selected publications
-
academic article
- A Formal Model and Verification for HESTIA: An Automated, Adversary-Aware Risk Assessment Process for Cyber Infrastructure. IEEE Access. 10:83755-83792. 2022
- Analysis of Web Browser Security Configuration Options. Transactions on Internet and Information Systems. 12:6139-6160. 2018
- A Fast Boot, Fast Shutdown Technique for Android OS Devices. Computer. 49:62-68. 2016
- The DARPA Cyber Grand Challenge: A Competitor's Perspective, Part 2. IEEE Security and Privacy. 14:76-81. 2016
- The DARPA Cyber Grand Challenge: A Competitor's Perspective. IEEE Security and Privacy. 13:72-76. 2015
- Shortening the Boot Time of Android OS. Computer. 47:53-58. 2014
- Hardware security tags for enhanced operating system security. Issues in Information Systems. 14:61-71. 2013
- Securing Database as a Service: Issues and Compromises. IEEE Security and Privacy. 9:49-55. 2011
- Analyzing uncertainty in take-grant protection graphs with TG/MC. Journal of Computer Security. 18:667-698. 2010
- A Formal Framework for Real-time Information Flow Analysis. Computers and Security. 28:421-432. 2009
- A communication-computation efficient group key algorithm for large and dynamic groups. Computer Networks. 51:69-93. 2007
- Specifying and enforcing a multi-policy paradigm for high assurance multi-enclave systems. Journal of High Speed Networks. 15:315-327. 2006
- Formal reasoning about intrusion detection systems. Lecture Notes in Computer Science. 3224:278-295. 2004
- The Watson theorem prover. Journal of Automated Reasoning. 26:357-408. 2001
-
conference paper
- Function Boundary Detection in Stripped Binaries. 35th Annual Computer Security Applications Conference. 84-96. 2019
- Formalizing an Automated, Adversary-aware Risk Assessment Process for Critical Infrastructure. 2019 IEEE Texas Power and Energy Conference (TPEC). 2019
- METICS: A Holistic Cyber Physical System Model for IEEE 14-bus Power System Security. 2018 13th International Conference on Malicious and Unwanted Software (MALWARE). 2019
- Developing a taxonomy of cyber attacks in WAMS. Cyber Security Symposium. 2018
- Combining Mandatory and Attribute-based Access Control. 2016 49th Hawwaii International Conference on System Sciences. 2616-2623. 2016
- Evaluating the Use of Security Tags in Security Policy Enforcement Mechanisms. Hawaii International Conference on System Sciences. 2015
- Expanding RTEMS to a Multiuser System by Using Security Tags. Cyber Security Symposium. 2015
- Practical Clickjacking with BeEF. 2012 IEEE International Conference on Technologies For Homeland Security Proceedings. 614-619. 2013
- Security tagging for a zero-kernel operating system. 46th Hawaii International Conference on Systems Sciences. 5049-5058. 2013
- A Security Review of the Cell Broadband Engine Processor. 2010 43rd Hawaii International Conference on System Sciences. 4417-4424. 2010
- Automated Preemptive Hardware Isolation of High-Risk Computing Applications. Secure and Resilient Cyber Architectures Conference. 2010
- Implementing Middleware for Content Filtering and Information Flow Control. 2007 ACM Computer Security Architecture Workshop (CSAW '07). 47-53. 2007
- Rationality validation of a layered decision model for network defense. 2007 IEEE International Conference on Information Reuse and Integration. 85-90. 2007
- Using policy enforcement graphs in a separation-based high assurance architecture. 2007 IEEE International Conference on Information Reuse and Integration. 183-189. 2007
- Applying the layered decision model to the design of language-based security systems. 2006 IEEE International Conference on Information Reuse and Integration. 182-187. 2006
- Covert timing channel analysis of rate monotonic real-time scheduling algorithm in MLS systems. 2006 IEEE Information Assurance Workshop Proceedings. 361-368. 2006
- The effect of rebalancing on the performance of a group key agreement protocol. Proceedings of the 31st IEEE Conference. 983-989. 2006
- A layered decision model for cost-effective network defense. Proceedings of the 2005 IEEE International Conference on Information Reuse and Integration. 506-511. 2005
- Software mediators for transparent channel control in unbounded environments. Sixth Annual IEEE SMC Information Assurance Workshop, 2005. 201-206. 2005
- Exploring average performance of group key management algorithms over multiple operations. Proceedings of the IASTED International Conference. 47-52. 2005
- Performance of group key agreement protocols over multiple operations. Proceedings of the IASTED International Conference. 600-606. 2005
- Efficient allocation in distributed object oriented databases. Parallel and Distributed Computing Systems, Proceedings. 471-476. 2003
- What are multi-protocol guessing attacks and how to prevent them. 11th IEEE International Workshops on Enabling Technologies: Infrastructure For Collaborative Enterprises (WET ICE). 77-82. 2002
- The architecture of secure systems. 1998 31st Annual Hawaii International Conference on System Sciences. 307-316. 2002
- Certificate based authorization simulation system. 25th Annual International Computer Software and Applications Conference. 190-195. 2002
- Quantum evolutionary programming. Genetic and Evolutionary Computation Conference. 2001
- Cryptographic protocol engineering: Building security from the ground up. International Conference on Internet Computing, 2000. 371-377. 2000
-
report