Search For:

Displaying 1-21 out of 21 total
How Not to Be Seen
Found in: IEEE Security and Privacy
By Richard Ford, William H. Allen
Issue Date:January 2007
pp. 67-69
In this column, the authors take a look at stealth from both a historical and a technological perspective. This is a hugely important topic, for if an unwanted computer program can't be seen, it can't be eliminated.
Protecting Me
Found in: IEEE Security & Privacy
By Richard Ford,Marco Carvalho
Issue Date:January 2014
pp. 80-82
This article explores the many layers of defense that are present on a home user's machine. Starting with the hardware and ending with the Web browser, different defensive techniques are outlined, and the breadth of defenses explored. Finally, the co-evolu...
Authorship Is Continuous: Managing Code Plagiarism
Found in: IEEE Security & Privacy
By Ian Koss,Richard Ford
Issue Date:March 2013
pp. 72-74
Code plagiarism is an increasing problem in computer science courses. To deal with this problem, the Vipassana software tool gives instructors improved visibility into their students' programming process.
Results-oriented security
Found in: Malicious and Unwanted Software, International Conference on
By Matt Bishop,Richard Ford,Marco Ramilli
Issue Date:October 2011
pp. 42-49
Current security practice is to examine incoming messages, commands, data, and executing processes for attacks that can then be countered. This position paper argues that this practice is counterproductive because the number and variety of attacks are far ...
Building a Better Boot Camp
Found in: IEEE Security and Privacy
By Richard Ford, Deborah A. Frincke
Issue Date:January 2010
pp. 68-71
The field of security is vast, and the temptation is to keep adding to the collection of topics we consider to be basic. However, such an approach is inefficient. This installment focuses on Basic Training's underlying mission. In particular, it explores t...
Malware Shall Greatly Increase .
Found in: IEEE Security and Privacy
By Richard Ford, William H. Allen
Issue Date:November 2009
pp. 69-71
Malware continues to be a problem for computers worldwide, but measuring the severity of the threat remains difficult. In this paper, we explore how the rise of auto-generated Trojan horses has made measuring the real scope of the problem difficult, and ho...
Generic Danger Detection for Mission Continuity
Found in: Network Computing and Applications, IEEE International Symposium on
By Richard Ford, William Allen, Katherine Hoffman, Attila Ondi, Marco Carvalho
Issue Date:July 2009
pp. 102-107
Mobile Ad-hoc Networks (MANETs) have become the environment of choice for providing edge connectivity to mobile forces. In particular, next-generation military systems leverage MANET technology to provide information assets to troops. However, MANETs face ...
How Not to Be Seen II: The Defenders Fight Back
Found in: IEEE Security and Privacy
By Richard Ford, William H. Allen
Issue Date:November 2007
pp. 65-68
In a previous column (
Network Distribution of Security Policies via Ant-like Foraging Behavior
Found in: Internet and Web Applications and Services, International Conference on
By Attila Ondi, Ronaldo Menezes, Richard Ford
Issue Date:May 2007
pp. 64
The amount of media time given to computer security breaches added to a general culture of emphasizing problems rather than solutions make it appear, in many ways, that researchers in computer security are loosing the battle against attackers. Furthermore,...
How to Think about Security
Found in: IEEE Security and Privacy
By James A. Whittaker, Richard Ford
Issue Date:March 2006
pp. 68-71
Learning how to think about security means adopting a different mindset than we've had in the past. As a community, software developers have been thinking too much like
Highlights from the 2005 New Security Paradigms Workshop
Found in: Computer Security Applications Conference, Annual
By Simon Simon Foley, Abe Singer, Michael E. Locasto, Stelios Sidiroglou, Angelos D. Keromytis, John McDermott, Julie Thorpe, Paul van Oorschot, Anil Somayaji, Richard Ford, Mark Bush, Alex Boulatov
Issue Date:December 2005
pp. 393-396
This panel highlights a selection of the most interesting and provocative papers from the 2005 New Security Paradigms Workshop. This workshop was held September 2005 - the URL for more information is The panel consists of authors of th...
Malcode Mysteries Revealed
Found in: IEEE Security and Privacy
By Richard Ford
Issue Date:May 2005
pp. 72-75
In this installment of Basic Training, we examine self-replicating code and its associated challenges. The aim is to help demystify the topic as well as stimulate new research in a frequently mistreated subject. This is not overly ambitious in a short arti...
The Wrong Stuff?
Found in: IEEE Security and Privacy
By Richard Ford
Issue Date:May 2004
pp. 86-89
Virus-detection technology is based on fairly simple rules, and researchers and industry developers have done much hard work. The author examines virus detection?s state of the art and highlight some of its shortcomings. I believe that as a community we ne...
Towards an ethical code for information security?
Found in: Proceedings of the 2008 workshop on New security paradigms (NSPW '08)
By Brian D. Snow, Richard Ford, Richard Thieme, Steven J. Greenwald
Issue Date:September 2008
pp. 85-91
Most computer scientists reflexively reject the idea of a malicious universe due to its conflict with the dominant scientific paradigm of a non-teleological impartially disinterested universe. While computer scientists might not view the universe as benign...
All your base are belong to US
Found in: Proceedings of the 2012 workshop on New security paradigms (NSPW '12)
By Liam M. Mayron, Richard Ford
Issue Date:September 2012
pp. 105-114
In this paper we examine an important example of where a decision designed to improve security has quite the opposite effect due to the longevity of the decision's side effects. The primary example we use to illustrate our point is the deliberate obfuscati...
Resilience is more than availability
Found in: Proceedings of the 2011 workshop on New security paradigms workshop (NSPW '11)
By Liam M. Mayron, Marco Carvalho, Matt Bishop, Richard Ford
Issue Date:September 2011
pp. 95-104
In applied sciences there is a tendency to rely on terminology that is either ill-defined or applied inconsistently across areas of research and application domains. Examples in information assurance include the terms resilience, robustness and survivabili...
Modeling malcode with Hephaestus: beyond simple spread
Found in: Proceedings of the 45th annual southeast regional conference (ACM-SE 45)
By Attila Ondi, Richard Ford
Issue Date:March 2007
pp. 379-384
Realistic modeling of worm spread is crucial if we wish to predict the real-world efficacy of different worm counter-measures. Ideally, such modeling should be able to handle different types of malcode, multiple defenses, and realistic network topologies a...
Open vs. closed: which source is more secure?
Found in: Queue
By Richard Ford
Issue Date:February 2007
pp. 32-38
There is no better way to start an argument among a group of developers than proclaiming Operating System A to be "more secure" than Operating System B. I know this from first-hand experience, as previous papers I have published on this topic have led to r...
Cent, five cent, ten cent, dollar: hitting botnets where it really hurts
Found in: Proceedings of the 2006 workshop on New security paradigms (NSPW '06)
By Richard Ford, Sarah Gordon
Issue Date:September 2006
pp. 3-10
Spyware, Adware, Bots. In each case, there is significant evidence that there is an increasing financial motivation behind the writing and distribution of these programs. In this paper, the concept of using our knowledge of these financial motivators to co...
Internet instability and disturbance: goal or menace?
Found in: Proceedings of the 2005 workshop on New security paradigms (NSPW '05)
By Alex Boulatov, Mark Bush, Richard Ford
Issue Date:September 2005
pp. 3-8
Self-replicating code has become an unfortunate part of today's online environment. Viruses and worms have the ability to become pandemic within minutes of first release, and our protection systems are primarily reactive in nature. Thus, there is little or...
Perfect Storm: The Insider, Naivety, and Hostility
Found in: Queue
By Herbert H Thompson, Richard Ford
Issue Date:June 2004
pp. 58-65
The 2,167-mile Appalachian Trail stretches continuously from Georgia to Maine, thanks in part to rights-of-way that grant the hiking trail access through property that might otherwise remain under the control of thousands of individual landowners. Imagine ...