Florida State University
Computer Science Department
Security Research Group

Bibliography


Main

Group Schedule

Presented Papers

People

Security Protocols

Intrusion Detection

Wireless Security

Publications

NSA Security Proffesional
Certificate

Security Related Courses

Security Related Conferences

SAIT Labs

DoD Scholarship

Grant Proposal Tips

Links

Bibliography

  • [AAHK00] Yair Amir, Giuseppe Ateniese, Damian Hasse, Yongdae Kim, Cristina Nita-Rotaru, Theo Schlossanagle, John Schultz, Jonathan Stanton, Gene Tsudik, "Secure Group Communication in Asynchronous Networks with Failures: Integration and Experiments", Proceedings of The 20th International Conference on Distributed Computing Systems (ICDCS 2000), April 2000.

  • [AF98] J. Alves-Foss, "Multi-protocol Attacks and the Public Key Infrastructure", In Proc. National Information System Security Conference, pp 566-76, October 1998

  • [AFG00] Martin Abadi, Cedric Fournet, Georges Gonthier, "Authentication Primitives and their Compilation", Proceedings of the 27th ACM Symposium on Principles of Programming Languages (January 2000), 302-315.

  • [AFV95] Anderson, Frivold, and Valdes, Next Generation Intrusion Detection Expert System (NIDES): A Summary, SRI International technical report number SRI-CSL-95-07.

  • [AK97]  R. Anderson and M. Kuhn, "Low Cost Attacks on Tamper Resistant Devices, Security Protocols", 5th International Workshop, Paris, France, April 7-9, 1997, Proceedings, Springer-Verlag, LNCS 1361, pp. 125-136.

  • [ALJ95] Anderson, Lunt, Javitz, Tamaru, and Valdes, Detecting Unusual Program Behavior Using the Statistical Component of the Next-generation Intrusion Detection Expert System (NIDES), SRI International technical report number SRI-CSL-95-06.

  • [AN94] Martin Abadi and Roger Needham, "Prudent Engineering Practice for Cryptographic Protocols", From the 1994 IEEE Computer Society Symposium on Research in Security and Privacy, pp.  122-136

  • [AS97] J. Alves-Foss and T. Soule, "A Weakest Precondition Calculus for Analysis of Cryptographic Protocols", DIMACS Workshop on Design and Formal Verification of Security Protocols, Sept 1997

  • [AST00] Guisseppe Ateniese, Michael Steiner, Gene Tsudik, "New Mulitparty uthentication Services and Key Agreement Protocols", IEEE Journal of Selected Areas in Communications, Vol. 18, No. 4, (Apr 2000): pp 1-13

  • [AT91] Martin Abadi and Mark R.  Tuttle, "A Semantics for a Logic of Authentication", Tenth Annual ACM Symp on Princ of Dist Computing, Montreal, Canada, August, 1991

  • [BAN88] Burrows, M., Abadi, M., and Needham, R.  M.  "A Practical Study in Belief and Action",  In Proc of the 2nd Conf on Theoretical Aspects of Reasoning about Knowledge (Asilomar, Ca., Feb.  1988) M.  Vardi, Ed.  Morgan Kaufmann, Los Altos, Calif., 1988, pp.  325-342

  • [BAN89]  Burrows, M., Abadi, M., and Needham, R.  M.  "A Logic of Authentication",  In Proceedings of the Royal Society of London, A 426:233-271, 1989

  • [BAN90] Burrows, M., Abadi, M., and Needham, R.  M. 'A Logic of Authentication', ACM Transactions on Computer Systems, Vol. 8, No. 1, Feb 1990, pp. 18-36.

  • [BAN90b] Burrows, M., Abadi, M., and Needham, R.  M., 'Rejoinder to Nessett', ACM Operating Systems Review, vol. 24, no. 2, April 1990, pp. 39-40

  • [BDFP02] Chiara Bodei, Pierpapaolo Degano, Riccardo Focardi, and Corrado Priami, "Authentication Primitives for Refining Protocol Specificaions", Workshop on Issues in the Theory of Security (in conjunction with POPL'02), Portland, Oregon, USA, January 14-15, 2002

  • [BDWY01] Michael Burmester, Yvo Desmedt, Rebecca Wright, and Alec Yasinsac, "Security or Privacy, Must We Choose?", Computer Science and Telecommunication Board, Critical Infrastructure Protection and the Law Project, October, 2002

  • [BGI98] Balasubramaniyan, Garcia-Fernandez, Isacoff, Spafford, and Zamboni, An Architure for Intrusion Detection using Autonomous Agents, COAST Laboratory, Purdue University technical report, May 1998.

  • [BGM00] M. Bernaschi, E. Gabrielli, and LvV. Mancini, "Operating System Enhancements to Prevent the Misuse of System Calls", Proceedings of the 7th ACM Conference on Computer and Communications Security, Nov 2000, pp 174-84

  • [BIEB90] Bieber, Pierre, 'A Logic for Communication in a Hostile Environment', in Proceedings of the Third Workshop on Foundations of Computer Security, June 1990, Franconia, NH

  • [BIRD92] Ray Bird, Inder Gopal, Amir Herzberg, Phil Janson, Shay Kutten, Refik Molva, and Moti Yung. "Systematic Design of Two-Party Authentication Protocols." In Joan Fegenbaum, editor, Advances in Cryptography - CRYPTO `91, volume 576 of Lecture Notes in Comuter Science. Springer Verlag, Berlin, 1992

  • [BIRD93] Ray Bird, Inder Gopal, Amir Herzberg, Phil Janson, Shay Kutten, Refik Molva, and Moti Yung. "Systematic Design of a Family of Attack Resistant Authentication Protocols", IEEE Journal on Selected Areas in Communications, Vol 11, No. 5, June 1993

  • [BJM97] Simon Blake-Wilson, Don Johnson, and Alfred Menzenes, "Key Agreement Protocols and their Security Analysis", Proceedings of the sixth IMA International Conference on Cryptography and Coding, Lecture Notes in Computer Science, 1355 (1997), 30-45

  • [BL73] D. E. Bell and L. LaPadula, "Secure Computer Systems: Mathematical Foundations and Model, M74-244, MITRE Corp. Bedford, MA, 1973

  • [BM90] Steven M. Bellovin & Michael Merritt, "Limitations of the Kerberos Authentication System", Computer Communications Review, Oct 1990

  • [BR93] Mihir Bellare and Phillip Rogaway, "Random Oracles are Practical: A Paradigm for Designing Efficient Protocols", First ACM Conference on Computer and Communications Security, ACM, November 1993, pp 62-73

  • [BMM99] S. Brackin, C. Meadows and J. Millen, "CAPSL interface for the NRL Protocol Analyzer," IEEE Symposium on Application-Specific Systems and Software Engineering Technology (ASSET '99), 1999

  • [Brac00] S. Brackin, "Automatically Detecting Most Vulnerabilities in Cryptographic Protocols", in The DARPA Information Survivability Conf and Exposition, Jan 2000, V.1, pp 222-36

  • [Can0] Ran Canetti, "Security and Composition of Multi-party Cryptographic Protocols", Journal of Cryptology, Vol. 13, No. 1, 2000, pp. 143-202

  • [CAN97] R.Canetti. Towards realizing random oracles: Hash functions that hide all partial information. Updated version of the paper that appears in the proceedings of CRYPTO '97, Springer LNCS 1294, 455-470, 1997.

  • [CDEKS96] Crosbie, M.; Dole, B.; Ellis, T.; Krsul, I.; Spafford, E, "IDIOT - Users Guide", Technical Report TR-96-050, Purdue University, COAST Laboratory, Sept. 1996

  • [CGH98] Ran Canetti, Oded Goldreich, and S. Halevi, "The Random Oracle Methodology, Revisited," Proceedings of STOC '98 (1998) 209--218.

  • [CHEN90] Cheng, Pau-Chen and Gligor, Virgil D. 'On the formal specification and verification of a Multiparty Session Protocol'.  From 1990 IEEE Computer Society Symposium on Research in Security and Privacy, pp. 216-233

  • [Chi00] Justin Childs, 'Evaluating the TLS Family of Protocols with Weakest Precondition Reasoning',  Master's Thesis, Florida State University, Dept of Computer Science, June 2000

  • [CJ] J. Clark and J. Jacob. A survey of authentication protocol literature: Version 1.0. A continually updated library of protocols analyzed in the literature, available at www.cs.york.ac.uk/~jac/.

  • [CJM98] E. Clarke, S. Jha, and W. Marrero, "Using State Space Exploration and a Natural Deduction Style Message Derivation Engine to Verify Security Protocols", In Proceedings of the IFIP Working Conference on Programming Concepts and Methods, 1998

  • [CMO01] Veronique Cortier and Jonathan Millen and Harald Rueb, "Proving secrecy is easy enough", 14th IEEE Computer Security Foundations Workshop, IEEE Computer Society, 2001

  • [Coh00] Ernie Cohen, "TAPS: A First-Order Verifier for Cryptographic Protocols", 13th Computer Security Foundations Workshop, June, 2000, IEEE

  • [CORSS] Judy Crow, Sam Owre, John Rushby, Natarajan Shankar, Mandayam Srivas, "A Tutorial Introduction to PVS", Computer Science Laboratory, SRI International, Menlo Park, Ca 94025

  • [COS98] Ran Canetti, Oded Goldreich, and S. Halevi, "The Random Oracle Methodology, Revisited," Proceedings of STOC '98 (1998) 209--218.

  • [CY01] Justin Childs and Alec Yasinsac, "Using Weakest Preconditions to Evaluate the Transport Layer Security Protocol", Proceedings of The Sixth IEEE International Symposium on High Assurance Systems Engineering, pp 149-59, Boca Raton, FL, Oct 24-26, 2001.

  • [Dav96] Don Davis, "Compliance Defects in Public-Key Cryptography'', Proceedings of the 6th USENIX Security Symp, San Jose, CA, 1996, pp. 171-178

  • [DBS92] H. Debar, M. Becker, D. Siboni, "A Neural Network Component for an Intrusion Detection System", Proc 1992 IEEE Computer Society Symposium on Research In Security and Privacy, Oaklad, CA, May 1992, pp. 240-250

  • [DDW99] "Towards a Taxonomy of Intrusion Detection Systems", Herve Debar, Marc Dacier, Andreas Wespi, Computer Networks, 31, pp 805-822, Elsevier, 1999

  • [DEN86] Dorothy E. Denning, "An Intrusion-Detection Model",  From 1986 IEEE Computer Society Symposium on Research in Security and Privacy, pp 118-31

  • [DES77] National Bureau of Standards (NBS). Data Encryption Standard. Dederal Infor-mation Processing Standard, Publication 46, NBS, Washington, D.C., January 1977

  • [DF90] Y. Desmedt and Y. Frankel, "Threshold Cryptosystems," In Crypto 89, Springer-Verlag Lecture Notes in Computer Science (Vol. 435), pp307-15, 1990

  • [DH76] Whitfield Diffie and Martin Hellman, "New Directions In Cryptography," IEEE Transactions on Information Theory, IT-22(6):644-654, November 1976

  • [Dijk76] Edsger W.  Dijkstra, 'A Discipline of Programming', Prentice Hall Series in Automatic Computation, Prentice-Hall Inc. Englewood Cliffs, NJ, 1976

  • [DKK00] T. W. Doeppner, P.N. Klein, and A. Koyfman, "Using Router Stamping to Identify the Source of IP Packets", Proceedings of the 7th ACM Conference on Computer and Communications Security, Nov 2000, pp 184-89

  • [DMT98] G. Denker, J. Meseguer, and C. Talcott, "Protocol Specification and Analysis in Maude," in Formal Methods and Security Protocols, 1998, LICS '98 Workshop.

  • [DM00] G. Denker and J. Millen, "CAPSL Integrated Protocol Environment", in Proceedings of the DARPA Information Survivability Conference and Expo 2000, Vol. 1, pp. 207-21

  • [DOW92] W. Diffie, P. C. van Oorshot, and M. J. Wiener, "Authentication and Authenticated Key Exchanges", Designs, Codes and Cryptography, 2(2):107-125, June 1992

  • [DS81] D. E. Denning and G. M. Sacco, "Timestamps in key distribution protocols," Communications of the ACM, vol.  24, no.  8, Aug 1981, pp.  533-536

  • [DS99] Daniels and Spafford, "Identification of Host Audit Data to Detect Attacks on Low-level IP", Journal of Computer Security,  Volume 7, Issue 1, 1999

  • [DY83] Dolev, D., and Yao, A.C.  "On the security of public key protocols".  IEEE Trans.  Inf.  Theory IT-29, 2(Mar.  1983), pp.  198-208.  Also Stan-CS-81-854, May 1981, Stanford U.

  • [ESCH95] Eschrich, Real-Time User Identification Employing Standard UNIX Accounting, Department of Computer Science, Florida State University, Master’s Thesis, fall 1995.

  • [ESCH95] Eschrich, Real-Time User Identification Employing Standard UNIX Accounting, Department of Computer Science, Florida State University, Master’s Thesis, fall 1995.

  • [ES00] Carl Ellison and Bruce Schneier, "Ten Risks of PKI, What You Are Not Being Told About PKI", Computer Security Journal, Vol. XVI, No. 1, 2000

  • [ESNB97] Esmaili, Safavi-Naini, and Balachandran, AUTOGUARD: A continuous case-based intrusion detection system, Australian Computer Science Communications v19 n1 1997 p 392-401 0157-3055 ACSCDD.

  • [ESNP96] Esmaili, Safavi-Naini, and Pieprzyk, Computer intrusion detection and incomplete information, Univ. of Wollongong, Amirkabir (Journal of Science and Technology) v8 n31 Spring-Summer 1996, Amirkabir University of Technology Tehran 15 Iran p 49-55.

  • [FFS88] Uriel Feige, Amos Fiat, and Adi Shamir, “Zero-knowledge proofs of identity,” Journal of Cryptology, vol. 1, no. 2, pp. 77–94, 1988.

  • [Gar00]  Lee Garber, "Denial -of-Service Attacks Rip the Internet",  In Technology News, IEEE Computer, Volume 33, Number 4, pp. 12-17 April 2000

  • [GHR99] R.Gennaro, S.Halevi and T.Rabin. Secure Hash-and-Sign Signatures without the Random Oracle, Proceedings of EUROCRYPT'99, Springer-Verlag, LNCS 1592, pp. 123-139.

  • [GMR89] Shafi Goldwasser, Silvio Micali, and Charles Rackoff, "The Knowledge Complexity of Interactive Proof Systems," SIAM J. Comput., February 1989, Vol. 18, No. 1, pp. 186--208

  • [GNY90]  Li Gong, Roger Needham, Raphael Yahalom, "Reasoning About Beliefs in Crypto-graphic Protocols", In Proceedings of the 1990 IEEE Computer Society Symposium on Research in Security and Privacy, pp 238-48, IEEE Computer Society Press, Los Alamitos, CA , 1990

  • [GS99] Gritzalis, D. Spinellis, and P. Georgiadis.  Security Protocols over open networks and distributed systems: Formal methods for their analysis, design, and verification.  Computer Communications, 22(8): 695-707, May 1999.

  • [GSM98] Gregory, D.; Shi, Q.; Merabti, M., 'An Intrusion Detection System Based upon Autonomous Mobile Agents", pp. 586-591, 14th International conference on Information security, 1998 Aug : Vienna

  • [HAB00] John R. Hughes, Thomas Aura, and Matt Bishop, "Using Conservation of Flow as a Security Mechanism in Network Protocols",  2000 IEEE Computer Society Symposium on Security and Privacy, May 2000, pp. 132-41

  • [HFS98] S. Hofmeyr, S. Forrest, and A. Somayaji, "Intrusion Detection using Sequences of System Calls", Journal of Computer Security, 6:151-180, 1998

  • [HOAR78] C. A. R. Hoare, "Communicating Sequential Processes", Communications of the ACM, Vol 21, Number 8, Aug 1978, pp 666-677

  • [HPJ01] "Wormhole Detection in Wireless Ad Hoc Networks", Rice University Department of Computer Science, Technical Report TR01-384, December 17, 2001, Revised: June 15, 2002

  • [HWHM98] G. G. Helmer, J. S. K. Wong, V. Honavar, and L. Miller. "Intelligent agents for intrusion detection", In Proceedings, IEEE Information Technology Conference, pages 121-124, Syracuse, NY, September 1998.

  • [IKBS00] "Implementing a Distributed Firewall", [IKBS00] S. Ioannidis, A.D. Keromytis, S. Bellovin, and J.M. Smith, "Implementing a Distributed Firewall", Proceedings of the 7th ACM Conference on Computer and Communications Security, Nov 2000, pp 190-99

  • [Ilg93] K. Ilgun, "USTAT: A Real-time Intrusion Detection System for UNIX", Proceedings of the IEEE Symposium on Research on Security and Privacy, Oakland, CA, May 1993

  • [JGSW00] Y. Jou, F. Gong, C. Sargor, X. Wu, S. Wu, H. Chang, and F. Wang, "Design and Implementation of a Scalable Intrusion Detection System for the Protection of Network Infrastructure", DARPA Information Survivability Conference and Exposition 2000, Jan 25-27, 2000, Vol. 2, pp 69-83

  • [Jon78] Anita Jones, "Protection Mechanism Models: Their Usefulness", In Foundations of Secure Computation, 1978, pp. 237-252

  • [JOU00] Y. Jou, F. Gong, C. Sargor, X. Wu, S. Wu, H. Chang, and F. Wang, "Design and Implementation of a Scalable Intrusion Detection System for the Protection of Network Infrastructure", DARPA Information Survivability Conference and Exposition 2000, Jan 25-27, 2000, Vol. 2, pp 69-83

  • [Kem89] R. A. Kemmerer, "Using Formal Methods to Analyze Encryption Protocols," IEEE Journal on Selected Areas in Communications, vol.  7, mo.  4, pp.  448-457, May 1989

  • [KG91] Rajeshekar Kailar and Virgil D. Gligor, "On Belief Evolution in Authentication Protocols", In Proceedings of the Computer Security Foundations Workshop IV, PP 103-16, IEEE Computer Society Press, Los Alamitos, CA, 1991

  • [KH00] Michiharu Kudo and Satoshi Hada, "XML Document Security based on Provisional Authorization", Proceedings of the 7th ACM Conference on Computer and Communications Security, Nov 2000, pp 87-96

  • [KH97], A. P. Kosoresow and S. A. Hofmeyr, A Shape of Self for UNIX Processes, IEEE Software, Sept. 1997, pp. 35-42.

  • [KMM93] R. Kemmerer, C. Meadows, and J. Millen, ""Three Systems for Cryptographic Protocol Analysis", The Journal of Cryptology, Vol. 7, no. 2, 1993

  • [KS95] Sandeep Kumar and Eugene Spafford, "A Taxonomy of Common Computer Security Vulnerabilities Based on their Method of Detection", Technical Report, Purdue University, 1995

  • [KSW98] J. Kelsey, B. Schneier, and D. Wagner, "Protocol Interactions and the Chosen Protocol Attack", Security Protocols, 5th, International Workshop April 1997, Proceedings, Springer-Verlag, 1998, pp.91-104

  • [KYM02] Ladislav Kohout, Alec Yasinsac, and Ernest McDuffie, "Activity Profiles for Intrusion Detection", Proceedings of the North American Fuzzy Information Processing Society-Fuzzy Logic and the Internet (NAFIPS-FLINT 2002), New Orleans, LA, pp. 463-8, June 27-29, 2002, IEEE 02TH8622

  • [Lamp91] B.  Lampson, M.  Abadi, M.  Burrows, and E.  Wobber, 'Authentication in Distributed Systems: Theory and Practice', ASM OS Review, Vol 25, No.  5, Special Issue, Proceedings of the 13th Symposium on Operating System Principles, 13-16 Oct 1991, pp. 165-182

  • [LC00] Albert Levi and M. Ufuk Caglayan, "An Efficient Dynamic, and Trust Preserving Public Key Infrastructure", 2000 IEEE Computer Society Symposium on Security and Privacy, May 2000, pp. 203-214

  • [LFG00] R.P. Lippman, D.J. Fried, I.Graf, J.W. Haines, K.R. Kendall, D. McCllung, D. Weber, S.E. Webster, D. Wyschogrod, R.K. Cunningham, M.A. Zissman, "Evaluating Intrusion Detection Systems: The 1998 DARPA Off-line Intrusion Detection Evaluation", DARPA Information Survivability Conference and Exposition 2000, Jan 25-27, 2000, Vol. 2, pp 12-26

  • [LI97] Li, Behavioral Clustering and Statistical Intrusion Detection, Department of Computer Science, Florida State University, Master’s Thesis, spring 1997.

  • [LP99] Ulf Lindqvist and Phillip A. Porras, "Detecting Computer and Network Misuse Through the Production-Based Expert System Toolset (P-BEST)", 1999 IEEE Computer Society Symposium on Security and Privacy, pp 146-61

  • [LTG92] Lunt, Tamaru, Gilham, Jagannathan, Jalali, and Neumann, A Real-Time Intrusion-Detection Expert System (IDES), SRI International technical report number SRI-CSL-92-05, April 1992.

  • [Lowe95] Gavin Lowe, "An Attack on the Needham-Schroeder Public Key Authentication Protocol", Information Processing Letters, 56:131-133, 1995

  • [Lowe96] Gavin Lowe, "Breaking and Fixing the Needham-Schroeder Public Key Protocol Using FDR", In Proceedings of TACAS, Vol. 1055 of LNCS, pp 147-166, Springer-Verlag, 1996.

  • [Lowe98] Gavin Lowe, "Casper: A Compiler for the Analysis of Security Protocols", Journal of Computer Security, Volume 6, pp 53-84, 1998.

  • [Mar02] John Marshall, "An Analysis of SRP for Mobile Ad Hoc Networks", Poster Presentation, The 2002 International Multi-Conference in Computer Science, June 24-27, 2002

  • [MCF87] Millen, J.K., Clark, S.  C., and Freedman, S.  B.  "The interrogator: Protocol security analysis".  IEEE Trans.  Sofw.  eng.  SE-13, 2(Feb.  1987), pp.  274-288

  • [Mead91] Meadows, C., 'A System for the Specification and Analysis of Key Management Protocols'.  From 1991 IEEE Computer Society Symposium on Research in Security and Privacy, pp. 182-195.

  • [Mead95] Catherine Meadows, "Formal Verification of Cryptographic Protocols: A Survey," Advances in Cryptology - Asiacrypt '94, LNSC 917, Springer-Verlag, 1995, pp. 133-150

  • [Mead99] Catherine Meadows, "Analysis of the Internet Key Exchange Protocol using the NRL Protocol Analyzer", 1999 IEEE Comp Society Symposium on Security and Privacy, pp 216-34

  • [Mead99b] Catherine Meadows, "A Formal Framework and Evaluation Method for Network Denial of Service",  12th IEEE CSFW, Jun 28-30, 1999, Mordano, Italy

  • [MM01] J. Millen and Mueller, Cryptographic Protocol Generation from CAPSL, SRI Technical Report, SRI-CSL-01-07, December 1999, for NSF

  • [MN02] Catherine Meadows and Paliath Narendran, "A Unification Algorithm for the Group Diffie-Hellman Protocol", Workshop on Issues in the Theory of Security (in conjunction with POPL'02), Portland, Oregon, USA, January 14-15, 2002

  • [MON99] David Monniaux, "Decision Procedures for the Analysis of Cryptographic Protocols by Logics of Belief", 12th IEEE Computer Security Foundations Workshop,  June 28-30, 1999, Mordano, Italy

  • [Mos89] L.  Moser, 'A Logic of Knowledge and Belief for Reasoning about Computer Security' in Proc of the Computer Security Foundations Workshop II, Washington (IEEE), 1989, pp. 57-63

  • [Mo97] Tim Moses, "Limits to the Scale of a public Key Infrastructure", Proceedings of PKS 97, April 27-30, 1997

  • [MWZ00] Alain Mayer, Avishai Wool, and Elisha Ziskind, "Fang: A Firewall Analysis Engine", 2000 IEEE Computer Society Symposium on Security and Privacy, May 2000, pp. 177-187

  • [MY01] Yanet Manzano and Alec Yasinsac, "Policies to Enhance Computer and Network Forensics", The 2nd Annual IEEE Systems, Man, and Cybernetics Information Assurance Workshop, held at the United States Military Academy, June 2001

  • [Ness89] D. M. Nessett, 'Layering Central Authentication on Existing Distributed System Terminal Services', From 1989 IEEE Computer Society Symp on Sec and Pri, pp. 290-9.

  • [Ness90] D.  Nessett, 'A Critique of the Burrows, Abadi, and Needham Logic', ACM Operating Systems Review, vol.  24, no.  2, April 1990, pp. 35-38

  • [NIST01] National Institute of Standards, Federal Register Announcement, Vol. 66, No. 40, Draft Federal Information Processing Standard (FIPS) for the Advanced Encryption Standard (AES), February 28, 2001, http://csrc.nist.gov/encryption/aes/draftfips/fr-AES-200102.html

  • [NP99] Peter G. Neumann and Phillip A. Porras, "Experience with EMERALD to DATE", 1st USENIX Workshop on Intrusion Detection and Network Monitoring, Santa Clara, California, 11-12 April 1999, pages 73--80, http://www.csl.sri.com/neumann/det99.html

  • [NS78]  Roger M. Needham, Michael D. Schroeder, "Using Encryption for Authentication in Large Networks of Computers", Communic the ACM December 1978 vol. 21 #12, pp. 993-999

  • [NS87] Needham, R.M.  & Schroeder, M.D., 'Authentication Revisited', ACM Operating Systems Review, Vol.  21, No.  1, January 1987.

  • [Opp99]  R. Oppliger. Security issues related to mobile code and agent-based systems. pp. 1165-1170. Computer Communications, Vol. 22, No. 12 (July 1999)

  • [OTWY87] Otwy, D., and Rees, O.  'Efficient and timely mutual authentication'.  Operating Systems Review 21, 1(Jan. 1987), pp. 8-10

  • [Pan99] Susan Pancho, "Protocols", Proceedings of the New Security Paradigms Workshop", Sept. 1999

  • [Paul99] Lawrence C. Paulson, "Proving Security Protocols Correct"', in IEEE Symposium on Logic in Computer Science, Trento, Italy (1999), pp 370-81

  • [Paul99b] Lawrence C. Paulson, "Inductive analysis of the Internet protocol TLS", ACM Transactions on Computer and System Security 2 3 (1999), 332-351

  • [Paul98] L. C. Paulson, "The Inductive Approach to Verifying Cryptographic Protocols", Journal of Computer Security, 6:85-128, 1998

  • [PCOM97] Puketza, Chung, Olsson, and Mukherjee, Software platform for testing intrusion detection systems, Univ. of California, IEEE Software v 14 n 5 Sep-Oct 1997 IEEE Los Alamitos CA USA p 43-51. [SONG99] Dawn Xiaodong Song, "Athena: A New Efficient Automatic Checker for Security Protocol Analysis ", 12th IEEE Computer Security Foundations Workshop,  June 28-30, 1999, Mordano, Italy

  • [PN97] P. Porras and P. Neumann, "EMERALD: Event Monitoring Enabling Responses to Anomalous Live Disturbances", 20th NISSC, October 9 1997

  • [Ros97] A. W. Roscoe, "The Theory and Practice of Concurrency", Prentice Hall, 1997

  • [RSA78] R.L Rivest, A. Shamir, L. M. Adleman, "A Method for Obtaining Digital Signatures and Public Key Cryptosystems", CACM, Vol. 21, No. 2, Feb 1978, pp. 120-126

  • [SDSI] Ron Rivest, Butler Lampson, "SDSI-Asimple Distributed Security Infrastructure"; see http://theory.lcs.mit.edu/~cis/sdsi.html

  • [Sie99] Robert Sielken, "Application Intrusion Detection", Masters Thesis, Department of Computer Science, University of Virginia, May 1999

  • [SMH01] Fred Schneider, Greg Morrisett, and Robert Harper, "A Language-Based Approach to Security", Informatics-10 Years Back, 10 Years Ahead, Lecture Notes in Computer Science, Vol. 2000, Springer-Verlag, Heidelberg

  • [Snek91] Snekkenes, E., 'Exploring the BAN Approach to Protocol Analysis'. From 1991 IEEE Computer Society Symposium on Research in Security and Privacy, pp. 171-181.

  • [Song99] Dawn Xiaodong Song, "Athena: A New Efficient Automatic Checker for Security Protocol Analysis", 12th IEEE CSFW, Jun 28-30, 99, Mordano, Italy

  • [SSG97] Shieh, Shiuh-Pyng, and Gligor, On a pattern-oriented model for intrusion detection, Natl. Chiao Tung Univ., IEEE Transactions on Knowledge and Data Engineering v 9 n 4 Jul-Aug 1997 IEEE Los Alamitos CA USA p 661-667.

  • [SSL96]  Transport Layer Security Working Group, Alan O. Freier, INTERNET-DRAFT Netscape Communications, Philip Karlton, Netscape Communications, Paul C. Kocher, Independent Consultant, November 18, 1996,  The SSL Protocol, Version 3.0

  • [ST98] T. Sander, C. Tschudin, "Protecting Mobile Agents against Malicious Hosts", Lecture Notes in Computer Science, Special Issue on Mobile Agents, Edited by G. Vigna, 1998

  • [STW00] Michael Steiner, Gene Tsudik, & Michael Waidner, "Key Agreement in Dynamic Peer Groups", IEEE Trans on Parallel and Dist Systems", Vol. 1 No. 8 (Aug 2000): pp 769-80

  • [STW96] Steiner, M., Tsudik, G. and Waidner, M. (1996) Diffie-Hellman key distribution extended to group communication", In Proc. 3rd ACM Conf. on Computer and Communications Security, New Dehli, India, 14-16 May 1996, pp. 31-7

  • [SVO94] P. Syverson, and P.C. van Oorshot, "On Unifying Some Cryptographic Protocol Logics", in Proc of 1994  IEEE Computer Society Symposium on Security and Privacy, May 16-18 1994

  • [Syv92] Syverson, P., 'Knowledge, Belief, and Semantics in the Analysis of Cryptographic Protocols', Journal of Computer Security 1 (1992), pp 317-334

  • [Syv93a] Syverson, P., 'Adding Time to a Logic of Authentication', Proceedings of the First ACM Conference on Computer and Communications Security (Fairfax VA, Nov 3-5).

  • [Syv94] Paul Syverson, ``A Taxonomy of Replay Attacks,'' Proceedings of the Computer Security Foundations Workshop VII, Franconia NH, 1994 IEEE CS Press (Los Alamitos, 1994)

  • [Syv98] Syverson, Paul. "Weakly Secret Bit Commitment: Applications to Lotteries and Fair Exchange", Proceedings of the 1998 IEEE Computer Security Foundations Workshop (CSFW11), Rockport Massachusetts, June 1998

  • [TH99]  W. Tzeng and C. Hu, "Inter-Protocol Interleaving Attacks on Some Authentication and Key Distribution Protocols", Information Processing Letters, 69(6):297-302, March 1999

  • [THG98] F. Thayer, J.C. Herzog, and J.D. Guttman, "Strand Spaces: Why is a Security Protocol Correct?" In Proceedings of 1998 IEEE Symposium on Security and Privacy, 1998

  • [Tja97] Brett Tjaden, "A Method for Examining Cryptographic Protocols"  University of Virginia Dissertation, Jan 1997

  • [TLS]  The TLS (Transport Layer Security) Protocol, Version 1.0.  RFC 2246

  • [VEK00] Giovanni Vigna, Steve Eckmann, and Richard Kemmerer, "The STAT Tool Suite" in The DARPA Information Survivability Conf and Exposition, Jan 2000, V.2, pp 46-55

  • [VK99] Vigna and Kemmerer, "NetSTAT: A Network-based Intrusion Detection System "Journal of Computer Security",  Volume 7, Issue 1, 1999

  • [Wayn00] "Attacks on Encryption Code Raise Questions About Computer Vulnerability", Wayner, Peter, New York Times (01/05/00) P. C2

  • [WD00] "Red Teaming of Advanced Information Assurance Concepts", B. Wood and R. Duggan, DARPA Information Survivability Conference and Exposition 2000, Jan 25-27, 2000, Vol. 2, pp 112-118

  • [WFP99] C. Warrender, S. Forrest, and B. Pearlmutter, "Detecting Intrusions Using System Calls: Alternative Data Models", IEEE Symposium on Research in Security and Privacy, Oakland, 1999, pp 133-145

  • [WLM00] Rebecca Wright, Patrick Lincoln, and Jon Millen, "Efficient Fault-Tolerant Certificate Revocation", Proceedings of the 7th ACM Conference on Computer and Communications Security, Nov 2000, pp 19-24

  • [WS96] Wagner, D. and Snyder, "Analysis of the SSL 3.0 Protocol", In D. Tygar, Editor, USENIX Workshop on Electronic Commerce, 1996, pp 29-40, USENIX Association

  • [WYOP94] Wm. A. Wulf, Alec Yasinsac, Katie S. Oliver, and Ramesh Peri, "Remote Authentication Without Prior Shared Knowledge", Proceedings of the Internet Society Symposium on Network and Distributed System Security, February 2-4, 1994, San Diego, Ca., pp. 159-164

  • [WYOP93] Wm. A. Wulf, Alec Yasinsac, Katie S. Oliver, and Ramesh Peri, "A Technique for Remote Authentication", University of Virginia Technical Report, CS-93-37, December 22, 1993

  • [Yah02] Raphael Yaholm, "Delegated Enforcement in Secure Protocols", Workshop on Issues in the Theory of Security (in conjunction with POPL'02), Portland, Oregon, USA, Jan 14-15, 2002

  • [Yas02] Alec Yasinsac, "An Environment for Security Protocol Intrusion Detection", Journal of Computer Security, Vol. 10, pp. 177-88, No. 1-2, 2002

  • [Yas01b] Alec Yasinsac, "Information Security Curricula in Computer Science Departments: Theory and Practice," 5th National Colloquium for Information Systems Security Education 2001: A Security Odyssey, May 22-24, 2001, George Mason University

  • [Yas00] Alec Yasinsac, "Active Protection for Secure Security Services", Florida State University, Computer Science Technical Report TR 000101, Jan 00

  • [Yas00b] Alec Yasinsac, "Dynamic Analysis of Security Protocols", Proceedings of the New Security Paradigms Workshop 2000, August, 2000.

  • [Yas00c] Alec Yasinsac, "Detecting Intrusions in Security Protocols", Proceedings of the First Workshop on Intrusion Detection, held inconjunction with 7th ACM Conference on Computer and Communication Security, Athens Greece, Nov 1-4 2000.

  • [Yas96] Alec Yasinsac, "Evaluating Cryptographic Protocols:, Ph.D. Dissertation, University of Virginia, Jan 1996

  • [YD02] Alec Yasinsac and James A. Davis, "Modeling Protocols for Secure Group Communication in AdHoc Networks" Tenth International Workshop on Security Protocols, Cambridge, UK, Apr 17-19, 2002, LNCS

  • [YD02b] Alec Yasinsac and James A. Davis ( Iowa State University ) , "Modeling Protocols for Secure Group Communication in AdHoc Networks" FSU Computer Science Department Technical Report TR 020302 March 2002

  • [YFB02] Alec Yasinsac, Jenny Frazier, and Marion Bogdonav, "Developing an Academic Security Laboratory", 6th National Colloquium for Information Systems Security Education 2002, June 3-7, 2002, Microsoft Headquarters, Redmon, Washington.

  • [YM02] Alec Yasinsac and Yanet Manzano, "Honeytraps, A Network Forensic Tool", Proceedings of The 6th World Multi-Conference on Systemics, Cybernetics, and Informatics (SCI 02), July 15-19, 2002

  • [YR01] Alec Yasinsac and Michael P. Runy, "The Weakest Procondition Protocol Analysis Environment", FSU Computer Science Technical Report #TR010601

  • [YW01] Alec Yasinsac and Wm. A. Wulf, "A Framework for A Cryptographic Protocol Evaluation Workbench", The International Journal of Reliability, Quality and Safety Engineering (IJRQSE), Vol. 8 No. 4, December 01, 2001, pp 373-389

  • [YW99] Alec Yasinsac and Wm. A. Wulf, "A Framework for A Cryptographic Protocol Evaluation Workbench", Proceedings of the Fourth IEEE International High Assurance Systems Engineering Symposium (HASE99), Washington D.C., Nov. 1999

  • [YW96] Alec Yasinsac and Wm. A. Wulf, "Using Weakest Preconditions to Evaluate Cryptographic Protocols", Cambridge Workshop on Security Protocols, March 1996

  • [YW93] Yasinsac, Alec; Wulf, William A, "Evaluating Cryptographic Protocols", University of Virginia Technical Report, CS-93-66, December 22, 1993

  • [YW93b] Yasinsac, Alec; Wulf, William A, "A Formal Semantics for Evaluating Cryptographic Protocols", University of Virginia Technical Report, CS-93-53, September 29, 1993

  • [ZHOU99] Zhou, J., "Fixing of security flaw in IKE protocols", Electronics Letters, Volume 35, Issue 13, 1999, Pages 1072-1073

  • [Zim95] Phil Zimmermann, "The Official PGP User's Guide", Cambridge, MA.: MIT Press, 1995 (second printing).