@Preamble{"\input bibnames.sty" #
"\ifx \undefined \booktitle \def \booktitle #1{{{\em #1}}} \fi" #
"\ifx \undefined \TM \def \TM {${}^{\sc TM}$} \fi"
}
@String{ack-nhfb = "Nelson H. F. Beebe,
University of Utah,
Department of Mathematics, 110 LCB,
155 S 1400 E RM 233,
Salt Lake City, UT 84112-0090, USA,
Tel: +1 801 581 5254,
FAX: +1 801 581 4148,
e-mail: \path|beebe@math.utah.edu|,
\path|beebe@acm.org|,
\path|beebe@computer.org| (Internet),
URL: \path|http://www.math.utah.edu/~beebe/|"}
@String{j-DTRAP = "Digital Threats: Research and Practice
(DTRAP)"}
@Article{Lakhotia:2020:DTR,
author = "Arun Lakhotia and Leigh Metcalf",
title = "Digital Threats: Research and Practice Inaugural Issue
Editorial",
journal = j-DTRAP,
volume = "1",
number = "1",
pages = "1:1--1:3",
month = mar,
year = "2020",
CODEN = "????",
DOI = "https://doi.org/10.1145/3380320",
ISSN = "2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Tue Apr 7 12:42:02 MDT 2020",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/abs/10.1145/3380320",
acknowledgement = ack-nhfb,
articleno = "1",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{Cormack:2020:IFS,
author = "Andrew Cormack and Jeroen {Van der Ham}",
title = "Introduction to the {FIRST} Special Issue",
journal = j-DTRAP,
volume = "1",
number = "1",
pages = "2:1--2:3",
month = mar,
year = "2020",
CODEN = "????",
DOI = "https://doi.org/10.1145/3380746",
ISSN = "2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Tue Apr 7 12:42:02 MDT 2020",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/abs/10.1145/3380746",
acknowledgement = ack-nhfb,
articleno = "2",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{Durvaux:2020:SPP,
author = "Fran{\c{c}}ois Durvaux and Marc Durvaux",
title = "{SCA-Pitaya}: a Practical and Affordable Side-Channel
Attack Setup for Power Leakage-Based Evaluations",
journal = j-DTRAP,
volume = "1",
number = "1",
pages = "3:1--3:16",
month = mar,
year = "2020",
CODEN = "????",
DOI = "https://doi.org/10.1145/3371393",
ISSN = "2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Tue Apr 7 12:42:02 MDT 2020",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/abs/10.1145/3371393",
abstract = "Athough side-channel attacks appeared more than two
decades ago, they remain very little discussed by
security professionals outside the academia or very
specific sectors (e.g., smartcard industry,
governments). However, with the increasing \ldots{}",
acknowledgement = ack-nhfb,
articleno = "3",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{VanderToorn:2020:LBH,
author = "Olivier {Van der Toorn} and Anna Sperotto",
title = "Looking Beyond the Horizon: Thoughts on Proactive
Detection of Threats",
journal = j-DTRAP,
volume = "1",
number = "1",
pages = "4:1--4:13",
month = mar,
year = "2020",
CODEN = "????",
DOI = "https://doi.org/10.1145/3373639",
ISSN = "2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Tue Apr 7 12:42:02 MDT 2020",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/abs/10.1145/3373639",
abstract = "The Internet exposes us to cyberthreats attacking
information, services, and the Internet infrastructure
itself. Such attacks are typically detected in a
reactive fashion. The downside of this approach is that
alerts of an attack are issued as it is \ldots{}",
acknowledgement = ack-nhfb,
articleno = "4",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{Tien:2020:MLF,
author = "Chin-Wei Tien and Shang-Wen Chen and Tao Ban and
Sy-Yen Kuo",
title = "Machine Learning Framework to Analyze {IoT} Malware
Using {ELF} and Opcode Features",
journal = j-DTRAP,
volume = "1",
number = "1",
pages = "5:1--5:19",
month = mar,
year = "2020",
CODEN = "????",
DOI = "https://doi.org/10.1145/3378448",
ISSN = "2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Tue Apr 7 12:42:02 MDT 2020",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/abs/10.1145/3378448",
abstract = "Threats to devices that are part of the Internet of
Things (IoT) are on the rise. Owing to the overwhelming
diversity of IoT hardware and software, as well as its
variants, conventional anti-virus techniques based on
the Windows paradigm cannot be \ldots{}",
acknowledgement = ack-nhfb,
articleno = "5",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{Kohlrausch:2020:ASS,
author = "Jan Kohlrausch and Eugene A. Brin",
title = "{ARIMA} Supplemented Security Metrics for Quality
Assurance and Situational Awareness",
journal = j-DTRAP,
volume = "1",
number = "1",
pages = "6:1--6:21",
month = mar,
year = "2020",
CODEN = "????",
DOI = "https://doi.org/10.1145/3376926",
ISSN = "2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Tue Apr 7 12:42:02 MDT 2020",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/abs/10.1145/3376926",
abstract = "Quality assurance and situational awareness are
important areas of interest for CSIRTs and security
teams. Significant efforts have been made on defining
metrics measuring critical parameters for these fields
of application. However, methodical \ldots{}",
acknowledgement = ack-nhfb,
articleno = "6",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{Sacher:2020:FFP,
author = "Desiree Sacher",
title = "Fingerpointing False Positives: How to Better
Integrate Continuous Improvement into Security
Monitoring",
journal = j-DTRAP,
volume = "1",
number = "1",
pages = "7:1--7:7",
month = mar,
year = "2020",
CODEN = "????",
DOI = "https://doi.org/10.1145/3370084",
ISSN = "2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Tue Apr 7 12:42:02 MDT 2020",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/abs/10.1145/3370084",
abstract = "Security incidents created during the security
continuous monitoring process (ISCM, NIST 800-137 [1])
can be a valuable source for improving company
processes and an efficient reference for budget
planning if used correctly. The idea presented in this
\ldots{}",
acknowledgement = ack-nhfb,
articleno = "7",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{Waked:2020:SST,
author = "Louis Waked and Mohammad Mannan and Amr Youssef",
title = "The Sorry State of {TLS} Security in Enterprise
Interception Appliances",
journal = j-DTRAP,
volume = "1",
number = "2",
pages = "8:1--8:26",
month = jul,
year = "2020",
CODEN = "????",
DOI = "https://doi.org/10.1145/3372802",
ISSN = "????",
ISSN-L = "????",
bibdate = "Sun Jul 12 11:50:01 MDT 2020",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/abs/10.1145/3372802",
abstract = "Network traffic inspection, including TLS traffic, in
enterprise environments is widely practiced. Reasons
for doing so are primarily related to improving
enterprise security (e.g., phishing and malicious
traffic detection) and meeting legal \ldots{}",
acknowledgement = ack-nhfb,
articleno = "8",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{Shukla:2020:TUI,
author = "Diksha Shukla and Partha Pratim KUNDU and Ravichandra
Malapati and Sujit Poudel and Zhanpeng Jin and Vir V.
Phoha",
title = "Thinking Unveiled: an Inference and Correlation Model
to Attack {EEG} Biometrics",
journal = j-DTRAP,
volume = "1",
number = "2",
pages = "9:1--9:29",
month = jul,
year = "2020",
CODEN = "????",
DOI = "https://doi.org/10.1145/3374137",
ISSN = "????",
ISSN-L = "????",
bibdate = "Sun Jul 12 11:50:01 MDT 2020",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/abs/10.1145/3374137",
abstract = "Very few studies have explored linkages between
physiological, such as electroencephalograph (EEG), and
behavioral patterns, such as wrist movements. These
linkages provide us a unique mechanism to predict one
set of patterns from other related \ldots{}",
acknowledgement = ack-nhfb,
articleno = "9",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{Gajrani:2020:VVV,
author = "Jyoti Gajrani and Meenakshi Tripathi and Vijay Laxmi
and Gaurav Somani and Akka Zemmari and Manoj Singh
Gaur",
title = "{Vulvet}: Vetting of Vulnerabilities in {Android} Apps
to Thwart Exploitation",
journal = j-DTRAP,
volume = "1",
number = "2",
pages = "10:1--10:25",
month = jul,
year = "2020",
CODEN = "????",
DOI = "https://doi.org/10.1145/3376121",
ISSN = "????",
ISSN-L = "????",
bibdate = "Sun Jul 12 11:50:01 MDT 2020",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/abs/10.1145/3376121",
abstract = "Data security and privacy of Android users is one of
the challenging security problems addressed by the
security research community. A major source of the
security vulnerabilities in Android apps is attributed
to bugs within source code, insecure APIs, \ldots{}",
acknowledgement = ack-nhfb,
articleno = "10",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{Cai:2020:TOA,
author = "Yegui Cai and George O. M. Yee and Yuan Xiang Gu and
Chung-Horng Lung",
title = "Threats to Online Advertising and Countermeasures: a
Technical Survey",
journal = j-DTRAP,
volume = "1",
number = "2",
pages = "11:1--11:27",
month = jul,
year = "2020",
CODEN = "????",
DOI = "https://doi.org/10.1145/3374136",
ISSN = "????",
ISSN-L = "????",
bibdate = "Sun Jul 12 11:50:01 MDT 2020",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/abs/10.1145/3374136",
abstract = "Online advertising, also known as web advertising or
Internet marketing, is the means and process of
promoting products and services on the Internet, and it
has been one of the important business models for the
Internet. Due to its lucrative nature and \ldots{}",
acknowledgement = ack-nhfb,
articleno = "11",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{Zhou:2020:FNE,
author = "Xinyi Zhou and Atishay Jain and Vir V. Phoha and Reza
Zafarani",
title = "Fake News Early Detection: a Theory-driven Model",
journal = j-DTRAP,
volume = "1",
number = "2",
pages = "12:1--12:25",
month = jul,
year = "2020",
CODEN = "????",
DOI = "https://doi.org/10.1145/3377478",
ISSN = "????",
ISSN-L = "????",
bibdate = "Sun Jul 12 11:50:01 MDT 2020",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/abs/10.1145/3377478",
abstract = "Massive dissemination of fake news and its potential
to erode democracy has increased the demand for
accurate fake news detection. Recent advancements in
this area have proposed novel techniques that aim to
detect fake news by exploring how it \ldots{}",
acknowledgement = ack-nhfb,
articleno = "12",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{Koot:2020:FNC,
author = "Matthijs Koot",
title = "Field Note on {CVE-2019-11510}: Pulse Connect Secure
{SSL-VPN} in {The Netherlands}",
journal = j-DTRAP,
volume = "1",
number = "2",
pages = "13:1--13:7",
month = jul,
year = "2020",
CODEN = "????",
DOI = "https://doi.org/10.1145/3382765",
ISSN = "????",
ISSN-L = "????",
bibdate = "Sun Jul 12 11:50:01 MDT 2020",
bibsource = "http://www.math.utah.edu/pub/tex/bib/cryptography2020.bib;
http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/abs/10.1145/3382765",
abstract = "This Field Note describes the case of a critical
unauthenticated RCE vulnerability in an SSL-VPN product
that remained unpatched at a large scale-up and until
after exploits became public. Approximately 14,500
systems worldwide were reportedly unpatched at the end
of August 2019. Two weeks after exploits emerged in
public, both GCHQ and NSA released notices that the
vulnerability was being exploited by APT actors. The
present Field Note describes observations from the
Netherlands and includes reflections in an attempt to
stimulate thinking on how to improve the status quo,
such as through coordinated proactive measures by
CSIRTs.",
acknowledgement = ack-nhfb,
articleno = "13",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}