Search

Your search keyword '"Spafford, Eugene H."' showing total 262 results
Start Over Author "Spafford, Eugene H."
262 results on '"Spafford, Eugene H."'

2. A Hypergame Analysis for ErsatzPasswords

Author

Gutierrez, Christopher N., Almeshekah, Mohammed H., Bagchi, Saurabh, Spafford, Eugene H., Rannenberg, Kai, Editor-in-Chief, Sakarovitch, Jacques, Series Editor, Goedicke, Michael, Series Editor, Tatnall, Arthur, Series Editor, Neuhold, Erich J., Series Editor, Pras, Aiko, Series Editor, Tröltzsch, Fredi, Series Editor, Pries-Heje, Jan, Series Editor, Whitehouse, Diane, Series Editor, Reis, Ricardo, Series Editor, Furnell, Steven, Series Editor, Furbach, Ulrich, Series Editor, Winckler, Marco, Series Editor, Rauterberg, Matthias, Series Editor, Janczewski, Lech Jan, editor, and Kutyłowski, Mirosław, editor

Published
2018
Full Text
View/download PDF

3. Ghost Patches: Fake Patches for Fake Vulnerabilities

Author

Avery, Jeffrey, Spafford, Eugene H., Rannenberg, Kai, Editor-in-chief, Sakarovitch, Jacques, Series editor, Goedicke, Michael, Series editor, Tatnall, Arthur, Series editor, Neuhold, Erich J., Series editor, Pras, Aiko, Series editor, Tröltzsch, Fredi, Series editor, Pries-Heje, Jan, Series editor, Whitehouse, Diane, Series editor, Reis, Ricardo, Series editor, Furnell, Steven, Series editor, Furbach, Ulrich, Series editor, Winckler, Marco, Series editor, Rauterberg, Matthias, Series editor, De Capitani di Vimercati, Sabrina, editor, and Martinelli, Fabio, editor

Published
2017
Full Text
View/download PDF

7. Cyber Security Deception

Author

Almeshekah, Mohammed H., Spafford, Eugene H., Jajodia, Sushil, editor, Subrahmanian, V.S., editor, Swarup, Vipin, editor, and Wang, Cliff, editor

Published
2016
Full Text
View/download PDF

8. Enhancing Passwords Security Using Deceptive Covert Communication

Author

Almeshekah, Mohammed H., Atallah, Mikhail J., Spafford, Eugene H., Rannenberg, Kai, Editor-in-chief, Sakarovitch, Jacques, Series editor, Goedicke, Michael, Series editor, Tatnall, Arthur, Series editor, Neuhold, Erich J., Series editor, Pras, Aiko, Series editor, Tröltzsch, Fredi, Series editor, Pries-Heje, Jan, Series editor, Whitehouse, Diane, Series editor, Reis, Ricardo, Series editor, Murayama, Yuko, Series editor, Dillon, Tharam, Series editor, Gulliksen, Jan, Series editor, Rauterberg, Matthias, Series editor, Federrath, Hannes, editor, and Gollmann, Dieter, editor

Published
2015
Full Text
View/download PDF

12. Back Channels Can Be Useful! – Layering Authentication Channels to Provide Covert Communication

Author

Almeshekah, Mohammed H., Atallah, Mikhail J., Spafford, Eugene H., Hutchison, David, editor, Kanade, Takeo, editor, Kittler, Josef, editor, Kleinberg, Jon M., editor, Mattern, Friedemann, editor, Mitchell, John C., editor, Naor, Moni, editor, Nierstrasz, Oscar, editor, Pandu Rangan, C., editor, Steffen, Bernhard, editor, Sudan, Madhu, editor, Terzopoulos, Demetri, editor, Tygar, Doug, editor, Vardi, Moshe Y., editor, Weikum, Gerhard, editor, Christianson, Bruce, editor, Malcolm, James, editor, Stajano, Frank, editor, Anderson, Jonathan, editor, and Bonneau, Joseph, editor

Published
2013
Full Text
View/download PDF

13. Cyber Security: Assessing Our Vulnerabilities and Developing an Effective Defense

Author

Spafford, Eugene H., Hutchison, David, editor, Kanade, Takeo, editor, Kittler, Josef, editor, Kleinberg, Jon M., editor, Mattern, Friedemann, editor, Mitchell, John C., editor, Naor, Moni, editor, Nierstrasz, Oscar, editor, Pandu Rangan, C., editor, Steffen, Bernhard, editor, Sudan, Madhu, editor, Terzopoulos, Demetri, editor, Tygar, Doug, editor, Vardi, Moshe Y., editor, Weikum, Gerhard, editor, Gal, Cecilia S., editor, Kantor, Paul B., editor, and Lesk, Michael E., editor

Published
2009
Full Text
View/download PDF

14. Risks and Uncertainties in Virtual Worlds: An Educators' Perspective

Author

Farahmand, Fariborz, Yadav, Aman, and Spafford, Eugene H.

Abstract

Virtual worlds present tremendous advantages to cyberlearning. For example, in virtual worlds users can socialize with others, build objects and share them, customize parts of the world and hold lectures, do experiments, or share data. However, virtual worlds pose a wide range of security, privacy, and safety concerns. This may lead educators to become (or not) apprehensive of the virtual worlds in using and adapting them as learning technologies. This study examined how educators perceive risks and uncertainties in virtual worlds. We also investigated how educators' level of use of virtual worlds influences their risk perception level. Our results indicate a divergence between risk perception and reality in the virtual worlds. We use the seminal risk perception model developed by Fischhoff and his colleagues, and our revision to this model to explain these results. Finally, we discuss implications of our research for education management, and make recommendations to educators and policy makers who consider using virtual worlds as a learning technology.

Published
2013
Full Text
View/download PDF

17. Virtual Playgrounds for Worm Behavior Investigation

Author

Jiang, Xuxian, Xu, Dongyan, Wang, Helen J., Spafford, Eugene H., Hutchison, David, editor, Kanade, Takeo, editor, Kittler, Josef, editor, Kleinberg, Jon M., editor, Mattern, Friedemann, editor, Mitchell, John C., editor, Naor, Moni, editor, Nierstrasz, Oscar, editor, Pandu Rangan, C., editor, Steffen, Bernhard, editor, Sudan, Madhu, editor, Terzopoulos, Demetri, editor, Tygar, Dough, editor, Vardi, Moshe Y., editor, Weikum, Gerhard, editor, Valdes, Alfonso, editor, and Zamboni, Diego, editor

Published
2006
Full Text
View/download PDF

27. Tracing worm break-in and contaminations via process coloring: a provenance-preserving approach

Author

Xuxian Jiang, Buchholz, Florian, Walters, Aaron, Dongyan Xu, Yi-Min Wang, and Spafford, Eugene H.

Subjects
Visualization (Computers) -- Usage, Computer capacity -- Evaluation, Computer viruses -- Control, Internet -- Safety and security measures, Internet -- Methods, Internet security, Virus, Business, Computers, Electronics, Electronics and electrical industries
Abstract

Process coloring is a provenance-preserving approach to worm warning and investigation. Results suggest the efficiency and effectiveness of process coloring.

Published
2008

29. CuPIDS: An exploration of highly focused, co-processor-based information system protection

Author

Williams, Paul D. and Spafford, Eugene H.

Abstract

To link to full-text access for this article, visit this link: http://dx.doi.org/10.1016/j.comnet.2006.09.011 Byline: Paul D. Williams, Eugene H. Spafford Keywords: Intrusion detection; Information system security; Co-processor; Multi-processor; Security policy compliance monitoring Abstract: The Co-Processing Intrusion Detection System (CuPIDS) project explores improving information system security through dedicating computational resources to system security tasks in a shared resource, multi-processor (MP) architecture. Our research explores ways in which this architecture offers improvements over the traditional uni-processor (UP) model of security. One approach we examined has a protected application running on one processor in a symmetric multi-processing (SMP) system while a shadow process specific to that application runs on a different processor. The shadow process monitors the application process' activity, ready to respond immediately if the application violates policy. Experiments with a prototype CuPIDS system demonstrate the feasibility of this approach in the context of a self-protecting and self-healing system. An untuned prototype supporting fine-grained protection of the real-world application WU-FTP resulted in less than a 15% slowdown while demonstrating CuPIDS' ability to quickly detect illegitimate behavior, raise an alarm, automatically repair the damage done by the fault or attack, allow the application to resume execution, and export a signature for the activity leading up to the error. Author Affiliation: Air Force Institute of Technology, Wright-Patterson Air Force Base, Department of Electrical and Computer Engineering, OH, United States CERIAS, Purdue University, West Lafayette, IN, United States Article Note: (footnote) [star] The opinions expressed in this paper are those of the authors, and do not necessarily reflect the views of the US Air Force, or the US Government.

Published
2007

30. Automated adaptive intrusion containment in systems of interacting services

Author

Wu, Yu-Sung, Foo, Bingrui, Mao, Yu-Chun, Bagchi, Saurabh, and Spafford, Eugene H.

Subjects
Algorithm, Algorithms -- Analysis
Abstract

To link to full-text access for this article, visit this link: http://dx.doi.org/10.1016/j.comnet.2006.09.006 Byline: Yu-Sung Wu (a), Bingrui Foo (a), Yu-Chun Mao (a), Saurabh Bagchi (a), Eugene H. Spafford (a)(b) Keywords: Automated adaptive intrusion response; Intrusion containment; E-commerce system; Survivability; Attack graphs Abstract: Large scale distributed systems typically have interactions among different services that create an avenue for propagation of a failure from one service to another. The failures being considered may be the result of natural failures or malicious activity, collectively called disruptions. To make these systems tolerant to failures it is necessary to contain the spread of the occurrence automatically once it is detected. The objective is to allow certain parts of the system to continue to provide partial functionality in the system in the face of failures. Real world situations impose several constraints on the design of such a disruption tolerant system of which we consider the following - the alarms may have type I or type II errors; it may not be possible to change the service itself even though the interaction may be changed; attacks may use steps that are not anticipated a priori; and there may be bursts of concurrent alarms. We present the design and implementation of a system named Adepts as the realization of such a disruption tolerant system. Adepts uses a directed graph representation to model the spread of the failure through the system, presents algorithms for determining appropriate responses and monitoring their effectiveness, and quantifies the effect of disruptions through a high level survivability metric. Adepts is demonstrated on a real e-commerce testbed with actual attack patterns injected into it. Author Affiliation: (a) Dependable Computing System Lab (DCSL) and CERIAS, School of Electrical and Computer Engineering, Purdue University, 465 Northwestern Avenue, West Lafayette, IN 47907, United States (b) School of Computer Science, Purdue University, 250 N. University Street, West Lafayette, IN 47907-2066, United States

Published
2007

34. Intrusion Response Systems: A Survey

Author

Foo, Bingrui, primary, Glause, Matthew W., additional, Howard, Gaspar M., additional, Wu, Yu-Sung, additional, Bagchi, Saurabh, additional, and Spafford, Eugene H., additional

Published
2008
Full Text
View/download PDF

37. Run-time label propagation for forensic audit data

Author

Buchholz, Florian and Spafford, Eugene H.

Abstract

To link to full-text access for this article, visit this link: http://dx.doi.org/10.1016/j.cose.2007.07.002 Byline: Florian Buchholz (a), Eugene H. Spafford (b)(c) Abstract: It is desirable to be able to gather more forensically valuable audit data from computing systems than is currently done or possible. This is useful for the analysis of events that took place on the system for the purpose of digital forensic investigations. In this paper we propose a mechanism that allows arbitrary meta-information bound to principals on a system to be propagated based on causality and influenced by information flow. We further discuss how to implement such a mechanism for the FreeBSD operating system and present a proof-of-concept implementation that has little overhead compared to the system without label propagation. Author Affiliation: (a) Department of Computer Science, James Madison University, MSC 4103, Harrisonburg, VA 22807, United States (b) CERIAS, Purdue University, 656 Oval Drive, West Lafayette, IN 47907, United States (c) Department of Computer Science, Purdue University, West Lafayette, IN 47907, United States Article History: Received 7 September 2006; Accepted 30 July 2007

Published
2007

38. PFIRES: a policy framework for information security: creating and maintaining effective security strategy and policy for software applications

Author

Rees, Jackie, Bandyopadhyay, Subhajyoti, and Spafford, Eugene H.

Subjects
Company systems management, Information technology, MIS, Electronic commerce, Information technology -- Information management, Information technology -- Safety and security measures, Management information systems -- Information management, Management information systems -- Safety and security measures, Electronic commerce -- Information management, Electronic commerce -- Safety and security measures
Published
2003

40. Are computer hacker break-ins ethical?

Author

Spafford, Eugene H.

Subjects
Hacker, Access Controls, Computer Design, Ethics, Social Issue, Industry Analysis, Management of EDP, Data Security, Issues/Society
Published
1992

41. An execution-backtracking approach to debugging

Author

Agrawal, Hiralal, DeMillo, Richard A., and Spafford, Eugene H.

Subjects
Programming, Debugging/testing software, New Technique, Backtracking, Problem Solving, Methods, Program Development Techniques, Tutorial
Published
1991

45. The Case for Disappearing Cyber Security.

Author

Dykstra, Josiah and Spafford, Eugene H.

Subjects
*INTERNET security, *END users (Information technology), *AUTOMATION, *SOFTWARE upgrades, *COMPUTER software installation
Abstract

The author argues that cyber security should be kept out of sight and out of mind for end users. Topics include the possible deployment of less-vulnerable systems by developers using tools or techniques such as code minimization and type-safe languages, the failure of end users to take actions required to improve cyber security, and end users' acceptance of automatic patch updates built into desktop software.

Published
2018
Full Text
View/download PDF

Catalog

Books, media, physical & digital resources
See catalog results