1. Eavesdropping, Malware,
and Intrusion Detection (EMI)
·
[EMI
Ax00] S. Axelsson, “The Base-rate Fallacy and the
Difficulty of Intrusion Detection”, ACM
Transactions on Information and System Security 3(3), pp. 186-205, August
2000. Abstract.
·
[EMI
Be05] J.A. Bergstra, A. Ponse,
“A Bypass of Cohen's Impossibility Result”, in Advances in Grid Computing: European Grid Conference (EGC 2005),
LNCS 3470, pp. 1097 - 1106, Springer, June 2005. Abstract.
·
[EMI
Mo06] A. Moshchuk, T. Bragin,
S. D. Gribble, H. M. Levy, “A Crawler-based Study of Spyware
on the Web”, in Proceedings of the 13th
Annual Network and Distributed Systems Security Symposium (NDSS 2006), The Internet
Society, 2006. Abstract.
·
[EMI
Wa06] Y.-M. Wang, D. Beck, X. Jiang, “Automated Web Patrol with Strider HoneyMonkeys: Finding Web Sites that Exploit Browser
Vulnerabilities”, in Proceedings of the
13th Annual Network and Distributed Systems Security Symposium (NDSS 2006),
The Internet Society, 2006. Abstract.
·
[EMI
Zh05] L. Zhuang, F. Zhou, J. D. Tygar,
“Keyboard Acoustic Emanations Revisited”, in 12th ACM Conference on Computer and Communications Security (CCS'05),
pp. 373-382, November 2005. Abstract.
2. Obfuscation, Reverse Engineering, Code
Analysis (ORC)
·
[ORC Ge05]
J. Ge, S. Chaudhuri, A. Tyagi, “Control Flow Based Obfuscation”, in 5th ACM Workshop on Digital Rights
Management (DRM '05), pp. 83-92, 2005. Abstract.
·
[ORC He93]
K. Heisler, Y. Kasho, W.-T. Tsai, “A Reverse
Engineering Model for C Programs”, Information
Sciences 68(1-2), pp. 155-189, February 1993. Abstract.
·
[ORC Ud05]
S.K. Udupa, S.K. Debray, M.
Madou, “Deobfuscation:
Reverse Engineering Obfuscated Code”, in 12th
Working Conference on Reverse Engineering, pp. 45- 54, IEEE, November
2005. Abstract.
3. PKI, Access Control, Passwords, Biometrics
(PAP)
·
[PAP Am05]
A. Amesbury, “Password Attack Discussion & Benchmarks (webpage)”, Office of
Information Technology, University of Minnesota, last modified May 24,
2005. Available http://www1.umn.edu/oit/security/passwordattackdiscussion.html,
17 July 2006. Abstract.
·
[PAP Ja06]
A.K. Jain, A. Ross,
·
[PAP Ma05]
J. Marchesini, S. Smith, “Modeling Public Key
Infrastructures in the Real World”, in 2nd
European PKI Workshop (EuroPKI 2005), LNCS 3545,
pp. 118-134, Springer, November 2005. Abstract.
·
[PAP My97]
A. Myers, B. Liskov, “A Decentralized Model for
Information Flow Control”, in 16th ACM
Symposium on Operating Systems Principles (SOSP 1997), pp. 129-142,
1997. Abstract.
·
[PAP Pa03]
A. Pashalidis, C. Mitchell, “A Taxonomy of Single
Sign-On Systems”, in 8th Australasian
Conference on Information Security and Privacy (ACISP 2003), LNCS 2727, pp.
249-264, Springer-Verlag, 2003. Abstract.
·
[PAP Sc06]
N.A. Schmid, M.V. Ketkar,
H. Singh, B. Cukic, “Performance Analysis of
Iris-Based Identification System at the Matching Score Level”, IEEE
Transactions on Information Forensics and Security 1(2), pp. 154-168, June
2006. Abstract.
·
[PAP Si05]
S. Sinclair, S.W. Smith, “PorKI: Making User PKI Safe
on Machines of Heterogeneous Trustworthiness”, in 21st Annual Computer Security Applications Conference (ACSAC), pp.
419-430, IEEE, December 2005. Abstract.
·
[PAP Va06]
G. Vanrenen, S. Smith, J. Marchesini,
“Distributing Security-Mediated PKI”, International
Journal of Information Security 5(1), pp. 3-17, January 2006. Abstract.
4. Secure Computing, DRM (SCD)
·
[SCD Ga03]
J. Garden, “Review of Microsoft Information Rights Management v1.0, A Report
for the E-government Unit of the State Services Commission”, 87 pp., December
2003. Available http://www.e.govt.nz/policy/trust-security/irm-200202/irm-report.pdf,
July 2006. Abstract.
·
[SCD Ga05]
E. Gallery, A. Tomlinson, “Secure Delivery of Conditional Access Applications
to
·
[SCD
Mar04] J. Marchesini, S.W. Smith, O. Wild, J. Stabiner, A. Barsamian,
“Open-Source Applications of TCPA Hardware”, in 20th Annual Computer Security Applications Conference, pp. 294-
303, IEEE, December 2004. Abstract.
·
[SCD Man04]
A. Mana, J. Lopez, J. Ortega, E. Pimentel, J. Troya, “A Framework for Secure Execution of Software”, International Journal of Information
Security 3(2), pp. 99-112, Springer, 2004.
Abstract.
·
[SCD
Pl05] J. Platte, E. Naroska, “A Combined Hardware and
Software Architecture for Secure Computing”, in 2nd Conference on Computing Frontiers, pp. 280-288, ACM, 2005. Abstract.
·
[SCD Ru03]
P. Rupp, T. Estier, “A Model for a Better
Understanding of the Digital Distribution of Music in a Peer-to-Peer
Environment”, in 36th
·
[SCD
Sm01] R. Smith, “Cost Profile of a Highly Assured, Secure Operating System”, in
ACM Transactions on Information and
System Security 4(1), pp. 72-101, February 2001. Abstract.
·
[SCD
Wr02] C. Wright, C. Cowan,
5. Security Modeling and Evaluation (SME)
·
[SME
Ch05] R. Chinchani, A. Iyer,
H.Q. Ngo, S. Upadhyaya, “Towards a Theory of Insider
Threat Assessment”, in 2005 International
Conference on Dependable Systems and Networks (DSN 2005), pp. 108-117,
IEEE, 2005. Abstract.
·
[SME
Go04] H. Gomaa, M. Shin, “Modeling Complex Systems by
Separating Application and Security Concerns”, in 9th IEEE International Conference on Engineering Complex Computer
Systems (ICECCS 2004), pp. 19-28, 2004.
Abstract.
·
[SME
Ni04] D. Nicol, W. Sanders, K. Trivedi,
“Model-based Evaluation: From Dependability to Security”, IEEE Transactions on Dependable and Secure Computing 1(1), pp. 48-
65, January-March 2004. Abstract.
·
[SME
To02] A. Toval, J. Nicolás,
B. Moros, F. García,
“Requirements Reuse for Improving Information Systems Security: A
Practitioner's Approach”, Requirements
Engineering 6(4), pp. 205-219, January 2002. Abstract.