Archive

Monthly Archives: July 2012

[Next update 8/10/12]

  • Australia. Attorney General’s Office. (2012, July). Equipping Australia against emerging and evolving threats. [Read].
  • Binney, W. (2012, July 2). [Sworn declaration of former NSA technical director and whistleblower William Binney in Jewel vs. NSA]. [Read]
  • Bojinov, H., Sanchez, D., Reber, O., Boneh, D., & Lincoln, P. (2012). Neuroscience meets cryptography: Designing crypto primitives secure against rubber hose attacks. Paper to be presented at the 21st Usenix Security Forum. [Read]
  • Chaki, S, Vasudevan, A., Jia, L., McCune, J., & Datta, A. (2012, July 16). Design, development, and automated verification of an integrity-protected hypervisor [Carnegie Mellon CyLab]. [Read]
  • Guess, M. (2012, July 19). Senate introduces revised version of the Cybersecurity Act of 2012. Ars Technica. [Read]
  • 2012 Symposium on System Usability and Privacy (2012, July 11-13). [Full text of selected papers]:
  • Kaspersky Labs. (2012, July 17). The Madi campaign – part 1. [Read]
  • Krebs, B. (2012, July 19). Top spam botnet “Grum” unplugged. Krebs on Security. [Read]
  • Metz, C. (2012, July 17). NSA mimics Google, pisses off Senate. Wired. [Read]
  • Ognigen, V., Cheong, K., Gyorgy, D., & Henrik, S. (2012). Network-aware mitigation of data integrity attacks on power system state estimation. IEEE Journal on Selected Areas in Communications. [Abstract / Request]
  • O’Harrow, R., Jr. (2012, July 12). Tridium’s Niagara Framework: Marvel of connectivity illustrated new cyber risks. Washington Post. [Read – missed this one last week]
  • Palazzolo, J. (2012, July 19). Cyberthieves hit owners; courts extend legal protection to small firms whose accounts were hacked. Wall Street Journal. [Read]
  • Panda, G. M., Abraham, A., & Patra, M. R. (2012). Hybrid intelligent systems for detecting network intrusions. [preprint]. Security and Communication Networks. [Abstract / Request]
  • Protalinski, E. (2012, July 17). Android malware numbers explode to 25,000 in June 2012. ZDNet. [Read]
  • United States. Senate. Committee on Energy and Natural Resources. (2012, July 17). Cybersecurity and the grid [hearing]. [Watch / Transcripts: 1234 / Analysis]
Advertisements
  • Aldwairi, M., Khamayseh, Y., & Al-Masri, M. (2012). Application of artificial bee colony for intrusion detection systems [preprint]. Security and Communication Networks. [Abstract Request]
  • Bertoncini. C., Rudd, K., Nousain, B., & Hinders, M. (2012). Wavelet-fingerprinting of radio frequency identification (RFID) tags. IEEE Transactions on Industrial Electronics. [Abstract / Request]
  • Choudary, O., Grobert, F., & Metz, J. (2012). Infiltrate the vault: Security analysis and decryption of Lion full disk encryption. [Read]
  • Choy, J., Yap, H., Khoo, K., Guao, J., Peyrin, T., Poschmann, A., & Tan, C. H. (2012). SPN-Hash: Improving the provable resistance against differential collision attacks. [Read]
  • Clayton, M. (2012, July 9). DNSChanger cutoff more whimper than bang. Christian Science Monitor. [Read]
  • Franceschi-Bicchierai, L. (2012, July 6). Drone hijacking? That’s just the start of GPS troubles. Wired. [Read]
  • Gupta, M., & Sharman, R. (2012). Determinants of data breaches: A categorization-based empirical approach. Journal of Applied Security Research. [Abstract / Request]
  • Huang, Y., Lin., W., & Li, H. (2012). Efficient implementation of RFID mutual authentication protocol. IEEE Transactions on Industrial Electronics. [Abstract / Request]
  • Khalid, O., Khan, S. U., Madani, K. H., Khan, M. I., Nasro, M., Kolodziej, J. . . . Chen, D. (2012). Comparative study of trust and reputation systems for wireless sensor networks [preprint]. Security and Communication Networks. [Abstract / Request]
  • Khan, M. K., & He, D. (2012). A new dynamic identity-based authentication protocol for multi-server environment using elliptic curve cryptography. [preprint]. Security and Communication Networks. [Abstract Request]
  • Li, X., He, K., Feng, Z., & Xu, G. (2012). Unified threat model for analyzing and evaluating software threats [preprint]. Security and Communication Networks. [Abstract Request]
  • Li, X., Zhang, Y., & Zhang, G. (2012). A new certificateless authenticated key agreement protocol for SIP with different KGCs. [preprint]. Security and Communication Networks. [Abstract / Request]
  • Lichtblau, E. (2012, July 9). More demands on cell carriers in surveillance. New York Times. [Read]
  • Passki, J., & Ritter, T. (2012). An adaptive-ciphertext attack against “I ⊕ C” block cipher modes with an oracle. [Read]
  • Pearson, S. (2012, June 28). Privacy, security, and trust in cloud computing [Hewlett Packard Labs]. [Read]
  • Samara, G. (2012). A new security mechanism for vehicular communication networks. Paper presented at the 2012 International Conference on Cyber Security, CyberWarfare and Digital Forensic [sic]. [Read]
  • Schneier, B. (2012). Liars and outliers: Enabling the trust that society needs to thrive. Hoboken, NJ: John Wiley and Sons. [Full text now available in Safari Books Online database].
  • Shi, W., Yao, M., & Corriveau, J. (2012). Resilient secure localization and detection of colluding attackers in WSNs. Paper presented at the 11th International Ad-hoc, Mobile, and Wireless Networks Conference. [Abstract / Request]
  • 17th Australasian Information Security and Privacy Conference (2012, July 9-11) – papers presented [Request / Abstracts]:
  • Vinayakray-Jani, P., & Sanyal, S. (2012). Security architecture for cluster based ad hoc networks. [Read]
  • Wang, D., Ma, C., & Wu, P. (2012). Secure password-based remote user authentication scheme with non-tamper resistent smart cards. [Read]
  • Yonts, J, (2012, June 30). Attributes of malicious files [SANS]. [Read]
  • Zarai, F., Daly, I., Obidat, M. S., & Kamoun, L. (2012). Secured and fast handoff in wireless mesh networks [preprint]. Security and Communication Networks. [Abstract / Request]
  • Allure Security Technology. (2011, November 9). Final report: Anomaly detection at multiple scales (ADAMS) [DARPA-sponsored research on seeding disinformation in military networks to detect insider threats]. [Read / Analysis]
  • Android Malware Genome Project. (2012, July 2). Clickjacking rootkits for Android. [Watch].
  • Baggett, M. (2012, May). IP fragment reassembly with scapy [SANS]. [Read]
  • Belz, A. (2012, July 3). Insulin pump hacker, medical device maker come to the table. Bloomberg News. [Read]
  • DeMarco, D. (2012, May). Exploiting Financial Information Exchange (FIX) protocol? [SANS]. [Read]
  • 11th Annual Workshop on the Economics of Information Security (2012, June 25-26) [Full text of selected papers]:
    • Empirical Analysis of Data Breach Litigation. [Read]
    • Is Patient Data Better Protected in Competitive Healthcare Markets? [Read]
    • The Privacy Economics of Voluntary Over-disclosure in Web Forms. [Read]
    • Security Resources, Capabilities and Cultural Values: Links to Security Performance and Compliance. [Read]
    • Software Security Economics: Theory, in Practice. [Read]
    • Sectoral and Regional Interdependency of Japanese Firms under the Influence of Information Security Risks. [Read]
    • Why do Nigerian Scammers Say They are From Nigeria? [Read]
    • Analysis of eCrime in Crowd-sourced Labor Markets: Mechanical Turk vs. Freelancer.[Read]
    • Can We Afford Integrity by Proof-of-Work? Scenarios Inspired by the Bitcoin Currency. [Paper]
    • Measuring the Cost of Cybercrime. [Read]
    • A Closer Look at Information Security Costs. [Read]
    • IT Security Investment and Gordon-Loeb’s 1/e Rule. [Read]
    • Who Sometimes Violates the Rule of the Organizations? An Empirical Study on Information Security Behaviors and Awareness. [Read]
    • To Invest or Not to Invest? Assessing the Economic Viability of a Policy and Security Configuration Management Tool. [Read]
    • Online Promiscuity: Prophylactic Patching and the Spread of Computer Transmitted Infections. [Read]
    • Contagion in Cybersecurity Attacks. [Read]
    • The Effect of Fraud Investigation Cost on Pay-Per-Click Advertising. [Read]
    • Ad-blocking Games: Monetizing Online Content Under the Threat of Ad Avoidance. [Read]
    • Choice Architecture and Smartphone Privacy: There’s a Price for That. [Read]
    • Would You Sell Your Mother’s Data? Personal Data Disclosure in a Simulated Credit Card Application. [Read]
  • European Network and Information Security Agency. (2012, June 28). Incentives and barriers of the cyber insurance market in Europe. [Read]
  • 5th International Congress on Cryptology in Africa (2012, July 10-12) – papers presented [Request / Abstracts]:
  • Fischer, E. A. (2012, July 29). Federal laws relating to cybersecurity: Discussion of proposed revisions [Congressional Research Service]. [Read]
  • Fisher, D. (2012, July 3). Twitter transparency report shows huge interest from U.S. law enforcement. threatpost. [Read / Twitter Transparency Report]
  • Golić, J. D. (2012). A new authentication model for ad hoc networks [preprint]. International Journal of Information Security. [Abstract / Request]
  • Grobler, M., & van Vuuren, J. J. (2012). Collaboration as proactive measure against cyber warfare in South Africa. African Security Review. [Read]
  • Kaspersky Labs. (2012, July 5). Find and Call: Leak and spam [iOS malware distributed by Apple App Store]. [Read]
  • Kondacki, S. (2012). Intelligent network security assessment with modeling and analysis of attack patterns. Security and Communication Networks [preprint]. [Abstract / Request]
  • Kumar, C. A. (2012). Designing role-based access control using formal concept analysis. Security and Communication Networks [preprint]. [Abstract / Request]
  • Malek, B., & Ali, M. (2012). Chaotic masking for securing RFID systems against relay attacks. Security and Communication Networks [preprint]. [Abstract / Request]
  • Norton, Q. (2012, July 3). How Anonymous picks targets, launches attacks, and takes powerful organizations down. Wired. [Read]
  • Phan, R. C-W. (2012). Authenticated modbus protocol for critical infrastructure protection. IEEE Transactions on Power Delivery. [Abstract / Request]
  • Pubby, M. (2012, July 1). China hackers enter Navy computers, plant bug to extract sensitive data. Indian Express. [Read]
  • 6th Trustworthy Global Computing International Symposium (2012, June 9-10) – papers presented [Request / Abstracts]:
  • Ryu, E., & Yoo, K. (2012). Certificateless broadcast authentication for vehicular ad hoc networks. Security and Communication Networks [preprint]. [Abstract / Request]
  • Schneier, B. (2012, July 2). How to break into security, Schneier edition. [Advice from Bruce Schneier on how to become a computer security professional]. Krebs on Security. [Read]
  • Sqalli, M. H., Firdous, S. N., Salah, K., & Abu-Amara, M. (2012). Classifying malicious activity in Honeynets using entropy and volume-based thresholds. Security and Communication Networks [preprint]. [Abstract / Request]
  • United States. Government Accountability Office. (2012, June 29). Critical infrastructure protection: DHS could better manage security surveys and vulnerability assessments. [Read]
  • Wang, X., Zhang, L., Deokar, A., & Liang, Q. (2012). Enhanced security and reliability with MIMO communications for smart grid.  Security and Communication Networks [preprint]. [Abstract / Request]
  • Zetter, K. (2012, July 5). DNSChanger malware could strand thousands when domains go dark on Monday. Wired. [Read]