By Topic

IEEE Security & Privacy

Issue 5 • Date Sept.-Oct. 2011

Filter Results

Displaying Results 1 - 24 of 24
  • [Front cover]

    Publication Year: 2011, Page(s): c1
    Request permission for commercial reuse | PDF file iconPDF (2761 KB)
    Freely Available from IEEE
  • 19th Annual Network and Distrubuted System Security Symposium advertisement

    Publication Year: 2011, Page(s): c2
    Request permission for commercial reuse | PDF file iconPDF (1533 KB)
    Freely Available from IEEE
  • Table of contents

    Publication Year: 2011, Page(s):1 - 2
    Request permission for commercial reuse | PDF file iconPDF (2018 KB)
    Freely Available from IEEE
  • Ten Years of Trustworthy Computing: Lessons Learned

    Publication Year: 2011, Page(s):3 - 4
    Request permission for commercial reuse | PDF file iconPDF (680 KB) | HTML iconHTML
    Freely Available from IEEE
  • IEEE Security & Privacy masthead

    Publication Year: 2011, Page(s): 5
    Request permission for commercial reuse | PDF file iconPDF (225 KB)
    Freely Available from IEEE
  • News Briefs

    Publication Year: 2011, Page(s):6 - 8
    Cited by:  Papers (1)
    Request permission for commercial reuse | PDF file iconPDF (3052 KB) | HTML iconHTML
    Freely Available from IEEE
  • Silver Bullet Talks with Elinor Mills

    Publication Year: 2011, Page(s):9 - 12
    Request permission for commercial reuse | PDF file iconPDF (954 KB) | HTML iconHTML
    Freely Available from IEEE
  • Cyberwarfare

    Publication Year: 2011, Page(s):13 - 15
    Cited by:  Papers (3)
    Request permission for commercial reuse | PDF file iconPDF (724 KB) | HTML iconHTML
    Freely Available from IEEE
  • Cybermilitias and Political Hackers: Use of Irregular Forces in Cyberwarfare

    Publication Year: 2011, Page(s):16 - 22
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (4057 KB) | HTML iconHTML

    Recent cyberattacks have grayed the line between political hacker and legitimate combatant. This article explores the possible benefits and drawbacks of cyberconflict and the ramifications of cybermilitias. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Cyberwar Thresholds and Effects

    Publication Year: 2011, Page(s):23 - 29
    Cited by:  Papers (3)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (1240 KB) | HTML iconHTML

    Network technology use and cyberspace exploitation for intelligence and attack have become a normal part of military activity. Questions persist as to the appropriate framework for considering this new mode of conflict, but to a degree, these questions result from weak data, imprecise terminology, and a certain reluctance to abandon the notion that cyberconflict is unique, rather than just another... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Principles of Cyberwarfare

    Publication Year: 2011, Page(s):30 - 35
    Cited by:  Papers (2)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (1260 KB) | HTML iconHTML

    The principles of kinetic warfare are well documented, but are not always applicable to cyberwarfare. Differences between cyberspace and the real world suggest some additional principles. This article proposes some principles of cyberwarfare. This is not intended to be a comprehensive list but rather suggestions leading toward discussion and dialogue. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Deterring Strategic Cyberattack

    Publication Year: 2011, Page(s):36 - 40
    Cited by:  Papers (5)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (1682 KB) | HTML iconHTML

    Protecting critical infrastructure from cyberattacks by other nations is a matter of considerable concern. Can deterrence play a role in such protection? Can lessons from nuclear deterrence-the most elaborated and successful version of deterrence-be adapted to the cyber case? Currently, little overlap exists between the two, although that might change in the aftermath of an extensive, destructive ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Obfuscation: The Hidden Malware

    Publication Year: 2011, Page(s):41 - 47
    Cited by:  Papers (23)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (826 KB) | HTML iconHTML

    A cyberwar exists between malware writers and antimalware researchers. At this war's heart rages a weapons race that originated in the 80s with the first computer virus. Obfuscation is one of the latest strategies to camouflage the telltale signs of malware, undermine antimalware software, and thwart malware analysis. Malware writers use packers, polymorphic techniques, and metamorphic techniques ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Experience-Based Access Management: A Life-Cycle Framework for Identity and Access Management Systems

    Publication Year: 2011, Page(s):48 - 55
    Cited by:  Papers (9)  |  Patents (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (1179 KB) | HTML iconHTML

    Experience-based access management incorporates models, techniques, and tools to reconcile differences between the ideal access model and the enforced access control. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Rogue-Access-Point Detection: Challenges, Solutions, and Future Directions

    Publication Year: 2011, Page(s):56 - 61
    Cited by:  Papers (11)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (829 KB) | HTML iconHTML

    Rogue devices are an increasingly dangerous reality in the insider threat problem domain. Industry, government, and academia need to be aware of this problem and promote state-of-the-art detection methods. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Tamper Detection in the EPC Network Using Digital Watermarking

    Publication Year: 2011, Page(s):62 - 69
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (967 KB) | HTML iconHTML

    One of the most relevant problems in radio frequency identification (RFID) technology is the lack of security measures in its wireless communication channel between the reader and tag. This article analyzes potential data tampering threats in the electronic product code (EPC) network and proposes solutions using fragile watermarking technologies. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • SEED: Hands-On Lab Exercises for Computer Security Education

    Publication Year: 2011, Page(s):70 - 73
    Cited by:  Papers (8)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (962 KB) | HTML iconHTML

    This paper presents the development of a set of hands-on exercises(labs) that covered a spectrum of security topics and could be shared with other instructors. The author developed SEED labs covering many security topics: vulnerabilities, attacks, software security, system security, network security, Web security, access control, authentication, cryptography, and so on. Most SEED labs have gone th... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Truth in Crowdsourcing

    Publication Year: 2011, Page(s):74 - 76
    Cited by:  Papers (6)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (2268 KB) | HTML iconHTML

    Crowdsourcing provides un precedented new opportunities for people to share their knowledge and observations with the rest of the world. And because of their relatively high cost and low scale, more conventional, centralized means of data collection are being displaced by crowdsourced alternatives. To this point, attempts to pollute user contributed data have been rare, but this seems unlikely to ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • All Space Will Be Public Space

    Publication Year: 2011, Page(s):77 - 80
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (1015 KB) | HTML iconHTML

    In a world in which people voluntarily live their private lives in public, we need to work with behavioral science to design and create safe public spaces. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • The Case for Mobile Two-Factor Authentication

    Publication Year: 2011, Page(s):81 - 85
    Cited by:  Papers (2)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (1883 KB) | HTML iconHTML

    User authentication is a core building block of any secure collaborative computing system. And, because of the enhanced interaction between mobile applications and Web ser vices, mobile device user authentication is even more frequent. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • When $80 Billion Is Not Enough

    Publication Year: 2011, Page(s):86 - 87
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (602 KB) | HTML iconHTML

    The exploitation of cyberinsecurity is shown to be a nation-state activity thus asking whether private initiative must driven to risk-commensurate reaction or ignored as having missed its chance. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Empathy and Security

    Publication Year: 2011, Page(s): 88
    Request permission for commercial reuse | PDF file iconPDF (196 KB) | HTML iconHTML
    Freely Available from IEEE
  • SP call for papers

    Publication Year: 2011, Page(s): c3
    Request permission for commercial reuse | PDF file iconPDF (484 KB)
    Freely Available from IEEE
  • IEEE Paid Advertisement

    Publication Year: 2011, Page(s): c4
    Request permission for commercial reuse | PDF file iconPDF (1214 KB)
    Freely Available from IEEE

Aims & Scope

The primary objective of IEEE Security & Privacy is to stimulate and track advances in information assurance and security and present these advances in a form that can be useful to a broad cross-section of the professional community-ranging from academic researchers to industry practitioners. It is intended to serve a broad readership.

Full Aims & Scope

Meet Our Editors

Editor-in-Chief
Shari Lawrence Pfleeger
shari.l.pfleeger@dartmouth.edu