Michael E. Locasto

Robert Lathrop

Rebecca Shapiro

Proceedings of the 2023 IEEE Security and Privacy Workshops (SPW), 2023

2022

A Format-Aware Reducer for Scriptable Rewriting of PDF Files.

[BibT_eX]

[DOI]

Steven Cheung

Nicholas Boorman

Proceedings of the 43rd IEEE Security and Privacy, 2022

2021

A Communications Validity Detector for SCADA Networks.

[BibT_eX]

[DOI]

Proceedings of the Critical Infrastructure Protection XV, 2021

2020

IoTHound: environment-agnostic device identification and monitoring.

[BibT_eX]

[DOI]

Liwei Song

Ioannis Agadakos

Bogdan Copos

Ulf Lindqvist

Proceedings of the IoT '20: 10th International Conference on the Internet of Things, 2020

2019

Converting an Electric Power Utility Network to Defend Against Crafted Inputs.

[BibT_eX]

[DOI]

Michael C. Millian

Sean W. Smith

Proceedings of the Critical Infrastructure Protection XIII, 2019

2018

Integrating Hands-on Cybersecurity Exercises into the Curriculum in 2018: (Abstract Only).

[BibT_eX]

[DOI]

Proceedings of the 49th ACM Technical Symposium on Computer Science Education, 2018

Risks and Benefits of Side-Channels in Battlefields.

[BibT_eX]

[DOI]

Ioannis Agadakos

Proceedings of the 21st International Conference on Information Fusion, 2018

2017

Curing the Vulnerable Parser: Design Patterns for Secure Input Handling.

[BibT_eX]

[DOI]

Cybersecurity Education and Assessment in EDURange.

[BibT_eX]

[DOI]

IEEE Secur. Priv., 2017

Live Lesson: The EDURange Framework and a Movie-themed Exercise in Network Reconnaissance.

[BibT_eX]

[DOI]

Proceedings of the 2017 USENIX Workshop on Advances in Security Education, 2017

Building Hardened Internet-of-Things Clients with Language-Theoretic Security.

[BibT_eX]

[DOI]

Ulf Lindqvist

Proceedings of the 2017 IEEE Security and Privacy Workshops, 2017

Building and Supporting a Community of CS Educators Teaching Cybersecurity in 2017 (Abstract Only).

[BibT_eX]

[DOI]

Ambareen Siraj

Blair Taylor

Siddharth Kaza

Proceedings of the 2017 ACM SIGCSE Technical Symposium on Computer Science Education, 2017

Hands-on Cybersecurity Exercises That are Easy to Access and Assess (Abstract Only).

[BibT_eX]

[DOI]

Proceedings of the 2017 ACM SIGCSE Technical Symposium on Computer Science Education, 2017

Jumping the Air Gap: Modeling Cyber-Physical Attack Paths in the Internet-of-Things.

[BibT_eX]

[DOI]

Ioannis Agadakos

Chien-Ying Chen

Matteo Campanelli

Ulf Lindqvist

Proceedings of the 2017 Workshop on Cyber-Physical Systems Security and PrivaCy, 2017

2016

Finding the Balance Between Guidance and Independence in Cybersecurity Exercises.

[BibT_eX]

[DOI]

Proceedings of the 2016 USENIX Workshop on Advances in Security Education (ASE 16), 2016

In Search of Shotgun Parsers in Android Applications.

[BibT_eX]

[DOI]

Katherine Underwood

Proceedings of the 2016 IEEE Security and Privacy Workshops, 2016

A Reflective Approach to Assessing Student Performance in Cybersecurity Exercises.

[BibT_eX]

[DOI]

Proceedings of the 47th ACM Technical Symposium on Computing Science Education, 2016

A Survey of Ethical Agreements in Information Security Courses.

[BibT_eX]

[DOI]

Benedict Chukuka

Proceedings of the 47th ACM Technical Symposium on Computing Science Education, 2016

Assessment of Security Knowledge, Skills and Abilities using Hands-On Exercises in 2016 (Abstract Only).

[BibT_eX]

[DOI]

Siddharth Kaza

Ambareen Siraj

Proceedings of the 47th ACM Technical Symposium on Computing Science Education, 2016

2015

Teaching Security Using Hands-on Exercises in 2015 (Abstract Only).

[BibT_eX]

[DOI]

Justin Cappos

Ambareen Siraj

Proceedings of the 46th ACM Technical Symposium on Computer Science Education, 2015

Teaching Cybersecurity Analysis Skills in the Cloud.

[BibT_eX]

[DOI]

Proceedings of the 46th ACM Technical Symposium on Computer Science Education, 2015

2014

Why Wassenaar Arrangement's Definitions of "Intrusion Software" and "Controlled Items" Put Security Research and Defense At Risk.

[BibT_eX]

[DOI]

Why Offensive Security Needs Engineering Textbooks: Or, How to Avoid a Replay of "Crypto Wars" in Security Research.

[BibT_eX]

[DOI]

Beyond Planted Bugs in "Trusting Trust": The Input-Processing Frontier.

[BibT_eX]

[DOI]

Trey Darley

Rebecca Shapiro

IEEE Secur. Priv., 2014

An Experience Report on Extracting and Viewing Memory Events via Wireshark.

[BibT_eX]

[DOI]

Sarah Laing

John Aycock

Proceedings of the 8th USENIX Workshop on Offensive Technologies, 2014

EDURange: Meeting the Pedagogical Challenges of Student Participation in Cybertraining Environments.

[BibT_eX]

[DOI]

Proceedings of the 7th Workshop on Cyber Security Experimentation and Test, 2014

Hands-on cybersecurity exercises in the EDURange framework (abstract only).

[BibT_eX]

[DOI]

Proceedings of the 45th ACM Technical Symposium on Computer Science Education, 2014

Teaching security using hands-on exercises (abstract only).

[BibT_eX]

[DOI]

Justin Cappos

Proceedings of the 45th ACM Technical Symposium on Computer Science Education, 2014

Verifying security patches.

[BibT_eX]

[DOI]

Jonathan Gallagher

Robin Gonzalez

Proceedings of the 2014 International Workshop on Privacy & Security in Programming, 2014

Panel Summary: The Future of Software Regulation.

[BibT_eX]

[DOI]

Benjamin Edwards

Jeremy Epstein

Proceedings of the 2014 workshop on New Security Paradigms Workshop, 2014

'Weird Machine' Patterns.

[BibT_eX]

[DOI]

Proceedings of the Cyberpatterns, 2014

2013

Security Applications of Formal Language Theory.

[BibT_eX]

[DOI]

Len Sassaman

IEEE Syst. J., 2013

Hands-on cybersecurity exercises and the rave virtual environment (abstract only).

[BibT_eX]

[DOI]

Proceedings of the 44th ACM Technical Symposium on Computer Science Education, 2013

Teaching security using hands-on exercises (abstract only).

[BibT_eX]

[DOI]

Proceedings of the 44th ACM Technical Symposium on Computer Science Education, 2013

2012

Intrusion detection for resource-constrained embedded control systems in the power grid.

[BibT_eX]

[DOI]

Int. J. Crit. Infrastructure Prot., 2012

Software Diversity: Security, Entropy and Game Theory.

[BibT_eX]

[DOI]

Saran Neti

Anil Somayaji

Proceedings of the 7th USENIX Workshop on Hot Topics in Security, 2012

Hacking and the security curriculum: building community (abstract only).

[BibT_eX]

[DOI]

Proceedings of the 43rd ACM technical symposium on Computer science education, 2012

Identifying effective pedagogical practices for commenting computer source code (abstract only).

[BibT_eX]

[DOI]

Peter DePasquale

Lisa C. Kaczmarczyk

Proceedings of the 43rd ACM technical symposium on Computer science education, 2012

// TODO: Help students improve commenting practices.

[BibT_eX]

[DOI]

Proceedings of the IEEE Frontiers in Education Conference, 2012

LoSt: location based storage.

[BibT_eX]

[DOI]

Gaven J. Watson

Reihaneh Safavi-Naini

Mohsen Alimomeni

Shivaramakrishnan Narayan

Proceedings of the 2012 ACM Workshop on Cloud computing security, 2012

Babel: a secure computer is a polyglot.

[BibT_eX]

[DOI]

John Aycock

Daniel Medeiros Nunes de Castro

Chris Jarabek

Proceedings of the 2012 ACM Workshop on Cloud computing security, 2012

2011

CPU Denial of Service.

[BibT_eX]

[DOI]

Proceedings of the Encyclopedia of Cryptography and Security, 2nd Ed., 2011

Exploit Programming: From Buffer Overflows to "Weird Machines" and Theory of Computation.

[BibT_eX]

[DOI]

Len Sassaman

A Failure-Based Discipline of Trustworthy Information Systems.

[BibT_eX]

[DOI]

Matthew C. Little

IEEE Secur. Priv., 2011

The ephemeral legion: producing an expert cyber-security work force from thin air.

[BibT_eX]

[DOI]

Commun. ACM, 2011

Security and privacy considerations in digital death.

[BibT_eX]

[DOI]

Michael Massimi

Peter DePasquale

Proceedings of the 2011 New Security Paradigms Workshop, 2011

Using Active Intrusion Detection to Recover Network Trust.

[BibT_eX]

[DOI]

John F. Williamson

Proceedings of the Past, 2011

Lightweight Intrusion Detection for Resource-Constrained Embedded Control Systems.

[BibT_eX]

[DOI]

Proceedings of the Critical Infrastructure Protection V, 2011

2010

On the General Applicability of Instruction-Set Randomization.

[BibT_eX]

[DOI]

IEEE Trans. Dependable Secur. Comput., 2010

On the infeasibility of modeling polymorphic shellcode - Re-thinking the role of learning in intrusion detection systems.

[BibT_eX]

[DOI]

Mach. Learn., 2010

Katana: Towards Patching as a Runtime Part of the Compiler-Linker-Loader Toolchain.

[BibT_eX]

[DOI]

Int. J. Secur. Softw. Eng., 2010

SegSlice: Towards a New Class of Secure Programming Primitives for Trustworthy Platforms.

[BibT_eX]

[DOI]

Brian Schulte

Proceedings of the Trust and Trustworthy Computing, Third International Conference, 2010

Teaching the principles of the hacker curriculum to undergraduates.

[BibT_eX]

[DOI]

Proceedings of the 41st ACM technical symposium on Computer science education, 2010

VM-based security overkill: a lament for applied systems security research.

[BibT_eX]

[DOI]

Proceedings of the 2010 Workshop on New Security Paradigms, 2010

Katana: A Hot Patching Framework for ELF Executables.

[BibT_eX]

[DOI]

Proceedings of the ARES 2010, 2010

2009

Bickering In-Depth: Rethinking the Composition of Competing Security Systems.

[BibT_eX]

[DOI]

Brian Schulte

IEEE Secur. Priv., 2009

Helping Students 0wn Their Own Code.

[BibT_eX]

[DOI]

Gabriela F. Cretu-Ciocarlie

IEEE Secur. Priv., 2009

Dartmouth Internet Security Testbed (DIST): Building a Campus-wide Wireless Testbed.

[BibT_eX]

[DOI]

Proceedings of the 2nd Workshop on Cyber Security Experimentation and Test, 2009

Adaptive Anomaly Detection via Self-calibration and Dynamic Updating.

[BibT_eX]

[DOI]

Salvatore J. Stolfo

Proceedings of the Recent Advances in Intrusion Detection, 12th International Symposium, 2009

Pushing Boulders Uphill: The Difficulty of Network Intrusion Recovery.

[BibT_eX]

[DOI]

Matthew Burnside

Darrell Bethea

Proceedings of the 23rd Large Installation System Administration Conference, 2009

Keep your friends close: the necessity for updating an anomaly sensor with legitimate environment changes.

[BibT_eX]

[DOI]

Gabriela F. Cretu-Ciocarlie

Salvatore J. Stolfo

Proceedings of the 2nd ACM Workshop on Security and Artificial Intelligence, 2009

The cake is a lie: privilege rings as a policy resource.

[BibT_eX]

[DOI]

Proceedings of the 1st ACM Workshop on Virtual Machine Security, 2009

2008

The Hidden Difficulties of Watching and Rebuilding Networks.

[BibT_eX]

[DOI]

IEEE Secur. Priv., 2008

Casting out Demons: Sanitizing Training Data for Anomaly Sensors.

[BibT_eX]

[DOI]

Proceedings of the 2008 IEEE Symposium on Security and Privacy (SP 2008), 2008

Return Value Predictability Profiles for Self-healing.

[BibT_eX]

[DOI]

Proceedings of the Advances in Information and Computer Security, 2008

Online Network Forensics for Automatic Repair Validation.

[BibT_eX]

[DOI]

Matthew Burnside

Proceedings of the Advances in Information and Computer Security, 2008

Traps, events, emulation, and enforcement: managing the yin and yang of virtualization-based security.

[BibT_eX]

[DOI]

Proceedings of the 1st ACM Workshop on Virtual Machine Security, 2008

Pushback for Overlay Networks: Protecting Against Malicious Insiders.

[BibT_eX]

[DOI]

Proceedings of the Applied Cryptography and Network Security, 6th International Conference, 2008

2007

From STEM to SEAD: Speculative Execution for Automated Defense.

[BibT_eX]

[DOI]

Proceedings of the 2007 USENIX Annual Technical Conference, 2007

ShieldGen: Automatic Data Patch Generation for Unknown Vulnerabilities with Informed Probing.

[BibT_eX]

[DOI]

Proceedings of the 2007 IEEE Symposium on Security and Privacy (S&P 2007), 2007

The future of biologically-inspired security: is there anything left to learn?

[BibT_eX]

[DOI]

Anil Somayaji

Jan Feyereisl

Proceedings of the 2007 Workshop on New Security Paradigms, White Mountain Hotel and Resort, New Hampshire, USA, 2007

Self-healing: science, engineering, and fiction.

[BibT_eX]

[DOI]

Proceedings of the 2007 Workshop on New Security Paradigms, White Mountain Hotel and Resort, New Hampshire, USA, 2007

On the infeasibility of modeling polymorphic shellcode.

[BibT_eX]

[DOI]

Proceedings of the 2007 ACM Conference on Computer and Communications Security, 2007

SSARES: Secure Searchable Automated Remote Email Storage.

[BibT_eX]

[DOI]

Proceedings of the 23rd Annual Computer Security Applications Conference (ACSAC 2007), 2007

2006

Dark application communities.

[BibT_eX]

[DOI]

Proceedings of the New Security Paradigms Workshop 2006, 2006

Software Self-Healing Using Collaborative Application Communities.

[BibT_eX]

[DOI]

Stelios Sidiroglou

Proceedings of the Network and Distributed System Security Symposium, 2006

W3Bcrypt: Encryption as a Stylesheet.

[BibT_eX]

[DOI]

Proceedings of the Applied Cryptography and Network Security, 4th International Conference, 2006

2005

Hardware support for self-healing software services.

[BibT_eX]

[DOI]

Stelios Sidiroglou

SIGARCH Comput. Archit. News, 2005

Building a Reactive Immune System for Software Services.

[BibT_eX]

[DOI]

Proceedings of the 2005 USENIX Annual Technical Conference, 2005

FLIPS: Hybrid Adaptive Intrusion Prevention.

[BibT_eX]

[DOI]

Proceedings of the Recent Advances in Intrusion Detection, 8th International Symposium, 2005

Speculative virtual verification: policy-constrained speculative execution.

[BibT_eX]

[DOI]

Stelios Sidiroglou

Proceedings of the New Security Paradigms Workshop 2005, 2005

Highlights from the 2005 New Security Paradigms Workshop.

[BibT_eX]

[DOI]

Proceedings of the 21st Annual Computer Security Applications Conference (ACSAC 2005), 2005

2004

CamouflageFS: Increasing the Effective Key Length in Cryptographic Filesystems on the Cheap.

[BibT_eX]

[DOI]

Proceedings of the Applied Cryptography and Network Security, 2004

2003

Using the web to enhance and transform education.

[BibT_eX]

[DOI]

Michael Hulme