syssec_red_book

Bibliography[130] G. Cluley. 600,000+ compromised account logins every day on facebook, official figuresreveal. nakedsecurity news from SOPHOS, October 2011. http://nakedsecurity.sophos.com/2011/10/28/compromised-facebook-account-logins/.[131] CNBC. False rumor of explosion at white house causes stocks to briefly plunge. http://www.cnbc.com/id/100646197.[132] F. B. Cohen. Operating system protection through program evolution. Computers andSecurity, 12:565–584, Oct. 1993.[133] T. F. Consortium. White book: Emerging ICT Threats, Jan. 2010. http://www.ictforward.eu/media/publications/forward-whitebook.pdf.[134] M. Costa, J. Crowcroft, M. Castro, A. Rowstron, L. Zhou, L. Zhang, and P. Barham. Vigilante:end-to-end containment of internet worms. In Proceedings of the 20th ACM Symposium onOperating Systems Principles, SOSP’05, 2005.[135] A. Costin, J. Isacenkova, M. Balduzzi, A. Francillon, and D. Balzarotti. The role of phonenumbers in understanding cyber-crime. In PST 2013, 11th International Conference on Privacy,Security and Trust, July 10-12, 2013, Tarragona, Catalonia, Spain, 2013.[136] C. Cowan, C. Pu, D. Maier, M. Hinton, J. Walpole, P. Bakke, S. Beattie, A. Grier, P. Wagle,and Q. Zhang. Stackguard: Automatic adaptive detection and prevention of buffer-overflowattacks. In Proceedings of the 7 th USENIX Security Symposium, January 1998.[137] C. Cowan, P. Wagle, C. Pu, S. Beattie, and J. Walpole. Buffer overflows: attacks and defensesfor the vulnerability of the decade. In Proceedings of the DARPA Information SurvivabilityConference and Exposition (DISCEX), 2000.[138] J. R. Crandall and F. T. Chong. Minos: Control Data Attack Prevention Orthogonal toMemory Model. In Proceedings of the 37th annual IEEE/ACM International Symposium onMicroarchitecture, MICRO 37, 2004.[139] A. Cui and M. Costello. Hacking Cisco Phones, 2012.[140] A. Cui, M. Costello, and S. J. Stolfo. When firmware modifications attack: A case study ofembedded exploitation. In Proceedings of the ISOC Symposium on Network and DistributedSystems Security (NDSS), 2013.[141] A. Cui and S. J. Stolfo. A quantitative analysis of the insecurity of embedded networkdevices: results of a wide-area scan. In Proceedings of the 26th Annual Computer SecurityApplications Conference (ACSAC), 2010.[142] L. Cutillo, R. Molva, and T. Strufe. Safebook: A privacy-preserving online social networkleveraging on real-life trust. IEEE Communications Magazine, Consumer Communications andNetworking Series, 47(12):94–101, 2009.[143] CWE/SANS. CWE/SANS TOP 25 Most Dangerous Software Errors. www.sans.org/top25-software-errors, 2011.[144] D. Dagon, G. Gu, C. P. Lee, and W. Lee. A Taxonomy of Botnet Structures. In Proceedings ofthe 23rd Annual Computer Security Applications Conference, 2007.[145] G. Danezis and P. Mittal. Sybilinfer: Detecting sybil nodes using social networks. InNetwork and Distributed System Security Symposium - NDSS, 2009.[146] S. K. Das, K. Kant, and N. Zhang. Handbook on Securing Cyber-Physical Critical Infrastructure.2012.[147] C. R. Davis, S. Neville, J. M. FernÃąndez, J.-M. Robert, and J. McHugh. Structured Peer-to-Peer Overlay Networks: Ideal Botnet Command and Control Infrastructures? In Proceedingsof the 13th European Symposium on Research in Computer Security, 2008.[148] S. J. Delany, M. Buckley, and D. Greene. Review: Sms spam filtering: Methods and data.Expert Syst. Appl., 39(10):9899–9908, Aug. 2012.[149] d. e. denning and p. j. denning. certification of programs for secure information flow.commun. acm, 20(7):504–513, 1977.171