Marc Ph. Stoecklin  Marc Ph. Stoecklin photo         

contact information

Principal RSM | Department Head, Security
IBM Research - Zurich
  

links



2021

IBM Digital Health Pass: A Privacy-Respectful Platform for Proving Health Status
Elli Androulaki, Ilie Circiumaru, Jesus Diaz Vico, Miguel Prada, Alessandro Sorniotti, Marc Ph. Stoecklin, Marko Vukolic, Marie Wallace
Cryptology ePrint Archive, Report 2021/704


2020

Scarecrow: Deactivating Evasive Malware via Its Own Evasive Logic
Jialong Zhang, Zhongshu Gu, Jiyong Jang, Dhilung Kirat, Marc Ph. Stoecklin, Xiaokui Shu, and Heqing Huang
IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), 2020


2018


Dressed Up: Baiting Attackers through Endpoint Service Projection
Marc Ph. Stoecklin, Jialong Zhang, Frederico Araujo and Teryl Taylor
SDN-NFV Security '18: Proceedings of the ACM Workshop on Security in Software Defined Networks & Network Function Virtualization (in conjunction with CODASPY '18), 2018

Cross-Stack Threat Sensing for Cyber Security and Resilience
Frederico Araujo, Teryl Taylor, Jialong Zhang, Marc Ph. Stoecklin
Proceedings of the IEEE/IFIP International Conference on Dependable Systems and Networks, 2018

Error-Sensor: Mining Information from HTTP Error Traffic for Malware Intelligence
Jialong Zhang, Jiyong Jang, Guofei Gu, Marc Ph. Stoecklin, and Xin Hu
Proceedings of the International Symposium on Research in Attacks, Intrusions and Defenses (RAID), 2018

Threat Intelligence Computing
Xiaokui Shu, Frederico Araujo, Douglas L. Schales, Marc Ph. Stoecklin, Jiyong Jang, Heqing Huang, Josyula R. Rao
Proceedings of the 2018 ACM Conference on Computer and Communications Security (CCS), pp. 1883--1898, ACM

Hidden in Plain Sight: Filesystem View Separation for Data Integrity and Deception
Teryl Taylor, Frederico Araujo, Anne Kohlbrenner, Marc Ph. Stoecklin
Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA), 2018

Protecting Intellectual Property of Deep Neural Networks with Watermarking
Jialong Zhang, Zhongshu Gu, Jiyong Jang, Hui Wu, Marc Ph. Stoecklin, Heqing Huang, Ian Molloy
Proceedings of the ACM Asia Conference on Computer and Communications Security (AsiaCCS), 2018


2017

POSTER: Hidden in Plain Sight: A Filesystem for Data Integrity and Confidentiality
Anne Kohlbrenner, Frederico Araujo, Teryl Taylor, Marc Ph. Stoecklin
Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, pp. 2523-2525
Abstract   sight, ransomware, intrusion detection and prevention, deception, data theft, data integrity, confidentiality, computer security, computer science


2016


Security 360: Enterprise security for the cognitive era
Josyula R. Rao, Suresh N. Chari, Dimitrios Pendarakis, Reiner Sailer, Marc Ph. Stoecklin, Wilfried Teiken, Andreas Wespi
IBM Journal of Research and Development 60(4), 2016

Scalable analytics to detect DNS misuse for establishing stealthy communication channels
Douglas L. Schales, Jiyong Jang, Ting Wang, Xin Hu, Dhilung Kirat, Ben Wuest, Marc Ph. Stoecklin
IBM Journal of Research and Development 60(4), 2016

Scalable malware classification with multifaceted content features and threat intelligence
Xin Hu, Jiyong Jang, Ting Wang, Zubair Ashraf, Marc Ph. Stoecklin, Dhilung Kirat
BM Journal of Research and Development 60(4), 2016

Security intelligence for industrial control systems
Andreas Amrein, Valentino Angeletti, Anton Beitler, Marcel Nemet, Micha Reiser, Simone Riccetti, Marc Ph. Stoecklin, Andreas Wespi
IBM Journal of Research and Development 60(4), 2016

Closing the loop: Network and in-host monitoring tandem for comprehensive cloud security visibility
Stefan Berger, Yangyi Chen, Xin Hu, Dimitrios Pendarakis, Josyula R. Rao, Reiner Sailer, Douglas L. Schales, Marc Ph. Stoecklin
IBM Journal of Research and Development 60(4), 2016

Detecting Malicious Exploit Kits using Tree-based Similarity Searches
Teryl Taylor, Xin Hu, Ting Wang, Jiyong Jang, Marc Ph. Stoecklin, Fabian Monrose, and Reiner Sailer
Proceedings of the ACM Conference on Data and Application Security and Privacy (CODASPY), 2016

BotMeter: Charting DGA-Botnet Landscapes in Large Networks
Ting Wang, Xin Hu, Jiyong Jang, Shouling Shi, Marc Ph. Stoecklin, and Teryl Taylor
Distributed Computing Systems (ICDCS), 2016 IEEE 36th International Conference on, pp. 334--343
Abstract

BAYWATCH: Robust Beaconing Detection to Identify Infected Hosts in Large-Scale Enterprise Networks
Xin Hu, Jiyong Jang, Marc Ph. Stoecklin, Ting Wang, Douglas L. Schales, Dhilung Kirat, and Josyula R. Rao
Proceedings of the IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), 2016

Hunting for Invisibility: Characterizing and Detecting Malicious Web Infrastructures through Server Visibility Analysis
Jialong Zhang, Xin Hu, Jiyong Jang, Ting Wang, Guofei Gu, and Marc Ph. Stoecklin
Proceedings of the IEEE International Conference on Computer Communications (INFOCOM), 2016

Closing the loop: Network and in-host monitoring tandem for comprehensive cloud security visibility
S. Berger, Y. Chen, X. Hu, D. Pendarakis, J. R. Rao, R. Sailer, D. L. Schales, M. P. Stoecklin
IBM Journal of Research and Development 60(4), 10:1-10:12, 2016


2015

FCCE: Highly Scalable Distributed Feature Collection and Correlation Engine for Low Latency Big Data Analytics
Douglas L. Schales, Xin Hu, Jiyong Jang, Reiner Sailer, Marc Ph. Stoecklin, and Ting Wang
Proceedings of the IEEE International Conference on Data Engineering (ICDE), 2015


2014

MUSE: asset risk scoring in enterprise network with mutually reinforced reputation propagation
Xin Hu, Ting Wang, Marc Stoecklin, Douglas L Schales, Jiyong Jang, Reiner Sailer
EURASIP Journal on Information Security, 2014

Stream computing for large-scale, multi-channel cyber threat analytics
Douglas Lee Schales, Mihai Christodorescu, Xin Hu, Jiyong Jang, Josyula R. Rao, Reiner Sailer, Marc Ph. Stoecklin, Wietse Venema, Ting Wang
Proceedings of the IEEE International Conference on Information Reuse and Integration (IRI), pp. 8-15, 2014

Asset Risk Scoring in Enterprise Network with Mutually Reinforced Reputation Propagation
Xin Hu, Ting Wang, Marc Ph. Stoecklin, Douglas L. Schales, Jiyong Jang and Reiner Sailer
International Workshop on Cyber Crime (IWCC '14), 2014


2013

Practical Comprehensive Bounds on Surreptitious Communication Over DNS
Vern Paxson, Mihai Christodorescu, Mobin Javed Josyula Rao, Reiner Sailer, Douglas Schales, Marc Ph. Stoecklin, Kurt Thomas Wietse Venema, Nicholas Weaver
USENIX Security, 2013


2012

Real-time creation of bitmap indexes on streaming network data
Francesco Fusco, Michail Vlachos, Marc Ph. Stoecklin
The VLDB Journal 21(3), 1-21, 2012


2011

Stream Computing for Large-Scale, Multi-Channel Cyber Threat Analytics: Architecture, Implementation, Deployment, and Lessons Learned
Douglas L Schales, Mihai Christodorescu, Josyula R Rao, Reiner Sailer, Marc Ph Stoecklin, Wietse Venema
IBM Technical Report, IBM Research Report, 2011


2010

Simply Top Talkers
J Massar, A Kind, M Ph Stoecklin
FloCon '10: Proc. of CERT FloCon Analysis Workshop, 2010

Net-fli: On-the-fly compression, archiving and indexing of streaming network traffic
Francesco Fusco, Marc Ph. Stoecklin, Michail Vlachos
Proceedings VLDB Endowment 3(1-2), 2010

A flow trace generator using graph-based traffic classification techniques
Peter Siska, Marc Ph. Stoecklin, Andreas Kind, Thorsten Braun
Proceedings of the 6th International Wireless Communications and Mobile Computing Conference, pp. 457--462, 2010


2009

Histogram-based Traffic Anomaly Detection
Andreas Kind, Marc Ph. Stoecklin, Xenofontas Dimitropoulos
IEEE Transactions on Network and Service Management 6(2), 110--12, 2009

On the 95-percentile billing method
X. Dimitropoulos, P. Hurley, A. Kind, M.P. Stoecklin
Proceedings of Passive and Active Measurements (PAM) Conference, pp. 207-216, Springer, 2009


2008

Dynamic Adaptation of Flow Information Granularity for Incident Analysis
Marc Ph. Stoecklin, Andreas Kind, Jean-Yves Le Boudec
FloCon '08: Proc. of CERT FloCon Analysis Workshop, 2008

The Eternal Sunshine of the Sketch Data Structure
X. Dimitropoulos, M. Stoecklin, P. Hurley, A. Kind
Computer Networks 52(17), 3248-3257, Elsevier, 2008

A Two-Layered Anomaly Detection Technique based on Multi-modal Flow Behavior Models
Marc Ph. Stoecklin, Jean-Yves Le Boudec, Andreas Kind
Proceedings of Passive and Active Measurements Conference, pp. 212--221, Springer, 2008


2006

Re-visited: Denial of service resilient access control for wireless sensor networks
Frederic Armknecht, Joao Girao, Marc Ph. Stoecklin, Dirk Westhoff
Security and Privacy in Ad-Hoc and Sensor Networks, 2006

Anomaly detection by finding feature distribution outliers
Marc Ph. Stoecklin
ACM CoNEXT '06: Proc. of ACM International Conference on emerging Networking EXperiments and Technologies [poster], pp. 32, 2006