David Gugelmann scite author profile

David Gugelmann

5Publications

98Citation Statements Received

44Citation Statements Given

How they've been cited

141

How they cite others

Affiliations

ETH Zurich

Publications

Order By: Most citations

An Automated Approach for Complementing Ad Blockers’ Blacklists

Gugelmann

Happe

Ager

et al. 2015

View full text Add to dashboard Cite

Privacy in the Web has become a major concern resulting in the popular use of various tools for blocking tracking services. Most of these tools rely on manually maintained blacklists, which need to be kept up-to-date to protect Web users’ privacy efficiently. It is challenging to keep pace with today’s quickly evolving advertisement and analytics landscape. In order to support blacklist maintainers with this task, we identify a set of Web traffic features for identifying privacyintrusive services. Based on these features, we develop an automatic approach that learns the properties of advertisement and analytics services listed by existing blacklists and proposes new services for inclusion on blacklists. We evaluate our technique on real traffic traces of a campus network and find in the order of 200 new privacy-intrusive Web services that are not listed by the most popular Firefox plug-in Adblock Plus. The proposed Web traffic features are easy to derive, allowing a distributed implementation of our approach.

show abstract

Accurate network anomaly classification with generalized entropy metrics

et al. 2011

View full text Add to dashboard Cite

FeedRank: A tamper- resistant method for the ranking of cyber threat intelligence feeds

Meier

Scherrer

Gugelmann³

et al. 2018

View full text Add to dashboard Cite

Hviz: HTTP(S) traffic aggregation and visualization for network forensics

Gugelmann

Gasser

Ager

et al. 2015

Digital Investigation

View full text Add to dashboard Cite

a b s t r a c t HTTP and HTTPS traffic recorded at the perimeter of an organization is an exhaustive data source for the forensic investigation of security incidents. However, due to the nested nature of today's Web page structures, it is a huge manual effort to tell apart benign traffic caused by regular user browsing from malicious traffic that relates to malware or insider threats. We present Hviz, an interactive visualization approach to represent the event timeline of HTTP and HTTPS activities of a workstation in a comprehensible manner. Hviz facilitates incident investigation by structuring, aggregating, and correlating HTTP events between workstations in order to reduce the number of events that are exposed to an investigator while preserving the big picture. We have implemented a prototype system and have used it to evaluate its utility using synthetic and real-world HTTP traces from a campus network. Our results show that Hviz is able to significantly reduce the number of user browsing events that need to be exposed to an investigator by distilling the structural properties of HTTP traffic, thus simplifying the examination of malicious activities that arise from malware traffic or insider threats.

show abstract

Can Content-Based Data Loss Prevention Solutions Prevent Data Leakage in Web Traffic?

Gugelmann

Studerus²,

Lenders

et al. 2015

IEEE Secur. Privacy

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

David Gugelmann

An Automated Approach for Complementing Ad Blockers’ Blacklists

Accurate network anomaly classification with generalized entropy metrics

FeedRank: A tamper- resistant method for the ranking of cyber threat intelligence feeds

Hviz: HTTP(S) traffic aggregation and visualization for network forensics

Can Content-Based Data Loss Prevention Solutions Prevent Data Leakage in Web Traffic?

Contact Info

Product

Resources

About