Risks and Dangers of Security Extensions

Securing computer systems is an increasing concern as more and more systems are connected together in large networks. Traditional operating system based protection mechanisms have failed to fully m ...

[1]  Ira S. Winkler The Non-Technical Threat to Computing Systems , 1996, Comput. Syst..

[2]  Peter J. Denning,et al.  The internet worm , 1991 .

[3]  Steve R. White,et al.  Open Problems in Computer Virus Research , 1998 .

[4]  Richard Baskerville,et al.  A taxonomy for analyzing hazards to information systems , 1996, SEC.

[5]  Thomas Henry Ptacek,et al.  Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection , 1998 .

[6]  John D. Howard,et al.  An analysis of security incidents on the Internet 1989-1995 , 1998 .

[7]  Eugene H. Spafford,et al.  Software vulnerability analysis , 1998 .

[8]  Dixie B. Baker,et al.  Fortresses built upon sand , 1996, NSPW '96.

[9]  Eugene H. Spafford,et al.  Computer Viruses , 1989 .

[10]  Eugene H. Spafford,et al.  The design and implementation of tripwire: a file system integrity checker , 1994, CCS '94.

[11]  Eugene H. Spafford,et al.  Tripwire: a case study in integrity monitoring , 1997 .

[12]  Sandeep Kumar,et al.  Classification and detection of computer intrusions , 1996 .

[13]  Stephen Smalley,et al.  The Inevitability of Failure: The Flawed Assumption of Security in Modern Computing Environments , 2000 .

[14]  Barak A. Pearlmutter,et al.  Detecting intrusions using system calls: alternative data models , 1999, Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No.99CB36344).

[15]  Bob Blakley,et al.  The Emperor's old armor , 1996, NSPW '96.

[16]  Carl E. Landwehr,et al.  A Taxonomy of Computer Program Security Flaws, with Examples , 1993 .

[17]  Fred Cohen,et al.  Computer viruses—theory and experiments , 1990 .

[18]  Erland Jonsson,et al.  Privacy vs. Intrusion Detection Analysis , 1999, Recent Advances in Intrusion Detection.

[19]  Erland Jonsson,et al.  How to systematically classify computer security intrusions , 1997, S&P 1997.

[20]  Eugene H. Spafford,et al.  A computer virus primer , 1991 .

[21]  Kai Rannenberg,et al.  Pseudonymous audit for privacy enhanced intrusion detection , 1997, SEC.

[22]  Salvatore J. Stolfo,et al.  A data mining framework for building intrusion detection models , 1999, Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No.99CB36344).

[23]  Stefan Lindskog,et al.  Observations on Operating System Security Vulnerabilities , 2000 .