEEE S&P 2017.

R. S. Portnoff, S. Afroz, G. Durrett, J. K. Kummerfeld, T. Berg-Kirkpatrick, D. McCoy, K. Levchenko, and V. Paxson. Tools for Automated Analysis of Cybercriminal Markets. WWW 2017.

D. Y. Huang, D. Grundman, K. Thomas, A. Kumar, E. Bursztein, K. Levchenko, and A. C. Snoeren. Pinning Down Abuse on Google Maps. WWW 2017.

I. D. Foster, J. Larson, M. Masich, A. C. Snoeren, S. Savage, and K. Levchenko. Security by Any Other Name: On the Effectiveness of Provider Based Email Security. ACM CCS 2015.

D. Lundberg, B. Farinholt, E. Sullivan, R. Mast, S. Checkoway, S. Savage, A. C. Snoeren, and K. Levchenko. On the Security of Mobile Cockpit Information Systems. ACM CCS 2014.

P. Pearce, V. Dave, C. Grier, K. Levchenko, S. Guha, D. McCoy, V. Paxson, S. Savage, and G. M. Voelker. Characterizing Large-Scale Click Fraud in ZeroAccess. ACM CCS 2014.

D. Y. Huang, H. Dharmdasani, S. Meiklejohn, V. Dave, C. Grier, D. McCoy, N. Weaver, S. Savage, A. C. Snoeren, and K. Levchenko. Botcoin: Monetizing Stolen Cycles. NDSS 2014.

T. Halvorson, K. Levchenko, S. Savage, and G. M. Voelker. XXXtortion? Inferring Registration Intent in the .XXX TLD. WWW 2014.

S. Meiklejohn, M. Pomarole, G. Jordan, K. Levchenko, D. McCoy, G. M. Voelker, and S. Savage. A Fistful of Bitcoins: Characterizing Payments Among Men with No Names. ACM IMC 2013. See also article in Communications of the ACM magazine.

D. Turner, K. Levchenko, S. Savage, and A. C. Snoeren. A Comparison of Syslog and IS-IS for Monitoring Link State. ACM IMC 2013.

A. Pitsillidis, C. Kanich, G. M. Voelker, K. Levchenko, and S. Savage. Taster’s Choice: a Comparative Analysis of Spam Feeds. ACM IMC 2012.

C. Grier, L. Ballard, J. Caballero, N. Chachra, C. J. Dietrich, K. Levchenko, P. Mavrommatis, D. McCoy, A. Nappa, A. Pitsillidis, N. Provos, M. Z. Rafique, M. Abu Rajab, C. Rossow, K. Thomas, V. Paxson, S. Savage, and G. M. Voelker. Manufacturing Compromise: The Emergence of Exploit-as-a-Service. ACM CCS 2012.

D. McCoy, A. Pitsillidis, G. Jordan, N. Weaver, C. Kreibich, B. Krebs, G. Voelker, S. Savage, and K. Levchenko. PharmaLeaks: Understanding the Business of Online Pharmaceutical Affiliate Programs. USENIX Security  2012.

T. Halvorson, J. Szurdi, G. Maier, M. Félegyházi, C. Kreibich, N. Weaver, K. Levchenko, and V. Paxson. The BIZ Top-Level Domain: Ten Years Later. PAM 2012.

M. Motoyama, D. McCoy, K. Levchenko, S. Savage, and G. M. Voelker. An Analysis of Underground Forums. ACM IMC 2011.

C. Kanich, N. Chachra, D. McCoy, C. Grier, D. Wang, M. Motoyama, K. Levchenko, G. M. Voelker, and S. Savage. No Plan Survives Contact: Experience with Cybercrime Measurement. CSET 2011 (workshop).

C. Kanich, N. Weaver, D. McCoy, T. Halvorson, C. Kreibich, K. Levchenko, V. Paxson, G. M. Voelker, and S. Savage. Show Me the Money: Characterizing Spam-advertised Revenue. USENIX Security 2011.

M. Motoyama, D. McCoy, K. Levchenko, G. M. Voelker, and S. Savage. Dirty Jobs: The Role of Freelance Labor in Web Service Abuse. USENIX Security 2011.

K. Levchenko, A. Pitsillidis, N. Chachra, B. Enright, M. Félegyházi, C. Grier, T. Halvorson, C. Kanich, C. Kreibich, H. Liu, D. McCoy, N. Weaver, V. Paxson, G. M. Voelker, and S. Savage. Click Trajectories: End-to-End Analysis of the Spam Value Chain. IEEE  S&P 2011.

H. Liu, K. Levchenko, M. Félegyházi, G. Maier, T. Halvorson, G. M. Voelker, and S. Savage. On the Effects of Registrar-level Intervention. LEET 2011 (workshop).

D. McCoy, J. A. Morales, and K. Levchenko. Proximax: Fighting Censorship with an Adaptive System for Distribution of Open Proxies. FC 2011.

D. Turner, K. Levchenko, A. C. Snoeren, and S. Savage. California Fault Lines: Understanding the Causes and Impact of Network Failures. ACM SIGCOMM 2010.

M. Motoyama, K. Levchenko, C. Kanich, D. McCoy, G. M. Voelker, and S. Savage. Re: CAPTCHAs — Understanding CAPTCHA-Solving Services in an Economic Context. USENIX Security 2010.

M. Motoyama, B. Meeder, K. Levchenko, S. Savage, and G. M. Voelker. Measuring Online Service Availability Using Twitter. WOSN 2010 (workshop).

A. Pitsillidis, K. Levchenko, C. Kreibich, C. Kanich, G. M. Voelker, V. Paxson, N. Weaver, and S. Savage. Botnet Judo: Fighting Spam with Itself. NDSS 2010.

R. R. Kompella, K. Levchenko, A. C. Snoeren, and G. Varghese. Every Microsecond Counts: Tracking Fine-Grain Latencies with a Lossy Difference Aggregator. ACM SIGCOMM 2009.

C. Kreibich, C. Kanich, K. Levchenko, B. Enright, G. M. Voelker, V. Paxson, and S. Savage. Spamcraft: An Inside Look at Spam Campaign Orchestration. LEET 2009 (workshop).

C. Kanich, C. Kreibich, K. Levchenko, B. Enright, V. Paxson, G. M. Voelker, and S. Savage. Spamalytics: An Empirical Analysis of Spam Marketing Conversion. ACM CCS 2008.

K. Levchenko, G. M. Voelker, R. Paturi, and S. Savage. XL: An Efficient Network Routing Algorithm. ACM SIGCOMM 2008.

C. Kreibich, C. Kanich, K. Levchenko, B. Enright, G. M. Voelker, V. Paxson, and S. Savage. On The Spam Campaign Trail. LEET 2008 (workshop).

C. Kanich, K. Levchenko, B. Enright, G. M. Voelker, and S. Savage. The Heisenbot Uncertainty Problem: Challenges in Separating Bots from Chaff. LEET 2008 (workshop).

J. Ma, K. Levchenko, C. Kreibich, S. Savage, and G. M. Voelker. Unexpected Means of Protocol Inference. ACM IMC 2006.

A. R. Calderbank, A. Gilbert, K. Levchenko, S. Muthukrishnan, and M. Strauss. Improved Range-Summable Random Variable Construction Algorithms. SODA 2005. Note: There is a significant error in the paper; please see explanation.

K. Levchenko, R. Paturi, and G. Varghese. On the Difficulty of Scalably Detecting Network Attacks. ACM CCS 2004.

A. Gilbert and K. Levchenko. Compressing Network Graphs. LinkKDD 2004 (workshop).


Only slightly related to my work are the statues of Shannon that I have visited, and instructions on building a tempeh incubator.

My PGP key fingerprint is:

0682 C97A 3D45 A8DA F3EE 907F DB74 4649 EB27 C477