University of Washington - CIAC-affiliated publications

Articles written by faculty, students, and researchers at the University of Washington.

2017

  • Aboubakr Benabbas, Golnaz Elmamooz, Brent Lagesse, Daniela Nicklas, and Ute Schmid. Living Lab Bamberg: An infrastructure to explore smart city research challenges in the wild. Künstliche Intelligenz, 2017. 

2016

  • Borgia, E., Gomes, D., Lagesse, B., Lea, R., and Puccinelli, D. (2016).  Internet of Things: Research challenges and Solutions. Computer Communications Special Issue on the Internet of Things. Read full article.
  • Dupuis, M., & Khadeer, S. (2016). Curiosity Killed the Organization: A Psychological Comparison between Malicious and Non-Malicious Insiders and the Insider Threat. In Proceedings of the 5th Annual Conference on Research in Information Technology (pp. 35-40). Boston, MA, USA: ACM Press. Read full article.
  • Enev, M.  Takakuwa, A.,  Koscher, K., and Kohno.,T. (July 19-22, 2016), Automobile Driver Fingerprinting. Privacy Enhancing Technologies Symposium. [Car Security Project Website Wired Gizmodo] Read full article.
  • Hiniker, A.,  Patel, S., Kohno,T. and  Kientz, J.A. (September 12-16, 2016.) Why Would You Do That? Predicting the Uses and Gratifications Behind Smartphone-Usage Behaviors, ACM International Joint Conference on Pervasive and Ubiquitous Computing (UbiComp '16).
  • Lerner, A., Kornfeld, A., Simpson, Kohno, T., and Roesner, F., (August 10-12, 2016.)  Internet Jones and the Raiders of the Lost Trackers: An Archaeological Study of Web Tracking from 1996 to 2016. Read full article.
  • West, J. Kohno,T. Lindsay, D. and Sechman, J. (2016) WearFit: Security Design Analysis of a Wearable Fitness Tracker. IEEE Center for Secure Design. Read full article.

2015

  • Bonaci,T., Yan, J. Herron, J. Kohno T. and Chizeck, H. J. (April 14-16, 2015) Experimental Analysis of Denial-of-Service Attacks on Teleoperated Robotic Systems. ACM/IEEE International Conference on Cyber-Physical Systems. Read full article.
  • Bonaci, T., Herron, J., Yusuf,T.  Yan, J.,  Kohno, T.  Chizeck., H. J. (April 2015) To Make a Robot Secure: An Experimental Analysis of Cyber Security Threats Against Teleoperated Surgical Robots. arXiv,Technology Review Read full article.
  • Cleland-Huang, J., Denning, T., Kohno, T., Shull, F., and Weber, S. (May/June, 2016.)  Keeping Ahead of Our Adversaries. IEEE Software. Read full article.
  • Endicott-Popovsky, B. (2015). The Probability of 1. Journal of Cyber Security and Information Systems. Vol.3 (1), pp.18-19. Read full article.
  • Endicott-Popovsky, B., Kuntze, N., & Rudolph, C. (2015). Forensic Readiness: Emerging Discipline for Creating Reliable and Secure Digital Evidence. Journal of Harbin Institute of Technology, 1, 001.
  • Morgan, S & Lagesse, B. (2015) Dynamically Generated Virtual Systems for Cyber Security Education. International Conference on Cloud Security and Management.  Read full article.
  • Thamilarasu, G. (2015) iDetect: An Intelligent Intrusion Detection System for Wireless Body Area Networks. International Journal of Security and Networks.
  • Tonicelli,R., Nascimento, A.C.A., Dowsley, R., Müller-Quade, .J Imai, H. (2015)   Information-theoretically secure oblivious polynomial evaluation in the commodity-based model, International Journal of Information Security 14 (1), 73-84 Read full article.
     

2014

  • Miller, J., Chung, S., Escrib, T., Bai, Y., Endicott-Popovsky, B. and Whittington, J. (April 2014). Accuracy, security, and architecture impacts and challenges of mobile and web technologies: Geolocation field data collection in Washington State water resources, International Journal of Computing Applications.
  • Roesner, F., Denning, T. , Newell, B.C., Kohno,T.  and Calo, R.  (September 14, 2014)  Augmented Reality: Hard Problems of Law and Policy.
    UbiComp 2014 Workshop on Usable Privacy & Security for wearable and domestic ubIquitous DEvices (UPSIDE). Read full article.
  •  F. Roesner, T. Kohno, and D. Molnar., (April 2014) Security and Privacy for Augmented Reality Systems. Communications of the ACM, 57(4). Read full article.
  • Tweneboah-Koduah, S., Endicott-Popovsky, B., Tse-Tse, A. (2014).  Barriers to Government Cloud Adoption: The Ghanaian Perspective. International Journal of Managing Information Technology (IJMIT) Vol.6, No.3, pp.1-16. Read full article.

2013

  • Denning, T. Kohno,T. and Levy, H.  (January 2013) Computer Security in the Modern Home.  Communications of the ACM, 56(1).
  • Endicott-Popovsky, B. and Popovsky, V. (2013). Application of pedagogical fundamentals for the holistic development of cybersecurity professionals. ACM Inroads, 5(1), 57-68. Read full article.
  • Savage, S.  and Kohno, T.  (May 23, 2013)Vulnerability Research in the Cyberphysical World.  Cyber-security Research Ethics Dialog & Strategy Workshop (CREDS) 

2012

  • Alva, A. and Endicott-Popovsky, B. (2012) Digital evidence education in schools of law. Journal on Digital Forensics, Security and Law, 7(2), 75-88. Read full article.
  • Armbruster, G., Endicott-Popovsky, B., and Whittington, J. (2012). Are we prepared for the economic risk resulting from telecom hotel disruptions? International Journal on Critical Infrastructure Protection. 5(2), 55-65. Read full article.
  • Döttling, N., Müller-Quade, J., Nascimento, ACA. (2012 )IND-CCA secure cryptography based on a variant of the LPN problem.  International Conference on the Theory and Application of Cryptology Read full article.
  • Endicott-Popovsky, B. (2012). Privacy in the USA: Technological perspectives. Privacy and Data Protection: Managing Information Matters, 1(1), 5-7.
  • Endicott-Popovsky, B and Horowitz, D. (2012). Unintended consequences: Digital evidence in our legal system. IEEE Security and Privacy, 10(2), 80-83. Read full article.
  • Lagesse, B. (2012). Analytical Evaluation of P2P Reputation Mechanisms. International Journal of Communication Networks and Distributed Systems.  Read full article.
  • Thamilarasu, G.and Sridhar, R. (2012). A Cross-layer Game for Energy Efficient Jamming Detection in Ad hoc Networks. Wiley's Security and Communication Networks Journal, Volume 5, Issue 4, pp 364-373. Read full article.

2011

  • Dupuis, M., Endicott-Popovsky, B., Wang, H., Subramaniam, I., Du, Y. (2011). Top-down mandates and the need for organizational governance, risk management, and compliance in China: A discussion. China-USA Business Review, 10(5), 319-335. Read full article.
  • Lagesse, B. (2011). Challenges in Securing the Interface Between the Cloud and Mobile Systems. Pervasive Communities and Service Clouds. Read full article.
  • Padith, A. and Endicott-Popovsky, B. (2011). Fuzzy clustering-based anomaly detection for updating intrusion detection signature files. Journal of Information Assurance and Security, 6(6), 462–468.
  • Thamilarasu, G., Mishra, S. and Sridhar, R. (2011). Improving reliability of Jamming Attack Detection in Ad Hoc Networks. Special Issue on Cross-Layer Optimization Techniques and Security in Next Generation Networks, International Journal of Communication Networks and Information Security (IJCNIS), Jan 2011. Read full article.

Publications 2010 and prior

  • Duranti, L. and Endicott-Popovsky, B. (2010). Digital records forensics: An interdisciplinary program for forensic readiness. Journal on Digital Forensics, Security and Law, 5(2), 1-12. Read full article.
  • Endicott-Popovsky, B. (2003, July/August). Ethics and teaching information assurance. IEEE Security and Privacy, 1(4), 65-67. Read full article.
  • Endicott-Popovsky, B. (2009) Seeking a balance: Online safety for our children. Teacher Librarian, 37(2), 29-34. Read full article.
  • Endicott-Popovsky, B., Frincke, D., and Taylor, C. (2007). A theoretical framework for organizational network forensic readiness. The Journal of Computers, 2(3), 1-11. Read full article.
  • Endicott-Popovsky, B. and Lockwood, D. (2006). Deriving a capability maturity model for assessing the security of electric utilities. Academy of Information & Management Sciences Journal, 8(1), 1-18.
  • Endicott-Popovsky, B. and Lockwood, D. (2006). A social engineering project in a computer security course. Academy of Information & Management Sciences Journal, 9(1), 37-44.
  • Frincke, D., Oudekirk, S. and Endicott-Popovsky, B. (2006). Editorial: Resources for the computer and information assurance curriculum. ACM Journal on Educational Resources in Computing, 6(4), 1.
  • Simpson, J., Simpson, M., Endicott-Popovsky, B. and Popovsky, V. (2010). Secure software education: A contextual model-based approach. International Journal of Secure Software Engineering, 1(4), 35-61.
  • Thamilarasu, G. and Sridhar, R. (2009) CIDS: Cross-layer Intrusion Detection System for Mobile Ad hoc Networks. International Journal of Mobile Network Design and Innovation (IJMNDI), 2009.
     

Books/Book Chapters

  • Alva, A., Orton, I., Endicott-Popovsky, B., (2012). Legal requirements and case law for Cloud forensic investigations. In K. Ruan (Ed.), Cloud Forensics (pp. 186-229). Hershey, Pennsylvania: IGI Global.
  • Armbruster, G., Whittington, J., and Endicott-Popovsky, B. Strategic Communications Planning for a CISO: Strength in Weak Ties. Proceeding of the 18th Colloquium for Information System Security Education. (CISSE, Edition Two), Issue 2, June 2014. pp. 134-150.
  • Burn, H., Mulcahy, M., Endicott-Popovsky, B. (2015). Easing Student Veterans’ Transition to Cybersecurity and STEM through a “Math Boot Camp.” Educational Approaches to Transition Former Military Personnel into the Cybersecurity Field. Special Edition of The Colloquium for Information System Security Education (CISSE), CISSE Edition 2, Issue 2, pp. 84-102.
  • Chung, S., Crompton, C., Bai, Y., Endicott-Popovsky, B., Baeg, S., Park, S. (2012). Analyses of the effects of evolving legacy software into secure service-oriented software using scrum and a visual model. In X. Wan (Ed.) Agile and Lean Service-Oriented Development: Foundations, Theory and Practice (pp.196-217). Hershey, Pennsylvania: IGI Global.
  • Endicott-Popovsky, B. (2014). Information Assurance vs. Records Management. In Duranti, L. and Franks. P. (ed.) Encyclopedia of Archival Concepts, Principles and Practices. (pp. 224-227). Lanham, Maryland: Rowman & Littlefield Publishing Group, Scarecrow Press.
  • Endicott-Popovsky, B.E., Chee, B. and Frincke, D.A. (2007). Calibration testing of network tap devices. In S. Shenoi. IFIP WG 11.9 (Ed.), Advances in Digital Forensics III (pp.1-13). New York: Springer, (Chapter 1).
  • Endicott-Popovsky, B. Lysenko, V. & Shoemaker, D. (Eds.) with introduction by Nelson S.Col., Brecese, J., Rodgers, C. and Zantua, M. (contributors). (February 2016). Special Edition Of The Colloquium For Information System Security Education: A Study of State Cybersecurity Capabilities for Local and Regional Collaboration (CISSE), CISSE Edition 3, Volume 2.
  • Endicott-Popovsky, B., Popovsky, V., Osterli, P. Rosario, P. and Nelson, S. (2015). Conceptual Foundation for UW Center of Academic Excellence in Information Assurance Education. Educational Approaches to Transition Former Military Personnel into the Cybersecurity Field. Special Edition of The Colloquium for Information System Security Education (CISSE), CISSE Edition 2, Issue 2, pp. 58-83
  • Ferguson-Boucher, K., Endicott-Popovsky, B., (2012). Cloud forensics: Records, retrieval and response integrating information assurance, records management and digital forensics. In K. Ruan (Ed.), Cloud Forensics (pp. 105-128). Hershey, Pennsylvania: IGI Global.
  • Ferguson,N. , Schneier, B.  and Kohno., T.(March 2010) Cryptography Engineering: Design Principles and Practical Applications. John Wiley & Sons,
  • Kuntze, N., Rudolph, C., Alva, A., Endicott-Popovsky, B., Christiansen, J., Kemmerich, T. (2012). On the creation of reliable digital evidence. In G. Peterson and S. Shenoi. IFIP WG 11.09 (Eds.), Advances in Digital Evidence VIII (pp. 3-17). Heidelberg, Germany: Springer.
  • Lysenko, V., Endicott-Popovsky, B., and Garrido M. (2012). Disruptive political use of ICTs in contentious politics: the between-cases analysis. Accepted for publication in A. Solo (Ed.) Politics in the Information Age. Heidelberg, Germany: Springer.
  • Moore, E., Popovsky, V., Endicott-Popovsky, B. (2015). VetsEngr: Easing Student Veterans’ Transition to Cybersecurity Careers. Educational Approaches to Transition Former Military Personnel into the Cybersecurity Field. Special Edition of The Colloquium for Information System Security Education (CISSE), CISSE Edition 2, Issue 2, pp. 184-195.
  • Moss, M & Endicott-Popovsky, B. with Dupuis, M. (2015) Is Digital Different?: How information creation, capture, preservation and discovery are being transformed. Facet Publishing: London: UK.
  • Nelson, S. and Endicott-Popovsky, B., (2016). Cyber Public Private Partnership ICS/SCADA and Critical Infrastructure Protection Strategic Vision. Special Edition of The Colloquium for Information System Security Education (CISSE), CISSE Edition 3, Issue 2.pp. 7-20.
  • Seifert, C., Endicott-Popovsky, B., Frincke, D., Komisarczuk, P., Muschevici, R, and Welch, I. (2008). Identifying and analyzing web server attacks. In I. Ray and S. Shenoi. IFIP WG 11.9 (Eds.), Advances in Digital Forensics IV (pp.151-162). New York: Springer, (Chapter 11).
  • Shoemaker, D. & Endicott-Popovsky, B., eds. (Spring 2015). Educational Approaches to Transition Former Military Personnel into the Cybersecurity Field. Special Edition of The Colloquium for Information System Security Education (CISSE), CISSE Edition 2, Issue 2.
  • Zantua, M., Dupuis, M., Endicott-Popovsky, B. (2015). Re-Engineering the Cybersecurity Human Capital Crisis. Educational Approaches to Transition Former Military Personnel into the Cybersecurity Field. Special Edition of The Colloquium for Information System Security Education (CISSE), CISSE Edition 2, Issue 2, pp. 156-162.

 

Excellent Student Research

  • 2016 Information Security in the Legal Industry-Making a case for and not out of cybersecurity received (ISC)² Americas Information Security Leadership Award: Up-and-Coming Information Security Professionals. Recipients were Patrick Coleman, Jennifer Chermoshnyuk, Dennis Dore, David Krasnove who graduated the UW Information Security Risk Management (ISRM) certificate in June 2016.   Poster Presentation.

  • 2016 Jun 28: North Korea Cyber Attacks: A New Asymmetrical Military Strategy.  Article by Donghui Park, UW Henry M. Jackson School of International Studies. The number of North Korean cyber attacks on South Korean critical infrastructure have increased very quickly over the past ten years. North Korean cyber attacks have not been limited to South Korea. The attacks have also targeted U.S. critical infrastructure and US society. Read full article.

  • 2016 June 22-24 Scott, W., Anderson, T.,  Kohno,T.  and Krishnamurthy, A. Satellite: Joint Analysis of CDNs and Network-Level Interference.
    USENIX Annual Technical Conference, Best Student Paper Award. Read full paper.

  • 2016 Jun 21: China-Russia Cybersecurity Cooperation: Working Towards Cyber-Sovereignty. Article by Yuxi Wei, UW Henry M. Jackson School of International Studies. Closer ties between China and Russia have attracted speculation about whether the relationship will continue to deepen into an alliance. The 2015 Sino-Russian cybersecurity deal seemed to mark further Sino-Russian cooperation in another arena—cyberspace. The pact has two key features: mutual assurance on non-aggression in cyberspace with each other and language advocating cyber-sovereignty. Read full article.

  • 2016 Winter: Special Edition Of The Colloquium For Information System Security Education: A Study of State Cybersecurity Capabilities for Local and Regional Collaboration (CISSE) Endicott-Popovsky, B. Lysenko, V. & Shoemaker, D. (Eds.) with introduction by Nelson S.Col., Brecese, J., Rodgers, C. and Zantua, M. (contributors). (February 2016). CISSE Edition 3, Volume 2. Purchase book.
  • 2014 June: Strategic Communications Planning for a CISO: Strength in Weak Ties. Article by Armbruster, G., Whittington, J., and Endicott-Popovsky, B.  Proceeding of the 18th Colloquium for Information System Security Education. (CISSE, Edition Two), Issue 2, pp. 134-150. Read pdf.

  • 2010 May: Securing virtual worlds. SC Magazine. Article by Weller, A. and Endicott-Popovsky, B.  As with many technologies, the rate of corporate adoption of virtual worlds (VWs) has outpaced the rate that effective controls have been developed to protect both users and the virtual environments themselves. As information security professionals, how can we make VWs a better place to live and work?  Read full article.


Next page: Conference Papers