Niels Provos

Niels Provos joined Google in 2003 and is currently working as Distinguished Engineer in the Infrastructure group. He received a Ph.D. from the University of Michigan in 2003 where he studied experimental and theoretical aspects of computer and network security at the Center of Information Technology Integration. He is serving on the USENIX Board of Directors. He is a member of the Honeynet project and an active contributor to open source projects.

Google Publications

  •   

    Tick Tock: Building Browser Red Pills from Timing Side Channels

    Grant Ho, Dan Boneh, Lucas Ballard, Niels Provos

    8th USENIX Workshop on Offensive Technologies (WOOT 14), USENIX Association (2014)

  •   

    CAMP: Content-Agnostic Malware Protection

    Moheeb Abu Rajab, Lucas Ballard, Noe Lutz, Panayiotis Mavrommatis, Niels Provos

    Network and Distributed Systems Security Symposium (NDSS), Network and Distributed Systems Security Symposium (NDSS), USA (2013)

  •   

    Manufacturing Compromise: The Emergence of Exploit-as-a-Service

    Chris Grier, Lucas Ballard, Juan Caballero, Neha Chachra, Christian J. Dietrich, Kirill Levchenko, Panayiotis Mavrommatis, Damon McCoy, Antonio Nappa, Andreas Pitsillidis, Niels Provos, M. Zubair Rafique, Moheeb Abu Rajab, Christian Rossow, Kurt Thomas, Vern Paxson, Stefan Savage, Geoffrey M. Voelker

    Proceedings of 19th ACM Conference on Computer and Communications Security (2012)

  •    

    ShellOS: Enabling fast detection and forensic analysis of code injection attacks

    Kevin Snow, Srinivas Krishnan, Fabian Monrose, Niels Provos

    USENIX Security Symposium (2011)

  •    

    The Nocebo Effect on the Web: An Analysis of Fake Anti-Virus Distribution

    Moheeb Abu Rajab, Lucas Ballard, Panayiotis Marvrommatis, Niels Provos, Xin Zhao

    Large-Scale Exploits and Emergent Threats, USENIX (2010)

  •  

    All Your iFrames Point to Us

    Niels Provos, Panayiotis Mavrommatis, Moheeb Rajab, Fabian Monrose

    17th USENIX Security Symposium (2008)

  •    

    Corrupted DNS Resolution Paths: The Rise of a Malicious Resolution Authority

    David Dagon, Chris Lee, Wenke Lee, Niels Provos

    Proc. 15th Network and Distributed System Security Symposium (NDSS), Internet Society, San Diego, CA (2008)

  •   

    Ghost Turns Zombie: Exploring the Life Cycle of Web-based Malware

    Michalis Polychronakis, Panayiotis Mavrommatis, Niels Provos

    Proceedings of the 1st USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET) (2008)

  •  

    Peeking Through the Cloud

    Moheeb Abu Rajab, Fabian Monrose, Andreas Terzis, Niels Provos

    6th Conference on Applied Cryptography and Network Security (2008)

  •  

    To Catch a Predator: A Natural Language Approach for Eliciting Protocol Interaction

    Sam Small, Joshua Mason, Fabian Monrose, Niels Provos, Adam Stubblefield

    17th USENIX Security Symposium (2008)

  •   

    A Framework for Detection and Measurement of Phishing Attacks

    Sujata Garera, Niels Provos, Monica Chew, Aviel D. Rubin

    WORM'07, ACM, Alexandria, VA (2007)

  •   

    The Ghost In The Browser: Analysis of Web-based Malware

    Niels Provos, Dean McNamee, Panayiotis Mavrommatis, Ke Wang, Nagendra Modadugu

    First Workshop on Hot Topics in Understanding Botnets (HotBots '07), Online Proceedings, http://www.usenix.org/events/hotbots07/tech/ (2007)

  •   

    Virtual Honeypots: From Botnet Tracking to Intrusion Detection

    Niels Provos, Thorsten Holz

    Addison Wesley (2007)

  •   

    Cookies Along Trust-Boundaries (CAT): Accurate and Deployable Flood Protection

    Martin Casado, Aditya Akella, Pei Cao, Niels Provos, Scott Shenker

    In Proceedings of Steps To Reduce Unwated Traffic From The Internet (2006)

  •  

    Flow-Cookies: Using Bandwidth Amplification to Defend Against DDoS Flooding Attacks

    Martin Casado, Pei Cao, Aditya Akella, Niels Provos

    Proceedings of the IEEE Workshop on QoS (2006)

  •    

    Search Worms

    Niels Provos, Joe McClain, Ke Wang

    WORM '06: Proceedings of the 4th ACM workshop on Recurring malcode, ACM Press, Alexandria, Virginia, USA (2006), pp. 1-8

  •   

    Data Reduction for the Scalable Automated Analysis of Distributed Darknet Traffic

    Michael Bailey, Evan Cooke, Farnam Jahanian, Niels Provos, Karl Rosaen, David Watson

    Proceedings of the 2005 Internet Measurement Conference

  •   

    A Virtual Honeypot Framework

    Niels Provos

    USENIX Security Symposium (2004), pp. 1-14

  •   

    Improving Host Security with System Call Policies

    Niels Provos

    12th USENIX Security Symposium (2003)

  •   

    Preventing Privilege Escalation

    Niels Provos, Markus Friedl, Peter Honeyman

    12th USENIX Security Symposium (2003)

  •  

    Defending Against Statistical Steganalysis

    Niels Provos

    10th USENIX Security Symposium (2001)

  •  

    Encrypting Virtual Memory

    Niels Provos

    9th USENIX Security Symposium (2000)

  •   

    A Future-Adaptable Password Scheme

    Niels Provos, David Mazi{\`e}res

    USENIX Annual Technical Conference, FREENIX Track (1999)

  •   

    Cryptography in OpenBSD: An Overview

    Theo de Raadt, Niklas Hallqvist, Artur Grabowski, Angelos D. Keromytis, Niels Provos

    USENIX Annual Technical Conference, FREENIX Track (1999)

Previous Publications

  •   

    Diffie-Hellman Group Exchange for the Secure Shell (SSH) Transport Layer Protocol

    M. Friedl, N. Provos, W. Simpson

    IETF (2006)

  •   

    Hide and Seek: An Introduction to Steganography

    Niels Provos, Peter Honeyman

    IEEE Security & Privacy, vol. 1 (2003), pp. 32-44

  •   

    Detecting Steganographic Content on the Internet

    Niels Provos, Peter Honeyman

    NDSS (2002)

  •   

    ScanSSH: Scanning the Internet for SSH Servers

    Niels Provos, Peter Honeyman

    LISA (2001), pp. 25-30