Search For:

Displaying 1-19 out of 19 total
A Trend Analysis of Exploitations
Found in: Security and Privacy, IEEE Symposium on
By Hilary K. Browne, William A. Arbaugh, John McHugh, William L. Fithen
Issue Date:May 2001
pp. 0214
Abstract: We have conducted an empirical study of a number of computer security exploits and determined that the rates at which incidents involving the exploit are reported to the CERT can be modeled using a common mathematical framework. Data associated w...
Windows of Vulnerability: A Case Study Analysis
Found in: Computer
By William A. Arbaugh, William L. Fithen, John McHugh
Issue Date:December 2000
pp. 52-59
<p>The authors propose a life-cycle model for system vulnerabilities, applying to three case studies to show how systems remain vulnerable long after security fixes are available. Complex information and communication systems give rise to design, imp...
Crossing the Great Divide: From Research to Market
Found in: IEEE Security & Privacy
By Terry V. Benzel,Eric O'Brien,Robert Rodriguez,William Arbaugh,John Sebes
Issue Date:March 2013
pp. 42-46
A successful technologist who transferred from within, a start-up company founder who moved from university research to Microsoft, a venture investor, and an open source evangelist gathered recently for a roundtable discussion with guest editor Terry V. Be...
Living with Insecurity
Found in: IEEE Security and Privacy
By William Arbaugh,Deborah A. Frincke
Issue Date:November 2011
pp. 12-13
All computers today operate in a hostile environment. The only difference between large enterprises, small businesses, governments, and home users is the degree of hostility faced. How we deal with these threats and what we do to improve the situation are ...
Found in: Computer Security Applications Conference, Annual
By Timothy Fraser, Matthew R. Evenson, William A. Arbaugh
Issue Date:December 2008
pp. 87-96
When systems are under constant attack, there is no time to restore those infected with malware to health manually--repair of infected systems must be fully automated and must occur within milliseconds. After detecting kernel-modifying rootkit infections u...
A Secure Trust Establishment Model
Found in: Sensor Networks, Ubiquitous, and Trustworthy Computing, International Conference on
By Chuk-Yang Seng, William A. Arbaugh
Issue Date:June 2006
pp. 78-85
Trust is used in many applications, such as on-line auctions. However, trust establishment is not well understood. Different researchers have focused on different aspects of trust establishment. In this paper, we provide a unifying view of trust establishm...
The Real Risk of Digital Voting?
Found in: Computer
By William A. Arbaugh
Issue Date:December 2004
pp. 124-125
No summary available.
A Patch in Nine Saves Time?
Found in: Computer
By William A. Arbaugh
Issue Date:June 2004
pp. 82-83
Information systems remain as vulnerable today as ever—perhaps more so.
Guest Editor's Introduction: Wired on Wireless
Found in: IEEE Security and Privacy
By William A. Arbaugh
Issue Date:May 2004
pp. 26-27
In the past few years, we?ve seen wireless keyboards, mice, headsets, broadband networking, and even high-fidelity speakers. Radio frequency-based products? move toward the consumer space has greatly reduced the equipment?s price, and this in turn has caus...
Wireless Security Is Different
Found in: Computer
By William A. Arbaugh
Issue Date:August 2003
pp. 99-101
Firewalls: An Outdated Defense
Found in: Computer
By William A. Arbaugh
Issue Date:June 2003
pp. 112-113
The Dangers of Mitigating Security Design Flaws: A Wireless Case Study
Found in: IEEE Security and Privacy
By Nick L. Petroni Jr., William A. Arbaugh
Issue Date:January 2003
pp. 28-36
<p>Mitigating design flaws often provides the only means to pro0tect legacy equipment, particularly in wireless local area networks. A synchronous active attack against the wired equivalent privacy protocol demonstrates how mitigating one flaw or att...
Toward Secure Key Distribution in Truly Ad-Hoc Networks
Found in: Applications and the Internet Workshops, IEEE/IPSJ International Symposium on
By Aram Khalili, Jonathan Katz, William A. Arbaugh
Issue Date:January 2003
pp. 342
Ad-hoc network - and in particular wireless mobile ad-hoc network - have unique characteristic and constraint that make traditional cryptographic mechanisms and assumptions inappropriate. In particular, it may not be warranted to assume pre-existing shared...
Guest Editors' Introduction: Embedded Security—Challenges and Concerns
Found in: Computer
By William A. Arbaugh, Leendert van Doorn
Issue Date:October 2001
pp. 40-47
<p>The proliferation of embedded devices is bringing security and privacy issues to the fore. We must ensure that we have learned from past problems and proactively attempt to prevent them in the future.</p>
Security for Virtual Private Intranets
Found in: Computer
By William A. Arbaugh, James R. Davin, David J. Farber, Jonathan M. Smith
Issue Date:September 1998
pp. 48-55
The economies and conveniences of telecommuting have made the technologically sophisticated home office a growing phenomenon. Businesses, however, are facing a major challenge in extending the office network environment to employees' homes. Many companies ...
Partially overlapped channels not considered harmful
Found in: Proceedings of the joint international conference on Measurement and modeling of computer systems (SIGMETRICS '06/Performance '06)
By Arunesh Mishra, Suman Banerjee, Vivek Shrivastava, William Arbaugh
Issue Date:June 2006
pp. 1928-1929
Many wireless channels in different technologies are known to have partial overlap. However, due to the interference effects among such partially overlapped channels, their simultaneous use has typically been avoided. In this paper, we present a first atte...
Applying flow-sensitive CQUAL to verify MINIX authorization check placement: 3
Found in: Proceedings of the 2006 workshop on Programming languages and analysis for security (PLAS '06)
By Nick L. Petroni, Timothy Fraser, William A. Arbaugh
Issue Date:June 2006
pp. 6
We present the first use of flow-sensitive CQUAL to verify the placement of operating system authorization checks. Our analysis of MINIX 3 system servers and discovery of a non-exploitable Time-Of-Check/Time-Of-Use bug demonstrate the effectiveness of flow...
Toward resilient security in wireless sensor networks
Found in: Proceedings of the 6th ACM international symposium on Mobile ad hoc networking and computing (MobiHoc '05)
By Fan Ye, Hao Yang, Songwu Lu, William Arbaugh, Yuan Yuan
Issue Date:May 2005
pp. 34-45
Node compromise poses severe security threats in wireless sensor networks. Unfortunately, existing security designs can address only a small, fixed threshold number of compromised nodes; the security protection completely breaks down when the threshold is ...
Security problems in 802.11-based networks
Found in: Communications of the ACM
By Russ Housley, William Arbaugh
Issue Date:January 1988
pp. 31-34
Assessing inherent wireless network security deficiencies and seeking solutions.