Reading List - CSCI 530, Spring 2009

(The paper list is subject to change! Please check regularly for additions/deletions during the semester.)
  • [Garfinkel04a] Simson Garfinkel. Is Encryption Doomed? Technology Review (MIT's Magazine of Innovation), September 2004. ACM/IEEE Transactions on Networking, 9(3), June 2001.
  • [Daemon99a] J. Daemen and V. Rijmen. AES Proposal: Rijndael. (Version 2 of the original submission for the AES competition.)

  • [AES01a] Federal Information Processing Standards Publication 197. Specification for the Advanced Encryption Standard (AES).

  • [Cheng08b] W. C. Cheng and L. Golubchik. XSA-strengthening: Strengthening MD5 and Other Iterated Hash Functions Through Variable-length External Message Expansion. Technical Report No. 08-894, Rev. 1, Computer Science Department, University of Southern California, Los Angeles, CA, September 2008.
Key Management
  • [Needham78a] R. M. Needham and M. D. Schroeder. Using Encryption for Authentication in Large Networks of Computers. Communications of the ACM, Vol. 21, No. 12, pages 993-999 , December 1978.

  • [Lamport81a] L. Lamport. Password Authentication with Insecure Communication. Communications of the ACM, Vol. 24, No. 11, pages 770-772 , November 1981.

  • [Rafaeli03a] S. Rafaeli and D. Hutchison. A Survey of Key Management for Secure Group Communication. ACM Computing Surveys, Vol. 35, No. 3, pages 309-329, September 2003.
  • [Neuman94a] B. C. Neuman and T. Ts'o. Kerberos: An Authentication Service for Computer Networks. IEEE Communications Magazine, Vol. 32, No. 9, pages 33-38, September 1994.

  • [Neuman93a] B. C. Neuman and S. G. Stubblebine. A note on the use of timestamps as nonces. ACM SIGOPS Operating Systems Review, Vol. 27, No. 2, pages 10-14, April 1993.

  • [Freitas04a] S. de Freitas and M. Levene. Spam on the internet: Is it here to stay or can it be eradicated? JISC Technology and Standards Watch Reports, TSW 04-01, 2004.

  • [Kormann00a] D. P. Kormann and A. D. Rubin. Risks of the Passport single signon protocol. Computer Networks, Elsevier Science Press, Vol. 33, pages 51-58, 2000.

  • [Walfish06a] M. Walfish, J.D. Zamfirescu, H. Balakrishnan, D. Karger, and S. Shenker. Distributed Quota Enforcement for Spam Control. Proceedings of the 3rd USENIX Symposium on Networked Systems Design and Implementation (NSDI 2006), San Jose, CA, May 2006. ACM Computing Surveys, Vol. 35, No. 3, pages 309-329, September 2003.
Authorization and Policy
  • [Barkley97a] J. Barkley. Comparing Simple Role Based Access Control Models and Access Control Lists. Proceedings of the 2nd ACM Workshop on Role-based Access Control, pages 127-132, Fairfax, VA, August 1997.
Intrusion Prevention, Detection, and Response
  • [Aslam96a] T. Aslam, I. Krsul, and E. Spafford. Use of a Taxonomy of Security Faults. Proceedings of the 19th NIST-NCSC National Information Systems Security Conference, September 1996.

  • [Ko94a] C. Ko, G. Fink, K. Levitt. Automated Detection of Vulnerabilities in Privileged Programs by Execution Monitoring. Proceedings of the 10th Annual Computer Security Applications Conference, pages 134-144, Orlando, FL, December 1994.

  • [Anderson95a] D. Anderson, T. Frivold, and A. Valdes. Next-generation Intrusion Detection Expert System (NIDES) -- A Summary. SRI-CSL-95-07, SRI International, Menlo Park, CA, May 1995.


  • [Yegneswaran03a] V. Yegneswaran, P. Barford, and J. Ullrich. Internet Intrusions: Global Characteristics and Prevalence. In proceedings of the 2003 ACM SIGMETRICS, pages 138-147, 2003.

  • [Moore01a] D. Moore, G. Voelker, S. Savage. Inferring Internet Denial-of-Service Activity. In proceedings of the 2001 USENIX Security Symposium, pages 9-22, 2001.

  • [Hussain03b] A. Hussain, J. Heidemann, and C. Papadopoulos. A Framework for Classifying Denial of Service Attacks. In proceedings of SIGCOMM 2003, Karlsruhe, Germany, August 2003.

  • [Savage01a] S. Savage, D. Wetherall, A. Karlin, and T. Anderson. Network Support for IP Traceback. ACM/IEEE Transactions on Networking, 9(3), June 2001.

  • [Walfish06b] M. Walfish, M. Vutukuru, H. Balakrishnan, D. Karger, and S. Shenker. DDoS Defense by Offense. In proceedings of the 2006 ACM SIGCOMM, Pisa, Italy, September 2006.
  • [Xydis02a] T. G. Xydis and S. Blake-Wilson. Security Comparisons: Bluetooth Communications vs. 802.11. White paper, November 2001, February 2002 (revised).
  • [Tews07a] E. Tews, R. Weinmann, and A. Pyshkin. Breaking 104 bit WEP in less than 60 seconds. Cryptology ePrint Archive: Report 2007/120, April 2007.

  • [Berghel04a] H. Berghel. Wireless Infidelity I: War Driving. Communications of the ACM, Volume 47, Issue 9, pages 21-26, September 2004.

  • [Berghel04b] H. Berghel and J. Uecker. Wireless Infidelity II: Airjacking. Communications of the ACM, Volume 47, Issue 12, pages 15-20, December 2004.

  • [Fluhrer01a] S. Fluhrer, I. Mantin, and A. Shamir. Weaknesses in the Key Scheduling Algorithm of RC4. Proceedings of the 8th Workshop on Selected Areas in Cryptography, LNCS 2259. Springer-Verlag, 2001.
  • [Cheng04a] W. C. Cheng, L. Golubchik, and D. G. Kay. Total Recall: Are Privacy Changes Inevitable? In proceedings of the First ACM Workshop on Continuous Archival and Retrieval of Personal Experiences, New York, New York, October 15th 2004.
  • [Kumagai04a] J. Kumagai and S. Cherry. Sensors and Sensibility. IEEE Spectrum, pages 22-28, July 2004.

  • [Goldstein04a] H. Goldstein. We Like to Watch. IEEE Spectrum, pages 30-34, July 2004.

  • [Vinge04a] V. Vinge. Synthetic Serendipity. IEEE Spectrum, pages 35-44, July 2004.

  • [Goldstein04b] H. Goldstein. Mike Villas's World. IEEE Spectrum, pages 45-48, July 2004.
Scalable Upload
  • [Cheng01a] W. C. Cheng, C.-F. Chou, L. Golubchik, and S. Khuller. A Secure and Scalable Wide-Area Upload Service. In proceedings of the 2nd International Conference on Internet Computing, Vol. 2, pages 733-739, Las Vegas, Nevada, June 25-28, 2001.
  • [Bhattacharjee00a] B. Bhattacharjee, W. C. Cheng, C.-F. Chou, L. Golubchik, and S. Khuller. Bistro: a Platform for Building Scalable Wide-Area Upload Applications. In Performance Evaluation Review (also presented at the Workshop on Performance and Architecture of Web Servers (PAWS) in June 2000), Vol. 28, No. 2, pages 29-35, September, 2000.

[Last updated Sat Sep 19 2020]    [Please see copyright regarding copying.]