Eugene H. Spafford

Commun. ACM, March, 2024

2023

In Memoriam: William A. Wulf.

[BibT_eX]

[DOI]

Commun. ACM, June, 2023

In Memoriam: Frederick P. Brooks, Jr. 1931-2022.

[BibT_eX]

[DOI]

Commun. ACM, 2023

2022

In memoriam: Juris Hartmanis 1928-2022.

[BibT_eX]

[DOI]

Commun. ACM, 2022

2021

Charles M. Geschke (1939-2021).

[BibT_eX]

[DOI]

Commun. ACM, 2021

Jack Minker (1927 - 2021).

[BibT_eX]

[DOI]

Commun. ACM, 2021

Edmund M. Clarke (1945 - 2020).

[BibT_eX]

[DOI]

Commun. ACM, 2021

Creating a Concept Map for ICS Security - A Delphi Study.

[BibT_eX]

[DOI]

Proceedings of the IEEE Frontiers in Education Conference, 2021

2020

Fran Allen: 1932-2020.

[BibT_eX]

[DOI]

Commun. ACM, 2020

2018

Reactive redundancy for data destruction protection (R2D2).

[BibT_eX]

[DOI]

Saurabh Bagchi

Thomas Yurek

Comput. Secur., 2018

The case for disappearing cyber security.

[BibT_eX]

[DOI]

Josiah Dykstra

Commun. ACM, 2018

A Hypergame Analysis for ErsatzPasswords.

[BibT_eX]

[DOI]

Saurabh Bagchi

Proceedings of the ICT Systems Security and Privacy Protection, 2018

2017

Ghost Patches: Fake Patches for Fake Vulnerabilities.

[BibT_eX]

[DOI]

Jeffrey Avery

Proceedings of the ICT Systems Security and Privacy Protection, 2017

2016

Inhibiting and Detecting Offline Password Cracking Using ErsatzPasswords.

[BibT_eX]

[DOI]

Jeffrey Avery

ACM Trans. Priv. Secur., 2016

The strength of encryption.

[BibT_eX]

[DOI]

Commun. ACM, 2016

Cyber Security Deception.

[BibT_eX]

[DOI]

Proceedings of the Cyber Deception, Building the Scientific Foundation, 2016

2015

Enhancing Passwords Security Using Deceptive Covert Communication.

[BibT_eX]

[DOI]

Proceedings of the ICT Systems Security and Privacy Protection, 2015

ErsatzPasswords: Ending Password Cracking and Detecting Password Leakage.

[BibT_eX]

[DOI]

Proceedings of the 31st Annual Computer Security Applications Conference, 2015

2014

We are out of balance.

[BibT_eX]

[DOI]

SIGCAS Comput. Soc., 2014

An interview with Gene Spafford on balancing breadth and depth in cybersecurity education.

[BibT_eX]

[DOI]

Diana L. Burley

Inroads, 2014

Using Deceptive Information in Computer Security Defenses.

[BibT_eX]

[DOI]

Int. J. Cyber Warf. Terror., 2014

Editorial.

[BibT_eX]

[DOI]

Comput. Secur., 2014

Planning and Integrating Deception into Computer Security Defenses.

[BibT_eX]

[DOI]

Proceedings of the 2014 workshop on New Security Paradigms Workshop, 2014

2013

Incentive Alignment and Risk Perception: An Information Security Application.

[BibT_eX]

[DOI]

Fariborz Farahmand

IEEE Trans. Engineering Management, 2013

Risks and uncertainties in virtual worlds: an educators' perspective.

[BibT_eX]

[DOI]

Fariborz Farahmand

Aman Yadav

J. Comput. High. Educ., 2013

Understanding insiders: An analysis of risk-taking behavior.

[BibT_eX]

[DOI]

Fariborz Farahmand

Inf. Syst. Frontiers, 2013

Back Channels Can Be Useful! - Layering Authentication Channels to Provide Covert Communication.

[BibT_eX]

[DOI]

Proceedings of the Security Protocols XXI, 2013

Improved kernel security through memory layout randomization.

[BibT_eX]

[DOI]

Dannie M. Stanley

Dongyan Xu

Proceedings of the IEEE 32nd International Performance Computing and Communications Conference, 2013

2012

Reverse-safe authentication protocol for secure USB memories.

[BibT_eX]

[DOI]

Kyungroul Lee

Kangbin Yim

Secur. Commun. Networks, 2012

USACM and U.S. legislation.

[BibT_eX]

[DOI]

Commun. ACM, 2012

2011

Intrusion Detection Systems (IDSs): Implementation.

[BibT_eX]

[DOI]

E. Eugene Schultz

Proceedings of the Encyclopedia of Information Assurance, 2011

Editorial for 30/8.

[BibT_eX]

[DOI]

Comput. Secur., 2011

Security, technology, publishing, and ethics (part II).

[BibT_eX]

[DOI]

Comput. Secur., 2011

Implicit Buffer Overflow Protection Using Memory Segregation.

[BibT_eX]

[DOI]

Brent G. Roth

Proceedings of the Sixth International Conference on Availability, 2011

2010

Audlib: a configurable, high-fidelity application audit mechanism.

[BibT_eX]

[DOI]

Benjamin A. Kuperman

Softw. Pract. Exp., 2010

Security, technology, publishing, and ethics (Part I).

[BibT_eX]

[DOI]

Comput. Secur., 2010

Remembrances of things pest.

[BibT_eX]

[DOI]

Commun. ACM, 2010

2009

A distributed requirements management framework for legal compliance and accountability.

[BibT_eX]

[DOI]

Travis D. Breaux

Annie I. Antón

Comput. Secur., 2009

Privacy and security - Answering the wrong questions is no answer.

[BibT_eX]

[DOI]

Commun. ACM, 2009

USACM's policy role.

[BibT_eX]

[DOI]

Commun. ACM, 2009

Assured Information Sharing Life Cycle.

[BibT_eX]

[DOI]

Proceedings of the IEEE International Conference on Intelligence and Security Informatics, 2009

2008

Tracing Worm Break-In and Contaminations via Process Coloring: A Provenance-Preserving Approach.

[BibT_eX]

[DOI]

IEEE Trans. Parallel Distributed Syst., 2008

James P. Anderson: An Information Security Pioneer.

[BibT_eX]

[DOI]

IEEE Secur. Priv., 2008

Inspiration and trust.

[BibT_eX]

[DOI]

Commun. ACM, 2008

Cyber Security: Assessing Our Vulnerabilities and Developing an Effective Defense.

[BibT_eX]

[DOI]

Proceedings of the Protecting Persons While Protecting the People, 2008

2007

Run-time label propagation for forensic audit data.

[BibT_eX]

[DOI]

Florian P. Buchholz

Comput. Secur., 2007

Automated adaptive intrusion containment in systems of interacting services.

[BibT_eX]

[DOI]

Comput. Networks, 2007

CuPIDS: An exploration of highly focused, co-processor-based information system protection.

[BibT_eX]

[DOI]

Paul D. Williams

Comput. Networks, 2007

2006

Desert Island Books.

[BibT_eX]

[DOI]

IEEE Secur. Priv., 2006

Categories of digital investigation analysis techniques based on the computer history model.

[BibT_eX]

[DOI]

Brian D. Carrier

Digit. Investig., 2006

Some Challenges in Digital Forensics.

[BibT_eX]

[DOI]

Proceedings of the Advances in Digital Forensics II - IFIP International Conference on Digital Forensics, National Centre for Forensic Science, Orlando, Florida, USA, January 29, 2006

Provenance-Aware Tracing ofWorm Break-in and Contaminations: A Process Coloring Approach.

[BibT_eX]

[DOI]

Proceedings of the 26th IEEE International Conference on Distributed Computing Systems (ICDCS 2006), 2006

2005

Efficient Intrusion Detection using Automaton Inlining.

[BibT_eX]

[DOI]

Rajeev Gopalakrishna

Jan Vitek

Proceedings of the 2005 IEEE Symposium on Security and Privacy (S&P 2005), 2005

Virtual Playgrounds for Worm Behavior Investigation.

[BibT_eX]

[DOI]

Proceedings of the Recent Advances in Intrusion Detection, 8th International Symposium, 2005

ADEPTS: Adaptive Intrusion Response Using Attack Graphs in an E-Commerce Environment.

[BibT_eX]

[DOI]

Proceedings of the 2005 International Conference on Dependable Systems and Networks (DSN 2005), 28 June, 2005

Automated Digital Evidence Target Definition Using Outlier Analysis and Existing Evidence.

[BibT_eX]

[DOI]

Brian D. Carrier

Proceedings of the Refereed Proceedings of the 5th Annual Digital Forensic Research Workshop, 2005

2004

Grand Challenges in Information Security: Process and Output.

[BibT_eX]

[DOI]

Sean W. Smith

IEEE Secur. Priv., 2004

On the role of file system metadata in digital forensics.

[BibT_eX]

[DOI]

Florian P. Buchholz

Digit. Investig., 2004

What <sup>star</sup>is<sup>star</sup> information security?

[BibT_eX]

[DOI]

Proceedings of the 35th SIGCSE Technical Symposium on Computer Science Education, 2004

2003

Getting Physical with the Digital Investigation Process.

[BibT_eX]

[DOI]

Brian D. Carrier

Int. J. Digit. EVid., 2003

Risks of total surveillance.

[BibT_eX]

[DOI]

Barbara Simons

Commun. ACM, 2003

PFIRES: a policy framework for information security.

[BibT_eX]

[DOI]

Jackie Rees

Subhajyoti Bandyopadhyay

Commun. ACM, 2003

A Failure to Learn from the Past.

[BibT_eX]

[DOI]

Proceedings of the 19th Annual Computer Security Applications Conference (ACSAC 2003), 2003

Poly2 Paradigm: A Secure Network Service Architecture.

[BibT_eX]

[DOI]

Proceedings of the 19th Annual Computer Security Applications Conference (ACSAC 2003), 2003

Practical Unix and internet security - securing Solaris, Mac OS X, Linux and FreeBSD: extensivley revised (3. ed.).

[BibT_eX]

[DOI]

Alan Schwartz

O'Reilly, ISBN: 978-0-596-00323-4, 2003

2002

Security and Privacy Challenges of a Digital Government.

[BibT_eX]

[DOI]

Proceedings of the Advances in Digital Government - Technology, Human Factors, and Policy, 2002

Using Internal Sensors and Embedded Detectors for Intrusion Detection.

[BibT_eX]

[DOI]

Florian Kerschbaum

J. Comput. Secur., 2002

2001

Connectivity provisioning with security attributes.

[BibT_eX]

[DOI]

Mahesh V. Tripunitara

Softw. Focus, 2001

Digital Government Security Infrastructure Design Challenges.

[BibT_eX]

[DOI]

Computer, 2001

Security models for web-based applications.

[BibT_eX]

[DOI]

Commun. ACM, 2001

Secure outsourcing of scientific computations.

[BibT_eX]

[DOI]

Konstantinos N. Pantazopoulos

John R. Rice

Adv. Comput., 2001

The Hidden Meta-Requirements of Security and Privacy.

[BibT_eX]

[DOI]

Proceedings of the 5th IEEE International Symposium on Requirements Engineering (RE 2001), 2001

2000

IC Online: Infosecurity Summit at the White House.

[BibT_eX]

[DOI]

IEEE Internet Comput., 2000

Intrusion detection using autonomous agents.

[BibT_eX]

[DOI]

Comput. Networks, 2000

Network traffic tracking systems: folly in the large?

[BibT_eX]

[DOI]

Thomas E. Daniels

Proceedings of the 2000 Workshop on New Security Paradigms, 2000

A Network Audit System for Host-based Intrusion Detection (NASHID) in Linux.

[BibT_eX]

[DOI]

Thomas E. Daniels

Proceedings of the 16th Annual Computer Security Applications Conference (ACSAC 2000), 2000

1999

Identification of Host Audit Data to Detect Attacks on Low-level IP Vulnerabilities.

[BibT_eX]

[DOI]

Thomas E. Daniels

J. Comput. Secur., 1999

New directions for the AAFID architecture.

[BibT_eX]

[DOI]

Proceedings of the Recent Advances in Intrusion Detection, Second International Workshop, 1999

1998

Prototyping experiences with classical IP and ARP over signaled ATM connections.

[BibT_eX]

[DOI]

Christoph L. Schuba

Berry Kercheval

J. Syst. Softw., 1998

Dissemination of state information in distributed autonomous systems.

[BibT_eX]

[DOI]

Steve J. Chapin

Comput. Commun., 1998

An Architecture for Intrusion Detection Using Autonomous Agents.

[BibT_eX]

[DOI]

J. S. Balasubramaniyan

J. O. Garcia-Fernandez

D. Isacoff

Proceedings of the 14th Annual Computer Security Applications Conference (ACSAC 1998), 1998

1997

Secure CGI/API programming.

[BibT_eX]

World Wide Web J., 1997

Cryptography and the Web.

[BibT_eX]

World Wide Web J., 1997

Firewalls: An Expert Roundtable.

[BibT_eX]

[DOI]

IEEE Softw., 1997

Authorship analysis: identifying the author of a program.

[BibT_eX]

[DOI]

Ivan Krsul

Comput. Secur., 1997

Analysis of a Denial of Service Attack on TCP.

[BibT_eX]

[DOI]

Proceedings of the 1997 IEEE Symposium on Security and Privacy, 1997

Misplaced Trust: Kerberos 4 Session Keys.

[BibT_eX]

[DOI]

Bryn Dole

Steven W. Lodin

Proceedings of the Network and Distributed System Security Symposium, 1997

Low-threat security patches and tools.

[BibT_eX]

[DOI]

Samuel S. Wagstaff Jr.

Proceedings of the 1997 International Conference on Software Maintenance (ICSM '97), 1997

Failure and Fault Analysis for Software Debugging.

[BibT_eX]

[DOI]

Hsin Pan

Proceedings of the 21st International Computer Software and Applications Conference (COMPSAC '97), 1997

A Reference Model for Firewall Technology.

[BibT_eX]

[DOI]

Christoph L. Schuba

Proceedings of the 13th Annual Computer Security Applications Conference (ACSAC 1997), 1997

Web security and commerce - risks, technologies, and strategies.

[BibT_eX]

O'Reilly, ISBN: 978-1-56592-269-3, 1997

1996

Critical Slicing for Software Fault Localization.

[BibT_eX]

[DOI]

Hsin Pan

Proceedings of the 1996 International Symposium on Software Testing and Analysis, 1996

Practical UNIX and internet security (2. ed.).

[BibT_eX]

O'Reilly, ISBN: 978-1-56592-148-1, 1996

1995

UNIX and Security: The Influences of History.

[BibT_eX]

[DOI]

Inf. Secur. J. A Glob. Perspect., 1995

Information Superhighway or Road to Ruin?

[BibT_eX]

[DOI]

Proceedings of the Proceedings Supercomputing '95, San Diego, CA, USA, December 4-8, 1995, 1995

1994

Support for Implementing Scheduling Algorithms Using MESSIAHS.

[BibT_eX]

[DOI]

Steve J. Chapin

Sci. Program., 1994

Computer Viruses as Artificial Life.

[BibT_eX]

[DOI]

Artif. Life, 1994

Experiences with Tripwire: The Evaluation and Writing of a Security Tool.

[BibT_eX]

[DOI]

Gene H. Kim

Proceedings of the USENIX Applications Development Symposium Proceedings 1994, 1994

Constructing Distributed Schedulers Using the MESSIAHS Interface Language.

[BibT_eX]

Steve J. Chapin

Proceedings of the 27th Annual Hawaii International Conference on System Sciences (HICSS-27), 1994

The Design and Implementation of Tripwire: A File System Integrity Checker.

[BibT_eX]

[DOI]

Gene H. Kim

Proceedings of the CCS '94, 1994

1993

Debugging with Dynamic Slicing and Backtracking.

[BibT_eX]

[DOI]

Softw. Pract. Exp., 1993

Software forensics: Can we track code to its authors?

[BibT_eX]

[DOI]

Stephen A. Weeber

Comput. Secur., 1993

1992

Are computer hacker break-ins ethical?

[BibT_eX]

[DOI]

J. Syst. Softw., 1992

OPUS: Preventing weak password choices.

[BibT_eX]

[DOI]

Comput. Secur., 1992

A generic virus scanner for C++.

[BibT_eX]

[DOI]

Sandeep Kumar

Proceedings of the Eighth Annual Computer Security Applications Conference, 1992

1991

An Execution-Backtracking Approach to Debugging.

[BibT_eX]

[DOI]

IEEE Softw., 1991

Dynamic Slicing in the Presence of Unconstrained Pointers.

[BibT_eX]

[DOI]

Proceedings of the Symposium on Testing, Analysis, and Verification, 1991

1990

Extending Mutation Testing to Find Environmental Bugs.

[BibT_eX]

[DOI]

Softw. Pract. Exp., 1990

Workshop report: experiences with building distributed and multiprocessor systems.

[BibT_eX]

[DOI]

Chuck Koelbel

George Leach

ACM SIGSOFT Softw. Eng. Notes, 1990

Workshop on Experiences with Building Distributed and Multiprocessor Systems.

[BibT_eX]

[DOI]

Charles Koelbel

George Leach

ACM SIGOPS Oper. Syst. Rev., 1990

Workshop report: workshop on experiences with building distributed and multiprocessor systems.

[BibT_eX]

[DOI]

Chuck Koelbel

George Leach

Comput. Commun. Rev., 1990

The COPS Security Checker System.

[BibT_eX]

Daniel Farmer

Proceedings of the Usenix Summer 1990 Technical Conference, 1990

Methods of integrating the study of ethics into the computer science curriculum (panel session).

[BibT_eX]

[DOI]

Proceedings of the 21st SIGCSE Technical Symposium on Computer Science Education, 1990

Networking in the nineties (panel session).

[BibT_eX]

[DOI]

Proceedings of the 21st SIGCSE Technical Symposium on Computer Science Education, 1990

1989

Bibliography on debugging and backtracking.

[BibT_eX]

[DOI]

ACM SIGSOFT Softw. Eng. Notes, 1989

The internet worm program: an analysis.

[BibT_eX]

[DOI]

Comput. Commun. Rev., 1989

Crisis and Aftermath.

[BibT_eX]

[DOI]

Commun. ACM, 1989

The Internet Worm Incident.

[BibT_eX]

[DOI]