Search For:

Displaying 1-18 out of 18 total
Case Studies of an Insider Framework
Found in: Hawaii International Conference on System Sciences
By Matt Bishop, Sophie Engle, Sean Peisert, Sean Whalen, Carrie Gates
Issue Date:January 2009
pp. 1-10
Much of the literature on insider threat assumes, explicitly or implicitly, a binary, perimeter-based notion of an insider. However, it is generally accepted that this notion is unrealistic. The Attribute-Based Group Access Control (ABGAC) framework is a g...
   
Vote Selling, Voter Anonymity, and Forensic Logging of Electronic Voting Machines
Found in: Hawaii International Conference on System Sciences
By Sean Peisert, Matt Bishop, Alec Yasinsac
Issue Date:January 2009
pp. 1-10
Much recent work has focused on the process of auditing the results of elections. Little work has focused on auditing the e-voting systems currently in use. The facilities for doing the former include the voter-verified paper audit trail; unfortunately, th...
   
Toward Models for Forensic Analysis
Found in: Systematic Approaches to Digital Forensic Engineering, IEEE International Workshop on
By Sean Peisert, Matt Bishop, Sidney Karin, Keith Marzullo
Issue Date:April 2007
pp. 3-15
The existing solutions in the field of computer forensics are largely ad hoc. This paper discusses the need for a rigorous model of forensics and outlines qualities that such a model should possess. It presents an overview of a forensic model and an exampl...
 
Reflections on the 30th Anniversary of the IEEE Symposium on Security and Privacy
Found in: 2010 IEEE Symposium on Security and Privacy (SP)
By Peter G. Neumann,Matt Bishop,Sean Peisert,Marv Schaefer
Issue Date:May 2010
pp. 3-13
This article is a retrospective of concepts and people who have contributed significantly to the IEEE Symposium on Security and Privacy over the past 30 years. The authors identify many individuals who have contributed to SSP as program chairs, general cha...
 
Designed-in Security for Cyber-Physical Systems
Found in: IEEE Security & Privacy
By Sean Peisert,Jonathan Margulies,David M. Nicol,Himanshu Khurana,Chris Sawall
Issue Date:September 2014
pp. 9-12
An expert from academia, one from a cyber-physical system (CPS) provider, and one from an end asset owner and user offer their different perspectives on the meaning and challenges of "designed-in security." The academic highlights foundational is...
 
Hybrid Control Network Intrusion Detection Systems for Automated Power Distribution Systems
Found in: 2014 44th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)
By Masood Parvania,Georgia Koutsandria,Vishak Muthukumary,Sean Peisert,Chuck McParland,Anna Scaglione
Issue Date:June 2014
pp. 774-779
In this paper, we describe our novel use of network intrusion detection systems (NIDS) for protecting automated distribution systems (ADS) against certain types of cyber attacks in a new way. The novelty consists of using the hybrid control environment rul...
 
Security and Elections
Found in: IEEE Security & Privacy
By Matt Bishop,Sean Peisert
Issue Date:September 2012
pp. 64-67
University of California, Davis educators teach numerous computer security classes for undergraduate majors and nonmajors and for graduate students. These classes have used elections, and electronic-voting systems, both as lecture material and in class pro...
 
Panel: Technical, Social and Legal Frameworks for Digital Forensics and CyberInfrastructure Security
Found in: Systematic Approaches to Digital Forensic Engineering, IEEE International Workshop on
By Jean West, Ulf Lindqvist Peter J. Vasquez, Michael Losavio, Sean Peisert
Issue Date:May 2009
pp. 97-98
A systematic approach to digital forensic engineering acknowledges the close, intertwine relationship between digital forensics and information security. Just as their technical structures are interrelated, so, too, are issues relating to legal and social ...
 
Computer Forensics in Forensis
Found in: Systematic Approaches to Digital Forensic Engineering, IEEE International Workshop on
By Sean Peisert, Matt Bishop, Keith Marzullo
Issue Date:May 2008
pp. 102-122
Different users apply computer forensic systems, models, and terminology in very different ways. They often make incompatible assumptions and reach different conclusions about the validity and accuracy of the methods they use to log, audit, and present for...
 
I Am a Scientist, Not a Philosopher!
Found in: IEEE Security and Privacy
By Sean Peisert, Matt Bishop
Issue Date:July 2007
pp. 48-51
To evaluate anything we can't prove using pure mathematics or logical syllogism, we must test hypotheses by performing controlled experiments to generate measurable, empirical data. But today's computer security researchers often claim
 
Analysis of Computer Intrusions Using Sequences of Function Calls
Found in: IEEE Transactions on Dependable and Secure Computing
By Sean Peisert, Matt Bishop, Sidney Karin, Keith Marzullo
Issue Date:April 2007
pp. 137-150
This paper demonstrates the value of analyzing sequences of function calls for forensic analysis. Although this approach has been used for intrusion detection (that is, determining that a system has been attacked), its value in isolating the cause and effe...
 
The IEEE Symposium on Security and Privacy, in Retrospect
Found in: IEEE Security & Privacy
By Peter G. Neumann,Sean Peisert,Marvin Schaefer
Issue Date:May 2014
pp. 15-17
nullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnull...
 
hBFT: Speculative Byzantine Fault Tolerance With Minimum Cost
Found in: IEEE Transactions on Dependable and Secure Computing
By Sisi Duan,Sean Peisert,Karl Levitt
Issue Date:March 2014
pp. 1
We present hBFT, a hybrid, Byzantine fault-tolerant, replicated state machine protocol with optimal resilience. Under normal circumstances, hBFT uses speculation, i.e., replicas directly adopt the order from the primary and send replies to the clients. As ...
 
We have met the enemy and he is us
Found in: Proceedings of the 2008 workshop on New security paradigms (NSPW '08)
By Carrie Gates, Matt Bishop, Sean Peisert, Sean Whalen, Sophie Engle
Issue Date:September 2008
pp. 85-91
The insider threat has long been considered one of the most serious threats in computer security, and one of the most difficult to combat. But the problem has never been defined precisely, and that lack of precise definition inhibits solutions. This paper ...
     
Principles of authentication
Found in: Proceedings of the 2013 workshop on New security paradigms workshop (NSPW '13)
By Tom Kroeger, Ed Talbot, Sean Peisert
Issue Date:September 2013
pp. 47-56
In the real world we do authentication hundreds of times a day with little effort and strong confidence. We believe that the digital world can and should catch up. The focus of this paper is about authentication for critical applications. Specifically, it ...
     
Relationships and data sanitization: a study in scarlet
Found in: Proceedings of the 2010 workshop on New security paradigms (NSPW '10)
By Anhad Singh, Bhume Bhumiratana, Deborah Agarwal, Deborah Frincke, Justin Cummins, Matt Bishop, Michael Hogarth, Sean Peisert
Issue Date:September 2010
pp. 151-164
Research in data sanitization (including anonymization) emphasizes ways to prevent an adversary from desanitizing data. Most work focuses on using mathematical mappings to sanitize data. A few papers examine incorporation of privacy requirements, either in...
     
Quis Custodiet ipsos Custodes?: a new paradigm for analyzing security paradigms with appreciation to the Roman poet Juvenal
Found in: Proceedings of the 2009 workshop on New security paradigms workshop (NSPW '09)
By Laura Corriss, Matt Bishop, Sean Peisert, Steven J. Greenwald
Issue Date:September 2009
pp. 71-84
Do you believe that more than one single security paradigm exists? We do. We also believe that we have a major problem because of all these security paradigms: until we find a way to identify and understand how these paradigms restrict our analyses we will...
     
Principles-driven forensic analysis
Found in: Proceedings of the 2005 workshop on New security paradigms (NSPW '05)
By Keith Marzullo, Matt Bishop, Sean Peisert, Sidney Karin
Issue Date:September 2005
pp. 85-93
It is possible to enhance our understanding of what has happened on a computer system by using forensic techniques that do not require prediction of the nature of the attack, the skill of the attacker, or the details of the system resources or objects affe...
     
 1