Publications - Center for Cybersecurity and Cyber Operations
Publications TOP
Berrios, J., Shaffer, A. B., Singh, G. Web CARTT: The Web-based Cyber Automated Red Team Tool, International Conference on Cyber Warfare and Security, Reading, UK. 2021.
Giles, K. B., Davis, D. T., Jones, K. D., Jones, M. J. Expanding domains for multi-vehicle unmanned systems. 2021 International Conference on Unmanned Aircraft Systems.
Hale, B., ESCAPING THE INNOVATION BUNKER: Leadership for a Technological Revolution. In U.S. Naval Institute (USNI). 2021.
C. Cremers, B. Hale, K. Kohbrok. The Complexities of Healing in Secure Group Messaging: Why Cross-Group Effects Matter. In Proceedings of USENIX. 2021.
B. Dowling and B. Hale. Secure Messaging Authentication against Active Man-in-the-Middle Attacks. In Euro S&P. 2021.
Hale, B., Van Bossuyt, D. J., Papakonstantinou, N., and O’Halloran. A Zero-Trust Methodology for Security of Complex Systems With Machine Learning Components. In Proceedings of the ASME 2021 IDETC/CIE. 2021.
Norine, C., Shaffer, A. B., Singh, G. Artifact Mitigation in High-Fidelity Hypervisors, Proc. 54th Hawaii International Conference on System Sciences (HICCS), Manoa, HI. 2021.
N. Papakonstantinou, D. J. Van Bossuyt, J. Linnosmaa, B. Hale, B. and O’Halloran. A Zero Trust Hybrid Security and Safety Risk Analysis Method. In Proceedings of the Journal of Computing and Information Science in Engineering (JCISE). 2021.
D. Brutzman, T. Norbraten, J. Culbert, and B. Hale. Blockchain Mergence for Distributed Ledgers Supporting Fleet Logistics and Maintenance. In Acquisition Research Symposium 2021.
Troncoso, M. and Hale, B. The Bluetooth CYBORG: Analysis of the Full Human-Machine Passkey Entry AKE Protocol.. In NDSS. 2021.
N. C. Rowe, T. D. Nguyen, M. M. Kendrick, Z. A. Rucker, D. Hyun, and J. C. Brown, Creating effective industrial-control-systems honeypots, in Hawaii Intl. Conf. on Systems Sciences, January 2020
M. Sjoholmsierchio, B. Hale, D. Lukaszewski, G. Xie. Strengthening SDN Security: Protocol Dialecting and Downgrade Attacks. In IEEE NetSoft. 2020.
B. Dowling and B. Hale. There Can Be No Compromise: The Necessity of Ratcheted Authentication in Secure Messaging. In IACR ePrint. 2020.
B. Hale. User-Mediated Authentication Protocols and Unforgeability in Key Collision. In International Journal of Information Security (IJIS) 2020.
Monaco, J., Bug or Feature? Covert Impairments to Human Computer Interaction. Proceedings of the 2020 CHI Conference on Human Factors in Computing Systems. CHI '20, Honolulu HI USA. New York, NY, USA: ACM, 2020.
Monaco, J. and Benosman, R., General Purpose Computation with Spiking Neural Networks. Proceedings of the Neuro-inspired Computational Elements Workshop. NICE '20, Heidelberg Germany. New York, NY, USA: ACM, 2020.
N. Papakonstantinou, D. J. Van Bossuyt, J. Linnosmaa, B. Hale, B. O’Halloran. Towards a Zero Trust Hybrid Security and Safety Risk Analysis Method. In Proceedings of the ASME 2020 IDETC/CIE2020.
Plot, J., Shaffer, A. B., Singh, G. CARTT: Cyber Automated Red Team Tool. , Proc. 53rd Hawaii International Conference on System Sciences (HICCS), Manoa, HI. 2020.
C. Cremers, B. Hale, K. Kohbrok. Revisiting Post-Compromise Security Guarantees in Group Messaging. IACR Cryptology ePrint 2019.
Monaco, J. V., What Are You Searching For? A Remote Keylogging Attack on Search Engine Autocomplete. 2019; Santa Clara, CA: USENIX Association; 2019.
Nguyen, T. D., Austin, S. C., and Irvine, C. E., A Strategy for Security Testing Industrial Firewalls, Industrial Control System Security (ICSS) Workshop, San Juan, Puerto Rico, December 2019.
Aybar, L. E., Singh, G., Shaffer, A. B. Developing Simulated Cyber-Attack Scenarios Against Virtualized Adversary Networks. Proc.13th International Conference on Cyber Warfare and Security ICCWS 2018, Washington DC, USA, 8 - 9 March 2018.
Blauwkamp, D., Nguyen, T. D., and Xi, G. G, "Toward a Deep Learning Approach to Behavior-based AIS Traffic Anomaly Detection," DYnamic and Novel Advances in Machine Learning and Intelligent Cyber Security (DYNAMICS) Workshop, San Juan, Puerto Rico, December 2018.
Davis, D. T., Chung, T. H., Clement, M. R., Day, M. A. (2018). Multi-Swarm Infrastructure for Swarm Versus Swarm Experimentation. Springer Proceedings in Advanced Robotics (vol. 6, pp. 649-663). Cham: Springer International Publishing.
Monaco, J. SoK: Keylogging Side Channels. 2018 IEEE Symposium on Security and Privacy (SP), San Francisco, CA. IEEE, 2018.
Wanic, E.E., and Rowe, N. C., Assessing deterrence options for cyber weapons, in Proc. Intl. Conf. on Computational Science and Computational Intelligence, pp. 13–18, December 2018.
Ghosh, S., Davis, D. T., Chung, T. H., Yakimenko, O. A. Development and Testing of the Intercept Primitives for Planar UAV Engagement. Miami, FL: IEEE. 2017.
Irvine, C.E., Thompson, M. F., and Khosalim, J., Labtainers: A Framework for Parameterized Cybersecurity Labs Using Containers, Proceedings National Security Summit, Huntsville, AL, June 2017.
Nguyen, T. D., and Irvine, C. E., Development of Industrial Network Forensics Lessons, 2017 Cybersecurity Summit, Coeur d'Alene, ID, April, 2017.
Satadal, G., Yakimenko, O. A., Davis, D. T., Chung, T. Unmanned Aerial Vehicle Guidance for an All-Aspect Approach to a Stationary Point. Journal of Guidance, Control, and Dynamics, 40(11), 2871-2888. 2017.
Tacliad, F., Nguyen, T. D. and Gondree, M., , Industrial Control System Security (ICSS) Workshop, Orlando, Florida, December 2017.
Brutzman, D. P., Blais, C. L., Davis, D. T., McGhee, R. (2018). Ethical Mission Definition and Execution for Maritime Robots Under Human Supervision. Journal of Oceanic Engineering, 43(2), 427-443.
Davis, D. T., Chung, T. H., Clement, M. R., Day, M. A. (2016). Consensus-Based Data Sharing for Large-Scale Aerial Swarm Coordination in Lossy Communications Environments. Daejeon: IEEE.
Davis, D. T., Brutzman, D. P., Blais, C. L., McGhee, R. B. (2016). Ethical Mission Definition and Execution for Maritime and Naval Robotic Vehicles: A Practical Approach. Monterey, CA: MTS/IEEE OES.
Chung, T. H., Clement, M. R., Day, M. A., Jones, K. D., Davis, D. T., Jones, M. J. (2016). Live- Fly, Large-Scale Field Experimentation for Large Numbers of Fixed-Wing UAVs. Stockholm: IEEE.
Ghosh, S., Davis, D. T., Chung, T. H. (2016). A Guidance Law for Avoiding Specific Approach Angles against Maneuvering Targets. Las Vegas, NV: IEEE.
Irvine, C. E., Clark, P. C., Nguyen, T. D., "Design Principles for Security (Appendix F of NIST SP 800-160). Systems Security Engineering: Considerations for a Multidisciplinary Approach in the Engineering of Trustworthy Secure Systems." Gaithersburg, MD: National Institutes of Standards and Technology, November 2016. http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-160.pdf
Day, M. A., Clement, M. R., Russo, J. D., Davis, D. T., Chung, T. H. (2015). Multi-UAV Software Systems and Simulation Architecture. Denver, CO: IEEE.
Irvine, C. E., and Thompson, M. F., "CyberCIEGE: A Video Game for Constructive Cyber Security Education, Call Signs, 6(2), 2015, pp. 4-8.
Nguyen, T. D., Gondree, M., Khosalim, J., and Irvine, C. E., "Re-thinking Kernelized MLS Database Architectures in the Context of Cloud-Scale Data Stores", Proceeding Engineering Secure Software and Systems (ESSoS 15, Milan, Italy), Ed. F,. Piessens, J. Cabbalero, and N. Bielova, LNCS 8978, Springer International Publishing Switzerland, March 2015, pp 86-101.
Thuy D. Nguyen, A Study of Covert Communications in Space Platforms Hosting Government Payloads, NPS Technical Report NPS-CAG-15-002, February 2015.
David J. Shifflett and Thuy D. Nguyen, An Experiment with RTEMS, NPS Technical Report NPS-CAG-15-003, February 2015.
Thuy D. Nguyen, Towards MIL-STD-1553B Covert Channel Analysis, NPS Technical Report NPS-CAG-15-001, January 2015.
Clark, P. C., Irvine, C. E., Levin, T., Nguyen, T. D. (2014). Trusted Computing Exemplar: Life Cycle Management Plan. NPS Technical Report NPS-CAG-14-002. Naval Postgraduate School. 2014.
Clark, P.C., Irvine, C.E. (2014). A Secure Lifecycle Framework for Shipboard Machinery Control System Development. NPS Technical Report NPS-CAG-14-001, Monterey, CA. 2014.
Hassan M. G. Wassel, Ying Gao, Jason K. Oberg, Ted Huffmire, Ryan Kastner, Frederic T. Chong, and Timothy Sherwood. Networks on Chip with Provable Security Properties. IEEE Micro, Special Issue: Top Picks from the 2013 Computer Architecture Conferences, Vol. 33, No. 3, May/June 2014, Pages 57-68.
Thompson, M. F., and Irvine, C. E., "CyberCIEGE Scenario Design and Implementation", Proceedings of the 2014 USENIX Summit on Games, Gaming, and Gamification in Security Education, San Diego, CA, August 2014.
Davis, D. T., Brutzman, D. P., Lucas, G. R., McGhee, R. B. (2013). Runtime Ethics Checking for Autonomous Unmanned Vehicles: Developing a Practical Approach. Portsmouth, NH: Autonomous Undersea Vehicle Applications Center.
Hassan M. G. Wassel, Ying Gao, Jason K. Oberg, Ted Huffmire, Ryan Kastner, Frederic T. Chong, and Timothy Sherwood. SurfNoC: A Low Latency and Provably Non-Interfering Approach to Secure Networks-On-Chip. Proceedings of the International Symposium on Computer Architecture (ISCA), Tel-Aviv, Israel, June 2013, Pages 583-594.
Nguyen, T. D., Gondree, M. A., Khosalim, J. and Irvine, C. E., " Towards a Cross-Domain MapReduce Framework" in the Proceedings of the 2013 Military Communications Conference (MILCOM 2013), San Diego, CA, November 2013, pp. 1436-1441.
Nguyen, T. D., Irvine, C. E., and Khosalim, J., " A Multilevel Secure MapReduce Framework for Cross-Domain Information Sharing in the Cloud," Ground System Architectures Workshop (GSAW 2013), Los Angeles, California, USA, March 2013.
Jonathan Valamehr, Timothy Sherwood, Ryan Kastner, David Marangoni-Simonsen, Ted Huffmire, Cynthia Irvine, and Timothy Levin. A 3D Split Manufacturing Approach to Trustworthy System Development. IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems (TCAD), Special Section on Three-dimensional Integrated Circuits and Microarchitectures, Vol. 32, No. 4, April 2013, Pages 611-615.
Bilzor, M., Huffmire, T., Irvine, C. E., and Levin, T., " Evaluating Security Requirements in a General-Purpose Processor by Combining Assertion Checkers with Code Coverage," Proceedings of the IEEE International Symposium on Hardware-Oriented Security and Trust (HOST), San Francisco, CA, June 2012, pp. 49-54.
Megas, D., Pizolato, K., Levin, T., and Huffmire, T., "A 3D Data Transformation Processor. Proceedings of the Workshop on Embedded Systems Security (WESS)," Tampere, Finland, October 2012.
Valamehr,J., Sherwood, T., Kastner, R., Marangoni-Simonsen, D., Huffmire, T., Irvine, C. E., and Levin, T., " A 3D Split Manufacturing Approach to Trustworthy System Development," IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems (TCAD), Vol. 32, Issue 4, 2013. pp. 611-615.
Valamehr, J., Huffmire, T., Irvine, C. E., Kastner, R., Koc, K., Levin, T. and Sherwood, T., "A Qualitative Security Analysis of a New Class of 3-D Integrated Crypto Co-processors," , Naccache, D., Ed., Berlin Heidelberg: Springer-Verlag, 2012, vol. 6805, pp. 364-382.
Nguyen, T. D., Gondree, M., Khosalim, J., Shifflett D., Levin, T. and Irvine, C. E., "An Approach for Cross-Domain Intrusion Detection," 7th International Conference on Information Warfare and Security (ICIW 2012), Seattle, Washington, USA, March 2012, pp. 203-212.
Huffmire, T., Levin, T., Irvine, C. E., Kastner, R., and Sherwood, T., "3-D Extensions for Trustworthy Systems," in Proceedings of the International Conference on Engineering of Reconfigurable Systems and Algorithms (ERSA), Las Vegas, NV, 2011, pp. 45-54.
Weissman, C. and Levin, T. E., "Network System Security Engineering: Lessons Learned Building A High Assurance Crypto Gateway, IEEE Security & Privacy," pp. 31-39, 2011.
Bilzor, M., Huffmire, T., Irvine, C. E., and Levin, T., "Security Checkers: Detecting processor malicious inclusions at runtime," in Hardware-Oriented Security and Trust (HOST), 2011 IEEE International Symposium on, 2011, pp. 34-39.
Tiwari, M., Oberg, J. K., Xun Li, J. V., Levin, T., Hardekopf, B., Kastner, R., Chong, F. T., and Sherwood, T., "Crafting a Usable Microkernel Processor and I/O System with Strict and Provable Information Flow Security," in Proc. International Symposium on Computer Architecture (ISCA), San Jose, CA, USA, 2011, p. 189.
Valamehr, J., Tiwari, M., Sherwood, T., Kastner, R., Huffmire T., Irvine, C. E., and Levin, T. E. "Hardware Assistance for Trustworthy Systems through 3-D Integration," Proceedings of the Annual Computer Security Applications Conference (ACSAC), ACM, Austin, Texas, December 6, 2010.
Levin, T. E., Nguyen, T. D., Irvine, C. E., and McEvilley, M., "Separation Kernel Protection Profile Revisited: Choices and Rationale." in Fourth Annual Layered Assurance Workshop (LAW 2010), Austin, TX, USA, 6-7 December 2010, vol. Electronic Archive, Applied Computer Security Associates, http://fm.csl.sri.com/LAW/2010/.
Nguyen, T. D., Gondree, M. A., Shifflett, D. J., Khosalim, J., Levin, T. E. and Irvine, C. E., "A Cloud-Oriented Cross-Domain Security Architecture," in the Proceedings of the 2010 Military Communications Conference (MILCOM 2010), San Jose, CA, pp. 1701-1707, November 2010.
Nguyen, T. D., Irvine, C. E., "MYSEA: An Approach to Building High Assurance Composite System for Cloud Computing,"
11th International Common Criteria Conference (ICCC 2010), Antalya, Turkey, September 2010.
Huffmire, T., Levin, T. E., Bilzor, M., Irvine, C. E., Valamehr, J., Tiwari, M., Sherwood, T., and Kastner, R., "Hardware Trust Implications of 3-D Integration," in the proceedings of the Workshop on Embedded Systems Security (WESS’2010), ACM, Scottsdale, Arizona, October 24, 2010.
Huffmire, T., Levin, T. E., Nguyen, T. D., Irvine, C. E., Brotherton, B., Wang, G., Sherwood, T., and Kastner, R., "Security Primitives for Reconfigurable Hardware-Based Systems," ACM Transactions on Reconfigurable Technology and Systems, Volume 3, Issue 2, Article No.: 10, May 10, 2010.
Irvine, C. E., Clark, P. C., Cook, G. R., Fisher, E. L., Fulp, J. D., Linhoff, V. (2010). New Pathways in Identity Management. IEEE Security & Privacy.
Irvine, C. E., Nguyen, T. D., Shifflett, D. J., Levin, T. E., Khosalim, J., Prince, C., Clark, P. C., and Gondree, M. "MYSEA: The Monterey Security Architecture," in proc. Workshop on Scalable Trusted Computing (ACM STC), Conference on Computer and Communications Security (CCS), Association for Computing Machinery (ACM), 2009.
Levin, T. E., Dwoskin, J., Bhaskara, G., Nguyen, T. D., Clark, P. C., Lee, R., Irvine C. E., and T. Benzel, "Securing the dissemination of emergency response data with an integrated hardware-software architecture," in International conference on the technical and socio-economic aspects of trusted computing (TRUST), Lecture Notes in Computer Science, University of Oxford, Springer, April 2009.
Levin, T. E., Irvine, C. E., Benzel, T. V., Nguyen, T. D., Clark, P. C., and Bhaskara, G. "Idea: Trusted Emergency Management," in proc. Engineering Secure Software and Systems (ESSoS) (F. Massacci, S. T. R. Jr., and N. Zannone, eds.), LNCS 5429, (Berlin), pp. 32 – 36, ACM/IEEE, Springer-Verlag, February 2009.
Huffmire, T. , Brotherton, B., Sherwood, T., Kastner, R., Levin, T. E., Nguyen, T. D., and Irvine, C. E., "Managing Security in FPGA-Based Embedded Systems," IEEE Design and Test of Computers, Vol 25, No. 6, pp 590-598.
Huffmire, T., Sherwood, T., Kastner, R., and Levin, T. E., "Enforcing memory policy specifications in reconfigurable hardware," Computers & Security, vol. 27, pp. 197–215, October 2008.
Levin, T. E., Irvine, C. E., and Nguyen, T. D., "Least privilege in separation kernels," in E-business and Telecommunication Networks (J. Filipe and M. S. Obaidat, eds.), vol. 9 of Communications in Computer and Information Science, pp. 146 – 158, Springer, 2008.
Irvine, C. E., Levin, T. E., Clark, P. C., and Nguyen, T. D., "A Security Architecture for Transient Trust, Computer Security Architecture Workshop," Fairfax, VA, October 2008.
Shaffer, A., Auguston, M., Irvine, C. E., and Levin, T. E., "A Security Domain Model for Implementing Trusted Subject Behaviors," in Proceedings of the Modeling Security Workshop, Toulouse, France, September 2008.
Huffmire, T., Brotherton, B., Callegari, N., Valamehr, J., White, J., Kastner, R., Sherwood, T., "Designing Secure Systems on Reconfigurable Hardware," ACM Transactions on Design Automation of Electronic Systems (TODAES), Vol. 13, No. 3, July 2008, 1-24. (
Kastner, R., Huffmire, T., "Threats and Challenges in Reconfigurable Hardware Security," International Conference on Engineering of Reconfigurable Systems and Algorithms (ERSA'08), Las Vegas, NV, July 2008, 334-345.
Huffmire, T., Valamehr, J., Sherwood, T, Kastner, R., Levin, T. E., Nguyen, T. D., and Irvine, C. E., "Trustworthy System Security through 3-D Integrated Hardware," Proceedings of the 2008 IEEE International Workshop on Hardware-Oriented Security and Trust (HOST-2008), Anaheim, CA, June 2008.
D. Phelps, M. Auguston, and T. E. Levin, “Formal models of a least privilege separation kernel in alloy,” Proceedings of the International Conference on i-Warfare and Security, April 2008. (PDF)
Orwat, M., Levin, T. E. and Irvine, C. E., "An Ontological Approach to Secure MANET Management," in Proc. of the Third International Conference on Availability, Security, and Reliability, (Barcelona, Spain), pp. 787-794, Mar. 2008.
Shaffer, A., Auguston, M., Irvine, C., and Levin, T., "A Security Domain Model to Assess Software for Exploitable Covert Channels," Proceedings of the ACM SIGPLAN Third Workshop on Programming Languages and Analysis for Security (PLAS'08), 45-56. Tucson, Arizona. ACM Press.
Ong, K. L., Nguyen, T. and Irvine, C. , "Implementation of a Multilevel Wiki for Cross-Domain Collaboration," 3rd International Conference on Information Warfare and Security (ICIW 2008), April 2008, Omaha, Nebraska, USA, pp. 293-304.
Nguyen, T. D. and Irvine, C. E., "Use of Evaluation Criteria in Security Education," 3rd International Conference on Information Warfare and Security (ICIW 2008), April 2008, Omaha, Nebraska, USA, pp. 285-292.
Papers 2007
DeLong, R. J., Nguyen, T. D., Irvine, C. E. and Levin, T. E., "Toward a Medium-Robustness Separation Kernel Protection Profile," Annual Computer Security Applications Conference (ACSAC), December 10-14, 2007, Miami Beach, Florida, USA
Shaffer, A., Auguston, M., Irvine, C. and Levin, T. "Toward a Security Domain Model for Static Analysis and Verification of Information Systems," Proceedings of the 7th OOPSLA Workshop on Domain-Specific Modeling (DSM '07). Montreal, Canada. October 2007. pp. 160- 71.
Nguyen, T. D., Irvine, C. E., Levin, T. E., and McEvilley, M., "Assurance Considerations for a Highly Robust TOE," 8th International Common Criteria Conference (ICCC), Rome, Italy, September 2007.
Levin, T. E., Irvine, C. E., Weissman, C., Nguyen, T. D., "Analysis of Three Multilevel Security Architectures" Proceedings of the Computer Security Architecture Workshop, ACM. November 2, 2007, Fairfax, Virginia, USA. pp. 37-46
T. Huffmire, B. Brotherton, G. Wang, T. Sherwood, R. Kastner, T. Levin, T. Nguyen, and C. Irvine, "Moats and drawbridges: An isolation primitive for reconfigurable hardware based systems,” in IEEE Symposium on Security and Privacy, (Oakland, CA), May 2007.
Chiang, K., Nguyen, T. D., Irvine C. E., "A Linux Implementation of Temporal Access Controls," Proceedings 8th IEEE Systems, Man, and Cybernetics Information Assurance Workshop, West Point, NY, June 2007, pp. 309-316. PDF Addendum: in Figure 3 yes and no are reversed in the Write request conditional.
Cullum, J., Irvine, C. E., Levin, T. E., "Performance Impact of Connectivity Restrictions and Increased Vulnerability Presence on Automated Attack Graph Generation," ICIW 2007 2nd International Conference on i- Warfare and Security Naval Postgraduate School, Monterey, California, USA 8-9 March 2007 pp.33-46
Cone, B. D., Irvine, C. E., Thompson, M. F., Nguyen, T. D., "A Video Game for Cyber Security Training and Awareness," Computers & Security 26 (2007) pp. 63-72
Papers 2006
Kim, J-K., Hensgen, D. A., Kidd, T., Siegel H. J., St. John, D., Irvine, C. E., Levin, T. E., Porter, N. W., Prasanna, V. K., and Freund, R. F., "A Flexible Multi-Dimensional QoS Performance Measure Framework for Distributed Heterogeneous Systems," Cluster Computing, Cluster Computing, vol. 9, pp. 281-296, July 2006.
Barwinski, M., Irvine, C. E., and Levin, T. E., "Empirical Study Of Drive-By-Download Spyware," Proc. International Conference on i- Warfare and Security, Eastern Shore Maryland, 15-16 March 2006 pp.1-12.
Nguyen, T. D., Irvine, C. E., and Harkins, R. M., "An Experiment with CC Version 3.0 Migration," 7th International Common Criteria Conference (ICCC 06), September 19-21, 2006. (abstract) /
Levin, T. E., Irvine, Cynthia E., and Nguyen, Thuy, D., Least Privilege in Separation Kernels, Proceedings International Conference on Security and Cryptography, Setubal, Portugal, August 2006, pp. 355-362.
Nguyen, T. D. and Irvine, C. E., "Ulitizing the Common Criteria for Advanced Student Research Projects," 2006, in IFIP International Federation for Information Processing, Volume 201, Security and Privacy in Dynamic Environments, eds. Fischer-Hubner, S., Rannenberg, K., Yngstrom, L., Lindskog, S., (Boston: Springer), pp. 317-328.
Cone, B. D., Thompson, M. F., Irvine, C. E. and Nguyen, T. D., "Cyber Security Training and Awareness Through Game Play," 2006, in IFIP International Federation for Information Processing, Volume 201, Security and Privacy in Dynamic Environments, eds. Fischer-Hubner, S., Rannenberg, K., Yngstrom, L., Lindskog, S., (Boston: Springer), pp. 431-436.
Ted Huffmire and Tim Sherwood. Wavelet-Based Phase Classification. In Proceedings of the Fifteenth International Conference on Parallel Architectures and Compilation Techniques (PACT), Seattle, WA, September 2006, Pages 95-104.
Ted Huffmire, Shreyas Prasad, Tim Sherwood, and Ryan Kastner. Policy-Driven Memory Protection for Reconfigurable Hardware. In Proceedings of the 11th European Symposium on Research in Computer Security (ESORICS), Hamburg, Germany, Sept. 2006, Pages 461-478.
Levin, T. E., Irvine, C. E., and Spyropoulou, E., "Quality of Security Service: Adaptive Security," Handbook of Information Security, Vol.3, pp 1016-1025, ed. H. Bidgoli, John Wiley and Sons, Hoboken, NJ, 2006, pp. 1016-1025
Nguyen, T. D., Levin, T. E., and Irvine, C. E., "High Robustness Requirements in a Common Criteria Protection Profile," Proceedings of the 4th IEEE International Information Assurance Workshop, Royal Holloway, University of London, UK, April 2006, pp. 66-75.
Nguyen, T. D., Irvine, C. E., and Kane, D. R., "Using Common Criteria Methodology to Express Informal Security Requirements," Proc. International Symposium on Secure Software Engineering, Arlington, VA, March 2006, pp. 75-85.
Afinidad, F., Levin, T., Irvine, C. E., and Nguyen, T. D., "A Model for Temporal Interval Authorizations," Hawaii International Conference on System Sciences, Software Technology Track, Information Security Education and Foundational Research, Kauai, Hawaii, January 2006, p. 218.
Papers 2005
Clark, P. C., The Security Plan: Effectively Teaching How To Write One. Proceedings of the 2005 Federal Information Systems Security Educator’s Association (FISSEA) Conference. 2005. North Bethesda, MD.
Levin, T. E., Irvine, C. E., Nguyen, T. D., "A Note on High Robustness Requirements for Separation Kernels," 6th International Common Criteria Conference (ICCC 05), September 28-29, 2005.
Afinidad, F., Levin, T., Irvine, C. E., and Nguyen, T. D., "Foundation for a Time Interval Access Control Model," Mathematical Methods, Models, and Architectures for Computer Networks Security, MMM-ACNS 2005, St. Petersburg, Russia, September 24-28, 2005, Proceedings, Lecture Notes in Computer Science, ed. Vladimir Gorodetsky, Igor Kotenko, and Victor Skormin, Springer-Verlag GmbH, Vol. 2685, pp 406-411, St. Petersburg, Russia, September 24-28, 2005.05paper_foundation.pdf
Irvine, C. E., Thompson, M. F., and Allen, K., "CyberCIEGE: Gaming for Information Assurance," IEEE Security and Privacy, Vol. 3, No. 2, 2005, pp. 64-67.
Nguyen, T. D., Levin, T. E., and Irvine, C. E., "MYSEA Testbed," Proceedings from the 6th IEEE Systems, Man and Cybernetics Information Assurance Workshop, West Point, NY, June 2005, pp. 438-439.
Irvine, C. E., Thompson, M. F., and Allen, K., "CyberCIEGE: An Extensible Tool for Information Assurance Education," Proceedings of the 9th Colloquium for Information Systems Security Education, Atlanta, GA, June 2005, pp 130-138.
Irvine, C. E., "Cybersecurity Considerations for Information Systems," Handbook of Public Information Systems, 2nd. Edition, ed. D. Garson, CRC Press, 2004, pp. 203-218.
Irvine, C. E., "A Common Criteria-Based Team Project for High Assurance System Education," Success Through Information Security Knowledge, Proc. Fourth World Conference on Information Security Education, Moscow, Russia, May 2005, pp. 82-93.
Dodge, C., Irvine, C. E., Nguyen, T. D., "A Study of Initialization in Linux and OpenBSD," Operating Systems Review, Vol. 39, No 2, pp. 79-93.
Irvine, C. E., Thompson, M. F., and Allen, K., "CyberCIEGE (TM): An Informaton Assurance Teaching Tool for Training and Awareness," Proceedings of the 2005 FISSEA Conference, Bethesda, MD, March 2005.
Irvine, C. E., "Security Policy Enforcement," Handbook of Information Security, ed. H. Bidgoli, John Wiley and Sons, Hoboken, NJ, pp. 1026-1040
Clark, P. C., "The Security Plan: Effectively Teaching How To Write One," Proceedings of the 2005 Federal Information Systems Security Educator's Association (FISSEA) Conference, North Bethesda, MD, March 2005
Nguyen, T. D., Levin, T. E., and Irvine, C. E., "TCX Project: High Assurance for Secure Embedded Systems," 11th IEEE Real-Time and Embedded Technology and Applications Symposium Work-In-Progress Session, San Francisco, CA, March 2005.
Levin, T. E., Irvine, C. E., and Spyropoulou, E., "Quality of Security Service: Adaptive Security," to appear in The Handbook of Information Security, John Wiley & Sons, Inc. December 2005.
Papers 2004
Irvine, C. E. and Levin, T. E., "A Doctoral Program with Specialization in Information Security: A High Assurance Constructive Security Approach," Information Security Management, Education and Privacy, ed. Deswarte, Cuppens, Jajodia, and Wang, Kluwer Academic Publishers, Norwell, MA, pp. 173-180, 2004.
Irvine, C. E., and Thompson, M. F., "Expressing IS Policy Within a Security Simulation Game," in Avoiding Fear, Uncertainty and Doubt, Proceedings of the Sixth Workshop on Education in Computer Security, Monterey, California, July 2004, pp. 43-49.
Falby, N., Thompson, M. F., and Irvine, C., "A Security Simulation Game Scenario Definition Language," Innovative Program Abstracts - Colloquium on Information Systems Security Education, West Point, NY, June 2004.
Falby, N., Fulp, J.D., Clark, P., Cote, S., Irvine, C., Dinolt, G., Levin, T., Rose, M., Shifflett, D., "Information Assurance Capacity Building: A Case Study," Proceedings for the Eighth Colloquium for Information Systems Security Education, West Point, NY, June 2004.
Irvine, C. E., Levin, T. E., Nguyen, T. D., Shifflett, D. J., Khosalim, J., Clark, P. C., Wong, A., Afinidad, F., Bibighaus, D., and Sears, J., "Overview of a High Assurance Architecture for Distributed Multilevel Security," Proceedings of the 2004 IEEE Systems, Man and Cybernetics Information Assurance Workshop, West Point, NY, June 2004.
Irvine, C. E., Levin, T. E., Nguyen, T. D., and Dinolt, G. W., "The Trusted Computing Exemplar Project," Proceedings of the 2004 IEEE Systems, Man and Cybernetics Information Assurance Workshop, West Point, NY, June 2004, pp. 109-115.
Levin, T. E., and Clark, P. C., "A Note Regarding Covert Channels" Proceedings from the Sixth Workshop on Education in Computer Security, Monterey, CA, 12-14, July 2004, pp. 11-15.
Eagle, C., Clark J. L., "Capture-the-Flag: Learning Computer Security Under Fire," Proceedings from the Sixth Workshop on Education in Computer Security, Monterey, CA, 12-14, July 2004, pp. 43-49.
Irvine, C. E. and Thompson, M. F., "Expressing an Information Security Policy Within a Security Simulation Game," Proceedings from the Sixth Workshop on Education in Computer Security, Monterey, CA, 12-14, July 2004, pp. 17-21.
Fulp, J. D., "The Bastion Network Project: A Framework for Conducting Interscholastic Cyber-Exercises," Proceedings from the Sixth Workshop on Education in Computer Security, Monterey, CA, 12-14, July 2004, pp. 65-71.
Anderson, E. A., Irvine, C. E., and Schell, R. R., "Subversion as a Threat in Information Warfare," Journal of Information Warfare, Volume 3, No.2, June 2004, pp. 52-65.,
Papers 2003
Fulp, J.D., "Training the Cyber Warrior," Proceedings of the Third Annual World Conference on Information Security Education (WISE3), Monterey, CA, June, 2003, pp. 261-273
Irvine, C. E., Shifflett, D. J., Clark, P. C., Levin, T. E., Dinolt, G. W., "Monterey Security Enhanced Architecture Project," DARPA DISCEX Conference, April 2003
Irvine, C. E., Shifflett, D. J., Clark, P. C., Levin, T. E., and Dinolt, G. W., "MYSEA Technology Demonstration," DARPA DISCEX Conference, April 2003
Rasmussen, C. W., Irvine, C. E., Dinolt, G. W., Levin, T. E., and Burke, K. L., "A Program for Education in Certification and Accreditation, Security Education in Critical Infrastructures," ed. C. Irvine and H. Armstrong, Kluwer Academic Publishers, Norwell, MA, pp. 131-149, 2003.
Burke, K. L., Rasmussen, C. W., Irvine, C. E., Dinolt, G. W., and Levin, T. E., "Certification and Accreditation: A Program for Practitioner Education," Journal of Information Warfare, Vol. 2, No. 3, 2003, pp. 25-37. (PDF)
Ubhayakar, S., Bibighaus, D., Dinolt, G. W., and Levin, T. E., "Evaluation of Program Specification and Verification Tools for High Assurance Development," Proceedings of the International Workshop on Requirements for High Assurance Systems, Monterey, CA, September 2003, pp. 43-47.
Mohan, R., Levin, T. E. and Irvine, C. E., "An Editor for Adaptive XML-Based Policy Management of IPSEC," Annual Computer Security Applications Conference (ACSAC), December 8-12, 2003, Las Vegas, NV, USA
Irvine, C. E. and Thompson, M. F., "Teaching Objectives of a Simulation Game for Computer Security," Informing Science and Information Technology Joint Conference, Pori, Finland, June 24-27 2003.
Papers 2002
Irvine, C. E. and Levin, T. E., "A Cautionary Note Regarding the Data Integrity Capacity of Certain Secure Systems," Integrity, Internal Control and Security in Information Systems, ed. M. Gertz, E. Guldentops, L. Strous, Kluwer Academic Publishers, Norwell, MA, pp 3-25, 2002.
Irvine, C. E., Levin, T. E., Wilson, J. D., Shifflett, D., and Pereira, B., "An Approach to Security Requirements Engineering for a High Assurance System," Requirements Engineering Journal, Vol. 7, No. 4, pp. 192-206, 18 December 2002.
Xie, G. G., Irvine, C. E., and Levin, T. E., "Quantifying Effect of Network Latency and Clock Drift on Time-driven Key Sequencing," Proceedings of the Workshop on Assurance in Distributed Systems and Networks, Vienna, Austria, 2 July 2002.
Sypropoulou, E., Agar, C., Levin, T. E., and Irvine, C. E., "IPsec Modulation for Quality of Security Service," Proceedings of the International System Security Engineering Association Conference, Orlando Florida, 13 March 2002.
Papers 2001
Kim, J-K., Kidd, T., Siegel, H. J., Irvine, C. E., Levin, T. E., Hensgen, D. A., St. John, D., Prasanna, V. K., Freund, R. F., and Porter, N. W., "Collective Value QoS: A Performance Measure Framework for Distributed Heterogeneous Networks," in 15th International Parallel and Distributed Processing Symposium (IPDPS 2001), 10th Heterogeneous Computing Workshop (HCW 2001), (San Francisco, CA), pp. 810?823, IEEE Computer Society, April 2001.
Irvine, C. E., Levin, T. E., and Sypropoulou, E., "Security as a Dimension of Quality of Service in Active Service Environments," Proceedings of the International Workshop on Active Middleware Services, San Francisco, CA, 6 August 2001.
Irvine, C. E., and Levin, T. E., "Teaching Security Engineering Principles," Proceedings of the World Conference on Information Security Education, Perth, Australia, July 2001.
Spyropoulou, E., Irvine, C. E., and Levin, T. E., and Allen, B., "Managing Costs and Viariability of Security Services," Presentation to IEEE Symposium on Security and Privacy, Oakland, CA, May 2001.
Irvine, C. E., and Levin, T. E., "Data Integrity Limitations in Highly Secure Systems," Proceedings of the International System Security Engineering Association Conference, Orlando, FL, March 2001.
Irvine, C. E., Levin, T., Wilson, J. D., Shifflett, D., and Pereira, B., "A Case Study in Security Requirements Engineering for a High Assurance System," Proceedings of the 1st Symposium on Requirements Engineering for Information Security, Purdue University, Indianapolis, Indiana, 5-6 March 2001.
Clark, P. C., "Supporting the Education of Information Assurance with a Laboratory Environment," 5th National Colloquium for Information System Security Education, George Mason University, Fairfax, Virginia, May 2001.
Papers 2000
Sypropoulou, E., Levin, T. E., and Irvine, C. E., "Calculating Costs for Quality of Security Service," Proceedings of the 16th Computer Security Applications Conference, New Orleans, LA, December 2000, pp. 334-343..
Balmer, S. and Irvine, C. E. "Analysis of Terminal Server Architectures for Thin Clients in a High Assurance Network," Proceedings of the 23rd National Information Systems Security Conference, Baltimore, MD, October 2000.
Clark, P. C., "Policy-Enhanced Linux," Proceedings of the 23rd National Information Systems Security Conference, Volume I, pp. 418-432, Baltimore, MD, October.
Irvine, C. E., and Levin, T. E., "Quality of Security Service," Proceedings of the New Security Paradigms Workshop, Ballycotton, Ireland, 18-22, September 2000..
Robin, J. S. and Irvine, C. E., "Analysis of the Intel Pentium's Ability to Support a Secure Virtual Machine Monitor," Proceedings of the 9th USENIX Security Symposium, Denver, CO, pp. 129-144, August 2000.
Irvine, C. E., "Security: Where Testing Fails," ITEA Journal, June/July 2000.
Irvine, C. E. and Levin, T. E., "Toward Quality of Security Service in a Resource Management System Benefit Function," Proceedings of the 2000 Heterogeneous Computing Workshop, pp. 133-139, May 2000.
Irvine, C. E., and Levin, T. E., "Is Electronic Privacy Achievable?," Proceedings of the IEEE Symposium on Security and Privacy, Oakland, CA, May 2000, pp. 76-77..
Kim, J-K, Hensgen, D.A., Kidd, T., Siegel, H.J., St. John, D., Irvine, C. E., Levin, T., Porter, N.W., Prasanna, V.K., and Freund, R.F., "A QoS Performance Measure Framework for Distributed Heterogeneous Networks," Proceedings of the 8th Euromicro Workshop on Parallel and Distributed Processing, Rhodos, Greece, pp. 18-27, January 2000.
Papers 1999
Kim, J-K, Hensgen, D.A., Kidd, T., Siegel, H.J., St. John, D., Irvine, C. E., Levin, T., Porter, N.W., Prasanna, V.K., and Freund, R.F., "QOS measure framework for distributed heterogeneous networks," in The Fourth Midwest Meeting on High Performance Systems, Ann Arbor, MI, May 1999.
Irvine, C. E. and Levin, T. E., "Toward a Taxonomy and Costing Method for Security Services," Proceedings of the 15th Computer Security Application Conference, Phoenix, AZ, December 1999.
Irvine, C. E., "The Reference Monitor Concept as a Unifying Principle in Computer Security Education," Proceeding IFIP TC11 WC11.8 First World Conference on INFOSEC Education, Kista, Sweden, pp. 27-37, June 1999.
Irvine, C. E., "Amplifying Security Education in the Laboratory," Proceeding IFIP TC11 WC11.8 First World Conference on INFOSEC Education, Kista, Sweden, pp. 139-146, June 1999.
Irvine, C. E., "The Benefits of Student Research in Information Systems Security Education" National Colloquium on Systems Security Education, Palisades, NY, May 1999.
Irvine, C. E., Isa, H.R., and Shockley, W. R., "A Multi-threading Architecture for Multilevel Secure Transaction Processing," Proceedings of the 1999 IEEE Symposium on Security and Privacy, Oakland, CA, pp. 166-179, May 1999.
Hensgen, D., Kidd, T., St John, D., Schnaidt, M. C., Siegel, H. J., Braun, T., Maheswaran, M., Ali, S., Kim, J-K, Irvine, C. E., Levin, T. E., Freund, R.F., Kusso, J., Godfrey, M., Duman, A., Carff, P., Kidd, S., Prasanna, V. K., Bhat, P., and Alhusaini, A. "An Overview of the Management System for Heterogeneous Networks (MSHN)," Proceedings of the 8th Workshop on Heterogeneous Computing Systems (HCW'99), San Juan, Puerto Rico, pp. 184-198, April 1999.
Papers 1998
Rowe, N. C. and Schiavo, S., "An Intelligent Tutor for Intrusion Detection on Computer Systems," Computers and Education, pp. 395-404, 1998.
Irvine, C. E., Chin, S-K., and Frincke, D., "Integrating Security into the Curriculum," IEEE Computer, pp. 25-30, December 1998.
Volpano, D. and Smith, G., "Confinement Properties for Programming Languages," SIGACT News, 1998.
Wright, R. E., Shifflett, D. J., and Irvine, C. E., "Security Architecture for a Virtual Heterogeneous Machine," Proceedings of the 14th Computer Security Applications Conference, Scottsdale, AZ, pp. 167-177, December 1998.
Irvine, C. E., Anderson, J. P., Robb, D. A., and Hackerson, J., "High Assurance Multilevel Services for Off-The-Shelf Workstation Applications," Proceedings of the National Information Systems Security Conference, Crystal City, VA, pp. 421-431, October 1998.
Barrus, J. and Rowe, N. C., "A Distributed Autonomous-Agent Network-Intrusion Detection and Response System," Proceedings of the 1998 Command and Control Research and Technology Symposium, Monterey CA, June-July 1998.
Volpano, D. and Smith, G., "Probabilistic Noninterference in a Concurrent Language," Proceedings of the 11th IEEE Computer Security Foundations Workshop, Rockport, MA, pp. 34-43, June 1998.
Volpano, D. and Smith, G., "Language Issues in Mobile Program Security," Mobile Agents and Security, G. Vigna (Ed.), volume 1419 of Lecture Notes in Computer Science, pp. 25-43. Springer Verag, 1998.
Smith, G. and Volpano, D., "Secure Information Flow in a Multi-threaded Imperative Language," Proceedings of the 25th ACM Symposium on Principles of Programming Languages, San Diego, CA, pp. 355-364, January 1998.
Papers 1997
Irvine, C. E., "Naval Postgraduate School Center for Information Systems Security and Research: Teaching the Science of Computer Security," MILCOM Proceedings, Monterey, CA, November 1997.
Irvine, C. E., "Challenges in Computer Security Education," IEEE Software, Vol. 14, No. 5, pp. 110-111, 1997.
Irvine, C. E., Warren, D. F., and Clark, P. C., "The CISR Graduate Program in INFOSEC Education: Six Years of Experience," Proceedings of the 20th National Information Systems Security Conference, Baltimore, MD, pp. 22-30, October 1997.
Irvine, C. E., "Security in Innovative New Operating Systems," Proceedings 1997 IEEE Symposium on Security and Privacy, pp. 202-203, May 1997.
Irvine, C. E., "The First ACM Workshop on Education Computer Security," ACM SIGSAC Review, Vol 15, No. 2, pp. 3-5, 1997.
Volpano, D. and Irvine, C. E., "Secure Flow Typing," Computers and Security, Vol 16, No. 2, pp. 137-144, 1997.
Papers 1996
Currie, D. L. and Irvine, C. E., "Surmounting the Effects of Lossy Compression on Steganography," Proceedings of the 19th National Information System Security Conference, Baltimore, MD, pp. 194-201, October 1996.
Volpano, D, Smith, G., and Irvine, C. E., "A Sound Type System for Secure Flow Analysis," Journal of Computer Security, Vol. 4, No. 3, pp. 1-21, 1996.
Volpano, D. and Smith, G., "On the Systematic Design of Web Languages," ACM Computing Surveys, Vol. 28, No. 2, pp. 315-317, June 1996.
Irvine, C. E., "Goals for Computer Security Education," Proceedings of the IEEE Symposium on Security and Privacy, pp. 24-25, May 1996.
Papers 1995
Irvine, C. E. and Volpano, D., "A Practical Tool for Developing Trusted Applications," Proceedings of the 11th Annual Computer Security Applications Conference, New Orleans, LA, pp. 190-195, December 1995.
Irvine, C. E., "A Multilevel File System for High Assurance," Proceedings of the IEEE Symposium on Security and Privacy, Oakland, CA, pp. 78-87, May 1995.
Material contained herein is made available for the purpose of peer review and discussion and does not necessarily reflect the views of the Department of the Navy or the Department of Defense.
The appearance of external hyperlinks does not constitute endorsement by the United States Department of Defense, the United States Department of the Navy and the Naval Postgraduate School of the linked web sites, or the information, products or services contained therein. For other than authorized activities such as military exchanges and Morale, Welfare and Recreation (MWR) sites, the United States Department of Defense, the Department of the Navy and the Naval Postgraduate School does not exercise any editorial control over the information you may find at these locations. Such links are provided consistent with the stated purpose of this DoD Web site.