Sciweavers

ACSAC
2001
IEEE
14 years 3 months ago
Abuse-Case-Based Assurance Arguments
This paper describes an extension to abuse-casebased security requirements analysis that provides a lightweight means of increasing assurance in security relevant software. The ap...
John P. McDermott
ACSAC
2001
IEEE
14 years 3 months ago
Mitigating Distributed Denial of Service Attacks with Dynamic Resource Pricing
Distributed Denial of Service (DDoS) attacks exploit the acute imbalance between client and server workloads to cause devastation to the service providers. We propose a distribute...
David Mankins, Rajesh Krishnan, Ceilyn Boyd, John ...
ACSAC
2001
IEEE
14 years 3 months ago
Practical Automated Filter Generation to Explicitly Enforce Implicit Input Assumptions
Vulnerabilities in distributed applications are being uncovered and exploited faster than software engineers can patch the security holes. All too often these weaknesses result fr...
Valentin Razmov, Daniel R. Simon
ACSAC
2001
IEEE
14 years 3 months ago
eXpert-BSM: A Host-Based Intrusion Detection Solution for Sun Solaris
eXpert-BSM is a real time forward-reasoning expert system that analyzes Sun Solaris audit trails. Based on many years of intrusion detection research, eXpert-BSM's knowledge ...
Ulf Lindqvist, Phillip A. Porras
ACSAC
2001
IEEE
14 years 3 months ago
CONSEPP: CONvenient and Secure Electronic Payment Protocol Based on X9.59
The security of electronic payment protocols is of interest to researchers in academia and industry. While the ultimate objective is the safest and most secure protocol, convenien...
Albert Levi, Çetin Kaya Koç
ACSAC
2001
IEEE
14 years 3 months ago
Architecture and Applications for a Distributed Embedded Firewall
The distributed firewall is an important new line of network defense. It provides fine-grained access control to augment the protections afforded by the traditional perimeter fire...
Charles Payne, Tom Markham
ACSAC
2001
IEEE
14 years 3 months ago
Verifiable Identifiers in Middleware Security
fies a number of issues related to security information r semantics on different layers of abstraction. In particular it is difficult to express caller and target accurately in the...
Ulrich Lang, Dieter Gollmann, Rudolf Schreiner
ACSAC
2001
IEEE
14 years 3 months ago
A Security Model for Military Message Systems: Retrospective
Carl E. Landwehr, Constance L. Heitmeyer, John D. ...
ACSAC
2001
IEEE
14 years 3 months ago
The Authorization Service of Tivoli Policy Director
This paper presents the Authorization Service provided by Tivoli Policy Director (PD) and its use by PD family members as well as third-party applications. Policies are defined ov...
Günter Karjoth
ACSAC
2001
IEEE
14 years 3 months ago
Mining Alarm Clusters to Improve Alarm Handling Efficiency
It is a well-known problem that intrusion detection systems overload their human operators by triggering thousands of alarms per day. As a matter of fact, we have been asked by on...
Klaus Julisch