Cyber Denial, Deception and Counter Deception - A Framework for Supporting Active Cyber Defense

Roshan K. Thomas Kristin E. Heckman Frank J. Stech Roshan K. Thomas Ben S. Schmoker Alexander W. Tsow Cyber Denial, Deception and Counter Deception - A Framework for Supporting Active Cyber Defense Springer 2015 1-174 64 Advances in Information Security 978-3-319-25131-8 978-3-319-25133-2 https://doi.org/10.1007/978-3-319-25133-2

Kristin E. Heckman Frank J. Stech Ben S. Schmoker Roshan K. Thomas Denial and Deception in Cyber Defense. 36-44 2015 48 Computer 4 https://doi.org/10.1109/MC.2015.104 http://doi.ieeecomputersociety.org/10.1109/MC.2015.104 db/journals/computer/computer48.html#HeckmanSST15

Adam Hahn Roshan K. Thomas Ivan Lozano Alvaro A. Cárdenas A multi-layered and kill-chain based security analysis framework for cyber-physical systems. 39-50 2015 11 Int. J. Crit. Infrastructure Prot. https://doi.org/10.1016/j.ijcip.2015.08.003 db/journals/ijcip/ijcip11.html#HahnTLC15

Roshan K. Thomas Alvaro A. Cárdenas Rakesh B. Bobba First Workshop on Cyber-Physical Systems Security and PrivaCy (CPS-SPC): Challenges and Research Directions. 1705-1706 2015 CCS https://doi.org/10.1145/2810103.2812621 conf/ccs/2015 db/conf/ccs/ccs2015.html#ThomasCB15 Indrajit Ray Roshan K. Thomas Alvaro A. Cárdenas Proceedings of the First ACM Workshop on Cyber-Physical Systems-Security and/or PrivaCy, CPS-SPC 2015, Denver, Colorado, USA, October 16, 2015 CPS-SPC@CCS ACM 2015 978-1-4503-3827-1 https://doi.org/10.1145/2808705 db/conf/ccs/cpsspc2015.html Jinsub Kim Dan Sterne Rommie L. Hardy Roshan K. Thomas Lang Tong 0001 Timing-based localization of in-band wormhole tunnels in MANETs. 1-12 2010 WISEC https://doi.org/10.1145/1741866.1741869 conf/wisec/2010 db/conf/wisec/wisec2010.html#KimSHTT10

Charikleia Zouridaki Brian L. Mark Marek Hejmo Roshan K. Thomas E-Hermes: A robust cooperative trust establishment scheme for mobile ad hoc networks. 1156-1168 2009 7 Ad Hoc Networks 6 https://doi.org/10.1016/j.adhoc.2008.10.003 db/journals/adhoc/adhoc7.html#ZouridakiMHT09

Jelena Mirkovic Alefiya Hussain Sonia Fahmy Peter L. Reiher Roshan K. Thomas Accurately Measuring Denial of Service in Simulation and Testbed Experiments. 81-95 2009 6 IEEE Trans. Dependable Secur. Comput. 2 https://doi.org/10.1109/TDSC.2008.73 http://doi.ieeecomputersociety.org/10.1109/TDSC.2008.73 https://www.wikidata.org/entity/Q125798466 db/journals/tdsc/tdsc6.html#MirkovicHFRT09

Roshan K. Thomas Giovanni Russello Simon Tsang Realizing the CDL Cross-Domain Language in the Ponder2 Policy Framework: Experiences and Research Directions. 76-83 2009 POLICY https://doi.org/10.1109/POLICY.2009.38 https://doi.ieeecomputersociety.org/10.1109/POLICY.2009.38 conf/policy/2009 db/conf/policy/policy2009.html#ThomasRT09 Roshan K. Thomas Ravi S. Sandhu Elisa Bertino Ismailcem Budak Arpinar Shouhuai Xu Privacy-Preserving Accountable Accuracy Management Systems (PAAMS). 115-121 2008 ISIPS https://doi.org/10.1007/978-3-642-10233-2_11 conf/isips/2008 db/conf/isips/isips2008.html#ThomasSBAX08

Charikleia Zouridaki Brian L. Mark Marek Hejmo Roshan K. Thomas Hermes: A quantitative trust establishment framework for reliable data packet delivery in MANETs. 3-38 2007 15 J. Comput. Secur. 1 https://doi.org/10.3233/jcs-2007-15102 https://www.wikidata.org/entity/Q114943976 db/journals/jcs/jcs15.html#ZouridakiMHT07

Jelena Mirkovic Alefiya Hussain Brett Wilson Sonia Fahmy Peter L. Reiher Roshan K. Thomas Wei-Min Yao Stephen Schwab Towards user-centric metrics for denial-of-service measurement. 8 2007 Experimental Computer Science https://doi.org/10.1145/1281700.1281708 conf/expcs/2007 db/conf/expcs/expcs2007.html#MirkovicHWFRTYS07 Jelena Mirkovic Alefiya Hussain Brett Wilson Sonia Fahmy Wei-Min Yao Peter L. Reiher Stephen Schwab Roshan K. Thomas When is service really denied?: a user-centric dos metric. 357-358 2007 conf/sigmetrics/2007 SIGMETRICS https://doi.org/10.1145/1254882.1254928 https://doi.org/10.1145/1269899.1254928 db/conf/sigmetrics/sigmetrics2007.html#MirkovicHWFYRST07 Jelena Mirkovic Songjie Wei Alefiya Hussain Brett Wilson Roshan K. Thomas Stephen Schwab Sonia Fahmy Roman Chertov Peter L. Reiher DDoS Benchmarks and Experimenter's Workbench for the DETER Testbed. 1-7 2007 TRIDENTCOM https://doi.org/10.1109/TRIDENTCOM.2007.4444680 http://eudl.eu/doi/10.1109/TRIDENTCOM.2007.4444680 conf/tridentcom/2007 db/conf/tridentcom/tridentcom2007.html#MirkovicWHWTSFC07 Jelena Mirkovic Sonia Fahmy Peter L. Reiher Roshan K. Thomas Automating DDoS Experimentation. 2007 DETER https://www.usenix.org/conference/deter-2007/automating-ddos-experimentation conf/uss/2007deter db/conf/uss/deter2007.html#MirkovicFRT07

Marek Hejmo Brian L. Mark Charikleia Zouridaki Roshan K. Thomas Design and analysis of a denial-of-service-resistant quality-of-service signaling protocol for MANETs. 743-751 2006 55 IEEE Trans. Veh. Technol. 3 https://doi.org/10.1109/TVT.2006.873834 db/journals/tvt/tvt55.html#HejmoMZT06

Jelena Mirkovic Peter L. Reiher Sonia Fahmy Roshan K. Thomas Alefiya Hussain Stephen Schwab Calvin Ko Measuring denial Of service. 53-58 2006 QoP https://doi.org/10.1145/1179494.1179506 conf/ccs/2006qop db/conf/ccs/qop2006.html#MirkovicRFTHSK06 Marek Hejmo Brian L. Mark Charikleia Zouridaki Roshan K. Thomas On the fairness of flow aggregation for denial-of-service resistant QoS in MANETs. 54 2006 QSHINE https://doi.org/10.1145/1185373.1185443 http://eudl.eu/doi/10.1145/1185373.1185443 conf/qshine/2006 db/conf/qshine/qshine2006.html#HejmoMZT06 Charikleia Zouridaki Brian L. Mark Marek Hejmo Roshan K. Thomas Robust cooperative trust establishment for MANETs. 23-34 2006 conf/sasn/2006 SASN https://doi.org/10.1145/1180345.1180349 db/conf/sasn/sasn2006.html#ZouridakiMHT06 Marek Hejmo Brian L. Mark Charikleia Zouridaki Roshan K. Thomas A Denial-of-Service Resistant Quality-of-Service Signaling Protocol for Mobile Ad Hoc Networks. 32 2005 conf/qshine/2005 QSHINE https://doi.org/10.1109/QSHINE.2005.1 https://doi.ieeecomputersociety.org/10.1109/QSHINE.2005.1 http://eudl.eu/doi/10.1109/QSHINE.2005.1 db/conf/qshine/qshine2005.html#HejmoMZT05 Charikleia Zouridaki Brian L. Mark Marek Hejmo Roshan K. Thomas A quantitative trust establishment framework for reliable data packet delivery in MANETs. 1-10 2005 conf/sasn/2005 SASN https://doi.org/10.1145/1102219.1102222 db/conf/sasn/sasn2005.html#ZouridakiMHT05 Charikleia Zouridaki Marek Hejmo Brian L. Mark Roshan K. Thomas Kris Gaj Analysis of Attacks and Defense Mechanisms for QoS Signaling Protocols in MANETs. 61-70 2005 conf/wis/2005 Wireless Information Systems db/conf/wis/wis2005.html#ZouridakiHMTG05 Charikleia Zouridaki Brian L. Mark Kris Gaj Roshan K. Thomas Distributed CA-based PKI for Mobile Ad Hoc Networks Using Elliptic Curve Cryptography. 232-245 https://doi.org/10.1007/978-3-540-25980-0_19 2004 conf/europki/2004 EuroPKI db/conf/europki/europki2004.html#ZouridakiMGT04 Roshan K. Thomas Ravi S. Sandhu Models, Protocols, and Architectures for Secure Pervasive Computing: Challenges and Research Directions. 164-170 2004 conf/percom/2004w PerCom Workshops https://doi.org/10.1109/PERCOMW.2004.1276925 https://doi.ieeecomputersociety.org/10.1109/PERCOMW.2004.1276925 db/conf/percom/percomw2004.html#ThomasS04 Roshan K. Thomas Ravi S. Sandhu Towards a Multi-dimensional Characterization of Dissemination Control. 197-200 2004 conf/policy/2004 POLICY https://doi.org/10.1109/POLICY.2004.1309168 https://doi.ieeecomputersociety.org/10.1109/POLICY.2004.1309168 db/conf/policy/policy2004.html#ThomasS04 Marek Hejmo Brian L. Mark Charikleia Zouridaki Roshan K. Thomas Denial-of-service resistant quality-of-service signaling for mobile ad hoc networks. 23-28 2004 conf/sasn/2004 SASN https://doi.org/10.1145/1029102.1029108 db/conf/sasn/sasn2004.html#HejmoMZT04 Zainab R. Zaidi Brian L. Mark Roshan K. Thomas A two-tier representation of node mobility in ad hoc networks. 153-161 2004 SECON https://doi.org/10.1109/SAHCN.2004.1381913 conf/secon/2004 db/conf/secon/secon2004.html#ZaidiMT04

Shi-Kuo Chang Giuseppe Polese Maurizio Cibelli Roshan K. Thomas Visual Authorization Modeling in E-commerce Applications. 44-54 2003 10 IEEE Multim. 1 https://doi.org/10.1109/MMUL.2003.1167921 http://doi.ieeecomputersociety.org/10.1109/MMUL.2003.1167921 db/journals/ieeemm/ieeemm10.html#ChangPCT03

Roshan K. Thomas Brian L. Mark Tommy Johnson James Croall NetBouncer: Client-legitimacy-based High-performance DDoS Filtering. 14-25 2003 conf/discex/2003 DISCEX (1) https://doi.org/10.1109/DISCEX.2003.1194869 https://doi.ieeecomputersociety.org/10.1109/DISCEX.2003.1194869 db/conf/discex/discex2003.html#ThomasMJC03 Roshan K. Thomas Hong Zhu Tim Huck Tommy Johnson NetBouncer: Client-legitimacy-based High-performance DDoS Filtering. 111 2003 conf/discex/2003 DISCEX (2) https://doi.org/10.1109/DISCEX.2003.1194939 https://doi.ieeecomputersociety.org/10.1109/DISCEX.2003.1194939 db/conf/discex/discex2003.html#ThomasZHJ03 Eve Cohen Roshan K. Thomas William H. Winsborough Deborah Shands Models for coalition-based access control (CBAC). 97-106 2002 conf/sacmat/2002 SACMAT https://doi.org/10.1145/507711.507727 db/conf/sacmat/sacmat2002.html#CohenTWS02 Christos K. Georgiadis Ioannis Mavridis George Pangalos Roshan K. Thomas Flexible team-based access control using contexts. 21-27 2001 conf/sacmat/2001 SACMAT https://doi.org/10.1145/373256.373259 db/conf/sacmat/sacmat2001.html#GeorgiadisMPT01 Catherine D. McCollum Donald B. Faatz William R. Herndon E. John Sebes Roshan K. Thomas Distributed Object Technologies, Databases and Security. 17-31 1997 conf/dbsec/1997 DBSec db/conf/dbsec/dbsec97.html#McCollumFHST97 Roshan K. Thomas Ravi S. Sandhu Task-Based Authorization Controls (TBAC): A Family of Models for Active and Enterprise-Oriented Autorization Management. 166-181 1997 conf/dbsec/1997 DBSec db/conf/dbsec/dbsec97.html#ThomasS97 Roshan K. Thomas Team-based access control (TMAC): a primitive for applying role-based access controls in collaborative environments. 13-19 1997 conf/rbac/1997 ACM Workshop on Role-Based Access Control https://doi.org/10.1145/266741.266748 db/conf/rbac/rbac1997.html#Thomas97 Shi-Kuo Chang Giuseppe Polese Roshan K. Thomas Souvik Das A Visual Language for Authorization Modeling. 110-118 1997 conf/vl/1997 VL db/conf/vl/vl97.html#ChangPTD97 https://doi.org/10.1109/VL.1997.626565 https://doi.ieeecomputersociety.org/10.1109/VL.1997.626565

Roshan K. Thomas Ravi S. Sandhu A Trusted Subject Architecture for Multilevel Secure Object-Oriented Databases. 16-31 1996 8 IEEE Trans. Knowl. Data Eng. 1 db/journals/tkde/tkde8.html#ThomasS96 https://doi.org/10.1109/69.485626 http://doi.ieeecomputersociety.org/10.1109/69.485626 TKDE8/k0016.pdf ... ... ... journals/cacm/Denning76 journals/tois/FishmanBCCCDDHKLMNRS87 ... ... ... ... ... ... ... ... conf/oopsla/KimBCGWB88 conf/dbsec/Lunt89 conf/oopsla/MaierSOP86 books/mit/shriverW87/MaierS87 ... journals/tse/McCullough90 ... ... ... journals/computer/Sandhu93 ... ... ... ... ...

Roshan K. Thomas Elisa Bertino Pierangela Samarati Hans Hermann Brüggemann Bret Hartman Ravi S. Sandhu T. C. Ting Panel Discussion: Role-Based Access Control and Next-Generation Security Models. 289-298 1995 conf/dbsec/1995 DBSec db/conf/dbsec/dbsec95.html#ThomasBSBHST95 Roshan K. Thomas Role-based access control and distributed object-based enterprise computing. 1995 conf/rbac/1995 ACM Workshop on Role-Based Access Control https://doi.org/10.1145/270152.270194 db/conf/rbac/rbac1995.html#Thomas95 Ravi S. Sandhu Roshan K. Thomas Conceptual Foundations for a Model of Task-based Authorizations. 1994 conf/csfw/1994 CSFW db/conf/csfw/csfw1994.html#SandhuT94 66-79 https://doi.org/10.1109/CSFW.1994.315946 Roshan K. Thomas Ravi S. Sandhu Supporting Object-Based High-Assurance Write-up in Multilevel Databases for the Replicated Architecture. 403-428 1994 conf/esorics/1994 ESORICS https://doi.org/10.1007/3-540-58618-0_76 db/conf/esorics/esorics1994.html#ThomasS94

Roshan K. Thomas Ravi S. Sandhu A Kernelized Architecture for Multilevel Secure Object-Oriented Databases Supporting Write-Up. 231-275 1993 2 J. Comput. Secur. 2-3 db/journals/jcs/jcs2.html#ThomasS93 https://doi.org/10.3233/JCS-1993-22-309 https://www.wikidata.org/entity/Q114944578

Roshan K. Thomas Ravi S. Sandhu Towards a Unified Framework and Theory for Reasoning about Security and Correctness of Transactions in Multilevel databases. 309-328 1993 conf/dbsec/1993 DBSec db/conf/dbsec/dbsec93.html#ThomasS93 Roshan K. Thomas Ravi S. Sandhu Towards a task-based paradigm for flexible and adaptable access control in distributed applications. 138-142 1993 NSPW https://doi.org/10.1145/283751.283810 conf/nspw/1993 db/conf/nspw/nspw1993.html#ThomasS93 Roshan K. Thomas Ravi S. Sandhu Concurrency, Synchronization, and Scheduling to Support High-Assurance Write-Up in Multilevel Object-Based Computing. 218-228 1993 conf/oopsla/1993w Security for Object-Oriented Systems db/conf/oopsla/oopsla1993w.html#ThomasS93 Roshan K. Thomas Ravi S. Sandhu Implementing the Message Filter Object-Oriented Security Model without Trusted Subjects. 15-34 1992 conf/dbsec/1992 DBSec db/conf/dbsec/dbsec92.html#ThomasS92 Ravi S. Sandhu Roshan K. Thomas Sushil Jajodia A Secure Kernelized Architecture for Multiple Object-Oriented Databases. 139-152 1991 conf/csfw/1991 CSFW db/conf/csfw/csfw1991.html#SandhuTJ91 https://doi.org/10.1109/CSFW.1991.151580 Ravi S. Sandhu Roshan K. Thomas Sushil Jajodia Supporting Timing-Channel Free Computations in Multilevel Secure Object-Oriented Databases. 297-314 1991 conf/dbsec/1991 DBSec db/conf/dbsec/dbsec91.html#SanhuTJ91 Ismailcem Budak Arpinar Elisa Bertino Rakesh BobbaRakesh B. Bobba Hans Hermann Brüggemann Alvaro A. Cárdenas Shi-Kuo Chang Roman Chertov Maurizio Cibelli Eve Cohen James Croall Souvik Das Donald B. Faatz Sonia Fahmy Kris Gaj Christos K. Georgiadis Adam Hahn Rommie L. Hardy Bret Hartman Kristin E. Heckman Marek Hejmo William R. Herndon Tim Huck Alefiya Hussain Sushil Jajodia Tommy Johnson Jinsub Kim Calvin Ko Ivan Lozano Brian L. Mark Ioannis Mavridis Catherine D. McCollum Jelena Mirkovic George Pangalos Giuseppe Polese Indrajit Ray Peter L. Reiher Giovanni Russello Pierangela Samarati Ravi S. Sandhu Ben S. Schmoker Stephen Schwab E. John Sebes Deborah Shands Frank J. Stech Dan Sterne T. C. Ting Lang Tong 0001 Simon Tsang Alexander W. Tsow Songjie Wei Brett Wilson William H. Winsborough Shouhuai Xu Wei-Min Yao Zainab R. Zaidi Hong Zhu Charikleia Zouridaki