See my Google Scholar citations profile for more publications. Below is a sample of recent and relevant work.

Marcin Nawrocki, John Kristoff, Raphael Hiesgen, Chris Kanich, Thomas C. Schmdit, Matthias Wahlisch, “SoK: A Data-driven View on Methods to Detect Reflective Amplification DDoS Attacks Using Honeypots”, in the Proceedings of Euro S&P, 2023. [html], [pdf preprint]

John Kristoff, Duane Wessels, “DNS Transport over TCP - Operational Requirements”, IETF RFC 9210 / BCP 235, March 2022. [html]

John Kristoff, Mohammad Ghasemisharif, Chris Kanich, Jason Polakis, “Plight at the End of the Tunnel: Legacy IPv6 Transition Mechanisms in the Wild”, in Proceedings of the Passive and Active Measurement Conference (PAM), 2021. [html], [pdf preprint]

Konstantinos Solomos, John Kristoff, Chris Kanich, Jason Polakis, “Tales of Favicons and Caches: Persistent Tracking in Modern Browsers”, in Proceedings of the Network and Distributed System Security Symposium (NDSS), 2021. [pdf]

John Kristoff, Randy Bush, Chris Kanich, George Michaelson, Amreesh Phokeer, Thomas C. Schmidt, Matthias W√§hlisch, “On Measuring RPKI Relying Parties”, in Proceedings of the ACM Internet Measurement Conference (IMC), 2020. [pdf]

John Kristoff, “Builiding an Internet Security Feeds Service”, USENIX ;login;, Fall 2018. [pdf]

Matthew Sargent, John Kristoff, Vern Paxson, Mark Allman, “On the Potential Abuse of IGMP”, in Computer Communications Review (CCR) ACM SIGCOMM, January 2017. [pdf]