Research Articles

Reethika Ramesh and Janos Szurdi
The Next Level: Typo DGAs Used in Malicious Redirection Chains
Palo Alto Networks’s Unit42 blog. Published on 03/06/2025. Last accessed on 08/10/2025.
[PDF]

Moe Ghasemisharif, Janos Szurdi, Zhanhao Chen and Daiping Liu
Automatically Detecting DNS Hijacking in Passive DNS
Palo Alto Networks’s Unit42 blog. Published on 11/04/2024. Last accessed on 08/10/2025.
[PDF]

Janos Szurdi, Shehroze Farooqi and Nabeel Mohamed
Toward Ending the Domain Wars: Early Detection of Malicious Stockpiled Domains
Palo Alto Networks’s Unit42 blog. Published on 12/15/2023. Last accessed on 12/18/2023.
[PDF]

Janos Szurdi, Rebekah Houser and Daiping Liu
Domain Shadowing: A Stealthy Use of DNS Compromise for Cybercrime
Palo Alto Networks’s Unit42 blog. Published on 09/21/2022. Last accessed on 09/30/2022.
[PDF]

Janos Szurdi
Tor 101: How Tor Works and its Risks to the Enterprise
Palo Alto Networks’s Unit42 blog. Published on 08/29/2022. Last accessed on 09/30/2022.
[PDF]

Janos Szurdi
A Peek into Top-Level Domains and Cybercrime
Palo Alto Networks’s Unit42 blog. Published on 11/11/2021. Last accessed on 09/30/2022.
[PDF]

Janos Szurdi, Rebekah Houser and Daiping Liu
Fast Flux 101: How Cybercriminals Improve the Resilience of Their Infrastructure to Evade Detection and Law Enforcement Takedowns
Palo Alto Networks’s Unit42 blog. Published on 03/02/2021. Last accessed on 09/30/2022.
[PDF]

Ruian Duan, Zhanhao Chen, Seokkyung Chung, Janos Szurdi and Jingwei Fan
Domain Parking: A Gateway to Attackers Spreading Emotet and Impersonating McAfee
Palo Alto Networks’s Unit42 blog. Published on 10/29/2020. Last accessed on 09/30/2022.
[PDF]

Zhanhao Chen and Janos Szurdi
Cybersquatting: Attackers Mimicking Domains of Major Brands Including Facebook, Apple, Amazon and Netflix to Scam Consumers
Palo Alto Networks’s Unit42 blog. Published on 09/01/2020. Last accessed on 09/30/2022.
[PDF]

Janos Szurdi, Zhanhao Chen, Oleksii Starov, Adrian McCabe and Ruian Duan
Studying How Cybercriminals Prey on the COVID-19 Pandemic
Palo Alto Networks’s Unit42 blog. Published on 04/22/2020. Last accessed on 09/30/2022.
[PDF]
Report on results utilized by Interpol

Peer Reviewed Research

Janos Szurdi, Meng Luo, Brian Kondracki, Nick Nikiforakis and Nicolas Christin
Where are you taking me? understanding abusive traffic distribution systems
In Proceedings of the Web Conference 2021 (WWW’21). Ljubljana, Slovenia. 2021.
[BibTeX] [Slides] [Talk] [Github]

Janos Szurdi and Nicolas Christin
Domain Registration Policy Strategies and the Fight against Online Crime
In Proceedings (online) of the 17th Workshop on Economics of Information Security (WEIS 2018).
[BibTeX] [Slides]

Tyler Moore, Nicolas Christin and Janos Szurdi
Revisiting the Risks of Bitcoin Currency Exchange Closure
In Proceedings of ACM Transactions on Internet Technology. 2018.
[BibTeX]

Janos Szurdi and Nicolas Christin
Email Typosquatting
In Proceedings of the 2017 ACM Internet Measurement Conference (IMC’17). London, UK. Nov. 2017.
[Appendix] [BibTeX] [Slides]

Zachary Weinberg, Mahmood Sharif, Janos Szurdi and Nicolas Christin
Topics of Controversy: An Empirical Analysis of Web Censorship Lists
In Proceedings of the Privacy Enhancing Technology Symposium (PETS 2017), July 2017.
[BibTeX]

J. Szurdi, B. Kocso, G. Cseh, J. Spring, M. Felegyhazi and C. Kanich
The Long Taile of Typosquatting Domain Names
In Proceedings of Usenix Security Symposium 2014, Aug. 2014.
[BibTeX] [Slides]
[Trailer by Mark Felegyhazi]

T. Halvorson, J. Szurdi, G. Maier, M. Felegyhazi, C. Kreibich, N. Weaver, K. Levchenko and V. Paxson
The BIZ Top-Level Domain: Ten Years Later
In Proceedings of Passive Active Measurements (PAM 2012), Vienna, Austria, March 12-14, 2012.
[BibTeX]

Academic Service

Served as a reviewer for WWW 2025 and WWW 2024.

Ph.D. Thesis

Janos Szurdi
Measuring and Analyzing Typosquatting Toward Fighting Abusive Domain Registrations.
Diss. Carnegie Mellon University, 2020.
[BibTeX]

Patents

Janos Szurdi, Daiping Liu and Jun Wang
Automated extraction and classification of malicious indicators
US Patent App. 17/185,760. 2021.
[BibTeX] [PDF]

Janos Szurdi, Weihan Jiang and David Qianshan He
System and method for detecting dictionary-based dga traffic
US Patent App. 17/723,292. 2022.
[BibTeX] [PDF]

Janos Szurdi, Rebekah Houser and Daiping Liu
Detecting Shadowed Domains
US Patent App. 17/878,665. 2022
[BibTeX] [PDF]

Janos Szurdi, Daiping Liu, Tong Zhao, Tingxiang Zhu, Linan Li
Inline Detection of Dictionary DGA Domain Names with Reduced Cost and Latency
US Patent App. 18/309,105. 2023
[BibTeX] [PDF]

Ruian Duan, Zhanhao Chen, Janos Szurdi and Daiping Liu,
Detecting And Protecting Claimable Non-Existent Domains
US Patent App. 18/228,357. 2023
[BibTeX] [PDF]

Janos Szurdi, Mohamed Yoosuf Mohamed Nabeel, Shehroze Farooqi, George Morrison Jones and Arun Bala Kumar
Methods To Detect Malicious Stockpiled Domain Names
US Patent App. 18/374,888. 2023
[BibTeX] [PDF]

Ruian Duan, Janos Szurdi and Daiping Liu
SCALABLE DOMAIN-LEVEL SINKHOLING AND INTERACTION OF NETWORK TRAFFIC.
Pending. 2024

Janos Szurdi, Daiping Liu, Zhanhao Chen, Ruian Duan and Mohammad Ghasemisharif
Proactively Defending Against DNS Compromise, Misuse, and Errors Using Historical Resource Records
Pending. 2024

Mohamed Yoosuf Mohamed Nabeel, Gaurav Mitesh Dalal, Shaown Sarker, Shehroze Farooqi and Janos Szurdi
REAL-TIME AUTOMATED EXTRACTION OF CAMPAIGN CTI FROM THREAT REPORTS
Pending. 2024

Janos Szurdi, Mohammad Ghasemisharif, Daiping Liu, Zhanhao Chen, Rebekah Houser, Fan Fei, Arun Bala Kumar and Yu-Hsiang Kao
METHODS TO DETECT DNS HIJACKING
Pending. 2025

Janos Szurdi, Mohammad Ghasemisharif, Zhanhao Chen, Daiping Liu, Wanjin Li and Fan Fei
REAL-TIME DETECTION OF DNS HIJACKING
Pending. 2025

Mohamed Yoosuf Mohamed Nabeel, Janos Szurdi, William Russell Melicher, Ruian Duan, Oleksii Starov and Daiping Liu
Pipeline For Intelligently Pre-filtering Candidates for Malicious Domain Detection
Pending. 2025

Mohammad Ghasemisharif, Janos Szurdi, Daiping Liu, Zhanhao Chen and Fan Fei
Improved DNS Hijacking Detection with Content and Server-Based Features and Delayed Filtering
Pending. 2025

Janos Szurdi, Mohammad Ghasemisharif, Fan Fei and Daiping Liu
A Cost-efficient Method to Detect DNS Hijacking Inline
Pending. 2025

Talks

Slides of talk on AI in Web and DNS Security at Budapest AI Hub April 2025 in Budapest, Hungary.
Slides and recording of talk on using graphical neural networks to proactively uncover malicious infrastructure at Virus Bulletin 2024 in Dublin, Ireland.
Slides and recording of online talk on abusive traffic distribution systems at WWW 2021.
Slides of talk on domain registration policies and cybercrime at WEIS 2018 in Innsbruck, Austria.
Slides of talk on email typosquatting at AMC IMC 2017 in London, U.K.
Slides of talk on web typosquatting at Usenix Security 2014 in San Diego, CA, U.S.

Other

Acknowledgement for finding a dangling DNS vulnerability in one of Microsoft’s online services: link.