• Building a Better Mousetrap 

      Ramachandran, Anirudh; Seetharaman, Srinivasan; Feamster, Nick; Vazirani, Vijay (Georgia Institute of Technology, 2007)
      Routers in the network core are unable to maintain detailed statistics for every packet; thus, traffic statistics are often based on packet sampling, which reduces accuracy. Because tracking large ("heavy-hitter") traffic ...
    • Fishing for Phishing from the Network Stream 

      Ramachandran, Anirudh; Feamster, Nick; Krishnamurthy, Balachander; Spatscheck, Oliver; Van der Merwe, Jacobus (Georgia Institute of Technology, 2008)
      Phishing is an increasingly prevalent social-engineering attack that attempts identity theft using spoofed Web pages of legitimate organizations. Unfortunately, current phishing detection methods are neither complete ...
    • Packets with Provenance 

      Ramachandran, Anirudh; Bhandankar, Kaushik; Tariq, Mukarram Bin; Feamster, Nick (Georgia Institute of Technology, 2008)
      Traffic classification and distinction allows network operators to provision resources, enforce trust, control unwanted traffic, and traceback unwanted traffic to its source. Today’s classification mechanisms rely ...
    • Practical Data-Leak Prevention for Legacy Applications in Enterprise Networks 

      Mundada, Yogesh; Ramachandran, Anirudh; Tariq, Mukarram Bin; Feamster, Nick (Georgia Institute of Technology, 2011)
      Organizations must control where private information spreads; this problem is referred to in the industry as data leak prevention. Commercial solutions for DLP are based on scanning content; these impose high overhead and ...
    • Spam or Ham? Characterizing and Detecting Fraudulent "Not Spam" Reports in Web Mail Systems 

      Ramachandran, Anirudh; Dasgupta, Anirban; Feamster, Nick; Weinberger, Kilian (Georgia Institute of Technology, 2011)
      Web mail providers rely on users to “vote” to quickly and collaboratively identify spam messages. Unfortunately, spammers have begun to use large collections of compromised accounts not only to send spam, but also to ...
    • Understanding the Network­-Level Behavior of Spammers 

      Ramachandran, Anirudh; Feamster, Nick (Georgia Institute of Technology, 2006)
      This paper studies the network-level behavior of spammers, including: IP address ranges that send the most spam, common spamming modes (e.g., BGP route hijacking, bots), how persistent (in time) each spamming host is, ...