Valid HTML 4.0! Valid CSS!
%%% -*-BibTeX-*-
%%% ====================================================================
%%%  BibTeX-file{
%%%     author          = "Nelson H. F. Beebe",
%%%     version         = "1.01",
%%%     date            = "12 July 2020",
%%%     time            = "11:51:13 MDT",
%%%     filename        = "dtrap.bib",
%%%     address         = "University of Utah
%%%                        Department of Mathematics, 110 LCB
%%%                        155 S 1400 E RM 233
%%%                        Salt Lake City, UT 84112-0090
%%%                        USA",
%%%     telephone       = "+1 801 581 5254",
%%%     FAX             = "+1 801 581 4148",
%%%     URL             = "http://www.math.utah.edu/~beebe",
%%%     checksum        = "61661 485 2137 20819",
%%%     email           = "beebe at math.utah.edu, beebe at acm.org,
%%%                        beebe at computer.org (Internet)",
%%%     codetable       = "ISO/ASCII",
%%%     keywords        = "bibliography; BibTeX; Digital Threats:
%%%                        Research and Practice (DTRAP)",
%%%     license         = "public domain",
%%%     supported       = "yes",
%%%     docstring       = "This is a COMPLETE BibTeX bibliography for
%%%                        Digital Threats: Research and Practice
%%%                        (DTRAP) (CODEN ????, ISSN 2576-5337
%%%                        (electronic)).  The journal appears
%%%                        quarterly, and publication began with volume
%%%                        1, number 1, in March 2020.
%%%
%%%                        At version 1.01, the COMPLETE journal
%%%                        coverage looked like this:
%%%
%%%                             2020 (  13)
%%%
%%%                             Article:         13
%%%
%%%                             Total entries:   13
%%%
%%%                        The journal Web page can be found at:
%%%
%%%                            http://tsc.acm.org/
%%%
%%%                        The journal table of contents page is at:
%%%
%%%                            https://dl.acm.org/loi/tiot
%%%
%%%                        Qualified subscribers can retrieve the full
%%%                        text of recent articles in PDF form.
%%%
%%%                        The initial draft was extracted from the ACM
%%%                        Web pages.
%%%
%%%                        ACM copyrights explicitly permit abstracting
%%%                        with credit, so article abstracts, keywords,
%%%                        and subject classifications have been
%%%                        included in this bibliography wherever
%%%                        available.  Article reviews have been
%%%                        omitted, until their copyright status has
%%%                        been clarified.
%%%
%%%                        URL keys in the bibliography point to
%%%                        World Wide Web locations of additional
%%%                        information about the entry.
%%%
%%%                        BibTeX citation tags are uniformly chosen
%%%                        as name:year:abbrev, where name is the
%%%                        family name of the first author or editor,
%%%                        year is a 4-digit number, and abbrev is a
%%%                        3-letter condensation of important title
%%%                        words. Citation tags were automatically
%%%                        generated by software developed for the
%%%                        BibNet Project.
%%%
%%%                        In this bibliography, entries are sorted in
%%%                        publication order, using ``bibsort -byvolume.''
%%%
%%%                        The checksum field above contains a CRC-16
%%%                        checksum as the first value, followed by the
%%%                        equivalent of the standard UNIX wc (word
%%%                        count) utility output of lines, words, and
%%%                        characters.  This is produced by Robert
%%%                        Solovay's checksum utility.",
%%%  }
%%% ====================================================================
@Preamble{"\input bibnames.sty" #
    "\ifx \undefined \booktitle  \def \booktitle #1{{{\em #1}}}    \fi" #
    "\ifx \undefined \TM         \def \TM          {${}^{\sc TM}$} \fi"
}

%%% ====================================================================
%%% Acknowledgement abbreviations:
@String{ack-nhfb = "Nelson H. F. Beebe,
                    University of Utah,
                    Department of Mathematics, 110 LCB,
                    155 S 1400 E RM 233,
                    Salt Lake City, UT 84112-0090, USA,
                    Tel: +1 801 581 5254,
                    FAX: +1 801 581 4148,
                    e-mail: \path|beebe@math.utah.edu|,
                            \path|beebe@acm.org|,
                            \path|beebe@computer.org| (Internet),
                    URL: \path|http://www.math.utah.edu/~beebe/|"}

%%% ====================================================================
%%% Journal abbreviations:
@String{j-DTRAP                 = "Digital Threats: Research and Practice
                                  (DTRAP)"}

%%% ====================================================================
%%% Bibliography entries:
@Article{Lakhotia:2020:DTR,
  author =       "Arun Lakhotia and Leigh Metcalf",
  title =        "Digital Threats: Research and Practice Inaugural Issue
                 Editorial",
  journal =      j-DTRAP,
  volume =       "1",
  number =       "1",
  pages =        "1:1--1:3",
  month =        mar,
  year =         "2020",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3380320",
  ISSN =         "2576-5337 (electronic)",
  ISSN-L =       "2576-5337",
  bibdate =      "Tue Apr 7 12:42:02 MDT 2020",
  bibsource =    "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
  URL =          "https://dl.acm.org/doi/abs/10.1145/3380320",
  acknowledgement = ack-nhfb,
  articleno =    "1",
  fjournal =     "Digital Threats: Research and Practice (DTRAP)",
  journal-URL =  "https://dl.acm.org/loi/dtrap",
}

@Article{Cormack:2020:IFS,
  author =       "Andrew Cormack and Jeroen {Van der Ham}",
  title =        "Introduction to the {FIRST} Special Issue",
  journal =      j-DTRAP,
  volume =       "1",
  number =       "1",
  pages =        "2:1--2:3",
  month =        mar,
  year =         "2020",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3380746",
  ISSN =         "2576-5337 (electronic)",
  ISSN-L =       "2576-5337",
  bibdate =      "Tue Apr 7 12:42:02 MDT 2020",
  bibsource =    "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
  URL =          "https://dl.acm.org/doi/abs/10.1145/3380746",
  acknowledgement = ack-nhfb,
  articleno =    "2",
  fjournal =     "Digital Threats: Research and Practice (DTRAP)",
  journal-URL =  "https://dl.acm.org/loi/dtrap",
}

@Article{Durvaux:2020:SPP,
  author =       "Fran{\c{c}}ois Durvaux and Marc Durvaux",
  title =        "{SCA-Pitaya}: a Practical and Affordable Side-Channel
                 Attack Setup for Power Leakage-Based Evaluations",
  journal =      j-DTRAP,
  volume =       "1",
  number =       "1",
  pages =        "3:1--3:16",
  month =        mar,
  year =         "2020",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3371393",
  ISSN =         "2576-5337 (electronic)",
  ISSN-L =       "2576-5337",
  bibdate =      "Tue Apr 7 12:42:02 MDT 2020",
  bibsource =    "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
  URL =          "https://dl.acm.org/doi/abs/10.1145/3371393",
  abstract =     "Athough side-channel attacks appeared more than two
                 decades ago, they remain very little discussed by
                 security professionals outside the academia or very
                 specific sectors (e.g., smartcard industry,
                 governments). However, with the increasing \ldots{}",
  acknowledgement = ack-nhfb,
  articleno =    "3",
  fjournal =     "Digital Threats: Research and Practice (DTRAP)",
  journal-URL =  "https://dl.acm.org/loi/dtrap",
}

@Article{VanderToorn:2020:LBH,
  author =       "Olivier {Van der Toorn} and Anna Sperotto",
  title =        "Looking Beyond the Horizon: Thoughts on Proactive
                 Detection of Threats",
  journal =      j-DTRAP,
  volume =       "1",
  number =       "1",
  pages =        "4:1--4:13",
  month =        mar,
  year =         "2020",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3373639",
  ISSN =         "2576-5337 (electronic)",
  ISSN-L =       "2576-5337",
  bibdate =      "Tue Apr 7 12:42:02 MDT 2020",
  bibsource =    "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
  URL =          "https://dl.acm.org/doi/abs/10.1145/3373639",
  abstract =     "The Internet exposes us to cyberthreats attacking
                 information, services, and the Internet infrastructure
                 itself. Such attacks are typically detected in a
                 reactive fashion. The downside of this approach is that
                 alerts of an attack are issued as it is \ldots{}",
  acknowledgement = ack-nhfb,
  articleno =    "4",
  fjournal =     "Digital Threats: Research and Practice (DTRAP)",
  journal-URL =  "https://dl.acm.org/loi/dtrap",
}

@Article{Tien:2020:MLF,
  author =       "Chin-Wei Tien and Shang-Wen Chen and Tao Ban and
                 Sy-Yen Kuo",
  title =        "Machine Learning Framework to Analyze {IoT} Malware
                 Using {ELF} and Opcode Features",
  journal =      j-DTRAP,
  volume =       "1",
  number =       "1",
  pages =        "5:1--5:19",
  month =        mar,
  year =         "2020",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3378448",
  ISSN =         "2576-5337 (electronic)",
  ISSN-L =       "2576-5337",
  bibdate =      "Tue Apr 7 12:42:02 MDT 2020",
  bibsource =    "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
  URL =          "https://dl.acm.org/doi/abs/10.1145/3378448",
  abstract =     "Threats to devices that are part of the Internet of
                 Things (IoT) are on the rise. Owing to the overwhelming
                 diversity of IoT hardware and software, as well as its
                 variants, conventional anti-virus techniques based on
                 the Windows paradigm cannot be \ldots{}",
  acknowledgement = ack-nhfb,
  articleno =    "5",
  fjournal =     "Digital Threats: Research and Practice (DTRAP)",
  journal-URL =  "https://dl.acm.org/loi/dtrap",
}

@Article{Kohlrausch:2020:ASS,
  author =       "Jan Kohlrausch and Eugene A. Brin",
  title =        "{ARIMA} Supplemented Security Metrics for Quality
                 Assurance and Situational Awareness",
  journal =      j-DTRAP,
  volume =       "1",
  number =       "1",
  pages =        "6:1--6:21",
  month =        mar,
  year =         "2020",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3376926",
  ISSN =         "2576-5337 (electronic)",
  ISSN-L =       "2576-5337",
  bibdate =      "Tue Apr 7 12:42:02 MDT 2020",
  bibsource =    "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
  URL =          "https://dl.acm.org/doi/abs/10.1145/3376926",
  abstract =     "Quality assurance and situational awareness are
                 important areas of interest for CSIRTs and security
                 teams. Significant efforts have been made on defining
                 metrics measuring critical parameters for these fields
                 of application. However, methodical \ldots{}",
  acknowledgement = ack-nhfb,
  articleno =    "6",
  fjournal =     "Digital Threats: Research and Practice (DTRAP)",
  journal-URL =  "https://dl.acm.org/loi/dtrap",
}

@Article{Sacher:2020:FFP,
  author =       "Desiree Sacher",
  title =        "Fingerpointing False Positives: How to Better
                 Integrate Continuous Improvement into Security
                 Monitoring",
  journal =      j-DTRAP,
  volume =       "1",
  number =       "1",
  pages =        "7:1--7:7",
  month =        mar,
  year =         "2020",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3370084",
  ISSN =         "2576-5337 (electronic)",
  ISSN-L =       "2576-5337",
  bibdate =      "Tue Apr 7 12:42:02 MDT 2020",
  bibsource =    "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
  URL =          "https://dl.acm.org/doi/abs/10.1145/3370084",
  abstract =     "Security incidents created during the security
                 continuous monitoring process (ISCM, NIST 800-137 [1])
                 can be a valuable source for improving company
                 processes and an efficient reference for budget
                 planning if used correctly. The idea presented in this
                 \ldots{}",
  acknowledgement = ack-nhfb,
  articleno =    "7",
  fjournal =     "Digital Threats: Research and Practice (DTRAP)",
  journal-URL =  "https://dl.acm.org/loi/dtrap",
}

@Article{Waked:2020:SST,
  author =       "Louis Waked and Mohammad Mannan and Amr Youssef",
  title =        "The Sorry State of {TLS} Security in Enterprise
                 Interception Appliances",
  journal =      j-DTRAP,
  volume =       "1",
  number =       "2",
  pages =        "8:1--8:26",
  month =        jul,
  year =         "2020",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3372802",
  ISSN =         "????",
  ISSN-L =       "????",
  bibdate =      "Sun Jul 12 11:50:01 MDT 2020",
  bibsource =    "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
  URL =          "https://dl.acm.org/doi/abs/10.1145/3372802",
  abstract =     "Network traffic inspection, including TLS traffic, in
                 enterprise environments is widely practiced. Reasons
                 for doing so are primarily related to improving
                 enterprise security (e.g., phishing and malicious
                 traffic detection) and meeting legal \ldots{}",
  acknowledgement = ack-nhfb,
  articleno =    "8",
  fjournal =     "Digital Threats: Research and Practice (DTRAP)",
  journal-URL =  "https://dl.acm.org/loi/dtrap",
}

@Article{Shukla:2020:TUI,
  author =       "Diksha Shukla and Partha Pratim KUNDU and Ravichandra
                 Malapati and Sujit Poudel and Zhanpeng Jin and Vir V.
                 Phoha",
  title =        "Thinking Unveiled: an Inference and Correlation Model
                 to Attack {EEG} Biometrics",
  journal =      j-DTRAP,
  volume =       "1",
  number =       "2",
  pages =        "9:1--9:29",
  month =        jul,
  year =         "2020",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3374137",
  ISSN =         "????",
  ISSN-L =       "????",
  bibdate =      "Sun Jul 12 11:50:01 MDT 2020",
  bibsource =    "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
  URL =          "https://dl.acm.org/doi/abs/10.1145/3374137",
  abstract =     "Very few studies have explored linkages between
                 physiological, such as electroencephalograph (EEG), and
                 behavioral patterns, such as wrist movements. These
                 linkages provide us a unique mechanism to predict one
                 set of patterns from other related \ldots{}",
  acknowledgement = ack-nhfb,
  articleno =    "9",
  fjournal =     "Digital Threats: Research and Practice (DTRAP)",
  journal-URL =  "https://dl.acm.org/loi/dtrap",
}

@Article{Gajrani:2020:VVV,
  author =       "Jyoti Gajrani and Meenakshi Tripathi and Vijay Laxmi
                 and Gaurav Somani and Akka Zemmari and Manoj Singh
                 Gaur",
  title =        "{Vulvet}: Vetting of Vulnerabilities in {Android} Apps
                 to Thwart Exploitation",
  journal =      j-DTRAP,
  volume =       "1",
  number =       "2",
  pages =        "10:1--10:25",
  month =        jul,
  year =         "2020",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3376121",
  ISSN =         "????",
  ISSN-L =       "????",
  bibdate =      "Sun Jul 12 11:50:01 MDT 2020",
  bibsource =    "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
  URL =          "https://dl.acm.org/doi/abs/10.1145/3376121",
  abstract =     "Data security and privacy of Android users is one of
                 the challenging security problems addressed by the
                 security research community. A major source of the
                 security vulnerabilities in Android apps is attributed
                 to bugs within source code, insecure APIs, \ldots{}",
  acknowledgement = ack-nhfb,
  articleno =    "10",
  fjournal =     "Digital Threats: Research and Practice (DTRAP)",
  journal-URL =  "https://dl.acm.org/loi/dtrap",
}

@Article{Cai:2020:TOA,
  author =       "Yegui Cai and George O. M. Yee and Yuan Xiang Gu and
                 Chung-Horng Lung",
  title =        "Threats to Online Advertising and Countermeasures: a
                 Technical Survey",
  journal =      j-DTRAP,
  volume =       "1",
  number =       "2",
  pages =        "11:1--11:27",
  month =        jul,
  year =         "2020",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3374136",
  ISSN =         "????",
  ISSN-L =       "????",
  bibdate =      "Sun Jul 12 11:50:01 MDT 2020",
  bibsource =    "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
  URL =          "https://dl.acm.org/doi/abs/10.1145/3374136",
  abstract =     "Online advertising, also known as web advertising or
                 Internet marketing, is the means and process of
                 promoting products and services on the Internet, and it
                 has been one of the important business models for the
                 Internet. Due to its lucrative nature and \ldots{}",
  acknowledgement = ack-nhfb,
  articleno =    "11",
  fjournal =     "Digital Threats: Research and Practice (DTRAP)",
  journal-URL =  "https://dl.acm.org/loi/dtrap",
}

@Article{Zhou:2020:FNE,
  author =       "Xinyi Zhou and Atishay Jain and Vir V. Phoha and Reza
                 Zafarani",
  title =        "Fake News Early Detection: a Theory-driven Model",
  journal =      j-DTRAP,
  volume =       "1",
  number =       "2",
  pages =        "12:1--12:25",
  month =        jul,
  year =         "2020",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3377478",
  ISSN =         "????",
  ISSN-L =       "????",
  bibdate =      "Sun Jul 12 11:50:01 MDT 2020",
  bibsource =    "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
  URL =          "https://dl.acm.org/doi/abs/10.1145/3377478",
  abstract =     "Massive dissemination of fake news and its potential
                 to erode democracy has increased the demand for
                 accurate fake news detection. Recent advancements in
                 this area have proposed novel techniques that aim to
                 detect fake news by exploring how it \ldots{}",
  acknowledgement = ack-nhfb,
  articleno =    "12",
  fjournal =     "Digital Threats: Research and Practice (DTRAP)",
  journal-URL =  "https://dl.acm.org/loi/dtrap",
}

@Article{Koot:2020:FNC,
  author =       "Matthijs Koot",
  title =        "Field Note on {CVE-2019-11510}: Pulse Connect Secure
                 {SSL-VPN} in {The Netherlands}",
  journal =      j-DTRAP,
  volume =       "1",
  number =       "2",
  pages =        "13:1--13:7",
  month =        jul,
  year =         "2020",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3382765",
  ISSN =         "????",
  ISSN-L =       "????",
  bibdate =      "Sun Jul 12 11:50:01 MDT 2020",
  bibsource =    "http://www.math.utah.edu/pub/tex/bib/cryptography2020.bib;
                 http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
  URL =          "https://dl.acm.org/doi/abs/10.1145/3382765",
  abstract =     "This Field Note describes the case of a critical
                 unauthenticated RCE vulnerability in an SSL-VPN product
                 that remained unpatched at a large scale-up and until
                 after exploits became public. Approximately 14,500
                 systems worldwide were reportedly unpatched at the end
                 of August 2019. Two weeks after exploits emerged in
                 public, both GCHQ and NSA released notices that the
                 vulnerability was being exploited by APT actors. The
                 present Field Note describes observations from the
                 Netherlands and includes reflections in an attempt to
                 stimulate thinking on how to improve the status quo,
                 such as through coordinated proactive measures by
                 CSIRTs.",
  acknowledgement = ack-nhfb,
  articleno =    "13",
  fjournal =     "Digital Threats: Research and Practice (DTRAP)",
  journal-URL =  "https://dl.acm.org/loi/dtrap",
}