| Aleph One |
Smashing the Stack for Fun and Profit |
1996 |
Phrack Magazine
Vol. 49(14) |
article |
URL |
| Asonov, D. & Agrawal, R. |
Keyboard Acoustic Emanations |
2004 |
IEEE Symp. on Security and Privacy, pp. 3-11 |
inproceedings |
DOI |
| Bell, D. & La~Padula, L. |
Secure Computer Systems: Mathematical Foundations and Model |
1973 |
|
techreport |
URL |
| Bellovin, S.M. |
A Look Back at "Security Problems in the TCP/IP Protocol Suite" |
2004 |
Annual Computer Security Applications Conf. (ACSAC), pp. 229-249 |
inproceedings |
DOI |
| Biba, K. |
Integrity Considerations for Secure Computer Systems |
1977 |
|
techreport |
URL |
| Bisht, P., Madhusudan, P. & Venkatakrishnan, V.N. |
CANDID: Dynamic candidate evaluations for automatic prevention of SQL injection attacks |
2010 |
ACM Trans. Inf. Syst. Secur
Vol. 13(2), pp. 1-39 |
article |
DOI |
| Blaze, M. |
Safecracking for the Computer Scientist |
2004 |
|
techreport |
URL |
| Blaze, M. |
Cryptology and Physical Security: Rights Amplification in Master-Keyed Mechanical Locks |
2003 |
IEEE Security and Privacy
Vol. 1(2)IEEE Symp. on Security and Privacy, pp. 24-32 |
article |
DOI |
| Blaze, M. |
Notes on Picking Pin Tumbler Locks |
2003 |
|
misc |
URL |
| Boldt, M. & Carlsson, B. |
Privacy-Invasive Software and Preventive Mechanisms |
2007 |
Malware: An Introduction, pp. 78-95 |
incollection |
DOI |
| Bono, S.C., Green, M., Stubblefield, A., Juels, A., Rubin, A.D. & Szydlo, M. |
Security analysis of a cryptographically-enabled RFID device |
2005 |
USENIX Security Symp., pp. 1-15 |
inproceedings |
URL |
| Borisov, N., Goldberg, I. & Wagner, D. |
Intercepting mobile communications: the insecurity of 802.11 |
2001 |
MobiCom. Conf., pp. 180-189 |
inproceedings |
DOI |
| Boyd, S.W. & Keromytis, A.D. |
SQLrand: Preventing SQL Injection Attacks |
2004 |
Applied Cryptography and Network Security Conf. (ACNS), pp. 292-302 |
inproceedings |
DOI |
| Brewer, D.F. & Nash, M.J. |
The Chinese Wall Security Policy |
1989 |
IEEE Symp. on Security and Privacy, pp. 206-218 |
inproceedings |
DOI |
| Chaum, D. |
Blind Signatures for Untraceable Payments |
1982 |
Advances in Cryptology: Proc. CRYPTO, pp. 199-203 |
inproceedings |
URL |
| Cheswick, W.R., Bellovin, S.M. & Rubin, A.D. |
Firewalls and Internet Security: Repelling the Wily Hacker |
2003 |
|
book |
URL |
| Cohen, F. |
Computer viruses: theory and experiments |
1987 |
Computers and Security
Vol. 6(1), pp. 22 - 35 |
article |
DOI |
| Comer, D.E. |
Internetworking with TCP/IP: Principles, Protocols, and Architecture |
2006 |
Vol. 1 |
book |
URL |
| Courtois, N., Bard, G.V. & Wagner, D. |
Algebraic and Slide Attacks on KeeLoq |
2008 |
Vol. 5086Workshop on Fast Software Encryption (FSE), pp. 97-115 |
inproceedings |
DOI |
| Cowan, C., Pu, C., Maier, D., Hintony, H., Walpole, J., Bakke, P., Beattie, S., Grier, A., Wagle, P. & Zhang, Q. |
StackGuard: automatic adaptive detection and prevention of buffer-overflow attacks |
1998 |
Proce. USENIX Security Symp., pp. 63-78 |
inproceedings |
URL |
| Czeskis, A., Hilaire, D.J.S., Koscher, K., Gribble, S.D., Kohno, T. & Schneier, B. |
Defeating encrypted and deniable file systems: TrueCrypt v5.1a and the case of the tattling OS and applications |
2008 |
USENIX Conf. on Hot Topics in Security (HOTSEC), pp. 1-7 |
inproceedings |
URL |
| Daemen, J. & Rijmen, V. |
The Design of Rijndael: AES---The Advanced Encryption Standard |
2002 |
|
book |
URL |
| Damgård, I. |
A Design Principle for Hash Functions |
1989 |
Vol. 435Cryptology Conf. (CRYPTO), pp. 416-427 |
inproceedings |
DOI |
| Dhamija, R., Tygar, J.D. & Hearst, M. |
Why phishing works |
2006 |
SIGCHI Conf. on Human Factors in Computing Systems, pp. 581-590 |
inproceedings |
DOI |
| Di Crescenzo, G., Graveman, R.F., Ge, R. & Arce, G.R. |
Approximate Message Authentication and Biometric Entity Authentication |
2005 |
Vol. 3570Conf. on Financial Cryptography and Data Security (FC), pp. 240-254 |
inproceedings |
DOI |
| Diffie, W. & Hellman, M.E. |
New directions in cryptography |
1976 |
IEEE Trans. on Information Theory
Vol. IT-22(6), pp. 644-654 |
article |
DOI |
| Doeppner, T.W. |
Operating Systems In Depth: Design and Programming |
2011 |
|
book |
URL |
| van Eck, W. |
Electromagnetic radiation from video display units: An eavesdropping risk? |
1985 |
Computers & Security
Vol. 4(4), pp. 269 - 286 |
article |
DOI URL |
| Elgamal, T. |
A Public Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms |
1985 |
IEEE Trans. on Information Theory
Vol. IT-31(4), pp. 469-472 |
article |
DOI |
| Feldman, A.J., Halderman, J.A. & Felten, E.W. |
Security analysis of the Diebold AccuVote-TS voting machine |
2007 |
USENIX/ACCURATE Electronic Voting Technology Workshop (EVT) |
inproceedings |
URL |
| Ferguson, N., Schneier, B. & Kohno, T. |
Cryptography Engineering |
2010 |
|
book |
URL |
| Ferraiolo, D.F., Kuhn, R.D. & Chandramouli, R. |
Role-Based Access Control, Second Edition |
2007 |
|
book |
URL |
| Ferraiolo, D.F., Sandhu, R.S., Gavrila, S.I., Kuhn, D.R. & Chandramouli, R. |
Proposed NIST standard for role-based access control |
2001 |
ACM Trans. Inf. Syst. Secur.
Vol. 4(3), pp. 224-274 |
article |
DOI |
| Fetzer, C. & Xiao, Z. |
Detecting Heap Smashing Attacks through Fault Containment Wrappers |
2001 |
IEEE Symp. on Reliable Distributed Systems (SRDS), pp. 80-89 |
inproceedings |
DOI |
| Garcia-Alfaro, J. & Navarro-Arribas, G. |
A Survey on Detection Techniques to Prevent Cross-Site Scripting Attacks on Current Web Applications |
2008 |
Vol. 5141Critical Information Infrastructures Security, pp. 287-298 |
incollection |
DOI |
| Garman, J. |
Kerberos: The Definitive Guide |
2003 |
|
book |
URL |
| Grünbacher, A. |
POSIX Access Control Lists on Linux |
2003 |
USENIX Annual Technical Conf., FREENIX Track, pp. 259-272 |
inproceedings |
URL |
| Griffiths, P.P. & Wade, B.W. |
An Authorization Mechanism for a Relational Database System |
1976 |
ACM Trans. on Database Systems
Vol. 1(3), pp. 242-255 |
article |
DOI |
| Halderman, J.A., Schoen, S.D., Heninger, N., Clarkson, W., Paul, W., Calandrino, J.A., Feldman, A.J., Appelbaum, J. & Felten, E.W. |
Lest We Remember: Cold Boot Attacks on Encryption Keys |
2008 |
USENIX Security Symp., pp. 45-60 |
inproceedings |
URL |
| Hill, L.S. |
Cryptography in an Algebraic Alphabet |
1929 |
The American Mathematical Monthly
Vol. 36, pp. 306-312 |
article |
URL |
| Hoglund, G. & Butler, J. |
Rootkits: Subverting the Windows Kernel |
2005 |
|
book |
URL |
| Hussain, A., Heidemann, J. & Papadopoulos, C. |
A framework for classifying denial of service attacks |
2003 |
SIGCOMM, pp. 99-110 |
inproceedings |
DOI |
| Indesteege, S., Keller, N., Dunkelman, O., Biham, E. & Preneel, B. |
A Practical Attack on KeeLoq |
2008 |
Vol. 4965Conf. on the Theory and App. of Cryptographic Techniques (EUROCRYPT), pp. 1-18 |
inproceedings |
DOI |
| Jain, A.K., Ross, A. & Prabhakar, S. |
An Introduction to Biometric Recognition |
2004 |
IEEE Trans. Circuits and Systems for Video Technology
Vol. 14(1), pp. 4-20 |
article |
DOI |
| Jovanovic, N., Kirda, E. & Kruegel, C. |
Preventing Cross Site Request Forgery Attacks |
2006 |
IEEE Conf. on Security and Privacy in Comm. Networks (SecureComm) |
inproceedings |
DOI |
| Kaempf, M. |
Vudo Malloc Tricks (Smashing the Heap for Fun and Profit) |
2001 |
Phrack Magazine
Vol. 57 |
article |
URL |
| Kanich, C., Kreibich, C., Levchenko, K., Enright, B., Voelker, G.M., Paxson, V. & Savage, S. |
Spamalytics: An Empirical Analysis of Spam Marketing Conversion |
2008 |
ACM Conf. on Computer and Communications Security (CCS), pp. 3-14 |
inproceedings |
DOI |
| Kaufman, C., Perlman, R. & Speciner, M. |
Network Security: Private Communication in a Public World |
2003 |
|
book |
URL |
| Kerckhoffs, A. |
La cryptographie militaire |
1883 |
Journal des sciences militaires
Vol. IX, pp. 5-38 and 161-191 |
article |
URL |
| Keromytis, A.D., Ioannidis, J. & Smith, J.M. |
Implementing IPsec |
1997 |
IEEE GlobeCom Conf., pp. 1948-1952 |
inproceedings |
DOI |
| Kocher, P.C., Jaffe, J. & Jun, B. |
Differential Power Analysis |
1999 |
Vol. 1666Cryptology Conf. (CRYPTO), pp. 388-397 |
inproceedings |
DOI |
| Kuhn, M.G. |
Electromagnetic Eavesdropping Risks of Flat-Panel Displays |
2005 |
Vol. 3424Workshop on Privacy Enhancing Technologies, pp. 88-107 |
inproceedings |
DOI |
| Kuhn, M.G. |
Security Limits for Compromising Emanations |
2005 |
Vol. 3659Workshop on Cryptographic Hardware and Embedded Systems (CHES), pp. 265-279 |
inproceedings |
DOI |
| Kuhn, M.G. |
Compromising Emanations: Eavesdropping Risks of Computer Displays |
2003 |
(UCAM-CL-TR-577) |
techreport |
URL |
| Kuhn, M.G. |
Optical Time-Domain Eavesdropping Risks of CRT Displays |
2002 |
IEEE Symp. on Security and Privacy, pp. 3-18 |
inproceedings |
DOI |
| Lenstra, A.K. & de Weger, B. |
Chosen-Prefix Collisions for MD5 and Colliding X.509 Certificates |
2007 |
Vol. 4515Conf. on the Theory and Applications of Cryptographic Techniques (EUROCRYPT), pp. 1-22 |
inproceedings |
DOI |
| Lhee, K.-S. & Chapin, S.J. |
Buffer overflow and format string overflow vulnerabilities |
2003 |
Software Practice and Experience
Vol. 33(5), pp. 423-460 |
article |
DOI |
| Li, C., Shirani-Mehr, H. & Yang, X. |
Protecting Individual Information Against Inference Attacks in Data Publishing |
2007 |
Vol. 4443Conf. on Database Systems for Advanced Applications (DASFAA), pp. 422-433 |
inproceedings |
DOI |
| Li, K., Zhong, Z. & Ramaswamy, L. |
Privacy-Aware Collaborative Spam Filtering |
2009 |
IEEE Trans. Parallel Distrib. Syst.
Vol. 20(5), pp. 725-739 |
article |
DOI |
| Lioy, A., Maino, F., Marian, M. & Mazzocchi, D. |
DNS Security |
2000 |
TERENA Networking Conf. |
inproceedings |
URL |
| Menezes, A.J. & van Oorschot andScott A. Vanstone, P.C. |
Handbook of Applied Cryptography |
1996 |
|
book |
URL |
| Messerges, T.S., Dabbish, E.A. & Sloan, R.H. |
Examining Smart-Card Security under the Threat of Power Analysis Attacks |
2002 |
IEEE Trans. Computers
Vol. 51(5), pp. 541-552 |
article |
DOI |
| Messerges, T.S., Dabbish, E.A. & Sloan, R.H. |
Power Analysis Attacks of Modular Exponentiation in Smartcards |
1999 |
Cryptographic Hardware and Embedded Systems
Vol. 1717, pp. 144-157 |
article |
DOI |
| Moore, D., Shannon, C., Brown, D.J., Voelker, G.M. & Savage, S. |
Inferring Internet denial-of-service activity |
2006 |
ACM Trans. Comput. Syst.
Vol. 24(2), pp. 115-139 |
article |
DOI |
| Murdoch, S.J. & Anderson, R. |
Verified by Visa and MasterCard SecureCode: Or, How Not to Design Authentication |
2010 |
Vol. 6052Conf. on Financial Cryptography and Data Security, pp. 336-342 |
inproceedings |
DOI |
| Naor, D., Naor, M. & Lotspiech, J. |
Revocation and Tracing Schemes for Stateless Receivers |
2001 |
Vol. 2139Cryptology Conf. (CRYPTO), pp. 41-62 |
inproceedings |
DOI |
| Needham, R.M. & Schroeder, M.D. |
Using encryption for authentication in large networks of computers |
1978 |
Commun. ACM
Vol. 21(12), pp. 993-999 |
article |
DOI |
| Nentwich, F., Jovanovic, N., Kirda, E., Kruegel, C. & Vigna, G. |
Cross-Site Scripting Prevention with Dynamic Data Tainting and Static Analysis |
2007 |
Network and Distributed System Security Symp. (NDSS) |
inproceedings |
URL |
| NSA |
Venona |
2009 |
|
misc |
URL |
| Paar, C., Eisenbarth, T., Kasper, M., Kasper, T. & Moradi, A. |
KeeLoq and Side-Channel Analysis-Evolution of an Attack |
2009 |
Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC), pp. 65-69 |
inproceedings |
DOI |
| Pierce, E. |
|
2008 |
|
misc |
URL |
| Pierce, E. |
|
2008 |
|
misc |
URL |
| Pierce, E. |
|
2006 |
|
misc |
URL |
| Pierce, E. |
|
2004 |
|
misc |
URL |
| Pierce, E. |
|
2004 |
|
misc |
URL |
| Pierce, E. |
|
2004 |
|
misc |
URL |
| Pierce, E. |
|
2004 |
|
misc |
URL |
| Pierce, E. |
|
2004 |
|
misc |
URL |
| Pierce, E. |
|
2004 |
|
misc |
URL |
| Preneel, B. |
The State of Cryptographic Hash Functions |
1999 |
Lectures on Data Security, Modern Cryptology in Theory and Practice, pp. 158-182 |
inproceedings |
DOI |
| Provos, N. |
A Virtual Honeypot Framework |
2004 |
13th USENIX Security Symp., pp. 1-14 |
inproceedings |
URL |
| Purwono, A. |
Acoustic Cryptanalysis Attempts on CPU and Keyboard |
2008 |
|
misc |
URL |
| Quirke, J. |
Security in the GSM System |
2004 |
AusMobile |
techreport |
URL |
| Rao, J.R., Rohatgi, P., Scherzer, H. & Tinguely, S. |
Partitioning Attacks: Or How to Rapidly Clone Some GSM Cards |
2002 |
IEEE Symp. on Security and Privacy, pp. 31-44 |
inproceedings |
DOI |
| Rivest, R., Shamir, A. & Adleman, L. |
A Method for Obtaining Digital Signatures and Public-Key Cryptosystems |
1978 |
Comm. of the ACM
Vol. 21(2), pp. 120-126 |
article |
DOI |
| Rivest, R.L. |
The ThreeBallot Voting System |
2006 |
|
misc |
URL |
| Rivest, R.L. & Smith, W.D. |
Three Voting Protocols: ThreeBallot, VAV, and Twin |
2007 |
Electronic Voting Technology Workshop (EVT) |
inproceedings |
URL |
| Roesch, M. |
Snort---Lightweight Intrusion Detection for Networks |
1999 |
USENIX Conf. on System Administration (LISA), pp. 229-238 |
inproceedings |
URL |
| Rubin, A. |
Brave New Ballot |
2006 |
|
book |
URL |
| Saltzer, J.H. & Schroeder., M.D. |
The Protection of Information in Computer Systems |
1975 |
Proceedings of the IEEE
Vol. 63(9), pp. 1278-1308 |
article |
DOI |
| Savage, S., Cardwell, N., Wetherall, D. & Anderson, T. |
TCP congestion control with a misbehaving receiver |
1999 |
SIGCOMM Comput. Commun. Rev.
Vol. 29(5), pp. 71-78 |
article |
DOI |
| Schneier, B. |
Secrecy, Security, and Obscurity |
2002 |
Crypto-Gram Newsletter |
inproceedings |
URL |
| Shacham, H., Page, M., Pfaff, B., Goh, E.-J., Modadugu, N. & Boneh, D. |
On the effectiveness of address-space randomization |
2004 |
ACM Conf. on Computer and Comm. Security (CCS), pp. 298-307 |
inproceedings |
DOI |
| Shamir, A. & Tromer, E. |
Acoustic Cryptanalysis---On Nosy People and Noisy Machines |
2004 |
|
misc |
URL |
| Shannon, C.E. |
Prediction and Entropy of Printed English |
1951 |
Bell System Technical Journal
Vol. 30, pp. 50-64 |
article |
URL |
| Shannon, C.E. |
The synthesis of two-terminal switching circuits |
1949 |
Bell Syst. Tech. J.
Vol. 28, pp. 59-98 |
article |
URL |
| Shannon, C.E. |
A Mathematical Theory of Communication |
1948 |
Bell System Technical Journal
Vol. 27, pp. 379-423 and 623-656 |
article |
URL |
| Sherwood, R., Bhattacharjee, B. & Braud, R. |
Misbehaving TCP receivers can cause internet-wide congestion collapse |
2005 |
ACM Conf. on Computer and Comm. Security, pp. 383-392 |
inproceedings |
DOI |
| Silberschatz, A., Galvin, P.B. & Gagne, G. |
Operating System Concepts |
2008 |
|
book |
URL |
| Singh, S. |
The Code Book: The Science of Secrecy from Ancient Egypt to Quantum Cryptography |
1999 |
|
book |
URL |
| Stallings, W. |
Network Security Essentials: Applications and Standards |
2011 |
|
book |
URL |
| Stinson, D.R. |
Cryptography: Theory and Practice |
2006 |
|
book |
URL |
| Stubblefield, A., Ioannidis, J. & Rubin, A.D. |
A key recovery attack on the 802.11b wired equivalent privacy protocol (WEP) |
2004 |
ACM Trans. on Information and System Security
Vol. 7, pp. 319-332 |
article |
DOI |
| Szor, P. |
The Art of Computer Virus Research and Defense |
2005 |
|
book |
URL |
| Tanenbaum, A.S. |
Computer Networks |
2011 |
|
book |
URL |
| Tobias, M.W. & Bluzmanis, T. |
Open in Thirty Seconds: cracking one of the most secure locks in America |
2008 |
|
book |
URL |
| Tool, T.T. |
Guide to Lock Picking |
1991 |
|
misc |
URL |
| Trappe, W. & Washington, L.C. |
Introduction to Cryptography with Coding Theory |
2006 |
|
book |
URL |
| Tuyls, P. & Goseling, J. |
Capacity and Examples of Template Protecting Biometric Authentication Systems |
2004 |
Vol. 3087ECCV Workshop on Biometric Authentication (BioAW), pp. 158-170 |
inproceedings |
DOI |
| Vernam, G.S. |
Secret Signaling System |
1919 |
|
misc |
URL |
| Whitten, A. & Tygar, J.D. |
Why Johnny can't encrypt: a usability evaluation of PGP 5.0 |
1999 |
USENIX Security Symp., pp. 169-184 |
inproceedings |
URL |
| Wirken, G. |
|
2008 |
|
misc |
URL |
| Wong, C.K., Gouda, M. & Lam, S.S. |
Secure group communications using key graphs |
2000 |
IEEE/ACM Trans. Netw.
Vol. 8(1), pp. 16-30 |
article |
DOI |
| Wright, C., Kleiman, D. & Shyaam, S. |
Overwriting Hard Drive Data: The Great Wiping Controversy |
2008 |
Vol. 5352Conf. on Information Systems Security (ICSS), pp. 243-257 |
inproceedings |
DOI |
| Zhuang, L., Zhou, F. & Tygar, J.D. |
Keyboard acoustic emanations revisited |
2005 |
ACM Conf. on Computer and Comm. Security, pp. 373-382 |
inproceedings |
DOI |
| Zimmermann, P.R. |
The official PGP user's guide |
1995 |
|
book |
URL |
| Zou, C.C., Gong, W. & Towsley, D. |
Code Red worm propagation modeling and analysis |
2002 |
ACM Conf. on Computer and Comm. Security, pp. 138-147 |
inproceedings |
DOI |
| Zou, C.C., Gong, W., Towsley, D. & Gao, L. |
The monitoring and early detection of internet worms |
2005 |
IEEE/ACM Trans. Netw.
Vol. 13(5), pp. 961-974 |
article |
DOI |
|
Security with Noisy Data |
2007 |
|
book |
URL |
|
Windows API Reference |
2010 |
|
manual |
URL |
