Computer Security Lab
UC Davis
One Shields Avenue
Davis, CA 95616-8562
Phone: 530.752.1287
Fax: 530.752.4767
Email: seclab-staff

CS Logo
 

2014

M. Rahman, P.-A. Noël, C.-N. Chuah, B. Krishnamurthy, R. D’Souza, and S. F. Wu, “Peeking Into the Invitation-Based Adoption Process of OSN-Based Applications,” ACM SIGCOMM Computer Communication Review 44(1) pp. 20–27 (Jan. 2014).
P. Bhattacharyya and S. F. Wu, “InfoSearch: A Social Search Engine,” pp. 193–223 in Data Mining and Knowledge Discovery for Big Data: Methodologies, Challenge and Opportunities W. Chu, ed., Springer Berlin (2014).

2013

R. Ford, M. Carvalho, L. Mayron, and M. Bishop, “Antimalware Software: Do We Measure Resilience?,” Proceedings of the First Workshop on Anti-Malware Testing Research (Oct. 2013).
J. Ard, M. Bishop, C. Gates, and M. Sun, “Information Behaving Badly,” Proceedings of the 2013 New Security Paradigms Workshop pp. 107–118 (Sep. 2013).
J. Rowe, K. Levitt, and M. Hogarth, “Towards the Realization of a Public Health System for Shared Secure Cyber-Space,” Proceedings of the 2013 New Security Paradigms Workshop pp. 11–18 (Sep. 2013).
M. Bishop, E. Butler, K. Butler, C. Gates, and S. Greenspan, “Forgive and Forget: Return to Obscurity,” Proceedings of the 2013 New Security Paradigms Workshop pp. 1–10 (Sep. 2013).
T. Wang, K. Wang, F. Erlandsson, S. F. Wu, and R. Faris, “The Influence of Feedback with Different Opinions on Continued User Participation in Online Newsgroups,” Proceedings of the 2013 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining pp. 388–395 (Aug. 2013).
M. Bishop and C. Hoke, “The Risk of Propagating Standards,” Proceedings of the Workshop on Risk Perception in IT Security and Privacy (July 2013).
H. Armstrong, M. Bishop, and C. Armstrong, “Virtual Penetration Testing: A Joint Education Exercise Across Geographic Boundaries,” Proceedings of the Eighth World Information Systems Education Conference pp. 11–19 (July 2013).
R. Nia, F. Erlandsson, H. Johnson, and S. F. Wu, “Leveraging Social Interactions to Suggest Friends,” Proceedings of the 2013 IEEE 33rd International Conference on Distributed Computing Systems Workshops pp. 386–391 (July 2013).
H. Zhao. W. Kallander, H. Johnson, and S. F. Wu, “SmartWiki: A Reliable and Conflict-Refrained Wiki Model Based on Reader Differentiation and Social Context Analysis,” Knowledge-Based Systems 47 pp. 53–64 (July 2013).
F. Erlandsson, R. Nia, H. Johnson, and S. F. Wu, “Making Social Interactions Accessible in Online Social Networks,” Proceedings of the 17th International Conference on Electronic Publishing (June 2013).
S. Parsons, E. Sklar, M. Singh, K. Levitt, and J. Rowe, “An Argumentation-Based Approach to Handling Trust in Distributed Decision Making,” Proceedings of the 2013 AAAI Spring Symposium: Trust and Autonomous Systems (Mar. 2013).
M. Bishop, E. Hawthorne, K. Nance, and B. Taylor, “Teaching Secure Coding—The Myths and the Realities,” Proceedings of the 44th ACM Technical Symposium on Computer Science Education pp. 281–282 (Mar. 2013).
S. Whalen, S. Peisert, and M. Bishop, “Multiclass Classification of Distributed Memory Parallel Computations,” Pattern Recognition Letters 34(3) pp. 322–329 (Feb. 2013).
S. Ye and S. F. Wu, “Measuring Message Propagation and Social Influence on Twitter.com,” International Journal of Communication Networks and Distributed Systems 11(1) pp. 59–76 (Jan. 2013).

2012

R. Nia, F. Erlandsson, P. Bhattacharyya, M. Rahman, “SIN: A Platform to Make Interactions in Social Networks Accessible,” Proceedings of the 2012 ASE International Conference on Social Informatics pp. 205–214 (Dec. 2012).
D. Fu and M. Bishop, “Metaphor Computing,” Proceedings of the Artificial Intelligence and Interactive Digital Entertainment Conference pp. 29–32 (Oct. 2012).
Z. Feng, K. Pelechrinis, S. Krishnamurthy, A. Swami, S. F. Wu, and M. Singh, “Collaborative Assessment of Functional Reliability in Wireless Networks,” Proceedings of the 9th IEEE International Conference on Mobile Ad Hoc and Sensor Systems pp. 425–433 (Oct. 2012).
M. Bishop and S. Peisert, “Security and Elections,” IEEE Security and Privacy 10(5) pp. 64–67 (Sep. 2012).
A. Applebaum, K. Levitt, S. Parsons, and J. Rowe, “Arguing about Firewall Policy,” Proceedings of the Fourth International Conference on Computational Models of Argument (Sep. 2012).
S. Parsons, K. Atkinson, K. Haigh, K. Levitt, P. McBurney, J. Rowe, M. Singh, and E. Sklar, “Argument Schemes for Reasoning about Trust,” Proceedings of the Fourth International Conference on Computational Models of Argument (Sep. 2012).
S. Peisert, E. Talbot, and M. Bishop, “Turtles All the Way Down: A Clean-Slate, Ground-Up, First-Principles Approach to Secure Systems,” Proceedings of the 2012 New Security Paradigms Workshop pp. 15–26 (Sep. 2012).
J. Rowe, A. Applebaum, S. Jalal, K. Levitt, E. Sklar, and S. Parsons, “Argumentation Logic to Assist in Security Administration,” Proceedings of the 2012 New Security Paradigms Workshop pp. 43–52 (Sep. 2012).
J. Crussell, C. Gibler, and H. Chen, “Attack of the Clones: Detecting Cloned Applications on Android Markets,” Proceedings of the 17th European Symposium on Research in Computer Security (Sep. 2012).
Y. Hu, M. Doroud, and S. F. Wu, “On a Triadic Approach to Connect Microstructural Properties to Social Macrostructural Patterns,” Proceedings of the 2012 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining pp. 353–359 (Aug. 2012).
H. Phan, G. Avrunin, M. Bishop, L. Clarke, and L. Osterweil, “A Systematic Process-Model-Based Approach for Synthesizing Attacks and Evaluating Them,” KProceedings of the 2012 USENIX/ACCURATE Electronic Voting Technology Workshop (Aug. 2012).
M. Bishop, M. Doroud, C. Gates, and J. Hunker, “Effects of Attribution Policies: The Second Summer of the Sisterhood,” Proceedings of the 11th European Conference on Information Warfare and Security pp. 63–69 (July 2012).
G. Maganis, E. Shi, H. Chen, and D. Song, “Opaak: Using Mobile Phones to Limit Anonymous Identities Online,” Proceedings of the 10th International Conference on Mobile Systems, Applications and Services (June 2012).
M. Van Gundy and H. Chen, “Noncespaces: Using Randomization to Defeat Cross-Site Scripting Attacks,” Computers & Security/i> 31(4) pp. 612–628 (June 2012).
K. Nance, B. Hay, and M. Bishop, “Secure Coding Education: Are We Making Progress?,” Proceedings of the 16th Colloquium for Information Systems Security Education (June 2012).
J. Rowe, K. Levitt, T. Demir, and R. Erbacher, “Artificial Diversity as Maneuvers in a Control Theoretic Moving Target Defense,” Proceedings of the Moving Target Research Symposium (June 2012).
S. Jalal, K. Levitt, J. Rowe, E. Sklar, and S. Parson, “A Model for Augmenting Trust Management using Argumentation,” Proceedings of the 15th International Workshop on Trust in Agent Societies (June 2012).
C. Gibler, J. Crussell, J. Erickson, and H. Chen, “AndroidLeaks: Automatically Detecting Potential Privacy Leaks In Android Applications on a Large Scale,” Proceedings of the 5th International Conference on Trust and Trustworthy Computing (June 2012).
L. Cai and H. Chen, “On the Practicality of Motion Based Keystroke Inference Attack,” Proceedings of the 5th International Conference on Trust and Trustworthy Computing (June 2012).
A. Applebaum, Z. Li, A. Syed, K. Levitt, S. Parsons, J. Rowe and E. Sklar, “Firewall Configuration: An Application of Multiagent Metalevel Argumentation,” Proceedings of the Ninth International Workshop on Argumentation in Multi-Agent Systems (June 2012).
R. Ford, M. Carvalho, L. Mayron, and M. Bishop, “Towards Metrics for Cyber Security,” Proceedings of the 21st EICAR Annual Conference pp. 151–159 (May 2012).
R. Stevens, C. Gibler, J. Crussell, J. Erickson, and H. Chen, “Investigating User Privacy in Android Ad Libraries,” Proceedings of the IEEE Mobile Security Technologies (May 2012).
B. Davis, B. Sanders, A. Khodaverdian, and H. Chen, “I-ARM-Droid: A Rewriting Framework for In-App Reference Monitors for Android Applications,” Proceedings of the IEEE Mobile Security Technologies (May 2012).
B. Davis, H. Chen, and M. Franklin, “Privacy-Preserving Alibi Systems,” Proceedings of the 7th ACM Symposium on Information, Computer and Communications Security (May 2012).
M. Bishop, S. Engle, D. Howard, and S. Whalen, “A Taxonomy of Buffer Overflow Characteristics,” IEEE Transactions on Dependable and Secure Computing 9(3) pp. 305–317 (May 2012).
B. Taylor, M. Bishop, D. Burley, S. Cooper, R. Dodge, and R. Seacord, “Teaching Secure Coding: Report from Summit on Education in Secure Software,” Proceedings of the 45th Hawaii International Conference on System Science pp. 581–582 (Feb. 2012).
B. Hay, K. Nance, M. Bishop, and L. McDaniel, “Are Your Papers in Order? Developing and Enforcing Multi-tenancy and Migration Policies in the Cloud,” Proceedings of the 45th Hawaii International Conference on System Science pp. 5473–5479 (Jan. 2012).

2011

S. Ye and S. F. Wu, “Estimating the Size of Online Social Networks,” International Journal of Social Computing and Cyber-Physical Systems 1(2) pp. 160–179 (Dec. 2011).
M. Bishop, C. Gates, P. Yellowlees, and G. Silberman, “Facebook Goes to the Doctor,” Proceedings of the 2011 Workshop on Governance of Technology, Information, and Policies pp. 13–20 (Dec. 2011).
J. Hunker, C. Gates, and M. Bishop, “Attribution Requirements for Next Generation Internets,” Proceedings of the 2011 IEEE International Conference on Technologies for Homeland Security pp. 345–350 (Nov. 2011).
M. Ramilli, M. Bishop, and S. Sun, “Multiprocess Malware,” Proceedings of the 6th International Conference on Malicious and Unwanted Software (Oct. 2011).
M. Bishop, R. Ford, and M. Ramilli, “Results-Oriented Security,” Proceedings of the 6th International Conference on Malicious and Unwanted Software (Oct. 2011).
M. Bishop, R. Ford, and M. Ramilli, “Results-Oriented Security,” Proceedings of the 6th International Conference on Malicious and Unwanted Software (Oct. 2011).
P. Bhattacharyya, J. Rowe, S. F. Wu, K. Haigh, and N. Lavesson, “Your Best Might Not Be Good Enough: Ranking in Collaborative Social Search Engines,” Proceedings of the IEEE 7th International Conference on Collaborative Computing: Networking, Applications and Worksharing pp. 87–94 (Oct. 2011).
M. Doroud, P. Bhattacharyya, S. F. Wu, and D. Felmlee, “The Evolution of Ego-Centric Triads: A Microscopic Approach toward Predicting Macroscopic Network Properties,” Proceedings of the 2011 IEEE Third International Conference on Privacy, Security, Risk and Trust pp. 172–179 (Oct. 2011).
H. Zhao, W. Kallander, T. Gbedema, H. Johnson, and S. F. Wu, “Read What You Trust: An Open Wiki Model Enhanced by Social Context,” Proceedings of the 2011 IEEE Third International Conference on Social Computing pp. 370–379 (Oct. 2011).
J. Lang and S. F. Wu, “Anti-Preferential Attachment: If I Follow You, Will You Follow Me?,” Proceedings of the 2011 IEEE Third International Conference on Social Computing pp. 339–346 (Oct. 2011).
M. Nicholes, C.-N. Chuah, S. F. Wu, and B. Mukherjee, “Analysis of Inter-Domain Collaborative Routing: Provider Competition for Clients,” Journal of Communications and Networks 13(5) pp. 499–510 (Oct. 2011).
D. Oliveira, D. Murthy, H. Johnson, S. F. Wu, R. Nia, and J. Rowe, “A Socially-Aware Operating System for Trustworthy Computing,” Proceedings of the 2011 Fifth IEEE International Conference on Semantic Computing pp. 380–386 (Sep. 2011).
M. Bishop, M. Carvalho, R. Ford, and L. Mayron, “Resilience is More Than Availability,” Proceedings of the 2011 New Security Paradigms Workshop pp. 95–104 (Sep. 2011).
L. Cai and H. Chen, “TouchLogger: Inferring Keystrokes On Touch Screen From Smartphone Motion,” Proceedings of the 6th USENIX Workshop on Hot Topics in Security (Aug. 2011).
H. Johnson, N. Lvesson, D. Oliveira, and S. F. Wu, “Trustworthy Opportunistic Sensing: A Social Computing Paradigm,” Proceedings of the 2011 IEEE International Conference on Information Reuse and Integration pp. 513–518 (Aug. 2011).
J. Lang and S. F. Wu, “Social Network User Lifetime,” Proceedings of the 2011 International Conference on Advances in Social Networks Analysis and Mining pp. 289–296 (July 2011).
R. Lee, R. Nia, J. Hsu, K. Levitt, J. Rowe, S. F. Wu, and S. Ye, “Design and Implementation of FAITH, An Experimental System to Intercept and Manipulate Online Social Informatics,” Proceedings of the 2011 International Conference on Advances in Social Networks Analysis and Mining pp. 195–202 (July 2011).
C. Gates and M. Bishop, “One of These Records Is Not Like the Other,” Proceedings of the Third USENIX Workshop on the Theory and Practice of Provenance (June 2011).
S. Whalen, S. Peisert, and M. Bishop, “Network-Theoretic Classification of Parallel Computation Patterns,” Proceedings of the First International Workshop on Characterizing Applications for Heterogeneous Exascale Systems (June 2011).
M. Bishop and K. Nance, “The Strengths and Challenges of Analogical Approaches to Computer Security Education,” Proceedings of the Seventh World Conference on Information Security Education pp. 96–102 (June 2011).
M. Bishop and C. Elliott, “Robust Programming by Example,” Proceedings of the Seventh World Conference on Information Security Education pp. 23–30 (June 2011).
H. Johnson, N. Lvesson, H. Zhao, and S. F. Wu, “On the Concept of Trust in Online Social Networks,” pp. 143–157 in Trustworthy Internet, L. Salgarelli, G. Bianchi, and N. Blefari-Melazzi, eds., Springer Milan, (2011).
M. Clifford and M. Bishop, “Trust of Medical Devices, Applications, and Users in Pervasive Healthcare,” Proceedings of the Fourth International Conference on Pervasive Technologies Related to Assistive Environments (May 2011).
Y. Niu and H. Chen,, “Gesture Authentication with Touch Input for Mobile Devices,” Proceedings of the 3rd International Conference on Security and Privacy in Mobile Information and Communication Systems (May 2011).
M. Bishop, “Teaching Security Stealthily,” IEEE Security and Privacy 9(2) pp. 69–71 (Mar. 2011).
L. Cai, K. Zeng, H. Chen, and P. Mohapatra, “Good Neighbor: Secure Pairing of Nearby Wireless Devices by Multiple Antennas,” Proceedings of the 18th Annual Network and Distributed System Security Symposium (Feb. 2011).
M. Bishop, B. Hay, and K. Nance, “Applying Formal Methods Informally,” Proceedings of the 2011 Hawaii International Conference on System Sciences (Jan. 2011).
B. Hay, K. Nance, and M. Bishop, “Storm Clouds Rising: Security Challenges for IaaS Cloud Computing,” Proceedings of the 2011 Hawaii International Conference on System Sciences (Jan. 2011).
M. Bishop, “Computer Security in the Future,” The ISC International Journal of Information Security 3(1) pp. 3–27 (Jan. 2011).
S. Ye and S. F. Wu, “Estimating the Size of Online Social Networks,” International Journal of Social Computing and Cyber-Physical Systems 1(2) pp. 160–179 (Jan. 2011).

2010

Matt Bishop, Justin Cummins, Sean Peisert, Anhad Singh, Deborah Agarwal, Deborah Frincke, and Michael Hogarth, "Relationships in Data Sanitization: A Study in Scarlet," Proceedings of the 2010 New Security Paradigms Workshop (NSPW), Concord, MA, September 21–23, 2010.
Matt Bishop, Sophie Engle, Deborah A. Frincke, Carrie Gates, Frank L. Greitzer, Sean Peisert, and Sean Whalen "A Risk Management Approach to the 'Insider Threat,'" Insider Threats in Cybersecurity, "Advances in Information Security" Series, Springer Verlag, Berlin, September 2010.
Borislava I. Simidchieva, Sophie J. Engle, Michael Clifford, Alicia Clay Jones, Sean Peisert, Matt Bishop, Lori A. Clarke, and Leon J. Osterweil, "Modeling Faults to Improve Election Process Robustness," Proceedings of the 2010 Electronic Voting Technology Workshop/Workshop on Trustworthy Elections (EVT/WOTE '10), Washington,D.C., August 11–13, 2010. pdf
M. Bishop and C. Hoke, “Essential Baseline Research for UOCAVA-MOVE Act Implementation at the State-Local Levels,” Workshop on UOCAVA Remote Voting Systems (Aug. 2010).
C. Gates and M. Bishop, “The Security and Privacy Implications of Using Social Networks to Deliver Healthcare,” Proceedings of the 3rd International Conference on Pervasive Technologies Related to Assistive Environments (June 2010).
M. Bishop, “Ten Years Past and Ten Years from Now,” Actas de la X Journada de Seguridad Informática (June 2010).
Benjamin Davis and Hao Chen. "DBTaint: Cross-Application Information Flow Tracking via Databases." Proceedings of the USENIX Conference on Web Applications, Boston, MA, June 23-24, 2010.
Liang Cai, Sridhar Machiraju, and Hao Chen., "CapAuth: A Capability-based Handover Scheme. " Proceedings of IEEE INFOCOM 2010: The 27th Conference on Computer Communications, San Diego, CA, March 15-19, 2010.
Sophie Jean Engle, A Policy-Based Vulnerability Analysis Framework, Ph.D. Dissertation, Department of Computer Science, University of California, Davis, March 2010 pdf
Sean Peisert, Matt Bishop, and Keith Marzullo, "What Do Firewalls Protect? An Empirical Study of Firewalls, Vulnerabilities, and Attacks," UC Davis CS Technical Report CSE-2010-8, March 2010. pdf
M. Bishop, “A Clinic for ‘Secure’ Programming,” IEEE Security and Privacy 8(2) pp. 54–56 (Mar. 2010).
Francis Hsu, Hao Chen, and Sridhar Machiraju, "WebCallerID: Leveraging Cellular Networks for Web Authentication." To appear in Journal of Computer Security, 2010.
Radmilo Racic, Denys Ma, Hao Chen, and Xin Liu, "Exploiting and Defending Opportunistic Scheduling in Cellular Data Networks." IEEE Transactions on Mobile Computing, 9:609-620, 2010.
Lerone D. Banks, S. Felix Wu, , "Toward a Behavioral Approach to Privacy for Online Social Networks," SocInfo '10: Proceedings of the 2nd IEEE International Conference on Social Informatics, Laxenburg, Austria.
Juan Lang, Matt Spear, S. Felix Wu, , "Social Manipulation of Online Recommender Systems" SocInfo '10: Proceedings of the 2nd IEEE International Conference on Social Informatics, Laxenburg, Austria.
Thomas Tran, Jeff Rowe, S. Felix Wu, , "Social Email: A Framework and Application for More Socially-Aware Communications," SocInfo '10: Proceedings of the 2nd IEEE International Conference on Social Informatics, Laxenburg, Austria.
Haifeng Zhao, Shaozhi Ye, Prantik Bhattacharyya, Ken Gribble, Jeff Rowe, S. Felix Wu, , "SocInfo '10: Proceedings of the 2nd IEEE International Conference on Social Informatics," SocInfo '10: Proceedings of the 2nd IEEE International Conference on Social Informatics, Laxenburg, Austria.
Shaozhi Ye, S. Felix Wu, , "Measuring Message Propagation and Social Influence on Twitter.com," SocInfo '10: Proceedings of the 2nd IEEE International Conference on Social Informatics, Laxenburg, Austria.
Shaozhi Ye, S. Felix Wu, , "Estimating the Size of Online Social Networks," SocialCom '10: Proceedings of the 2nd IEEE International Conference on Social Computing, Minneapolis, Minnesota, USA.
Shaozhi Ye, Juan Lang, S. Felix Wu, , "Crawling Online Social Graphs," APWeb '10: Proceedings of the 12th International Asia-Pacific Web Conference,Busan, Korea.
Prantik Bhattacharyya, Ankush Garg, S. Felix Wu, , "Analysis of User Keyword Similarity in Online Social Networks," To appear in Social Networks Analysis and Mining Journal (by Springer).
Shaozhi Ye, Online Social Network Measurements and Search Privacy Protection, PhD Dissertation, UC Davis, 2010. USA.

2009

M. Bishop, “Reflections on UNIX Security,” Proceedings of the 25th Annual Computer Security Applications Conference pp. 161–184 (Dec. 2009); includes the previously unpublished 1983 paper “Security Problems with the UNIX Operating System”.
S. Cooper, C. Nickell, V. Piotrowski, B. Oldfield, A. Abdallah, M. Bishop, B. Caelli, M. Dark, E. Hawthorne, L. Hoffman, L. Pérez, C. Pfleeger, R. Raines, C. Schou, and J. Brynielsson, “An Exploration of the Current State of Information Assurance Education,” ACM SIGCSE Bulletin 41(4) pp. 109–125 (Dec. 2009).
Francis Hsu and Hao Chen, "Secure File System Services for Web 2.0 Applications." Proceedings of the The ACM Cloud Computing Security Workshop (CCSW), Chicago, IL, November 13, 2009.
Ian Goldberg, Berkant Ustaoglu, Matthew Van Gundy, and Hao Chen. "Multi-party Off-the-Record Messaging." Proceedings of the 16th ACM Conference on Computer and Communications Security (CCS),,, Chicago, IL, November 9-13, 2009.
Liang Cai, Gabriel Maganis, Hui Zang, and Hao Chen. "Mitigating DoS attacks on the paging channel by efficient encoding in page messages." Proceedings of the 16th Annual Network and Distributed System Security Symposium (NDSS),, Athens, Greece, September 14-18, 2009.
M. Bishop, C. Gates, and J. Hunker, “Sisterhood of the Traveling Packets,” Proceedings of the 2009 New Security Paradigms Workshop pp. 59–70 (Sep. 2009).
R. Gardner, M. Bishop, and T. Kohno, “Are Patched Machines Really Fixed?” IEEE Security and Privacy 8(5) pp. 82–88 (Sep. 2009).
Sean Peisert, Matt Bishop, Laura Corriss, and Steven Greenwald "Quis Custodiet ipsos Custodes? A New Paradigm for Analyzing Security Paradigms," Proceedings of the 2009 New Security Paradigms Workshop (NSPW), The Queen's College, Oxford, United Kingdom, September 8–11, 2009. pdf
Shaozhi Ye, Felix Wu, Raju Pandey, and Hao Chen. "Noise Injection for Search Privacy Protection." Proceedings of the 5th International Conference on Security and Privacy in Communication Networks (SecureComm), Vancouver, Canada, August 29-31, 2009.
Liang Cai, Sridhar Machiraju, and Hao Chen. "Defending against Sensor-Sniffing Attacks on Mobile Phones." Proceedings of the 2009 IEEE International Conference on Privacy, Security, Risk and Trust (PASSAT), Barcelona, Spain, August 17, 2009.
Matt Bishop, Sean Peisert, Mark Graff, Candice Hoke, and David Jefferson, "E-Voting and Forensics: Prying Open the Black Box" Proceedings of the 2009 Electronic Voting Technology Workshop/Workshop on Trustworthy Elections (EVT/WOTE '09), Montreal, Canada, August 10–11, 2009. pdf
M. Bishop, S. Peisert, C. Hoke, M. Graff, and D. Jefferson, “E-Voting and Forensics: Prying Open the Black Box,” Proceedings of the 2009 USENIX/ACCURATE Electronic Voting Technology Workshop (Aug. 2009).
M. Bishop, “Some ‘Secure Programming’ Exercises for an Introductory Programming Class,” Proceedings of the Seventh World Conference on Information Security Education (July 2009).
B. Bhumiratana and M. Bishop, “Privacy Aware Data Sharing: Balancing the Usability and Privacy of Datasets,” Proceedings of the 2nd International Conference on Pervasive Technologies Related to Assistive Environments (June 2009).
Z. Le, M. Bishop and F. Makedon, “Strong Mobile Device Protection from Loss and Capture,” Proceedings of the 2nd International Conference on Pervasive Technologies Related to Assistive Environments (June 2009).
M. Bishop and C. Taylor, “A Critical Analysis of the Centers of Academic Excellence Program,” Proceedings of the 13th Colloquium for Information Systems Security Education (June 2009).
M. Bishop, C. Gates, D. Frincke, and F. Greitzer, “AZALIA: A to Z Assessment of the Likelihood of Insider Attack,” Proceedings of the 2009 IEEE International Conference on Technologies for Homeland Security (May 2009).
Justin Becker and Hao Chen. "Measuring Privacy Risk in Online Social Networks." Proceedings of Web 2.0 Security and Privacy (W2SP),, Oakland, CA, May 21, 2009.
K. Nance, B. Hay, and M. Bishop, "Investigating the Implications of Virtual Machine Introspection for Digital Forensics," Proceedings of the 2009 International Conference on Availability, Reliability and Security,,pp. 1024–1029 (Mar. 2009).
Matthew Van Gundy and Hao Chen. "Noncespaces: Using Randomization to Enforce Information Flow Tracking and Thwart Cross-Site Scripting Attacks." Proceedings of the 16th Annual Network and Distributed System Security Symposium (NDSS),, San Diego, CA, February 8-11, 2009.
Sean Peisert, Matt Bishop, and Alec Yasinsac, "Vote Selling, Voter Anonymity, and Forensic Logging of Electronic Voting Machines," Proceedings of the 42nd Hawaii International Conference on System Sciences (HICSS), (Nominated for Best Paper Award), Waikoloa, HI, January 5–8, 2009. pdf
Matt Bishop, Sophie Engle, Carrie Gates, Sean Peisert, and Sean Whalen, "Case Studies of an Insider Framework," Proceedings of the 42nd Hawaii International Conference on System Sciences (HICSS), Waikoloa, HI, January 5–8, 2009. pdf
K. Nance, B. Hay, and M. Bishop, "Digital Forensics: Defining a Research Agenda," Proceedings of the 2009 Hawaii International Conference on System Sciences,, (Jan. 2009).
Ankush Garg, Keyword based Social Networks: Models, Algorithms and Analysis, MS Thesis, UC Davis, 2009. USA.
Kelcey Chan, Leveraging Social Network Data for Messaging Applications, MS Thesis, UC Davis, 2009. USA.
Daniela Oliveira, S. Felix Wu, "Protecting Kernel Code and Data with a Virtualization-Aware Collaborative Operating System," ACSAC '09: Proceedings of the 25th Annual Computer Security Applications Conference,, Honolulu, Hawaii, USA.
Matt Spear, Xiaoming Lu, Norm Matloff, S. Felix Wu, "KarmaNET: Leveraging Trusted Social Paths to Create Judicious Forwarders," IFCIN '09: Proceedings of the First International Conference on Future Information Networks, Beijing, China, 2009.
Jedidiah R. Crandall, John Brevik, Shaozhi Ye, Gary Wassermann, Daniela Oliveira, Zhendong Su, S. Felix Wu, Frederic T. Chong, "Putting Trojans on the Horns of a Dilemma: Redundancy for Information Theft Detection," Transactions on Computational Science, Vol.5430, pp 244-262, 2009.
Shaozhi Ye, S. Felix Wu, Raju Pandey, Hao Chen, "Noise Injection for Search Privacy Protection," PASSAT '09: Proceedings of 2009 IEEE International Conference on Privacy, Security, Risk and Trust, pp 1-8, Vancouver, Canada, 2009.
Matt Spear, Xiaoming Lu, S. Felix Wu, "Davis Social Links or: How I Learned To Stop Worrying And Love The Net," SCA '09: Proceedings of the International Symposium on Social Computing Applications, held in conjunction with IEEE SocialCom,, Vancouver, Canada, August, 2009.
Lerone Banks, S. Felix Wu, "All Friends are NOT Created Equal: An Interaction Intensity based Approach to Privacy in Online Social Networks," SWSPOSN '09: Proceedings of the Workshop on Security and Privacy in Online Social Networking, held in conjunction with IEEE PASSAT and IEEE SocialCom,, Vancouver, Canada, August, 2009.
Ankush Garg, Prantik Bhattacharyya, Charles U. Martel, S. Felix Wu, "Information Flow and Search in Unstructed Keyword based Social Networks," SMW '09: Proceedings of the Social Mobile Web Workshop, held in conjunction with the 2009 IEEE SocialCom, International Conference on Social Computing,, Vancouver, Canada, August, 2009.
Dimitri DeFigueiredo, Earl Barr, S. Felix Wu, "Trust Is in the Eye of the Beholder," ASSAT '09: Proceedings of 2009 IEEE International Conference on Privacy, Security, Risk and Trust,, Vancouver, Canada, August, 2009.
Wen-Fu Kao, S. Felix Wu, "Lightweight Hardware Return Address and Stack Frame Tracking to Prevent Function Return Address Attack," Trustcom '09: Proceedings of 2009 IEEE International/IFIP International Symposium on Trusted Computing and Communications,, Vancouver, Canada, August, 2009.

2008

G Misherghi, Lihua Yuan, Zhendong Su, Chen-Nee Chuah, Hao Chen.. "A general framework for benchmarking firewall optimization techniques." IEEE Transactions on Network and Service Management, 5(4):227-238, December 2008.
Steven Crites, Francis Hsu, and Hao Chen. "OMash: Enabling Secure Web Mashups via Object Abstractions." Proceedings of the 15th ACM Conference on Computer and Communications Security (CCS), Alexandria, VA, October 27-31, 2008.
Matt Bishop, Mark Graff, Candice Hoke, David Jefferson, and Sean Peisert, "Resolving the Unexpected in Elections: Election Officials' Options," October 8, 2008. pdf
Matt Bishop, Sophie Engle, Carrie Gates, Sean Peisert, and Sean Whalen, "We Have Met the Enemy and He is Us," Proceedings of the 2008 New Security Paradigms Workshop (NSPW), Lake Tahoe, CA, September 22–25, 2008. pdf
K. Nance, M. Bishop, and B. Hay, "Virtual Machine Introspection: Observation or Interference?" IEEE Security and Privacy 6(5) pp. 32–37 (Sep. 2008).
Sean Peisert, Matt Bishop, and Keith Marzullo, "Computer Forensics In Forensis," Proceedings of the Third International IEEE Workshop on Systematic Approaches to Digital Forensic Engineering (IEEE/SADFE-2008), pp. 102–122, Oakland, CA, May 22, 2008. pdf
M. Bishop and C. Gates, "Defining the Insider Threat," Proceedings of the Cyber Security and Information Intelligence Research Workshop , article 15 (May 2008).
A. Yasinsac and M. Bishop, "The Dynamics of Counting and Recounting Votes," IEEE Security and Privacy,6(3) pp. 22–29 (May 2008).
Sean Peisert, Matt Bishop, and Keith Marzullo, "Computer Forensics In Forensis," ACM Operating Systems Review (OSR), Special Issue on Computer Forensics, 42(3), pp. 112–122, April 2008. pdf
M. Bishop, "Some Exercises for an Introductory Class," Faculty Workshop on Secure Software Development, (Apr. 2008).
M. Dark and M. Bishop, "Evaluating the Efficacy of Software Security Curriculum Exercises," Faculty Workshop on Secure Software Development, (Apr. 2008).
Yuan Niu, Francis Hsu and Hao Chen. "iPhish: Phishing Vulnerabilities on Consumer Electronics." Proceedings of Usability, Psychology, and Security 2008, San Francisco, CA, April, 2008.
Sridhar Machiraju, Hao Chen, and Jean Bolot. "Distributed Authentication for Low-Cost Wireless Networks." Proceedings of the Ninth Workshop on Mobile Computing Systems and Applications (ACM HotMobile), Napa Valley, CA, February 25-26, 2008.
Radmilo Racic, Denys Ma, Hao Chen, and Xin Liu. "Exploiting Opportunistic Scheduling in Cellular Data Networks." Proceedings of the 15th Annual Network and Distributed System Security Symposium (NDSS 2008), San Diego, CA, February 10-13, 2008.
A. Yasinsac and M. Bishop, Of Paper Trails and Voter Receipts," Proceedings of the 2008 Hawaii International Conference on System Sciences, (Jan. 2008).
Senthilkumar G. Cheetancheri, John Mark Agosta, Karl N. Levitt, Shyhtsun Felix Wu, Jeff Rowe, "Optimal Cost, Collaborative, and Distributed Response to Zero-Day Worms - A Control Theoretic Approach," RAID '08: Proceedings of the 11th international symposium on Recent Advances in Intrusion Detection, Cambridge, USA, 2008.
Ryan Iwahashi, Daniela A. Oliveira, S. Felix Wu, Jedidiah R. Crandall, Young-Jun Heo, Jin-Tae Oh, Jong-Soo Jang, "Towards Automatically Generating Double-Free Vulnerability Signatures Using Petri Nets," ISC '08: Proceedings of the 11th international conference on Information Security,, Taipei, Taiwan, 2008.
Daniela Oliveira, Jedidiah Crandall, Gary Wassermann, Shaozhi Ye, Felix Wu, Zhendong Su, Frederic Chong, "Bezoar: Automated Virtual Machine-based Full-System Recovery from Control-Flow Hijacking Attacks," NOPS '08: Proceedings of 2008 IEEE/IFIP Network Operations and Management Symposium,, pp 121-128, Salvador - Bahla, Brazil, 2008.
Xiaoming Lu, Matt Spear, Karl Levitt, S. Felix Wu, "Non-uniform Entropy Compression for Uniform Energy Distribution in Wireless Sensor Networks," ENOPT '08: Proceedings of the 2008 Second International Conference on Sensor Technologies and Applications, Cap Esterel, France, 2008.
Xiaoming Lu, Matt Spear, Karl N. Levitt, Norman S. Matloff, S. Felix Wu, "A Synchronization Attack and Defense in Energy-Efficient Listen-Sleep Slotted MAC Protocols," SECURWARE '08: Proceedings of the 2008 Second International Conference on Emerging Security Information, Systems and Technologies, Cap Esterel, France, 2008.
Xiaoming Lu, Matt Spear, Karl N. Levitt, Norman S. Matloff, S. Felix Wu, "Using Soft-Line Recursive Response to Improve Query Aggregation in Wireless Sensor Networks," ICC '08: IEEE International Conference on Communications,, Beijing, China, 2008.
Shih-Ming Tseng, S. Felix Wu, Xiaoliang Zhao, Ke Zhang, "On Reverse Engineering the Management Actions from Observed BGP Data" ANM '08: First International workshop on Automated Network Management, held in conjunction with IEEE Infocom,, Phoenix, USA, 2008.
Xiaoming Lu, Matt Spear, Karl N. Levitt, S. Felix Wu, "iBubble: Multi-Keyword Routing Protocol for Heterogeneous Wireless Sensor Networks," INFOCOM 2008. The 27th IEEE Conference on Computer Communications,, Phoenix, Arizona, 2008.

2007

Matthew Van Gundy, Hao Chen, Zhendong Su, and Giovanni Vigna. "Feature Omission Vulnerabilities: Thwarting Signature Generation for Polymorphic Worms," In Proceedings of the 23rd Annual Computer Security Applications Conference (ACSAC 2007), Miami Beach, FL, December 10-14, 2007.
M. Bishop and D. Wagner, , "Risks of E-Voting," “” Communications of the ACM 50(11) p. 120 (Nov. 2007).
E. Proebstel, S. Riddle, F. Hsu, J. Cummins, F. Oakley, T. Stanionis, and M. Bishop,, "An Analysis of the Hart Intercivic DAU eSlate," PProceedings of the 2007 USENIX/ACCURATE Electronic Voting Technology Workshop (Aug. 2007).
Sean Peisert and Matt Bishop, "I'm a Scientist, Not a Philosopher!" IEEE Security and Privacy Magazine, 5(4), pp. 48–51, July-August 2007. pdf
M. Bishop , "E-Voting as a Teaching Tool," Proceedings of the World Conference on Information Security Education pp. 17–24 (June 2007).
C. Gates, C. Taylor, and M. Bishop, , "E-Voting as a Teaching Tool," poster paper, Proceedings of the Third Workshop on Hot Topics in System Dependability, paper 19 (June 2007).
E. Barr, M. Bishop, and M. Gondree, , "Fixing Federal E-Voting Standards," Communications of the ACM , 50(3) pp. 19–24 (Mar. 2007).
Sean Peisert, Matt Bishop, Sidney Karin, and Keith Marzullo, "Analysis of Computer Intrusions Using Sequences of Function Calls," IEEE Transactions on Dependable and Secure Computing (TDSC), 4(2), pp. 137–150, April-June 2007. pdf
Sean Peisert and Matt Bishop, "How to Design Computer Security Experiments," Proceedings of the Fifth World Conference on Information Security Education (WISE), pp. 141–148, West Point, NY, June 2007. pdf
Yi-Min Wang, Ming Ma, Yuan Niu, and Hao Chen., "Spam Double-Funnel: Connecting Web Spammers with Advertisers." In Proceedings of the 16th International World Wide Web Conference (WWW2007), Banff, Canada, May 8-12, 2007.
Sean Peisert, Matt Bishop, Sidney Karin, and Keith Marzullo,, "Toward Models for Forensic Analysis," Proceedings of the Second International Workshop on Systematic Approaches to Digital Forensic Engineering (SADFE), pp. 3–15, Seattle, WA, April 2007. pdf
E. Barr, M. Bishop, and M. Gondree, , "Fixing Federal E-Voting Standards," Communications of the ACM , 50(3) pp. 19–24 (Mar. 2007).
J. Zhou, M. Heckman, B. Reynolds, A. Carlson, and M. Bishop, , "Modeling Network Intrusion Detection Alerts for Correlation," ACM Transactions on Information and System Security , 10(1) pp. 1–31 (Feb. 2007).
Yuan Niu, Yi-Min Wang, Hao Chen, Ming Ma, and Francis Hsu., "A Quantitative Study of Forum Spamming Using Context-based Analysis." In Proceedings of the 14th Annual Network and Distributed System Security Symposium (NDSS), pages 79-92, San Diego, CA, February, 2007.
M. Bishop and D. Frincke, , "Achieving Learning Objectives through E-Voting Case Studies," IEEE Security & Privacy Magazine, 5(1) pp. 53–56 (Jan. 2007).
C. Ng, P. Thubert, M. Watari, F. Zhao, , "Lerone Banks, Shaozhi Ye, Yue Huang, S. Felix Wu," LSAD '07: Proceedings of the 2007 workshop on Large scale attack defense, held in conjunction with SIGCOMM 2007, Kyoto, Japan, August 2007.
Yanyan Yang, Charles Martel, S. Felix Wu, , "CLID: A general approach to validate security policies in a dynamic network," IM '07: Proceedings of the 10th IFIP/IEEE International Symposium on Integrated Network Management, 2007.
Dimitri do B. DeFigueiredo, Balaji Venkatachalam, Shyhtsun Felix Wu, , "Bounds on the Performance of P2P Networks Using Tit-for-Tat Strategies," P2P '07: Proceedings of the Seventh IEEE International Conference on Peer-to-Peer Computing, Galway, Ireland, 2007.
Ke Zhang, Shyhtsun Felix Wu, , "Filter-Based RFD: Can We Stabilize Network Without Sacrificing Reachability Too Much?" NETWORKING '07: Ad Hoc and Sensor Networks, Wireless Networks, Next Generation Internet, proceedings of the the 6th International IFIP-TC6 Networking Conference, Atlanta, USA, 2007.
Shih-Ming Tseng, Ke Zhang, Shyhtsun Felix Wu, Kwan-Liu Ma, Soon Tee Teoh, Xiaoliang Zhao, , "Interactive Informatics on Internet Infrastructure," M '07: 10th IFIP/IEEE International Symposium on Integrated Network Management, Munich, Germany, 2007.
C. Ng, P. Thubert, M. Watari, F. Zhao, , "Network Mobility Route Optimization Problem Statement," IETF RFC, July 2007.
C. Ng, F. Zhao, M. Watari, P. Thubert, , "Network Mobility Route Optimization Soulition Space Analysis," IETF RFC, July 2007.

2006

  Francis Hsu, Hao Chen, Thomas Ristenpart, Jason Li, and Zhendong Su. "Back to the Future: A Framework for Automatic Malware Removal and System Repair." In Proceedings of 2006 Annual Computer Security Applications Conference (ACSAC 22), Miami Beach, FL, December, 2006.
D. de Oliveira, J. Crandall, G. Wassermann, S. Wu, Z. Su, and F. Chong. "ExecRecorder: VM-Based Full-System Replay for Attack Analysis and System Recovery," Workshop on Architectural and System Support for Improving Software Dependability - ASID'06 (with ASPLOS 2006). (Oct. 2006). pdf
R. Crawford, M. Bishop, B. Bhumiratana, L. Clark, and K. Levitt, “Sanitization Models and their Limitations,” Proceedings of the New Security Paradigms Workshop (Sep. 2006).
V. Neagoe and M. Bishop, “Inconsistency in Deception for Defense,” to appear in the Proceedings of the New Security Paradigms Workshop (Sep. 2006).
S. G. Cheetancheri, J. M. Agosta, D. H. Dash, K. N. Levitt, J. Rowe, E. M. Schooler, "A Distributed Host-Based Worm Detection System," Proceedings of the ACM SIGCOMM Workshop on Large Scale Attack Defense (LSAD06), Pisa, Italy (Sep. 06) pdf
R. Racic, D. Ma, and H. Chen, "Exploiting MMS Vulnerabilities to Stealthily Exhaust Mobile Phone's Battery," to appear in Proceedings of the Second IEEE Communications Society / CreateNet International Conference on Security and Privacy in Communication Networks (SecureComm), Baltimore, MD (Aug. 2006). pdf
E. Ceesay, J. Zhou, M. Bishop, M. Gertz, and K. Levitt, “Using Type Qualifiers to Analyze Untrusted Integers and Detecting Security Flaws in C Programs,” to appear in the Proceedings of the GI/IEEE SIG SIDAR Conference on Detection and Intrusions and Malware and Vulnerability Assessment (July 2006).
D. Gilliam, J. Powell, M. Bishop, C. Andrews, and S. Jog, “Security Verification Techniques Applied to PatchLink COTS Software,” to appear in the Proceedings of the 15th IEEE International Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises (June 2006).
M. Bishop, R. Crawford, B. Bhumiratana, L. Clark, and K. Levitt, “Some Problems in Sanitizing Network Data,” to appear in the Proceedings of the 15th IEEE International Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises (June 2006).
M. Bishop and S. Engle, “The Software Assurance CBK and University Curricula,” Proceedings from the Tenth Colloquium on Information Systems Security Education, pp. 14–21 (June 2006). html
M. Bishop and B. J. Orvis, “A Clinic to Teach Good Programming Practices,” Proceedings from the Tenth Colloquium on Information Systems Security Education, pp. 168–174 (June 2006). html
L. Yuan, J. Mai, Zhendong Su, H. Chen, C. Chuah, and P. Mohapatra, " FIREMAN: a toolkit for Firewall Modeling and Analysis," In Proceedings of 2006 IEEE Symposium on Security and Privacy, Oakland, CA (May 2006). pdf
S. G. Cheetancheri, D. Ma, T. Heberlien, K. Levitt, "Towards a Framework for Worm Defense Evaluation," Proceedings of the IEEE IPCCC Workshop on Swarm Intelligence (MALWARE'06) Phoenix, AZ (Apr 2006). pdf
Matt Bishop and Sean Peisert, "Your Security Policy is What???" UC Davis CS Technical Report CSE-2006-20, March 2006. pdf
M. Bishop and D. Frincke, “Who Owns Your Computer?,” IEEE Security & Privacy Magazine 4(2) pp. 61–63 (Mar. 2006). pdf

2005

  M. Bishop, “Teaching Context in Information Security,” to appear in the Journal on Educational Resources in Computing (Apr. 2005).
B. Schwarz, H. Chen, D. Wagner, G. Morrison, J. West, J. Lin, and W. Tu, "Model checking an Entire Linux Distribution for Security Violations", In Proceedings of 21st Annual Computer Security Applications Conference (ACSAC), Tucson, AZ (Dec. 2005). pdf
D. Sterne, P. Balasubramanyam, D. Carman, B. Wilson, R. Talpade, C. Ko, R. Balupari, C-Y. Tseng, T. Bowen, K. Levitt and J. Rowe", A General Cooperative Intrusion Detection Architecture for MANETs, to appear in Proceedings of the 3rd IEEE International Workshop on Information Assurance, (March 2005). pdf
J. Zhou, A. Carlson, and M. Bishop, “Verify Results of Network Intrusion Alerts Using Lightweight Protocol Analysis,” Proceedings of the 21st Annual Computer Security Applications Conference, pp. 117–126 (Dec 2005). pdf
S. Peisert, M. Bishop, S. Karin, and K. Marzullo, “Principles-Driven Forensic Analysis,” Proceedings of the 2005 New Security Paradigms Workshop, pp. 85–93 (Sep. 2005). pdf
M. Bishop, “The Insider Problem Revisited,” Proceedings of the New Security Paradigms Workshop, pp. 75–78 (Sep. 2005). pdf
M. Bishop and D. Frincke, “Teaching Secure Programming,” IEEE Security & Privacy Magazine 3(5), pp. 54–56 (Sep. 2005). pdf
M. Bishop and D. Frincke, “A Human Endeavor: Lessons from Shakespeare and Beyond,” IEEE Security & Privacy Magazine 3(4), pp. 49–51 (July 2005). pdf
D. Gilliam, J. Powell, and M. Bishop, “Application of Lightweight Formal Methods to Software Security,” Proceedings of the 14th IEEE International Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises, pp. 160–165 (June 2005). pdf
M. Bishop, “Best Practices and Worst Assumptions,” Proceedings of the 9th Colloquium for Information Systems Security Education, pp. 18–25 (June 2005). pdf
M. Bishop and H. Armstrong, “Uncovering Assumptions in Information Security,” Proceedings of the Fourth World Conference on Information Security Education, pp. 223–231 (May 2005). pdf

2004

  S. Cheetancheri, "Modelling a Computer Worm Defense System," Masters Thesis, (June 2004). pdf
H. Chen, Drew Dean and David Wagner, "Model Checking One Million Lines of C Code," Proceedings of the 11th Annual Network and Distributed System Security Symposium (NDSS), San Diego, CA, (Feb. 2004). pdf
H. Johnson, A. Nilsson, S.F. Wu, F. Zhao, "Lightweight Authentication for Bluetooth," to appear in First International Conference in Mobile Networks and Ubiquitous Computing (ICMU'2004), Japan, (Jan. 8-9, 2004).
S. Halevi, P. Rogaway, "A Parallelizable Enciphering Mode," to appear in CT-RSA 04. pdf
A. Pasupulati, J. Coit, K. Levitt, S.F. Wu, S.H. Li, R.C. Kuo, K.P. Fan, "Buttercup: On Network-Based Detection of Polymorphic Buffer Overflow Vulnerabilities," to appear in 9th IEEE/IFIP Network Operation and Management Symposium (NOMS'2004), Seoul, S. Korea, (May 2004).
Y. Yang, C.U. Martel, S.F. Wu, "On Building the Minimum Number of Tunnels: An Ordered-Split Approach to Manage IPSEC/VPN Tunnels," to appear in 9th IEEEE/IFIP Network Operation and Management Symposium (NOMS'2004), Seoul, S. Korea, (May 2004).
T. Walcott and M. Bishop, “Traducement: A Model for Record Security,” ACM Transactions on Information Systems Security 7(4) pp. 576–590 (Nov. 2004).
M. Bishop and D. Frincke, “Academic Degrees and Professional Certification,” IEEE Security & Privacy Magazine 2(6) pp. 56–58 (Nov. 2004).
D. Frincke and M. Bishop, “Joining the Security Education Community,” IEEE Security & Privacy Magazine 2(5) pp. 61–63 (Sep. 2004).
M. Bishop, “Teaching Context in Information Security,” Proceedings of the Sixth Workshop on Education in Computer Security pp. 29–35 (July 2004).
D. Frincke and M. Bishop, “Back to School,” IEEE Security & Privacy Magazine 2(4) pp. 54–56 (July 2004).
M. Bishop, B. Bhumiratana, R. Crawford and K. Levitt, “How to Sanitize Data,” Proceedings of the 13th IEEE International Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises pp. 217–222 (June 2004).
R. Bajcsy, T. Benzel, M. Bishop, B. Braden, C. Brodley, S. Fahmy, S. Floyd, W. Hardaker, A. Joseph, G. Kesidis, K. Levitt, B. Lindell, P. Liu, D. Miller, R. Mundy, C. Neuman, R. Ostrenga, V. Paxson, P. Porras, C. Rosenberg, J. D. Tygar, S. Sastry, D. Sterne, and S. Wu, “Cyber Defense Technology Networking and Evaluation,” Communications of the ACM 47(3) pp. 58–61 (Mar. 2004).

2003

  T. Stallard, K. Levitt, "Automated Analysis for Digital Forensic Science: Semantic Integrity Checking," 19th Annual Computer Security Applications Conference, Las Vegas, Nevada (Dec. 8-12, 2003) pdf
D.P. Gilliam, T.L. Wolfe, J.S. Sherif, M. Bishop, "Software Security Checklist for the Software Life Cycle," WETICE 2003, pp.243-248 abstract
M. Bishop, "Panel: Teaching Undergraduate Information Assurance," World Conference on Information Security Education 2003, pp. 169-171.
F. Zhao, Y. Shin, S.F. Wu, H. Johnson, A. Nilsson, "RBWA: An Efficient Random-Bits Window-Based Authentication Protocol," in Globecom 2003, San Francisco, CA, (Dec. 2003).
M. Gertz, "Integrity and Internal Control in Information Systems V", Kluwer Academic Publishers, Proceedings of the 5th International IFIP TC-11 WG 11.5 Working Conference on Integrity and Internal Control, Bonn, Germany.
M. Gertz, G. Csaba, "Monitoring Mission Critical Data for Integrity and Availability," in 5th International IFIP TC-11 WG 11.5 Working Conference on Integrity and Internal Control, Kluwer Academic Publishers, pp.189-201.
M. Gertz, "Opportunities and Challenges in Tracing Security Breaches," in 5th International IFIP TC-11 WG 11.5 Working Conference on Integrity and Internal Control, Kluwer Academic Publishers, pp. 223-226.
E.A. Wohlstadter, P. Devanbu, "DADO: A Novel Programming Model for Distributed, Heterogenous, Late-Bound QoS Implementations," Workshop on secure Reliable Middleware, Springer-Verlag, 2003 pdf
S. Halevi, P. Rogaway, "A Tweakable Enciphering Mode," Advances in Cryptology - CRYPTO '03, Lecture Notes in Computer Science, vol. 2729, Springer-Verlag, 2003. pdf
P. Rogaway, "Efficient Instantiations of Tweakable Blockciphers and Refinements to Modes OCB and PMAC", manuscript, (Nov. 2003). pdf
P. Devanbu, M. Gertz, B. Toone, "Static Type-inference for Trust in Distributed Information Systems," in 10th International Conference on Cooperative Information Systems (CoopIS 2003), Spinger, LNCS, 2003 pdf
P. Devanbu, M. Gertz, C. Martel, S. Stubblebine, "Authentic Data Publication Over the Internet," in Journal of Computer Security, Volume 11, No. 3, pp. 291-314, 2003.
C.Y. Tseng, P. Balasubramanyam, C. Ko, R. Limprasittiporn, J. Rowe, K. Levitt, "A Specification-Based Instrusion Detection system for AODV," 2003 ACM Workshop on security of Ad Hoc and Sensor Networks (SASN '03), (Oct. 21, 2003). pdf
H. Huang, S.F. Wu, "An Approach to Certificate Path Discovery in Mobile Ad Hoc Networks," in ACM CCS (Computer and Communication Security) Workshop on Ad Hoc Mobile Network Security, Fairfax, VA, (Oct. 2003).
S. Teoh, K.L. Ma, S.F. Wu, D. Pei, L. Wang, L. Zhang, D. Massey, R. Bush, "Visual-Based Anomaly Detection for BGP Origin as Change (OASC) Events", in 14th IEEE/IFIP Workshop on Distributed Systems: Operations and Management (DSOM'2003), Heidelberg, Germany, (Oct. 2003), Vol. 2867.
S. Teoh, K.L. Ma, S.F. Wu, "A Visual Exploration process for the Analysis of Internet Routing Data," in IEEE Visualization'2003, Seattle, WA, Oct. 2003.
F. Zhao, S.F. Wu, "Analysis and Improvement on IPSEC Anti-Replay Window Protocol," in 12th IEEE International Conference on Computer Communication and Networks (ICCN'2003). Dallas, TX, Oct., 2003.
I. Balepin, S. Maltsev, J. Rowe, K. Levitt, "Using Specification-Based Intrusion Detection for Automated Response," Proceeding of the 6th International Symposium, RAID 2003, Recent Advances in Intrusion Detection, Pittsburgh, PA, September 8-10, 2003. pdf
T. Song, J. Alves-Foss, C. Ko, C. Zhang, K. Levitt, "Using ACL2 to Verify Security Properties of Specification-based Intrusion Detection Systems," International Workshop on ACL2 Theorem Prover and Its Applications, pdf
G. Marro, "Attacks at the Data Link Layer," Masters Thesis, July, 2003. pdf
D. Pei, L. Wang, D. Massey, S.F. Wu, L. Zhang, "A Study of Packat Delivery Performance During Routing Convergence," in the Proceedings of the 2003 International Conference on Dependendable Systems and Networks, June 22-25, pp. 183-192.
M. Bellare, P. Rogaway, D. Wagner, "A Conventional Authenticated-Encryption Scheme," manuscript, April 2003. pdf
E. Haugh, M. Bishop, "Testing C Programs for Buffer Overflow Vulnerabilities," Proceedings of the Network and Distributed System Security Symposium, San Diego, CA, February 2003. pdf
S. Templeton, K. Levitt, "Detecting Spoofed Packets," Proceedings of The Third DARPA Information Survivability Conference and Exposition (DISCEX III), Washington, D.C., April 22-24, 2003 pdf
D. Nojiri, J. Rowe, K. Levitt, "Cooperative Response Strategies for Large Scale Attack Mitigation," Proceedings of The Third DARPA Information Survivability Conference and Exposition (DISCEX III), Washington, D.C., April 22-24, 2003 ps
B. Toone, M. Gertz, P. Devanbu, "Trust Mediation for Distributed Information Systems," SEC2003, 19th IFIP International Information Security Conference. pdf
E. Wohlstadter, S. Jackson and P. Devanbu, "DADO: Enhancing Middleware to Support Cross-cutting Features in Distributed, Heterogeneous Systems," ICSE 2003, International Conference on Software Engineering, Portland, Oregon, May 2003. pdf
L.Wang, X. Zhao, D. Pei, R. Bush, D. Massey, A. Mankin, S.F. Wu, L. Zhang, "Protecting BGP Routes to Top Level DNS Servers," in the Proceedings of the 23rd International Conference on Distributed Computing Systems, pp. 322-331. abstract
X. Zhao, D. Massey, S.F. Wu, M. Lad, D. Pei, L. Wang, L. Zhang, "Understanding BGP Behavior Through a Study of DOD Prefixes," in the Proceedings of the DARPA Information Survivability Conference and Exposition, April 22-24, 2003, Vol. 1, pp. 214-225
Y. Yang, Z. Fu, S.F. Wu, "BANDS: An Inter-Domain Internet Security Policy Management System for IPSec/VPN", 8th IFIP/IEEE International Symposium on Integrated Network Management 2003 (IM 2003), Colorado Springs, Colorado, March 24-28,2003, pp.231-244.
B. Reynolds, D. Ghosal, "Secure IP Telephony Using Multi-Layered Protection," Proceedings of Network and Distributed System Security Symposium (NDSS), San Diego, Feb. 2003 pdf

2002

  D.S. Peterson, M. Bishop, R. Pandey, "A Flexible Containment Mechanism for Executing Untrusted Code," USENIX Security Symposium 2002, pp. 207-225 abstract
M. Bishop, "Trends in Academic Research: Vulnerabilities Analysis and Instrusion Detection," Computers & Security 21, 2002, pp. 609-612
T. Stallard, "Automated Analysis for Digital Forensic Science," Masters Thesis, Dec. 2002 pdf
B. Reynolds, "Enabling Secure IP Telephony in Enterprise Networks," Masters Thesis, Dec. 2002. pdf
D. Lee, J. Rowe, C. Ko, and K. Levitt. "Detecting and Defending Against Web-Server Fingerprinting," 18th Annual Computer Security Applications Conference, Las Vegas, NV, December 9-13, 2002, 10 pages.
H. Johnson, A. Nilsson, J. Fu, S.F. Wu, A. Chen, H. Huang, "SOLA: A One-Bit Identity Authentication Protocol for Access Control," in the Proceedings of the IEEE Global Telecommunications Conference (GLOBECOM '02), Nov. 17-21, 2002, Vol. 1, pp. 768-772.
H. Chen, D.Wagner, "MOPS: an infrastructure for examining security properties of software," Proceedings of the 9th ACM Conference on Computer and Communications Security (CCS), Washington, DC, November 2002, pages 235-244, pdf
S.T. Teoh, K.-L. Ma, S.F. Wu, X. Zhao, "Case Study: Interactive Visualization for Internet Security," in Proceedings of IEEE Visualization (VIS 2002), Oct. 27-Nov. 1, pp. 505-508.
B. Reynolds, D. Ghosal, "STEM: Secure Telephony Enabled Middlebox," IEEE Communications, vol. 40, no.10, Oct. 2002. pdf
X.Wang, D.S. Reeves, S.F. Wu, "Inter-Packet Delay Based Correlation for Tracing Encrypted Connections Through Stepping Stones," European Symposium on Research in Computer Security (ESORICS'2002), Zurich, Oct., pp. 244-263 abstract
P. Rogaway, "Authenticated-Encryption with Associated-Data," ACM Conference on Computer and Communications Seciruity 2002 (CCS'02), ACM Press, September 2002, pp. 98-107 pdf
J. E. Just, J. C. Reynolds, L. A. Clough, M. Danforth, K. N. Levitt, R. Maglich, and J. Rowe, "Learning Unknown Attacks – A Start." Proceeding of the 5th International Symposium, RAID 2002, Recent Advances in Intrusion Detection, A. Wespi, G. Vigna, and L. Deri, eds., Zurich, Switzerland, October 16-18, 2002, pp. 158-176.
J. Black, P. Rogaway, T. Shrimpton, "Encryption-Scheme Security in the Presence of Key-Dependent Messages," Selected Areas in Cryptography 2002 (SAC '02), St. John's, Newfoundland, Canada, May 2, 2002, Lecture Notes in Computer Science, vol. 2595, pp. 62-75, Springer-Verlag, 2002 pdf
Y. Liao, V. R. Vemuri, "Use of Text Categorization Techniques for Intrusion Detection,"11th USENIX Security Symposium, San Francisco, CA, August 5-9, 2002. pdf
M. Gertz, E. Guldentops, L. Strous (eds.): "Integrity, Internal Control and Security in Information Systems - Connecting Governance and Technology." Kluwer Academic Publishers. Proceedings of the Forth International IFIP WG11.5 Working Conference on Integrity and Internal Control, Brussels, Belgium, November 2001. For details, see the Kluwer Web page at http://www.wkap.nl/prod/b/1-4020-7005-5
H. Chen, D. Wagner, D. Dean, "Setuid demystified," Proceedings of the 11th USENIX Security Symposium, pages 171-190, San Francisco, CA, August 2002. pdf
J. Black, P. Rogaway, T. Shrimpton, "Block-Box Analysis of the Block-Cipher-Based Hash-Function Constructions from PGV," Advances in Cryptology - CRYPTO '02, Lecture Notes in Computer Science, vol. 2442, pp. 320-335, Springer-Verlag, 2002 pdf
D. Pei, X. Zhao, L. Wang, D. Massey, A. Mankin, S.F. Wu, L. Zhang, "Improving BGP Convergence Through Consistency Assertions," in Proceedings of the Twenty-First Annual Joint Conference of the IEEE Computer and Communications Societies (INFOCOMM 2002), June 23-27, Vol. 2, 902-911 pdf
S.Teoh, K. Ma, S.F. Wu, X. Zhao, "Information Visualization for Anomaly Detection," in the Proceedings of 5th IASTED International Conference in Computer Graphics and Imaging (CGIM), 2002, Hawaii.
X. Zhao, D. Pei, L. Wang, D. Massey, A. Mankin, S.F. Wu, L. Zhang, "Detection of Invalid Routing Announcement in the Internet," in the Proceedings of the International Conference on Dependable Systems and Networks, June 23-26, pp. 59-68. abstract
L. Wang, X. Zhao, D. Pei, R. Bush, D. Massey, A. Mankin, S.F. Wu, and L. Zhang, "Observation and Analysis of BGP Behavior Under Stress," in Proceedings of the Second ACM SIGCOMM Workshop on Internet Measurement Workshop, Marseille, France, pp. 183-195.
J. Black, P. Rogaway, "A Block-Cipher Mode of Operation for Parallelizable Message Authentication," Advances in Cryptology - EUROCRYPT '02, Lecture Notes in Computer Science, vol. 2332, pp. 384-397, Springer-Verlag, 2002. pdf
J. Black, P. Rogaway, "Ciphers with Arbitrary Finite Domains," RSA Data Security Conference, Cryptographer's Track (RSA CT '02), Lecture Notes in Computer Science, Vol. 2271, pp. 114-130, 2002 pdf
M. Abadi, P. Rogaway, "Reconciling Two Views of Cryptography (the computational soundness of formal encryption)," J. of Cryptology, vol. 15, no. 2, pp. 103-127, 2002.

2001

  C. Ko, P. Brutch, J. Rowe, G. Tsafnat, and K. N. Levitt. "System Health and Intrusion Monitoring Using a Hierarchy of Constraints," Recent Advances in Intrusion Detection (RAID) 2001, Lecture Notes in Computer Science, W. Lee, L. Me, and A. Wespi, eds., Vol. 2212, pp. 190-203.
D.P. Gilliam, J.C. Kelly, J.D. Powell, M. Bishop, "Development of a Software Security Assessment Instrument to Reduce Software Security Risk," WETICE 2001, pp. 144-149. abstract
C. Martel, G. Nuckolls, P. Devanbu, M. Gertz, A. Kwong, S. G. Stubblebine, "A General Model for Authentic Data Publication." Submitted for publication. pdf
P. Devanbu, M. Gertz, A. Kwong, C. Martel, S. G. Stubblebine, "Flexible Authentication of XML Documents." Eighth ACM Conference on Computer and Communications Security (CCS-8), 2001.
A. Kwong, M. Gertz, "Authentic Publication of XML Document Data." Second International Conference on Web Information Systems Engineering (WISE), 2001.
E. Fulp, Z. Fu, D. Reeves, S.F. Wu, and X. Zhang, "Preventing Denial of Service Attacks on Network Quality of Service", in 2001 DARPA Information Survivability Conference and Exposition (DISCEX 2001), 12-14 June 2001, Anaheim, CA, IEEE Computer Society, pp. 159-172. pdf
F. Wang, H. Qi, F. Gong, S.F. Wu "Design and Implementation of Property-Oriented Detection for Link-State Routing Protocols", in Proceedinds of the 2001 IEEE Workshop on Information Assurance and Security, June 5-6, Westpoint, NY, pp.91-99. pdf
X. Wang, D. Reeves, S.F. Wu, J. Yuill, "Sleepy Watermark Tracing: an Active Network-Based Intrusion Response Framework", Proc. Of IFIP Conf. on Security, Paris, 2001, June 11-13, pp. 369-384. pdf
X.Wang, D. Reeves, S.F. Wu, "Tracing Based Active Intrusion Response," in Journal of Information Warefare, Volume 1, Issue 1, September 2001, 50-61.
C.L.Wu, S.F. Wu, R. Narayan, "IPSEC/PHIL (Packet Header Information List): Design, Implementation, and Evaluation." in IEEE International Conference on Computer Communication and Networks (ICCCN'01), October 15-17, 2001, pp. 206-211. pdf
P. Rogaway, M. Bellare, J. Black, and T. Krovetz, "OCB: A Block-Cipher Mode of Operation for Efficient Authenticated Encryption." Eighth ACM Conference on Computer and Communications Security (ACM CCS), ACM Press, pp. 196-205, 2001. Documents available on the OCB homepage
Y. Chung, "Data extraction oand inertio semistructured documents, " Ph.D. Dissertation, 2001 pdf
M. Abdalla, M. Bellare, and P. Rogaway, "The Oracle Diffie-Hellman Assumption and an Analysis of DHIES," Topics in Cryptology - CT RSA 01. Lecture Notes in Computer Science Vol. 2020, D. Naccache, ed., Springer-Verlag, 2001. pdf
J. Kilian and P. Rogaway, "How to protect DES against exhaustive key search (an analysis of DESX),"
J. of Cryptology, vol. 14, no. 1, pp. 17-35, 2001. pdf
D. Lee, "HMAP: A Technique and Tool for Remote Identification of HTTP Servers" Masters Thesis pdf
A. Mankin, D. Massey, C.L.Wu, S.F.Wu, L. Zhang, "On Design and Evaluation of Intention-Driven ICMP Traceback,." in IEEE International Conference on Computer Communication and Networks (ICCCN'01), October 15-17, 2001, pp. 159-165. pdf
Z. Fu and S.F. Wu, "Automatic Generation of IPSEC/VPN Policies in an Intra-Domain Environment," in 12th International Workshop on Distributed Systems: Operations & Management (DSOM 2001), October 15-17, 2001, Nancy, France, pp. 279-290 pdf
X. Zhao, D. Pei, L. Wang, D. Massey, A. Mankin, S.F.Wu, L. Zhang. "An Analysis of BGP Multiple Origin AS (MOAS) Conflicts", in ACM SIGCOMM Internet Measurement Workshop, November 1-2, San Francisco, pp. 31-35 ps abstract
H.Y. Chang, S.F. Wu and Y.F. Jou, "Real-Time Protocol Analysis for Detecting Link-State Routing Protocol Attacks", ACM Transaction on Information and System Security (TISSEC), Feb. 2001, Vol. 4, pp. 1-36 abstract
Z. Fu, S. F. Wu, H. Huang, K. Loh, F. Gong, "IPSec/VPN Security Policy: Correctness, Conflict Detection and Resolution", IEEE Policy 2001 Workshop, Jan. 2001, Springer Vol. 1995, pp. 39-56 pdf abstract

2000

  M. Bellare, J. Kilian, and P. Rogaway, "The security of the cipher block chaining message authentication code," Journal of Computer and System Sciences (JCSS), vol. 61, no. 3, Dec 2000, pp. 362-399. pdf
M. Bellare and P. Rogaway, "Encode-then-encipher encryption: How to exploit nonces or redundancy in plaintexts for efficient cryptography," Advances in Cryptology - Asiacrypt '00, Lecture Notes in Computer Science, vol. 1976, T. Okamoto, ed., Springer-Verlag, Dec 2000. pdf
P. Devanbu, M. Gertz, C. Martel, P. Rogaway, S. G. Stubblebine: "Authentic Re-Publication by Untrusted Servers: A Novel Approach to Database Survivability," Third Information Survivability Workshop 2000. ISW-2000
P. Devanbu, M. Gertz, C. Martel, S. G. Stubblebine "Authentic Third-party Data Publication." 14th IFIP 11.3 Working Conference in Database Security, 2000.
J.R. Hughes, T. Aura, M. Bishop, "Using Conservation of Flow as a Security Mechanism in Network Protocols," IEEE Syposium on Security and Privacy 2000, pp. 131-132. abstract
M. Bishop, "Education in Information Security," IEEE Concurrency 8(4), pp. 4-8 (Oct.-Dec. 2000) pdf
T. Aura, M. Bishop, and D. Sniegowski, "Analyzing Single-Server Network Inhibition," Proceedings of the 13th Computer Security Foundations Workshop, pp. 108-117 (July 2000) pdf
M. Heckman, "Compositional verification of calling hiearchies using templates," Ph.D. dissertation, 2000. pdf
J. Hoagland, "Specifying and implementing security policies using LaSCO, the language for security constraints on objects," Ph.D. dissertation, 2000. pdf
T. Krovetz, "Software-optimized universal hashing and message authentication," Ph.D. dissertation, 2000 pdf
N. Puketza, "Approaches to computer security: Filtering, testing, and detection," Ph.D. dissertation, 2000 pdf
J. Black, "Message authentication codes," Ph.D. dissertation, 2000. pdf
J. Black and P. Rogaway, "CBC MACs for arbitrary-length messages: The three-key constructions,"
Advances in Cryptology - CRYPTO '00, Lecture Notes in Computer Science, vol. 1880, M. Bellare, ed., Springer-Verlag, pp. 197-215, Aug 2000. pdf
M. Bellare, D. Pointcheval, and P. Rogaway, "Authenticated key exchange secure against dictionary attacks," Advances in Cryptology - EUROCRYPT '00, Lecture Notes in Computer Science, vol. 1807, B. Preneel, ed., Springer-Verlag, pp. 139-155, 2000. pdf
D. Gilliam, J. Kelly, and M. Bishop, "Reducing Software Security Risk Through an Integrated Approach," Proceedings of the Ninth IEEE International Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises, pp. 141-146 (June 2000) html pdf
B. Hashii, S. Malabarba, R. Pandey and M. Bishop, "Supporting Reconfigurable Security policies for Mobile Programs," Computer Networks 33(1-6) pp. 77-93 (June 2000) pdf
S. Cheung and K.N. Levitt. 2000. "A Formal-Specification Based Approach for Protecting the Domain Name System." Proceedings of the International Conference on Dependable Systems and Networks, New York City, New York, June 25-28, 2000, pp.641-651. pdf
J.R. Hughes. "Conservation of Flow as a Security Mechanism in Network Protocols." Masters Thesis, June 2000. pdf
S. J. Templeton and K. Levitt, "A Requires/Provides Model for Computer Attacks." Proceedings of the New Security Paradigms Workshop 2000, Cork Ireland, Sept. 19-21, 2000 pdf
M. Abadi and P. Rogaway, "Reconciling two views of cryptography (The computational soundness of formal encryption)," J. of Cryptology, vol. 15, no. 2, pp. 103-127, 2002.
An abridged version of this paper appears at Theoretical Computer Science, Exploring New Frontiers in Theoretical Informatics. Lecture Notes in Computer Science, vol. 1872, pp 3-22, Springer 2000. pdf
T. Krovetz and P. Rogaway, "Fast universal hashing with small keys and no preprocessing: the PolyR construction," Information Security and Cryptology - ICICS 2000, Lecture Notes in Computer Science, vol. 2015, pp. 73-89, D.H. Won, ed., Springer-Verlag, 2000. pdf
M. Bishop, "Academia and Education in Information Security: Four Years Later," Proceedings of the Fourth National Colloquium on Information System Security Education (May 2000) html pdf
J.R. Hughes, T. Aura, M. Bishop "Using Conservation of Flow as a Security Mechanism in Network Protocols." Proceedings of the 2000 IEEE Symposium on Security and Privacy, Oakland, California, May 14-17, 2000, pp. 132-141. pdf
Z. Fu, H. Huang, T. Wu, S. F. Wu, F. Gong, et al. "ISCP: Design and Implementation of An Inter-Domain Security Management Agent (SMA) Coordination Protocol", IEEE NOMS 2000, pp. 565-578. pdf
X. Zhang, S. F. Wu, Z. Fu, T. Wu, "Malicious Packet Dropping: How It Might Impact the TCP Performance and How We Can Detect It", Proceedings of IEEE ICNP'00, Nov. 2000, pp. 263-272 . pdf  abstract
C. Xu, F. Gong, I. Baldine, C. Sargor, F. Jou, S. F. Wu, Z. Fu, H. Huang, "Celestial Security Management System", DARPA Information Survivability Conference and Exposition (DISCEX 2000), IEEE Computer Society Press, Proceedings, pp. 162-172, vol. 1. pdf
F. Wang, F. Gong, S.F. Wu, "A Property Oriented Fault Detection Approach for Link State Routing Protocol," Computer Communications and Networks, 2000, Proceedings, pp. 114-119. pdf
H.Y. Chang, S.F. Wu, et al., "Design and Implementation of a Real-Time Decentralized Source Identification System for Untrusted IP Packets", DARPA Information Survivability Conference and Exposition (DISCEX 2000), IEEE Computer Society Press, January, 2000. pdf
Y.F. Jou, F. Gong, S.F. Wu, H.Y. Chang, et al., "Design and Implementation of a Scalable Intrusion Detection System for the Protection of Network Infrastructure", DARPA Information Survivability Conference and Exposition (DISCEX 2000), IEEE Computer Society Press, January, 2000. pdf
J. Yuill, S.F. Wu, J. Settle, F. Gong, R. Forno, M. Huang, J. Asbery, "Intrusion-detection for incident-response, using a military battlefield-intelligence process." Computer Networks 34 (4): 671-697 (2000) pdf

1999

  M. Bishop, "Vulnerabilities Analysis," Proceedings of the Recent Advances in Intrusion Detection, pp. 125-136 (Sep. 1999) html pdf
M. Bishop, "What Do We Mean By "Computer Security Education," Proceedings of the 22nd National Information Systems Security Conference, (Oct. 1999) pdf
M. Bellare and P. Rogaway, "On the Construction of Variable-Input-Length Ciphers" Fast Software Encryption, 6th International Workshop, FSE'99, Lecture Notes in Computer Science, Springer-Verlag, 1999 abstract pdf
J. Black, S. Halevi, H. Krawczyk, T. Krovetz and P. Rogaway, "UMAC: Fast and secure message authentication," Advances in Cryptology - CRYPTO '99, Lecture Notes in Computer Science, vol. 1666, M. Wiener, ed., Springer-Verlag, 1999, pp. 216-233. pdf
A. Borgida and P. Devanbu, "Component =Inter-Operability - Putting 'DL' to 'IDL'." Proceedings of the International Conference on Software Enginering. pdf
S. Cheung, "An intrusion tolerance approach for protecting network infrastructures," Ph.D. dissertation, 1999. pdf
S. Cheung, R. Crawford, M. Dilger, J. Frank, J. Hoagland, K. Levitt, J. Rowe, S. Staniford-Chen, R. Yip, D. Zerkle, "The Design of GrIDS: A Graph-Based Intrusion Detection System." U.C. Davis Computer Science Department Technical Report CSE-99-2, 1999. pdf
C. Chung, M. Gertz, K. Levitt, "DEMIDS: A Misuse Detection System for Database Systems" To appear in Integrity and Internal Control in Information Systems IFIP WG11.5, 1999. pdf
W. Cohen and P. Devanbu, "Automatically Exploring Hypotheses about Fault Prediction: a Comparative Study of Inductive Logic Programming Methods" International Journal of Software Engineering and Knowledge Engineering, to appear. pdf
P. Devanbu, "Chime: Customizable Hyperlink Insertion and Maintenance Engine for Software Engineering Environments." International Conference on Software Engineering, in press. pdf
P. Devanbu, "GENOA - A Customizable, front-end retargetable Source Code Analysis Framework." ACM Transactions on Software Engineering and Methodology 27; accepted. pdf
P. Devanbu and S. G. Stubblebine, "Cryptographic Verification of Test Coverage Claims." IEEE Transactions on Software Engineering 24; in press. pdf
P. Devanbu, "A Reuse Nightmare: Honey, I got the wrong DLL (Invited Panel Position Paper)." Proceedings of the ACM Symposium on Software Reusability (ACM SSR'99). pdf
R. Feiertag, L. Benzinger, S. Rho, S. Wu, K. Levitt, D. Peticolas, M. Heckman, S. Staniford-Chen, C. Zhang, "Intrusion Detection Inter-component Adaptive Negotiation." Proceedings of the RAID 99: Recent Advances in Intrusion Detection. pdf
M. Gertz, S. Stubblebine, and P. Devanbu, "Security for Automated, Distributed Configuration Management." Proceedings of the ICSE 99 Workshop on Software Engineering over the Internet. pdf
Z. Fu, S. F. Wu, et al. "Security Issues for Differentiated Service Framework" Internet Draft, IETF, Oct. 1999. txt
F. Wang, F. Gong, S.F. Wu, "Intrusion Detection for Link State Routing Protocol Through Integrated Network Management" Computer Communications and Networks, 2000, Proceedings, pp. 694-699. pdf
Intrusion-Detection for Incident-Response: using a military battlefield-intelligence process RAID'99, the intrusion-detection conference at Purdue University. more info
T. Wu, S. F. Wu, Z. Fu, F. Gong, "Securing QoS: Threats to RSVP Messages and Their Countermeasures" IEEE/IFIP IWQoS'99, pp. 62-64. pdf
S.F. Wu, H.Y Chang, et al., "JiNao: Design and Implementation of a Scalable Intrusion Detection System for the OSPF Routing Protocol", Journal of Computer Networks and ISDN Systems, 1999.
H.Y. Chang, S.F. Wu, et al., "Deciduous: Decentralized Source Identification for Network-based Intrusions", 6th IFIP/IEEE International Symposium on Integrated Network Management, IEEE Communications Society Press, May 1999. pdf
J. Yuill, S.F. Wu, F. Gng, M. Huang "Intrusion Detection for an On-Going Attack." Recent Advances in Intrusion Detection, 1999.

1998

  M. Bellare, T. Krovetz, and P. Rogaway, "Luby-Rackoff backwards: Increasing security by making block ciphers non-invertible," Advances in Cryptology-Eurocrypt 98 Proceedings, Lecture Notes in Computer Science Vol. 1403 Springer-Verlag (1998) pdf
P. Rogaway and D. Coppersmith, "A Software-Optimized Encryption Algorithm," Journal of Cryptology, vol. 11, no. 4, pp. 273-287, 1998. pdf
M. Bellare, A. Desai, D. Pointcheval and P. Rogaway, "Relations Among Notions of Security for Public-Key Encryption Schemes," Advances in Cryptology - CRYPTO '98, Lecture Notes in Computer Science, Vol. 1462, H. Krawczyk, ed., Springer-Verlag pdf
K.A. Bradley, S. Cheung, N. Puketza, B. Mukherjee, and R.A. Olsson, "Detecting Disruptive Routers: A Distributed Network Monitoring Approach," Proceedings of the 1998 IEEE Symposium on Security and Privacy, Oakland, California, May 3-6, 1998, pp.115-124. pdf
M. Clifford, C. Lavine, and M. Bishop, "The Solar Trust Model: Authentication Without Limitation," Proceedings of the 14th Annual Computer Security Applications Conference, 1998, pp. 300-307 pdf
P. Devanbu, S. Stubblebine, "Preserving Data Structure Integrity on Hostile Platforms," IEEE Symposium on Security and Privacy Oakland, CA (1998). pdf
P. Devanbu, P.W. Wong, S. Stubblebine, "Techniques for Trusted Software Engineering," Proceedings of the 20th International Conference on Software Engineering Kyoto, Japan (1998). pdf
B. Hashii, M. Lal, R. Pandey and S. Samorodin, "Securing Systems Against External Programs," IEEE Internet Computing 2(6): 35-45 pdf
M. R. Heckman, and K. N. Levitt, "Applying the Composition Principle to Verify a Hierarchy of Security Servers," Proceedings of the Thirty-First Hawaii International Conference on System Sciences, 3, pp. 338-347 pdf
R. Pandey and B. Hashii, "Providing Fine-Grained Access Control for Mobile Programs Through Binary Editing" Submitted to 5th ACM Conference on Computer and Communications Security
R. Yip, K. Levitt, "Data Level Inference Detection in Database Systems," Proceedings of the 11th IEEE Computer Security Foundations Workshop, Rockport, Massachusetts, June 9-11, 1998, pp. 179-189. pdf
R. Yip, K. Levitt, "The Design and Implementation of a Data Level Database Inference Detection System," Proceedings of the Twelfth Annual IFIP WG 11.3 Working Conference on Database Security, Chalkidiki, Greece, July 15-17, 1998. pdf

1997

  M. Bellare, A. Desai, E. Jokipii, and P. Rogaway, "A Concrete Security Treatment of Symmetric Encryption," Proceedings of the 38th Annual Symposium on Foundations of Computer Science, pp. 115-124 pdf
M. Bellare and P. Rogaway, "Collision-Resistant Hashing: Towards Making UOWHFs Practical,"
Advances in Cryptology - CRYPTO '97, Lecture Notes in Computer Science, Vol. 1294, B. Kaliski, ed., Springer-Verlag, 1997. pdf
D. Beaver, J. Feigenbaum, J. Kilian and P. Rogaway, "Locally Random Reductions: Improvements and Applications," Journal of Cryptology, Winter 1997, pp. 17-36. pdf
M. Bishop, "Conspiracy and Information Flow in the Take-Grant Protection Model" Journal of Computer Security4(4)(1996) pp. 331-359 pdf
M. Bishop, "Information Survivability, Security, and Fault Tolerance," Position Paper for the Information Survivability Workshop Journal of Computer Security #6, (Feb.1997) pdf
M. Bishop, "Teaching Computer Security," Position Paper for the Workshop on Education in Computer Security, Monterey, CA (Jan. 1997). pdf
M. Bishop, S. Cheung, C. Wee, J. Frank, J. Hoagland, and S. Samorodin, "The Threat from the Net" IEEE Spectrum, 34(8):56-63 pdf
S. Cheung, K. N. Levitt, "Protecting Routing Infrastructures from Denial of Service Using Cooperative Intrusion Detection" Proc. New Security Paradigms Workshop 1997, Cumbria, UK, September 23-26, 1997. pdf
S. Cheung, "An Efficient Message Authentication Scheme for Link State Routing" Proc.13th Annual Computer Security Applications Conference, San Diego, California, December 8-12, 1997, pp. 90-98. pdf
P. Devanbu, S. Stubblebine, "Cryptographic Verification of Test Coverage Claims," Proceedings, Fifth ACM/SIGSOFT Conference on Foundations of Software Engineering Zurich, Switzerland (1997). pdf
G. Fink, M. Bishop, "Property Based Testing: A New Approach to Testing for Assurance," ACM SIGSOFT Software Engineering Notes, 22(4) (July 1997) pdf
C. Ko, M. Ruschitzka, and K. Levitt, "Execution Monitoring of Security-critical Programs in Distributed Systems: A Specification-based Approach," Proceedings of the 1997 IEEE Symposium on Security and Privacy, pp. 134-144 pdf
N. Puketza, M. Chung, R. A. Olsson and B. Mukherjee, "A Software Platform for Testing Intrusion Detection Systems," IEEE Software, 14(5): 43-51 pdf
C. Zhang, B. R. Becker, D. Peticolas, M. Heckman, K. Levitt, and R. A. Olsson, "Verification of a Distributed Computing System by Layered Proofs," Proceedings of the Thirtieth Hawaii International Conference on System Sciences, 5, pp. 252-261 pdf
J.N. Hansoty, M. Vouk, S.F. Wu, LAVA: Secure Delegation of Mobile Applets: Design, Implementation and Applications, in Second International Workshop on Enterprise Security, June 1997. gzipped ps
T.L. Wu, S.F. Wu, "Selective Encryption and Watermarking of MPEG Video" in International Conference on Image Science, Systems, and Technology, CISST'97, June 1997. gzipped ps
B. Vetter, F. Wang, S.F. Wu, "An Experimental Study of Insider Attacks for the OSPF Routing Protocol," May 1997. gzipped ps
F. Wang, B. Vetter, S.F. Wu, "Secure Routing Protocols: Theory and Practice". May 1997. gzipped ps
Y. F. Jou, F. Gong, C. Sargor, S. F. Wu, R. Cleaveland, "Architecture Design of a Scalable Intrusion Detection System for the Emerging Network Infrastructure," MCNC, Technical Report CDRL A005, April 1997. gzipped ps
S.F. Wu, T.L. Wu, "Run-Time Performance Evaluation of A Secure MPEG System Supporting Both Selective Watermarking and Encryption." March 1997. gzipped ps
F.Wang, S.F. Wu, "SNMP Security Protocol Analysis," Ji-Nao Working Report, January 1997. gzipped ps
S.F. Wu, F. Wang, B.M. Vetter, R. Cleaveland, Y.F. Jou, F. Gong, and C. Sargor, "Intrusion Detection for Link-State Routing Protocols" in IEEE Symposium on Security and Privacy (5 Minutes), May 1997. gzipped ps
R.J. Cherukuri, M. Peyravian, V. Surapaneni, and S.F. Wu, "A User Plane Security Protocol for ATM Networks Extended Abstract," in 5th International Conference on Telecommunication Systems, March 1997. gzipped ps

1996

  M. Bishop, M. Dilger, "Checking for Race Conditions in File Access," Computing Systems 9(2) (Spring 1996), pp. 131-152. abstract pdf
M. Bishop, L.T. Heberlein, "An Isolated Network for Research," The 19th National Information Systems Security Conference pdf
B. Guha, B. Mukherjee, "Network Security Via Reverse Engineering of TCP Code: Vulnerability Analysis and Proposed Solutions," Proc. of the IEEE Infocom'96 , San Francisco, CA, March 1996, pp. 603-610. abstract pdf
L.T. Heberlein, M. Bishop, "Attack Class: Address Spoofing," The 19th National Information Systems Security Conference. paper/pdf  slides/pdf
C.C.W. Ko, "Execution Monitoring of Security-Critical Programs in a Distributed System: A Specification-Based Approach," Ph.D. Thesis, August 1996. abstract pdf
G. Fink, "Discovering Security and Safety Flaws Using Property-Based Testing," Ph.D. dissertation, 1996. pdf
N. F. Puketza, K. Zhang, M. Chung, B. Mukherjee, R. A. Olsson , "A Methodology for Testing Intrusion Detection Systems," IEEE Transactions on Software Engineering, Vol.22, No.10, October 1996, pp.719-729. pdf
D. O'Brien, "Recognizing and Recovering from Rootkit Attacks," Sys Admin 5(11) (November 1996), pp. 8-20.
P. Rogaway with M. Bellare, "The Exact Security of Digital Signatures--How to Sign with RSA and Rabin," Earlier version appears in Advances in Cryptology -- Eurocrypt '96 , LNCS Vol.1070, U. Maurer ed., Springer-Verlag, pp. 399-416. pdf
P. Rogaway with J. Kilian, "How to Protect DES Against Exhaustive Key Search," Advances in Cryptology - CRYPTO '96. pdf
S. Staniford-Chen, S. Cheung, R. Crawford, M. Dilger, J. Frank, J. Hoagland, K. Levitt, C. Wee, R. Yip, D. Zerkle, "GrIDS -- A Graph-Based Intrusion Detection System for Large Networks," The 19th National Information Systems Security Conference. pdf
D. Zerkle, K. Levitt, "NetKuang--A Multi-Host Configuration Vulnerability Checker," Proc. of the 6th USENIX Security Symposium. San Jose, California, July 22-25, 1996, pp. 195-204. pdf
S.F. Wu, "Sleepy Authentication Services for IPSEC," in ESORIC-96, Italy, September 1996. gzipped ps
S.F. Wu, "Sleepy Security Management with Proxy-Based Filtering," April 1996. gzipped ps
S.F. Wu, "SSGP: Sleepy Security Gateway Protocol for IPSEC," in a Supplement to the Proceedings of the 1996 IEEE Symposium on Security and Privacy, May 1996.

1995

  M. Bishop, "Theft of Information in the Take-Grant Protection System," Journal of Computer Security, Vol.3, No.4, pp. 283-308. abstract
M. Bishop, "A Standard Audit Log Format," Proc. of the 1995 National Information Systems Security Conference. Baltimore, Maryland, October 10-13, 1995, pp. 136-145. pdf
M. Bishop, D.V. Klein, "Improving System Security via Proactive Password Checking," Computers & Security, 1995, Vol.14, No.3, pp. 233-249. postscript
S. Cheung, K.N. Levitt, C. Ko, "Intrusion Detection for Network Infrastructures," The 1995 IEEE Symposium on Security and Privacy, Oakland, CA, May 1995. Short Presentation. postscript
M. Chung, N. Puketza, R.A. Olsson, B. Mukherjee, "Simulating Concurrent Intrusions for Testing Intrusion Detection Systems: Parallelizing Intrusions," Proc. of the 1995 National Information Systems Security Conference. Baltimore, Maryland, October 10-13, 1995, pp. 173-183. abstract postscript
L.T. Heberlein, "Network Security Monitor (NSM) - Final Report," Lawrence Livermore National Laboratory project deliverable. pdf
J. Hoagland, C. Wee, K.N. Levitt, "Audit Log Analysis Using the Visual Audit Browser Toolkit," U.C. Davis Computer Science Department Technical Report CSE-95-11, 1995. abstract postscript
R.W. Lo, K.N. Levitt, R.A. Olsson, "MCF: a Malicious Code Filter," Computers & Security, 1995, Vol.14, No.6, pp. 541-566. abstract postscript
Mihir Bellare, Phillip Rogaway, "The complexity of approximating a nonlinear program," Journal of Mathematical Programming B, Vol. 69, No. 3, pp. 429-441, September 1995
P. Rogaway, "Bucket Hashing and Its Applications to Fast Message Authentication," Advances in Cryptology - CRYPTO '95. pdf
M. Bellare, P. Rogaway, "Optimal asymmetric encryption--How to encrypt with RSA," Extended abstract was in Advances in Cryptology - Eurocrypt 94, Lecture Notes in Computer Science Vol. 950. A. De Santis ed, Springer-Verlag, 1995. pdf
P. Rogaway with M. Bellare, "Provably Secure Session Key Distribution - The Three Party Case," Proc. of the 27th Annual ACM Symposium on Theory of Computing. Las Vegas, NV, May 29-June 1, 1995. abstract postscript
P. Rogaway with M. Bellare, R. Guerin, "XOR MACs: New Methods for Message Authentication Using Finite Pseudorandom Functions." Advances in Cryptology - CRYPTO '95. abstract  postscript
S. Staniford-Chen, L.T. Heberlein, "Holding Intruders Accountable on the Internet," Proc. of the 1995 IEEE Symposium on Security and Privacy, Oakland, CA, 8-10 May 1995, pp. 39-49. pdf
C. Wee, "LAFS: A Logging and Auditing File System," The 1995 IEEE Symposium on Security and Privacy, Oakland, CA, May 1995. extended abstract
C. Wee, "LAFS: A Logging and Auditing File System," Proc. of the 11th Computer Security Applications Conference, 1995. pdf

1994

  G. Fink, C. Ko, M. Archer, K. Levitt, "Toward a Property-based Testing Environment with Application to Security Critical Software," Proc. of the 4th Irvine Software Symposium. April 1994, pp. 39-48. abstract postscript
G. Fink, K. Levitt, "Property-based Testing of Privileged Programs," Proceedings of the 10th Annual Computer Security Applications Conference Orlando, FL, 5-9 Dec. 1994, pp. 154-163. pdf
J. Frank, "Machine Learning and Intrusion Detection: Current and Future Directions," Proc. of the 17th National Computer Security Conference, October 1994. postscript
C. Ko, G. Fink, K. Levitt, "Automated Detection of Vulnerabilities in Privileged Programs by Execution Monitoring," Proc. of the 10th Annual Computer Security Applications Conference, Orlando, FL, 5-9 Dec. 1994, pp. 134-144. pdf
K.N. Levitt, S. Cheung, "Common Techniques in Fault-Tolerance and Security," Proc. of the Dependable Computing for Critical Applications 4 , San Diego, California, 4-6 Jan. 1994, pp. 373-377. postscript
B. Mukherjee, L.T. Heberlein, K.N. Levitt, "Network Intrusion Detection," IEEE Network, May-June 1994, Vol.8, No.3, pp.26-41. pdf
N. Puketza, B. Mukherjee, R.A. Olsson, K. Zhang, "Testing Intrusion Detection Systems: Design Methodologies and Results from an Early Prototype," Proc. of the 17th National Computer Security Conference, October 1994, pp. 1-10.
P. Rogaway with M. Bellare, "Optimal Asymmetric Encryption," Eurocrypt '94. abstract postscript
P. Rogaway with M. Bellare, J. Kilian, "The Security of Cipher Clock Chaining," Advances in Cryptology - CRYPTO '94. Santa Barbara, CA, 21-25 August, 1994, pp. 341-358. abstract postscript
P. Tendick, N. Matloff, "A Modified Random Perturbation Method for Database Security," ACM Transactions on Database Systems, March 1994, Vol.19, No.1, pp.47-63. abstract
S.F. Wu, S. Mazumdar, S. Brady, D. Lavine, "On Implementing a Protocol Independent MIB," In Network Management and Control, Vol. 2, 1994. gzipped ps
S.F. Wu and G.E. Kaiser, "Non-Sharable Resource Freshness in Real-Time Scheduling," In RTS'94, France, January 1994. gzipped ps

1993

  M. Bishop, "Recent Changes to Privacy-Enchanced Electronic Mail," Journal of Internetworking: Research and Experience. Vol.4, No.1, March 1993, pp. 47-59. abstract
M. Bishop, "Password Selection Criteria," Proc. of the 6th International Computer Virus and Security Conference. New York, NY, March 1993.
M. Bishop, "Teaching Computer Security," Proc. of the 9th IFIP International Symposium on Computer Security, IFIP/Sec '93. May 1993, pp. 43-52. abstract
R. Crawford, P. Kerchen, K. Levitt, R. Olsson, M. Archer, M. Casillas, "Automated Assistance for Detecting Malicious Code," Proc. of the 6th International Computer Virus and Security Conference. New York, NY, 1993.
D. Gusfield with M.Y. Kao, "Detection and Protection of Linear Information in Cross Tabulation," SIAM Journal on Discrete Mathematics. Vol.6, No.3, August 1993, pp.460-476.
C. Ko, D. Frincke, T. Goan, L.T. Heberlein, K. Levitt, B. Mukherjee, C. Wee, "Analysis of an Algorithm for Distributed Recognition and Accountability," Proc. 1st ACM Conference on Computer and Communication Security. Fairfax, VA, Nov. 1993, pp. 154-164. abstract postscript
P. Rogaway with M. Bellare, "Entity Authentication and Key Distribution," Advances in Cryptology - CRYPTO '93. Santa Barbara, CA, 22-26 August, 1993, pp. 232-249. abstract postscript
P. Rogaway with M. Bellare, "Random Oracles are Practical: A Paradigm for Designing Efficient Protocols," Proc. of the 1st ACM Conference on Computer and Communication Security. Fairfax, VA, Nov. 1993, pp. 154-164. postscript
P. Rogaway with D. Coppersmith, "A Software-optimized Encryption Algorithm," Proc. of the Fast Software Encryption. Cambridge Security Workshop. Cambridge, UK, 9-11 Dec. 1993, pp. 56-63. abstract postscript
B. Wetmore, "Audit Browsing", Masters Thesis, 1993. pdf
G.E. Kaiser, W. Hseush, S. Popovich, and S.F. Wu, "Multiple Concurrency Control Policies in an Object-Oriented Programming System," In Research Directions in Concurrent Object-Oriented Programming, October 1993. gzipped ps
S.F. Wu, C. Perkins, P. Bhagwat, "Caching Location Data in Mobile Networking," In IEEE Workshop on Advances in Parallel and Distributed Systems, October 1993. gzipped ps
S.F. Wu, G.E. Kaiser, "Shared Memory vs. Message Passing in the Real-Time Producers/Consumers Problem," In IEEE PDRTS'93, April 1993. gzipped ps
S.F. Wu, G.E. Kaiser, "On Hard Real-Time Management Information," In IEEE First International Workshop on System Management, Los Angles, April 1993. gzipped ps
S.F. Wu, S. Mazumdar, S.Brady, EMOSY: An SNMP Protocol Object Generator for the PIMIB. In IEEE First International Workshop on System Management, Los Angles, April 1993. gzipped ps

1992

  M. Bishop, "Anatomy of a Proactive Password Changer," Proc. of the UNIX Security Symposium III Baltimore, MD, 14-16 Sept. 1992, pp. 171-84. abstract postscript
R. H. Crawford, R. A. Olsson, W. W. Ho, C. E. Wee, "Semantic Issues in the Design of Languages for Debugging," Proceedings of the 1992 International Conference on Computer Languages, pp. 252-261 pdf
G. Fink, L. Yang, M. Archer, "PM: A Unified Automated Deduction Tool for Verification," Proc. of the 15th National Computer Security Conference, Baltimore, MD, 13-16 October 1992, pp. 473-481.
D. Frincke, M. Archer, K. Levitt, "Finding Security Flaws in Concurrent Systems," Proc. of the 15th National Computer Security Conference, Baltimore, MD, 13-16 October 1992, pp. 194-203.
L.T. Heberlein, B. Mukherjee, K.N. Levitt, "Internetwork Security Monitor," Proc. of the 15th National Computer Security Conference, October 1992, pp. 262-271.
W. Ho, "Debugging and Dynamic Linking," Ph.D. Thesis, 1992. title sheet ps  postscript

1991

  J. Alves-Foss, K. Levitt, "The Verification of Secure Distributed Systems," COMPCON Spring '91. Digest of Papers. San Francisco, CA, 25 Feb.-1 March 1991, pp. 177-184 pdf
J. Alves-Foss, K. Levitt, "Verification of Secure Distributed Systems in Higher Order Logic: A Modular Approach Using Generic Components," Proc. of the 1991 IEEE Computer Society Symposium on Research in Security and Privacy. Oakland, CA, 20-22 May 1991, pp. 122-35 pdf
J. Alves-Foss, K. Levitt, "Mechanical Verification of Secure Distributed Systems in Higher Order Logic," Proc. of the 1991 International Workshop on the HOL Theorem Prover and its Applications, August 1991, pp. 263-278.
M. Archer, J. Bock, J. Frincke and K. Levitt, "Effectiveness of Operating System Prototyping from a Template: Application to MIMIX," Second International Workshop on Rapid System Prototyping: Shortening the Path from Specification to Prototype, 1991, pp. 55-66 pdf
M. Bishop, "An Authentication Mechanism for USENET," Proc. of the Winter 1991 USENIX Conference. 21-25 Jan. 1991, pp. 281-287. abstract
M. Bishop, "Password Management," COMPCON Spring '91. Digest of Papers. San Francisco, CA, 25 Feb.-1 March 1991, pp. 167-169. abstract pdf
M. Bishop, "A Proactive Password Checker," Proc. of the 7th International Conference on Information Security. May 1991, pp. 169-181. abstract postscript
M. Bishop, "Privacy-Enchanced Electronic Mail," Journal of Internetworking: Research and Experience. Vol.2, No.4, Dec. 1991, pp. 199-233. abstract
P. Rogaway, "The Round Complexity of Secure Protocols," MIT Ph.D. Thesis, June 1991 pdf
J. Brentano, S.R. Snapp, G.V. Dias, T.L. Goan, L.T. Heberlein, C.L. Ho, K.N. Levitt, B. Mukherjee, (with S.E. Smaha), "An Architecture for a Distributed Intrusion Detection System," Proc. of the 14th Department of Energy Computer Security Group Conference, May 1991, pp.(17)25-(17)45.
R. Crawford, R. Lo, J. Crossley, P. Kerchen, G. Fink, W. Ho, K. Levitt, R. Olsson, M. Archer, "A Testbed for Malicious Code Detection: A Synthesis of Static and Dynamic Analysis Techniques," Proc. of the 14th Department of Energy Computer Security Group Conference, May 1991, pp.(17)1-(17)23.
D. A. Frincke, G. L. Fisher, M. Archer and K. Levitt, "An Application of Template Methodology: Rapid Prototyping of User Interface Management Systems," Second International Workshop on Rapid System Prototyping: Shortening the Path from Specification to Prototype, 1991, pp. 55-66. pdf

1990

  M. Archer, D. Frincke and K. Levitt, "A Template for Rapid Prototyping of Operating Systems," First International Workshop on Rapid System Prototyping: Shortening the Path from Specification to Prototype, 1990, pp. 119-127 [PDF]
  M. Bishop, "Collaboration Using Roles," Software -- Practice and Experience. Vol.20, No.5, May 1990, pp. 485-498 [Abstract]
  M. Bishop, "An Extendable Password Checker," Proc. UNIX Security II Portland, OR, 27-28 Aug. 1990, pp. 15-16 [Abstract]
  M. Bishop, "A Security Analysis of the NTP Protocol Version 2," Proc. 6th Annual Computer Security Applications Conference Tucson, AZ, 3-7 Dec. 1990, pp. 20-29. [Abstract] [PDF]
  D. Frincke, M. Archer, K. Levitt, "A Planning System for the Intelligent Testing of Secure Software," Proc. 5th Annual RADC Knowledge Based Software Assistant (KBSA) Conference, 1990
  D. Gusfield, "A Little Knowledge Goes a Long Way: A Faster Algorithm for Finding Compromised Data in 2-D Tables," Proceedings of the 1990 IEEE Symposium on Research in Security and Privacy. Oakland, CA, 7-9 May 1990, pp. 86-94. [Abstract]
  L.T. Heberlein, G.V. Dias, K.N. Levitt, B. Mukherjee with J. Wood, D. Wolber, "A Network Security Monitor," Proceedings of the 1990 IEEE Symposium on Research in Security and Privacy. Oakland, CA, 7-9 May 1990, pp. 296-304. [Abstract][PDF]
  P. Kerchen, R. Lo, J. Crossley, G. Elkinbard, R. Olsson, "Static Analysis Virus Detection Tools for UNIX Systems," Proc. 13th National Computer Security Conference. Washington, DC, 1-4 Oct. 1990, pp. 350-365. [Abstract]
  P. Rogaway with D. Beaver, J. Feigenbaum, J. Kilian, "Security with Low Communication Overhead," Proc. Advances in Cryptology - CRYPTO '90, Santa Barbara, CA, 11-15 August, 1990, pp. 62-76. [Abstract]
  P. Rogaway with D. Beaver, S. Micali, "The Round Complexity of Secure Protocols," Proceedings of the 22nd Annual ACM Symposium on Theory of Computing. Baltimore, MD, 14-16 May 1990, pp. 503-513. [Abstract]
  D.R. Wichers, D.M. Cook, R.A. Olsson, J. Crossley, P. Kerchen, K. Levitt, R. Lo, "PACL's: An Access Control List Approach to Anti-viral Security," Proc. 13th National Computer Security Conference. Washington, DC, 1-4 Oct. 1990, pp. 340-349. [Abstract]
  P.J. Windley, "A Hierarchical Methodology for Verifying Microprogrammed Microprocessors," Proceedings of the 1990 IEEE Symposium on Research in Security and Privacy. Oakland, CA, 7-9 May 1990, pp. 345-357. [Abstract]
 

1989

  M. Bishop, "A Model of Security Monitoring," Proceedings of the Fifth Annual Computer Security Applications Conference, 1989, pp. 46-52 [PDF]
 

Questions or comments: seclab-staff@cs.ucdavis.edu