Kit: A Study in Operating System Verification
IEEE Transactions on Software Engineering
State Transition Analysis: A Rule-Based Intrusion Detection Approach
IEEE Transactions on Software Engineering
Java security: hostile applets, holes&antidotes
Java security: hostile applets, holes&antidotes
Using the ASTRAL model checker to analyze mobile IP
Proceedings of the 21st international conference on Software engineering
Shared resource matrix methodology: an approach to identifying storage and timing channels
ACM Transactions on Computer Systems (TOCS)
Specification and verification of the UCLA Unix security kernel
Communications of the ACM
Security Kernel validation in practice
Communications of the ACM
A note on the confinement problem
Communications of the ACM
Cryptography and data security
Cryptography and data security
Detecting Anomalous and Unknown Intrusions Against Programs
ACSAC '98 Proceedings of the 14th Annual Computer Security Applications Conference
A Practical Approach to Identifying Storage and Timing Channels: Twenty Years Later
ACSAC '02 Proceedings of the 18th Annual Computer Security Applications Conference
A comment on the confinement problem
SOSP '75 Proceedings of the fifth ACM symposium on Operating systems principles
A penetration analysis of the Michigan Terminal System
ACM SIGOPS Operating Systems Review
A Sense of Self for Unix Processes
SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Snort - Lightweight Intrusion Detection for Networks
LISA '99 Proceedings of the 13th USENIX conference on System administration
The modelling and analysis of security protocols: the csp approach
The modelling and analysis of security protocols: the csp approach
RAID'02 Proceedings of the 5th international conference on Recent advances in intrusion detection
Elaborating Security Requirements by Construction of Intentional Anti-Models
Proceedings of the 26th International Conference on Software Engineering
Sound methods and effective tools for model-based security engineering with UML
Proceedings of the 27th international conference on Software engineering
Reasoning about confidentiality at requirements engineering time
Proceedings of the 10th European software engineering conference held jointly with 13th ACM SIGSOFT international symposium on Foundations of software engineering
Computer Standards & Interfaces
| Hi-index | 0.00 |
As more business activities are being automated and an increasing number of computers are being used to store sensitive information, the need for secure computer systems becomes more apparent. This need is even more apparent as systems and applications are being distributed and accessed via an insecure network, such as the Internet. The Internet itself has become critical for governments, companies, financial institutions, and millions of everyday users. Networks of computers support a multitude of activities whose loss would all but cripple these organizations. As a consequence, cybersecurity issues have become national security issues. Protecting the lnternet is a difficult task.Cybersecurity can be obtained only through systematic development; it can not be achieved through haphazard seat-of-the-pants methods. Applying software engineering techniques to the problem is a step in the right direction. However, software engineers need to be aware of the risks and security issues associated with the design, development, and deployment of network-based software.This paper introduces some known threats to cybersecurity, categorizes the threats, and analyzes protection mechanisms and techniques for countering the threats. Approaches to prevent, detect, and respond to cyber attacks are also discussed.