This paper introduces mod_antimalware, an open-source Apache module designed to detect and contain malware infections in real time. Instead of taking down an entire infected site, it can quarantine or sanitize specific pages, minimizing disruption and preserving reputation.

This presentation, backed by quantitative mapping and site sampling, warns that the third-party widget ecosystem presents a serious and easily scalable malware threat. If attackers compromise just one popular widget, they effectively gain access to a network of thousands of websites—and their visitors—through little to no effort.

This chapter delves into the multiple layers of online advertising fraud, particularly in pay-per-click (PPC) and impression-based models. It investigates the methods fraudsters use to generate fake clicks or views and examines how such activity impacts advertisers, publishers, and ad networks.

“The Anatomy of Clickbot.A” presents an in-depth case study of one of the first large-scale, malware-driven click fraud botnets. Discovered by Google’s security team, Clickbot.A infected over 100,000 machines and silently generated fraudulent ad clicks through a network of browser-based bots. This paper details how the botnet operated, the infrastructure behind it, and the subtle techniques it used to evade detection—marking a pivotal moment in understanding and defending against online ad fraud.

A first-of-its-kind black-box, measurement-driven study of Skype’s peer-to-peer VoIP network, analyzing 82 million+ data points from September 1, 2005 to January 14, 2006. Researchers captured client population, supernode behavior, traffic loads, and usage patterns—despite encryption in signaling and media streams.

Daswani’s dissertation explores the vulnerability of decentralized P2P systems to Denial-of-Service (DoS) attacks and theorizes how to build a commerce infrastructure in trustless, distributed environments.

“Blasting in Chord” spotlights a subtle, traffic-based DoS vulnerability in DHT networks and offers efficient, scalable countermeasures. By enforcing simple per-peer traffic policies, systems like Chord can resist malicious flooding without compromising performance.

GUESS is an unstructured P2P resource discovery protocol where nodes rely on a “pong cache”—a local list of peers they've heard about via Pong messages—to find other nodes. While simple and decentralized, this cache is vulnerable to poisoning attacks.

In flooding-based P2P networks—where messages are broadcast across all connected peers—nodes often execute tasks on behalf of distant, unknown peers. The paper explores how to maximize the useful work performed remotely, given the overhead of widespread message propagation.

This invited paper by the Stanford Peers research group offers a comprehensive view of their work on peer-to-peer (P2P) systems, covering key challenges like resource location, aggregation, availability, and authenticity.

Data-sharing P2P systems enable large-scale resource pooling (files, computing, storage) in a fully decentralized manner. However, this openness brings significant research challenges—especially in search efficiency and security—which the paper identifies as key areas lacking comprehensive solutions.

This work was among the first to spotlight application-layer DoS in P2P networks, demonstrating how even without compromising infrastructure, attackers can significantly disrupt decentralized systems—and how simple countermeasures can effectively defend against such threats.

This paper provides a comprehensive overview of security mechanisms within the Wireless Application Protocol (WAP), the primary standard for mobile web at the time.

Assess how efficiently Palm OS devices of the time could perform WTLS (Wireless Transport Layer Security) handshakes, focusing primarily on cryptographic operations like RSA, MD5, SHA, and RC4.

The authors explore how early PDAs like the PalmPilot—despite lacking typical security hardware—can serve as platforms for secure micropayments.

Existing digital wallets in 1998 were typically proprietary, web‑centric, and vendor-driven, limiting flexibility across devices (like PDAs) and payment protocols. SWAPEROO aimed to fix this by delivering a universal, secure wallet architecture that is extensible, symmetric, non-web-centric, and client-driven — meaning the user exclusively controls transactions and no vendor can trigger payments without user initiation.