Difference between revisions of "Cybersecurity Annotated Bibliography"

From Cybersecurity Wiki
Jump to navigation Jump to search
Line 1: Line 1:
Anderson, Ross ''(2001)'' [[Why Information Security is Hard]]
+
Anderson, Ross (2001) [[Why Information Security is Hard]]
  
Anderson, Ross and Moore, Tyler ''(2006)'' [[The Economics of Information Security]]
+
Anderson, Ross and Moore, Tyler (2006)  [[The Economics of Information Security]]
  
 
Anderson, Ross J. ''(2008)'' [[Security Engineering]]
 
Anderson, Ross J. ''(2008)'' [[Security Engineering]]
  
Anderson, Ross, et. al ''(2008)'' [[Security Economics and the Internal Market]]
+
Anderson, Ross, et. al (2008) [[Security Economics and the Internal Market]]
  
Arora et al. (''2006'') [[Does Information Security Attack Frequency Increase With Vulnerability Disclosure]]
+
Arora et al. (2006) [[Does Information Security Attack Frequency Increase With Vulnerability Disclosure]]
  
Aviram, Amitai and Tor, Avishalom (''2003'') [[Overcoming Impediments to Information Sharing]]
+
Aviram, Amitai and Tor, Avishalom (2003) [[Overcoming Impediments to Information Sharing]]
  
 
Barkham, Jason ''(2001)'' [[Information Warfare and International Law on the Use of Force]]  
 
Barkham, Jason ''(2001)'' [[Information Warfare and International Law on the Use of Force]]  
Line 18: Line 18:
  
 
Bohme, Rainer and Kataria, Gaurav ''(2006)'' [[Models and Measures for Correlation in Cyber-Insurance]]
 
Bohme, Rainer and Kataria, Gaurav ''(2006)'' [[Models and Measures for Correlation in Cyber-Insurance]]
 +
 +
Bohme, Rainer and Schwartz, Galina ''(2010)'' [[Modeling Cyber-Insurance: Towards a Unified Framework]]
  
 
Brown, Davis  ''(2006)'' [[A Proposal for an International Convention To Regulate the Use of Information Systems in Armed Conflict]]  
 
Brown, Davis  ''(2006)'' [[A Proposal for an International Convention To Regulate the Use of Information Systems in Armed Conflict]]  
  
Camp, L. Jean and Lewis, Stephen (''2004'') [[Economics of Information Security]]
+
Camp, and L. Jean and Lewis, Stephen (''2004'') [[Economics of Information Security]]
  
Camp, L. Jean and Wolfram, Catherine  ''(2004)'' [[Pricing Security]]
+
Camp, L. Jean and Wolfram, Catherine  (2004) [[Pricing Security]]
  
Center for Strategic and International Studies ''(2008)'' [[Securing Cyberspace for the 44th Presidency]]
+
Center for Strategic and International Studies ''(2008)'' [[Securing Cyberspace for the 44th Presidency]]
  
 
Clarke, Richard A. and Knake, Robert  ''(2010)''  [[Cyber War]]
 
Clarke, Richard A. and Knake, Robert  ''(2010)''  [[Cyber War]]
Line 31: Line 33:
 
Clinton, Larry ''(Undated)'' [[Cyber-Insurance Metrics and Impact on Cyber-Security]]
 
Clinton, Larry ''(Undated)'' [[Cyber-Insurance Metrics and Impact on Cyber-Security]]
  
Committee on Improving Cybersecurity Research in the United States, National Research Council ''(2007)'' [[Toward a Safer and More Secure Cyberspace]]
+
Committee on Improving Cybersecurity Research in the United States, National Research Council ''(2007)''[[Toward a Safer and More Secure Cyberspace]]
  
 
Committee on Information Systems Trustworthiness, National Research Council ''(1999)'' [[Trust in Cyberspace]]
 
Committee on Information Systems Trustworthiness, National Research Council ''(1999)'' [[Trust in Cyberspace]]
  
Computer Economics, Inc. ''(2007)'' [[2007 Malware Report]]  
+
Computer Economics, Inc. (2007) [[2007 Malware Report]]
  
Computing Research Association ''(2003)'' [[Four Grand Challenges in Trustworthy Computing]]
+
Computing Research Association ''(2003)'' [[Four Grand Challenges in Trustworthy Computing]]
  
 
Department of Defense ''(2005)'' [[Strategy for Homeland Defense and Civil Support]]
 
Department of Defense ''(2005)'' [[Strategy for Homeland Defense and Civil Support]]
Line 61: Line 63:
 
Financial Services Sector Coordinating Council for Critical Infrastructure Protection ''(2008)'' [[Research Agenda for the Banking and Finance Sector]]
 
Financial Services Sector Coordinating Council for Critical Infrastructure Protection ''(2008)'' [[Research Agenda for the Banking and Finance Sector]]
  
Franklin, Jason, et. al ''(2007)''  [[An Inquiry into the Nature and Causes of the Wealth of Internet Miscreants]]
+
Franklin, Jason, et. al (2007) [[An Inquiry into the Nature and Causes of the Wealth of Internet Miscreants]]
  
 
Gandal, Neil ''(2008'') [[An Introduction to Key Themes in the Economics of Cyber Security]]
 
Gandal, Neil ''(2008'') [[An Introduction to Key Themes in the Economics of Cyber Security]]
 +
 +
Grady, Mark and Parisi, Francesco (''2006'') [[The Law and Economics of Cybersecurity: An Introduction]]
  
 
Grady, Mark F. and Parisi, Francesco (''2006'') [[The Law and Economics of Cybersecurity]]
 
Grady, Mark F. and Parisi, Francesco (''2006'') [[The Law and Economics of Cybersecurity]]
  
Granick, Jennifer Stisa (''2005'') [[The Price of Restricting Vulnerability Publications]]
+
Granick, Jennifer Stisa (2005) [[The Price of Restricting Vulnerability Publications]]
  
 
Hollis, Duncan B. ''(2007)'' [[Why States Need an International Law for Information Operations]]  
 
Hollis, Duncan B. ''(2007)'' [[Why States Need an International Law for Information Operations]]  
  
INFOSEC Research Council ''(2005)'' [[Hard Problem List]]
+
INFOSEC Research Council ''(2005)'' [[Hard Problem List]]
  
Institute for Information Infrastructure Protection ''(2003)'' [[Cyber Security Research and Development Agenda]]
+
Institute for Information Infrastructure Protection ''(2003)'' [[Cyber Security Research and Development Agenda]]
  
 
Johnson, Eric M (''2008'') [[Managing Information Risk and the Economics of Security]]
 
Johnson, Eric M (''2008'') [[Managing Information Risk and the Economics of Security]]
Line 97: Line 101:
 
Moore, Tyler, et. al ''(2009)'' [[The Economics of Online Crime]]
 
Moore, Tyler, et. al ''(2009)'' [[The Economics of Online Crime]]
  
National Cyber Defense Initiative ''(2009)'' [[National Cyber Defense Financial Services Workshop Report]]
+
National Cyber Defense Initiative ''(2009)'' [[National Cyber Defense Financial Services Workshop Report]]
  
 
National Cyber Security Summit Task Force ''(2004)'' [[Information Security Governance]]
 
National Cyber Security Summit Task Force ''(2004)'' [[Information Security Governance]]
  
National Infrastructure Advisory Council ''(2004)'' [[Hardening The Internet]]
+
National Infrastructure Advisory Council ''(2004)'' [[Hardening The Internet]]
  
National Institute of Standards and Technology ''(2006)'' [[SP 800-82: Guide to Supervisory Control and Data Acquisition (SCADA) and Industrial Control Systems Security]]
+
National Institute of Standards and Technology ''(2006)'' [[SP 800-82: Guide to Supervisory Control and Data Acquisition (SCADA) and Industrial Control Systems Security]]
  
National Science and Technology Council ''(2006)'' [[Federal Plan for Cyber Security and Information Assurance Research and Development]]
+
National Science and Technology Council ''(2006)'' [[Federal Plan for Cyber Security and Information Assurance Research and Development]]
  
Networking and Information Technology Research and Development ''(2009)'' [[National Cyber Leap Year Summit 2009, Co-Chairs' Report]]
+
Networking and Information Technology Research and Development ''(2009)'' [[National Cyber Leap Year Summit 2009, Co-Chairs' Report]]
  
 
Powell, Benjamin  ''(2005)''  [[Is Cybersecurity a Public Good]]
 
Powell, Benjamin  ''(2005)''  [[Is Cybersecurity a Public Good]]
  
President's Commission on Critical Infrastructure Protection ''(1997)'' [[Critical Foundations]]
+
President's Commission on Critical Infrastructure Protection ''(1997)'' [[Critical Foundations]]
  
President's Information Technology Advisory Council ''(2005)'' [[Cyber Security: A Crisis of Prioritization]]
+
President's Information Technology Advisory Council ''(2005)'' [[Cyber Security: A Crisis of Prioritization]]
  
 
Romanosky et al. (''2008'') [[Do Data Breach Disclosure Laws Reduce Identity Theft]]
 
Romanosky et al. (''2008'') [[Do Data Breach Disclosure Laws Reduce Identity Theft]]
Line 147: Line 151:
 
Trend Micro Incorporated ''(2010)'' [[Trend Micro Annual Report]]
 
Trend Micro Incorporated ''(2010)'' [[Trend Micro Annual Report]]
  
United States Secret Service ''(2004)'' [[Insider Threat Study]]
+
United States Secret Service ''(2004)'' [[Insider Threat Study]]
  
van Eeten, Michel J. G. and Bauer, Johannes M. ''(2008)'' [[Economics of Malware]]
+
van Eeten, Michel J. G. and Bauer, Johannes M. ''(2008)'' [[Economics of Malware]]
  
 
Varian, Hal ''(2000)'' [[Managing Online Security Risks]]
 
Varian, Hal ''(2000)'' [[Managing Online Security Risks]]
Line 157: Line 161:
 
Watts, Sean (2010) [[Combatant Status and Computer Network Attack]]
 
Watts, Sean (2010) [[Combatant Status and Computer Network Attack]]
  
White House ''(2003)'' [[The National Strategy to Secure Cyberspace]]
+
White House ''(2003)'' [[The National Strategy to Secure Cyberspace]]
  
White House ''(2009)'' [[Cyberspace Policy Review]]
+
White House ''(2009)'' [[Cyberspace Policy Review]]
  
White House ''(2010)'' [[The Comprehensive National Cybersecurity Initiative]]
+
White House ''(2010)'' [[The Comprehensive National Cybersecurity Initiative]]
  
 
Zittrain, Jonathan L. ''(2008)'' [[The Future of the Internet and How To Stop It]]
 
Zittrain, Jonathan L. ''(2008)'' [[The Future of the Internet and How To Stop It]]
 +
 +
 +
Updated June 24, 2010

Revision as of 14:11, 24 June 2010

Anderson, Ross (2001) Why Information Security is Hard

Anderson, Ross and Moore, Tyler (2006) The Economics of Information Security

Anderson, Ross J. (2008) Security Engineering

Anderson, Ross, et. al (2008) Security Economics and the Internal Market

Arora et al. (2006) Does Information Security Attack Frequency Increase With Vulnerability Disclosure

Aviram, Amitai and Tor, Avishalom (2003) Overcoming Impediments to Information Sharing

Barkham, Jason (2001) Information Warfare and International Law on the Use of Force

Beard, Jack M. (2009) Law and War in the Virtual Era

Bohme, Rainer (2005) Cyber-Insurance Revisited

Bohme, Rainer and Kataria, Gaurav (2006) Models and Measures for Correlation in Cyber-Insurance

Bohme, Rainer and Schwartz, Galina (2010) Modeling Cyber-Insurance: Towards a Unified Framework

Brown, Davis (2006) A Proposal for an International Convention To Regulate the Use of Information Systems in Armed Conflict

Camp, and L. Jean and Lewis, Stephen (2004) Economics of Information Security

Camp, L. Jean and Wolfram, Catherine (2004) Pricing Security

Center for Strategic and International Studies (2008) Securing Cyberspace for the 44th Presidency

Clarke, Richard A. and Knake, Robert (2010) Cyber War

Clinton, Larry (Undated) Cyber-Insurance Metrics and Impact on Cyber-Security

Committee on Improving Cybersecurity Research in the United States, National Research Council (2007)Toward a Safer and More Secure Cyberspace

Committee on Information Systems Trustworthiness, National Research Council (1999) Trust in Cyberspace

Computer Economics, Inc. (2007) 2007 Malware Report

Computing Research Association (2003) Four Grand Challenges in Trustworthy Computing

Department of Defense (2005) Strategy for Homeland Defense and Civil Support

Department of Defense Office of General Counsel (1999) An Assessment of International Legal Issues in Information Operations

Department of Defense (2007) Mission Impact of Foreign Influence on DoD Software

Department of Energy (2006) Roadmap to Secure Control Systems in the Energy Sector

Department of Homeland Security (2003) The National Strategy for the Physical Protection of Critical Infrastructures and Key Assets

Department of Homeland Security Science and Technology Directorate (2009) A Roadmap for Cybersecurity Research

Deputy Chief of Staff for Intelligence (2006) Critical Infrastructure Threats and Terrorism

Dörmann, Knut (2004) Applicability of the Additional Protocols to Computer Network Attacks

Dunlap, Charles J. Jr. (2009) Towards a Cyberspace Legal Regime in the Twenty-First Century

Epstein, Richard A. and Brown, Thomas P. (2008) Cybersecurity in the Payment Card Industry

Financial Services Sector Coordinating Council for Critical Infrastructure Protection (2008) Research Agenda for the Banking and Finance Sector

Franklin, Jason, et. al (2007) An Inquiry into the Nature and Causes of the Wealth of Internet Miscreants

Gandal, Neil (2008) An Introduction to Key Themes in the Economics of Cyber Security

Grady, Mark and Parisi, Francesco (2006) The Law and Economics of Cybersecurity: An Introduction

Grady, Mark F. and Parisi, Francesco (2006) The Law and Economics of Cybersecurity

Granick, Jennifer Stisa (2005) The Price of Restricting Vulnerability Publications

Hollis, Duncan B. (2007) Why States Need an International Law for Information Operations

INFOSEC Research Council (2005) Hard Problem List

Institute for Information Infrastructure Protection (2003) Cyber Security Research and Development Agenda

Johnson, Eric M (2008) Managing Information Risk and the Economics of Security

Johnson, Vincent R. (2005) Cybersecurity, Identity Theft, and the Limits of Tort Liability

Kobayashi, Bruce H. (2006) An Economic Analysis of the Private and Social Costs of the Provision of Cybersecurity and Other Public Security Goods

Korns, Stephen W. (2009) Cyber Operations

Lernard, Thomas M. and Rubin, Paul H. (2005) An Economic Analysis of Notification Requirements for Data Security Breaches

Lernard, Thomas M. and Rubin, Paul H. (2006) Much Ado About Notification

McAfee, Inc. (2010) McAfee Threats Report

Moore, Tyler and Clayton, Richard (2007) Examining the Impact of Website Take-down on Phishing

Moore, Tyler and Clayton, Richard (2008) The Consequence of Non-Cooperation in the Fight Against Phishing

Moore, Tyler and Clayton, Richard (2009) The Impact of Incentives on Notice and Take-down

Moore, Tyler, et. al (2009) The Economics of Online Crime

National Cyber Defense Initiative (2009) National Cyber Defense Financial Services Workshop Report

National Cyber Security Summit Task Force (2004) Information Security Governance

National Infrastructure Advisory Council (2004) Hardening The Internet

National Institute of Standards and Technology (2006) SP 800-82: Guide to Supervisory Control and Data Acquisition (SCADA) and Industrial Control Systems Security

National Science and Technology Council (2006) Federal Plan for Cyber Security and Information Assurance Research and Development

Networking and Information Technology Research and Development (2009) National Cyber Leap Year Summit 2009, Co-Chairs' Report

Powell, Benjamin (2005) Is Cybersecurity a Public Good

President's Commission on Critical Infrastructure Protection (1997) Critical Foundations

President's Information Technology Advisory Council (2005) Cyber Security: A Crisis of Prioritization

Romanosky et al. (2008) Do Data Breach Disclosure Laws Reduce Identity Theft

Schmit, Michael N., et. al (2004) Computers and War

Schmitt, Michael N. (1999) Computer Network Attack and the Use of Force in International Law

Schmitt, Michael N. (2002) Wired Warfare

Schneier, Bruce (2003) Beyond Fear

Schneier, Bruce (2008) Schneier on Security

Schwartz, Paul and Janger, Edward (2007) Notification of Data Security Breaches

Sklerov, Matthew J. (2009) Solving the Dilemma of State Responses to Cyberattacks

Stohl, Michael (2006) Cyber Terrorism

Swire, Peter P (2004) A Model for When Disclosure Helps Security

Swire, Peter P (2006) A Theory of Disclosure for Security and Competitive Reasons

Symantec Corporation (2010) Symantec Global Internet Security Threat Report

Telang, Rahul and Wattal, Sunil (2007) Impact of Software Vulnerability Announcements on the Market Value of Software Vendors - An Empirical Investigation

Thomas, Rob and Martin, Jerry (2006) The Underground Economy

Todd, Graham H. (2009) Armed Attack in Cyberspace

Trend Micro Incorporated (2010) Trend Micro Annual Report

United States Secret Service (2004) Insider Threat Study

van Eeten, Michel J. G. and Bauer, Johannes M. (2008) Economics of Malware

Varian, Hal (2000) Managing Online Security Risks

Varian, Hal (2004) System Reliability and Free Riding

Watts, Sean (2010) Combatant Status and Computer Network Attack

White House (2003) The National Strategy to Secure Cyberspace

White House (2009) Cyberspace Policy Review

White House (2010) The Comprehensive National Cybersecurity Initiative

Zittrain, Jonathan L. (2008) The Future of the Internet and How To Stop It


Updated June 24, 2010