Research Articles

Janos Szurdi, Shehroze Farooqi and Nabeel Mohamed
Toward Ending the Domain Wars: Early Detection of Malicious Stockpiled Domains
Palo Alto Networks’s Unit42 blog. Published on 12/15/2023. Last accessed on 12/18/2023.
[PDF]

Janos Szurdi, Rebekah Houser and Daiping Liu
Domain Shadowing: A Stealthy Use of DNS Compromise for Cybercrime
Palo Alto Networks’s Unit42 blog. Published on 09/21/2022. Last accessed on 09/30/2022.
[PDF]

Janos Szurdi
Tor 101: How Tor Works and its Risks to the Enterprise
Palo Alto Networks’s Unit42 blog. Published on 08/29/2022. Last accessed on 09/30/2022.
[PDF]

Janos Szurdi
A Peek into Top-Level Domains and Cybercrime
Palo Alto Networks’s Unit42 blog. Published on 11/11/2021. Last accessed on 09/30/2022.
[PDF]

Janos Szurdi, Rebekah Houser and Daiping Liu
Fast Flux 101: How Cybercriminals Improve the Resilience of Their Infrastructure to Evade Detection and Law Enforcement Takedowns
Palo Alto Networks’s Unit42 blog. Published on 03/02/2021. Last accessed on 09/30/2022.
[PDF]

Ruian Duan, Zhanhao Chen, Seokkyung Chung, Janos Szurdi and Jingwei Fan
Domain Parking: A Gateway to Attackers Spreading Emotet and Impersonating McAfee
Palo Alto Networks’s Unit42 blog. Published on 10/29/2020. Last accessed on 09/30/2022.
[PDF]

Zhanhao Chen and Janos Szurdi
Cybersquatting: Attackers Mimicking Domains of Major Brands Including Facebook, Apple, Amazon and Netflix to Scam Consumers
Palo Alto Networks’s Unit42 blog. Published on 09/01/2020. Last accessed on 09/30/2022.
[PDF]

Janos Szurdi, Zhanhao Chen, Oleksii Starov, Adrian McCabe and Ruian Duan
Studying How Cybercriminals Prey on the COVID-19 Pandemic
Palo Alto Networks’s Unit42 blog. Published on 04/22/2020. Last accessed on 09/30/2022.
[PDF]
Report on results utilized by Interpol

Peer Reviewed Research

Janos Szurdi, Meng Luo, Brian Kondracki, Nick Nikiforakis and Nicolas Christin
Where are you taking me? understanding abusive traffic distribution systems
In Proceedings of the Web Conference 2021 (WWW’21). Ljubljana, Slovenia. 2021.
[BibTeX] [Slides] [Talk] [Github]

Janos Szurdi and Nicolas Christin
Domain Registration Policy Strategies and the Fight against Online Crime
In Proceedings (online) of the 17th Workshop on Economics of Information Security (WEIS 2018).
[BibTeX] [Slides]

Tyler Moore, Nicolas Christin and Janos Szurdi
Revisiting the Risks of Bitcoin Currency Exchange Closure
In Proceedings of ACM Transactions on Internet Technology. 2018.
[BibTeX]

Janos Szurdi and Nicolas Christin
Email Typosquatting
In Proceedings of the 2017 ACM Internet Measurement Conference (IMC’17). London, UK. Nov. 2017.
[Appendix] [BibTeX] [Slides]

Zachary Weinberg, Mahmood Sharif, Janos Szurdi and Nicolas Christin
Topics of Controversy: An Empirical Analysis of Web Censorship Lists
In Proceedings of the Privacy Enhancing Technology Symposium (PETS 2017), July 2017.
[BibTeX]

J. Szurdi, B. Kocso, G. Cseh, J. Spring, M. Felegyhazi and C. Kanich
The Long Taile of Typosquatting Domain Names
In Proceedings of Usenix Security Symposium 2014, Aug. 2014.
[BibTeX] [Slides]
[Trailer by Mark Felegyhazi]

T. Halvorson, J. Szurdi, G. Maier, M. Felegyhazi, C. Kreibich, N. Weaver, K. Levchenko and V. Paxson
The BIZ Top-Level Domain: Ten Years Later
In Proceedings of Passive Active Measurements (PAM 2012), Vienna, Austria, March 12-14, 2012.
[BibTeX]

Ph.D. Thesis

Janos Szurdi
Measuring and Analyzing Typosquatting Toward Fighting Abusive Domain Registrations.
Diss. Carnegie Mellon University, 2020.
[BibTeX]

Patents

Janos Szurdi, Daiping Liu and Jun Wang
Automated extraction and classification of malicious indicators
US Patent App. 17/185,760. 2020.
[BibTeX]
[PDF]

Janos Szurdi, Weihan Jiang and David Qianshan He
System and method for detecting dictionary-based dga traffic
US Patent App. 17/723,292. 2021.
[BibTeX]
[PDF]

Janos Szurdi, Rebekah Houser and Daiping Liu
Detecting Shadowed Domains
Pending, 2022

Janos Szurdi, Daiping Liu, Tong Zhao, Tingxiang Zhu, Linan Li
Inline Detection of Dictionary DGA Domain Names with Reduced Cost and Latency
Pending, 2023

Ruian Duan, Zhanhao Chen, Janos Szurdi and Daiping Liu,
Detecting And Protecting Claimable Non-Existent Domains
Pending, 2023

Janos Szurdi, Mohamed Yoosuf Mohamed Nabeel, Shehroze Farooqi, George Morrison Jones and Arun Bala Kumar
Methods To Detect Malicious Stockpiled Domain Names
Pending, 2023

Talks

Slides of talk on using graphical neural networks to proactively uncover malicious infrastructure at Virus Bulletin 2024 in Dublin, Ireland.
Slides and recording of online talk on abusive traffic distribution systems at WWW 2021.
Slides of talk on domain registration policies and cybercrime at WEIS 2018 in Innsbruck, Austria.
Slides of talk on email typosquatting at AMC IMC 2017 in London, U.K.
Slides of talk on web typosquatting at Usenix Security 2014 in San Diego, CA, U.S.

Other

Acknowledgement for finding a dangling DNS vulnerability in one of Microsoft’s online services: link.