Cybersecurity

Proceedings - International Conference on Software Engineering

Volumn , Issue , 2003, Pages 705-715

  Kemmerer, Richard A ^a  

^a University of California   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

COMPUTER CRIME; DATA PRIVACY; INTERNET; SECURITY OF DATA;

CYBER ATTACKS; CYBERSECURITY;

SOFTWARE ENGINEERING;

EID: 0037587236     PISSN: 02705257     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/icse.2003.1201257     Document Type: Conference Paper

References (36)

1. J. Anderson, et al. Computer Security Technology Planning Study. Technical Report ESD-TR-73-51, Deputy for Command and Management Systems, HQ Electronic Systems Division (AFSC), 1972. Vol. 1.
2. W. Bevier. Kit: A study in operating system verification. IEEE Transactions on Software Engineering, 15(11), November 1989.
3. Cert coordination center statistics, http://www.cert.org/stats/, 2003.
4. Minutes of the First Workshop on Covert Channel Analysis. IEEE Cipher, July 1990. Los Angeles, CA.
5. Z. Dang and R. Kemmerer. Using the astral model checker to analyze mobile i. In Proceedings of the International Conference on Software Engineering, pages 132-141, May 1999.
6. F. De Paoli, A. dos Santos, and R. Kremmerer. Mobile Agents and Security, volume 1419, chapter Web Browsers and Security, pages 235-256. Springer-Verlag, 1998.
7. D. Denning. Cryptography and Data Security. Addison Wesley, Reading, Massachusetts, 1982.
8. S. Forrest. A Sense of Self for UNIX Processes. In Proceedings of the IEEE Symposium on Security and Privacy, pages 120-128, Oakland, CA, May 1996.
9. A. Ghosh, J. Wanken, and F. Charron. Detecting Anomalous and Unknown Intrusions Against Programs. In Proceedings of the Annual Computer Security Application Conference (ACSAC'98), pages 259-267, Scottsdale, AZ, December 1998.
10. B. Hebbard, et al., A Penetration Analysis of the Michigan Terminal System. ACM Operating Systems Review, 14(1), January 1980.
11. P. Herzog. Open source security testing methodology manual. http://www.isecom.org/projects/osstm.htm, February 2002.
12. K. Ilgun, R. Kemmerer, and P. Porras. State Transition Analysis: A Rule-Based Intrusion Detection System. IEEE Transactions on Software Engineering, 21(3):181-199, March 1995.
13. Internet Security Systems. Introduction to RealSecure Version 3.0, January 1999.
14. H. Javitz and A. Valdes. The NIDES Statistical Component Description and Justification. Technical report, SRI International, Menlo Park, CA, March 1994.
15. R. Kemmerer. Shared Resource Matrix Methodology: An Approach to Identifying Storage and Timing Channels. ACM Transactions on Computer Systems, 1(3), August 1983.
16. R. Kemmerer. A practical approach to identifying storage and timing channels: Twenty years later. In Proceedings of the Eighteenth Annual Computer Security Applications Conference, Las Vegas, Nevada, December 2002.
17. R. Kemmerer, C. Meadows, and J. Millen, Three systems for cryptographic protocol analysis. Journal of Cryptography, 7(2):79-130, 1994.
18. C. Ko, M. Ruschitzka, and K. Levitt. Execution Monitoring for Security-Critical Programs in Distributed Systems: A Specification-based Approach. In Proceedings of the 1997 IEEE Symposium on Security and Privacy, pages 175-187, May 1997.
19. www.10pht.com/10phcrack.
20. B. Lampson. A Note on the Confinement Problem. Communications of the ACM, 16:613-615, October 1973.
21. R. Linde, Operating System Penetration. In Proceedings of the National Computer Conference, volume 44, Montvale, N.J., 1975. AFIPS Press.
22. S. Lipner. A Comment on the Confinement Problem. In Proceedings of the Fifth Symposium on Operating Systems Principles, the University of Texas at Austin, November 1975.
23. R. Lippmann, S. Webster, and D. Stetson. The effect of identifying vulnerabilities and patching software on the utility of network intrusion detection. In A. Wespi, G. Vigna, and L. Deri, editors, Proceedings of Recent Advances in Intrusion Detection, pages 307-326. Springer, 2002.
24. E. McCauley, and P. Drognowski. KSOS: The Design of a Secure Operating System. In Proceedings of the National Computer Conference. AFIPS Press, June 1979.
25. G. McGraw and E. Felten. Java Security: Hostile Applets, Holes and Antidotes. John Wiley and Sons, 1996.
26. J. Millen. Security Kernel Validation in Practice. Communications of the ACM, 19:243-250, May 1976.
27. D. Moore, V. Paxson, S. Savage, C. Shannon, S. Staniford, and N. Weaver. The spread of the sapphire/slammer worm. http://www.siliconfedense.com/research/sapphire/, February 2003.
28. NFR Security. Overview of NFR Network Intrusion Detection System, February 2001.
29. R. Roesch. Snort - Lightweight Intrusion Detection for Networks. In Proceedings of the USENIX LISA '99 Conference, November 1999.
30. P. Ryan, S. Schneider, M. Goldsmith, G. Lowe, and B. Roscoe. Modelling and Analysis of Security Protocols. Addison Wesley Professional, 2000.
31. J. Saltzer and M. Schroeder. The protection of information in computer systems. Proceedings of the IEEE, 63(9):1278-1308, September 1975.
32. Sans/fbi top 20 list. http://www.sans.org/top20/, 2002.
33. J. Silverman. Reflections on the Verification of the Security of an Operating Systems Kernel. Communications of the ACM, 1983.
34. Sun Microsystems, Inc. Installing, Administering, and Using the Basic Security Module. 2550 Garcia Ave., Mountain View, CA 94043, December 1991.
35. J. Viega and G. McGraw. Building Secure Software: How to Avoid Security Problems the Right Way. Addison Wesley, October 2001.
36. B. Walker, R. Kemmerer, and G. Popek. Specification and Verification of the UCLA Security Kernel. Communications of the ACM, 23:118-131, 1980.