Publications (Google Scholar)

Practical Attacks against DNS Reputation Systems
Tillson Galloway, Kleanthis Karakolios, Zane Ma, Roberto Perdisci, Manos Antonakakis, Angelos Keromytis
2024 IEEE Symposium on Security and Privacy (S&P)  [bib]

Stale TLS Certificates: Investigating Precarious Third-Party Access to Valid TLS Keys
Zane Ma, Aaron Faulkenberry, Thomas Papastergiou, Zakir Durumeric, Michael D. Bailey, Angelos D. Keromytis, Fabian Monrose, Manos Antonakakis
2023 ACM Internet Measurement Conference (IMC)  [bib][slides]
Related: Internet Society blog

View from Above: Exploring the Malware Ecosystem from the Upper DNS Hierarchy
Aaron Faulkenberry, Athanasios Avgetidis, Zane Ma, Omar Alrawi, Charles Lever, Panagiotis Kintis, Fabian Monrose, Angelos Keromytis, Manos Antonakakis
2022 Annual Computer Security Applications Conference (ACSAC)  [bib]

Tracing Your Roots: Exploring the TLS Trust Anchor Ecosystem
Zane Ma, James Austgen, Joshua Mason, Zakir Durumeric, Michael Bailey
2021 ACM Internet Measurement Conference (IMC)  [bib][slides][video]

What’s in a Name? Exploring CA Certificate Control
Zane Ma, Joshua Mason, Manos Antonakakis, Zakir Durumeric, Michael Bailey
2021 USENIX Security  [bib][slides][video]

WebSocket Adoption and the Landscape of the Real-Time Web
Paul Murley, Zane Ma, Joshua Mason, Michael Bailey, Amin Kharraz
2021 The Web Conference (WWW)  [bib]

Measuring Identity Confusion with Uniform Resource Locators
Joshua Reynolds, Deepak Kumar, Zane Ma, Rohan Subramanian, Meishan Wu, Martin Shelton, Joshua Mason, Emily Stark, Michael Bailey
2020 ACM Conference on Human Factors in Computing Systems (CHI)  [bib]

The Impact of Secure Transport Protocols on Phishing Efficacy
Zane Ma, Joshua Reynolds, Joseph Dickinson, Kaishen Wang, Taylor Judd, Joseph D. Barnes, Joshua Mason, Michael Bailey
2019 USENIX Workshop on Cyber Security Experimentation and Test (CSET)  [bib][slides]

Outguard: Detecting In-Browser Covert Cryptocurrency Mining in the Wild
Amin Kharraz, Zane Ma, Paul Murley, Charles Lever, Joshua Mason, Andrew Miller, Manos Antonakakis, Michael Bailey
2019 The Web Conference (WWW)  [bib]
Best paper award

Measuring Ethereum’s Peer-to-Peer Network
Seoung Kim, Zane Ma, Siddharth Murali, Joshua Mason, Andrew Miller, Michael Bailey
2018 ACM Internet Measurement Conference (IMC)  [bib]

Understanding the Mirai Botnet
Zane Ma, Manos Antonakakis, Tim April, Michael Bailey, Matt Bernhard, Elie Bursztein, Jaime Cochran, Zakir Durumeric, J. Alex Halderman, Luca Invernizzi, Michalis Kallitsis, Deepak Kumar, Chaz Lever, Joshua Mason, Damian Menscher, Chad Seaman, Nick Sullivan, Kurt Thomas, Yi Zhou
2017 USENIX Security  [bib][slides][video]

The Security Impact of HTTPS Interception
Zakir Durumeric, Zane Ma, Drew Springall, Richard Barnes, Nick Sullivan, Elie Bursztein, Michael Bailey, J. Alex Halderman, Vern Paxson
2017 Network and Distributed System Security Symposium (NDSS)  [bib]

Security Challenges in an Increasingly Tangled Web
Deepak Kumar, Zane Ma, Zakir Durumeric, Ariana Mirian, Joshua Mason, Michael Bailey, J. Alex Halderman
2017 World Wide Web (WWW)  [bib]

An Internet-wide View of ICS devices
Ariana Mirian, Zane Ma, David Adrian, Matthew Tischer, Thasphon Chuenchujit, Tim Yardley, Robin Berthier, Josh Mason, Zakir Durumeric, J. Alex Halderman, Michael Bailey
2016 Privacy, Security and Trust (PST)  [bib][slides]

Talks

2022-11-22   “Peeking into the web PKI: Uncovering the trust relationships that sustain web server authentication.” NOISELab seminar. Virtual.

2022-11-22   “A Full Stack Hybrid 5G Testbed for Security Testing.” Linux ONE Summit. Seattle, WA.  [slides][video]

2022-07-27   “Reflections on Trusting Identifiers: The Foundations of Social Engineering.” Stanford Security Seminar. Virtual.  [slides]

2022-04-07   “Tracing Your Roots: Exploring the TLS Trust Anchor Ecosystem.” Hot Topics in the Science of Security (HotSoS ‘22). Virtual.  [video]

2021-11-10   “WebPKI and Trust.” Stanford CS249i Guest Lecture. Virtual.  [slides]

2021-10-13   “Exploring CA Certificate Control.” CA/Browser Forum. Virtual.  [slides]

2021-09-24   “Understanding the Trust Relationships of the Web PKI.” Cybersecurity Lecture Series. Georgia Institute of Technology, Atlanta.  [slides][video]

2020-04-20   “Fundamentals of Phishing: A Usability Perspective.” Security Seminar. University of California, San Diego.  [slides]

2018-02-20   “Mirai and the Future of IoT Botnets.” Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG): 42nd General Meeting. San Francisco, CA.  [slides]

2017-11-08   “Understanding the Mirai Botnet.” Security Seminar. University of Chicago, IL.  [slides]