Many current and former Damballa employees have distinguished themselves within both the academic and business worlds. The following publications feature cutting-edge research, much of which has made its way into Damballa's products.

Understanding the Prevalence and Use of Alternative Plans in Malware with Network Games
Y. Nadji, M. Antonakakis, R. Perdisci, W. Lee.
In Proceedings of The 27th Annual Computer Security Applications Conference (ACSAC 2011), Orlando, FL, December 2011.

Detecting Malware Domains at the Upper DNS Hierarchy
M. Antonakakis, Roberto Perdisci, Wenke Lee, Nikolaos Vasiloglou, David Dagon.
In the 20th USENIX Security Symposium, San Francisco, CA, August 8-12, 2011.

Building a Dynamic Reputation System for DNS
Manos Antonakakis, Roberto Perdisci, David Dagon, Wenke Lee and Nick Feamster.
In Proceedings of the 19th USENIX Security Symposium, Washington D.C., August 11, 2010.

Behavioral Clustering of HTTP-based Malware and Signature Generation using Malicious Network Traces
Roberto Perdisci, Wenke Lee, Nick Feamster.
7th USENIX Symposium on Networked Systems Design and Implementation (NSDI '10), San Jose, CA, April 28–30, 2010.

McBoost: Boosting Scalability in Malware Collection and Analysis Using Statistical Classification of Executables
R. Perdisci, A. Lanzi, W. Lee. Proceedings of the 24th Annual Computer Security Applications Conference (ACSAC 2008), Anaheim, CA, December 2008.

Ether: Malware Analysis via Hardware Virtualization Extensions
A. Dinaburg, P. Royal, M. Sharif, W. Lee. Proceedings of the 15th ACM Conference on Computer and Communications Security (CCS 2008), Alexandria, VA, October 2008.

BotMiner: Clustering Analysis of Network Traffic for Protocol- and Structure-Independent Botnet Detection
G. Gu, R. Perdisci, J. Zhang, W. Lee. USENIX Security Conference, 2008.

Classification of Packed Executables for Accurate Computer Virus Detection
R. Perdisci, A. Lanzi, W. Lee., Pattern Recognition Letters, 29(14), 2008.

A Taxonomy of Botnet Structures
D. Dagon, G. Gu, C. Lee, W. Lee.
In Proceedings of The 23rd Annual Computer Security Applications Conference (ACSAC 2007), Miami Beach, FL, December 2007.

Misleading and Defeating Importance-Scanning Malware Propagation
G. Gu, Z. Chen, P. Porras, W. Lee.
In Proceedings of The 3rd International Conference on Security and Privacy in Communication Networks SecureComm'07), Nice, France, September 2007.

BotHunter: Detecting Malware Infection Through IDS-Driven Dialog Correlation
G. Gu, P. Porras, V. Yegneswaran, M., W. Lee.
In Proceedings of The 16th USENIX Security Symposium (Security'07), Boston, MA, August 2007.

 

PolyUnpack: Automating the Hidden-Code Extraction of Unpack-Executing Malware
P. Royal, M. Halpin, D. Dagon, R. Edmonds, W. Lee.
In Proceedings of The 22th Annual Computer Security Applications Conference (ACSAC 2006), Miami Beach, FL, December 2006.

Modeling Botnet Propagation Using Time Zones
D. Dagon, C. Zou, W. Lee.
In Proceedings of The 13th Annual Network and Distributed System Security Symposium (NDSS 2006), San Diego, CA, February 2006.

Polymorphic Blending Attacks
P. Fogla, M. Sharif, R. Perdisci, O. Kolesnikov, W. Lee. USENIX Security 2006.

Misleading Worm Signature Generators Using Deliberate Noise Injection
R. Perdisci, D. Dagon, W. Lee, P. Fogla, M. Sharif. IEEE Symposium on Security and Privacy 2006.

Using an Ensemble of One-Class SVM Classifiers to Harden Payload-based Anomaly Detection Systems
R. Perdisci, G. Gu, W. Lee. IEEE International Conference on Data Mining, (ICDM 2006)

Worm Detection, Early Warning, and Response Based on Local Victim Information
G. Gu, D. Dagon, X. Qin, M. Sharif, W. Lee, G. Riley.
In Proceedings of The 20th Annual Computer Security Applications Conference (ACSAC 2004), Tucson, Arizona, December 2004.

Simulating Internet Worms
G. Riley, M. Sharif, W. Lee.
In Proceedings of The 12th Annual Meeting of the IEEE/ACM International Symposium on Modeling, Analysis, and Simulation of Computer and Telecommunication Systems (MASCOTS), Volendam, The Netherlands, October 2004

HoneyStat: Local Worm Detection Using Honeypots
D. Dagon, X. Qin, G. Gu, W. Lee, J. Grizzard, J. Levin, H. Owen.
In Proceedings of The 7th International Symposium on Recent Advances in Intrusion Detection (RAID 2004), Sophia Antipolis, France, September 2004.