syssec_red_book

Bibliography[214] ICS-CERT. Monthly monitor, march 2012. http://ics-cert.us-cert.gov/sites/default/files/ICS-CERT_Monthly_Monitor_March_2012_0.pdf.[215] V. Igure and R. Williams. Taxonomies of attacks and vulnerabilities in computer systems.Communications Surveys Tutorials, IEEE, 10(1):6–19, 2008.[216] Imperva ADC Team. Security trends 2013. Internet. http://blog.imperva.com/2012/12/security-trends-2013-trend-1.html, 2012.[217] Interagency Working Group on Cyber Security and Information Assurance. Federal planfor cyber security and information assurance research and development, April 2006.[218] D. Irani, M. Balduzzi, D. Balzarotti, E. Kirda, and C. Pu. Reverse Social Engineering Attacksin Online Social Networks. In Proceedings of the 8th international conference on Detection ofintrusions and malware, and vulnerability assessment (DIMVA), 2011.[219] J. Isacenkova, O. Thonnard, A. Costin, D. Balzarotti, and A. Francillon. Inside the SCAMjungle: A closer look at 419 scam email operations. In IWCC 2013, International Workshopon Cyber Crime (co-located with the 34th IEEE Symposium on Security and Privacy (IEEE S&P2013)), 2013.[220] Iseclab. Anubis. http://anubis.iseclab.org.[221] C. Jackson, A. Bortz, D. Boneh, and J. C. Mitchell. Protecting browser state from webprivacy attacks. In Proceedings of the 15th International World Wide Web Conference (WWW),2006.[222] D. Jacoby. Facebook security phishing attack in the wild. http://www.securelist.com/en/blog/208193325/Facebook_Security_Phishing_Attack_In_The_Wild.[223] T. Jim, N. Swamy, and M. Hicks. Defeating Script Injection Attacks with Browser-EnforcedEmbedded Policies. In WWW ’07: Proceedings of the 16th international conference on WorldWide Web, pages 601–610, New York, NY, USA, 2007. ACM.[224] R. Johnson. A castle made of sand: Adobe Reader X sandbox. CanSecWest, 2011.[225] M. Jurek. Google Explores +1 Button To Influence Search Results. 2011.http://www.tekgoblin.com/2011/08/29/google-explores-1-button-to-influencesearch-results/.[226] E. Kalige. A Case Study of Eurograbber: How 36 Million Euros wereStolen via Malware. https://www.checkpoint.com/products/downloads/whitepapers/Eurograbber_White_Paper.pdf.[227] S. Kamkar. Evercookie. http://samy.pl/evercookie/.[228] B. B. H. Kang, E. Chan-Tin, C. P. Lee, J. Tyra, H. J. Kang, C. Nunnery, Z. Wadler, G. Sinclair,N. Hopper, D. Dagon, and Y. Kim. Towards Complete Node Enumeration in a Peer-to-Peer Botnet. In Proceedings of the 4th International Symposium on Information, Computer, andCommunications Security, 2009.[229] C. Kanich, K. Levchenko, B. Enright, G. M. Voelker, and S. Savage. The HeisenbotUncertainty Problem: Challenges in Separating Bots from Chaff. In Proceedings of the 1stUSENIX Workshop on Large-Scale Exploits and Emergent Threats, 2008.[230] M. Karim, A. Walenstein, A. Lakhotia, and L. Parida. Malware Phylogeny GenerationUsing Permutations of Code. Journal in Computer Virology, 1(1):13–23, 2005.[231] Kaspersky. Teamwork: How the ZitMo Trojan Bypasses Online Banking Security, October2011. http://www.kaspersky.com/about/news/virus/2011/Teamwork_How_the_ZitMo_Trojan_Bypasses_Online_Banking_Security.[232] Kaspersky Labs. Kaspersky security bulletin 2012. malware evolution. Internet.http://usa.kaspersky.com/about-us/press-center/press-releases/kasperskylab-outlines-key-security-trends-2012-predicts-core-t,2012.175