Good neighbors can make good fences: A peer-to-peer user security system

IEEE Technology and Society Magazine

Volumn 26, Issue 1, 2007, Pages 17-24

  Friedman, Allan ^a  

^a HARVARD UNIVERSITY   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

COMPUTER NETWORKS; COMPUTER SYSTEM FIREWALLS; COMPUTER WORMS; NETWORK SECURITY; SOCIAL SCIENCES;

PEER-TO-PEER USER SECURITY SYSTEM;

USER INTERFACES;

EID: 34147170931     PISSN: 02780097     EISSN: None     Source Type: Journal    
DOI: 10.1109/MTAS.2007.335569     Document Type: Article

References (33)

1. AOL/NCSA, Online Safety Study, Produced by America Online and the National Cyber Security Association, 2005; http://www.staysafeonline.org/ pdf/safety_study_2005.pdf.
2. R.J. Anderson, "Why information security is hard: An economic perspective," in Proc. 17th Annual Computer Security Applications Conf. (Washington, DC), 2001.
3. S. Berinato, "Patch and pray," CSO Magazine, Aug. 2003; http://www.csoonline.com/read/080103/patch.html.
4. H.K. Browne, W.A. Arbaugh et al., "A trend analysis of exploitations, presented at IEEE Symp. on Security and Privacy, Oakland, CA, 2001.
5. L.J. Camp and C. Wolfram, "Pricing security," in Proc. CERT Information Survivability Workshop (Boston, MA), 2000, pp. 31-39.
6. L.J. Camp, "Mental models of computer security," in Proc. 8th Int. Conf. Financial Cryptography, 2004.
7. H. Cavusoglu, H. Cavusoglu, and S, Raghunathan, "Emerging issues in responsible vulnerability disclosure," presented at Workshop on the Economics of Information Security (WEIS05), Cambridge, MA, 2005.
8. J. Chandler, Tort Liability for Cyber Insecurity: The Case of Distributed Denial of Service Attacks. Securing Privacy in the Internet Age, Stanford Law School, Palo Alto, CA, 2004.
9. L.F. Cranor, M. Arjula et al., "Use of a P3P user agent by early adopters," in Proc. ACM Workshop on Privacy in the Electronic Society. 2002.
10. J. Evers, "Microsoft ponders automatic patching," InfoWorld/IDG News Service, Aug. 22, 2003; http://www.infoworld.com/article/03/08/22/HNautopatch_1.html.
11. J. Granick, "Faking it: Criminal sanctions and the cost of computer intrusions," presented at Workshop on the Economics of Information Security (WEIS05), Cambridge, MA, 2005.
12. J.O. Kephart, D. Chess, and S. R. White, "Computer viruses and epidemiology," IEEE Spectrum, May 1993.
13. M. Kotadia, "Windows Update flaw 'left PCs open' to MSBlast," ZDNet UK, Aug. 15, 2003; http://news.zdnet.co.uk/software/windows/ 0,39020396,39115732,00.html
14. B. Krebs, "Invasion of the computer snatchers," Washington Post Mag., Feb. 19, 2006; http://www.washingtonpost.com/wp-dyn/content/ article/2006/02/14/AR2006021401342.html.
15. C.E. Landwehr, A.R. Bull et al., "A taxonomy of computer program security flaws, with examples," ACM Computing Surveys, vol. 26, no. 3, 1994.
16. R. Lemos, "Good worm, new bug mean double trouble," CNET News.com Aug. 19, 2003; http://news.com.com/ Good+worm,+new+bug+mean+double+trouble/2100-1002_3-5065644.html.
17. L. Lessig, Code and Other Laws of Cyberspace. New York, NY: Basic, 1999.
18. E. Levy, "Approaching zero," IEEE Security and Privacy, vol. 2, no. 4, pp. 65-66, 2004.
19. J. Leydon, "MS Windows Update site falls to Code Red," Security Focus, Sept. 2001.
20. M. McPherson, L. Smith-Lovin, and J.M. Cook, "Birds of a feather: Homophily in social networks." Annual Rev. of Sociology, vol. 27, no. 3, 2001.
21. D. Moore, V. Paxson, S. Savage, C. Shannon, S. Staniford, and N. Weaver, "Inside the slammer worm," IEEE Security and Privacy, vol. 1, no. 4, 2003.
22. R. Putnam, Bowling Alone: The Collapse and Revival of American Community. New York, NY: Simon & Schuster, 2000.
23. E. Rescorla, "Is finding security holes a good idea?," presented at Workshop on the Economics of Information Security (WEIS04), Minneapolis, MN, 2004.
24. SANS Institute, "Survival Time History," 2004; http://isc.sans.org/survivalhistory.php.
25. B. Schneier, "We don't spend enough (on security)," presented at First Workshop on the Economics of Information Security, Berkeley, CA, 2002.
26. C. Shannon and D. Moore, "The spread of the witty worm," IEEE Security and Privacy, vol. 2, no. 4, 2004.
27. R. Telang and S. Wattal, "Impact of software vulnerability announcements on the market value of software vendors - An empirical investigation," presented at Workshop on the Economics of Information Security (WEIS05), Cambridge, MA, 2005.
28. H. Varian, "System reliability and free riding," N. Sadeh, Ed., in Proc. the Workshop on Internet Computing and E-Commerce (ICEC2003), New York, NY: 2003.
29. M. de Vivo, E. Carrasco, G. Isern, and G.O. de Vivo, "A review of port scanning techniques," ACM SIGCOMM Computer Communications Rev., vol. 2, pp. 41-48, 1999.
30. N. Weaver, V.Paxson, S. Staniford, and R. Cunningham, "Large scale malicious code: A research agenda," Tech. Rep., DARPA sponsored report, 2003.
31. B. Wellman, J. Boase, and W. Chen, "The networked nature of community online and offline," IT & Society, vol. 1, no. 1, 2002.
32. W. Yurcik and D. Doss, "CyberInsurance: A market solution to the Internet security market," presented at First Workshop on the Economics of Information Security, Berkeley, CA, 2002.
33. W. Yurcik, J. Barlow, and J. Rosendale, "Maintaining perspective on who is the enemy in the security systems administration of computer networks," presented at ACM CHI Workshop on System Administrators Are Users, Too: Designing Workspaces for Managing Internet-Scale Systems, Fort Lauderdale, FL, 2003.