Book Chapters
[B.1] “Cyber-Security,” M. Cukier, and
S. Panjwani, in Wiley Handbook of Science and Technology for Homeland
Security, 2009.
[B.2] “Quantifying the Cost of Providing
Intrusion Tolerance in Group Communication Systems,” H. V.
Ramasamy, P. Pandey, J. Lyons, M. Cukier, and W. H. Sanders, in
Foundations of Intrusion Tolerant Systems (Jay Lala, Ed.), pp. 241-250,
IEEE Computer Society, 2003. (Re-print of a conference paper with the
same title.)
[B.3] “Formal Specification and Verification of
a Group Membership Protocol for an Intrusion-Tolerant Group
Communication System,” H. V. Ramasamy, M. Cukier, and W. H.
Sanders, in Foundations of Intrusion Tolerant Systems (Jay Lala, Ed.),
pp. 251-260, IEEE Computer Society, 2003. (Re-print of a conference
paper with the same title.)
Journal Papers
[J.1] An Evaluation of Connection Characteristics
for Separating Network Attacks
R. Berthier, and M. Cukier
International Journal of Security and Networks, vol. 4, no. 1/2, 2009,
pp. 110-124.
[J.2] Prioritizing Vulnerability Remediation by
Determining Attacker-Targeted Vulnerabilities
M. Cukier, and S. Panjwani
IEEE Security & Privacy, IEEE Security and Privacy, vol. 7, no. 1,
Jan./Feb. 2009, pp. 42-48.
[J.3] Evaluating Attack Resiliency for Host Intrusion
Detection Systems
J. Molina, and M. Cukier
Journal of Information Assurance and Security, vol. 4, no. 1, March
2009, pp. 1-9.
[J.4] Modelling the “Tragedy of the
Commons” Archetype in Enterprise Computer Security
S. N. Rosenfeld, I. Rus, and M. Cukier
Journal of Information Assurance and Security, vol. 4, no. 1, March
2009, pp. 10-20.
[J.5] Password Changes: Empirical Results
M. Cukier and A. Sharma
ISAST Transactions on Computers and Software Engineering, vol.1, no.1,
2007, pp. 11-16.
[J.6] Archetypal Behavior in Computer Security
S. N. Rosenfeld, I. Rus, and M. Cukier
Journal of Systems and Software, special issue on Methodology of
Security Engineering for Industrial Security Management Systems), vol.
80, no. 10, October 2007, pp. 1594-1606.
[J.7] Experiences with Building an Intrusion-tolerant
Group Communication System
H. V. Ramasamy, P. Pandey, M. Cukier, and W. H. Sanders
Software: Practice and Experience, vol. 38, no.6, May 2008, pp. 639-666.
[J.8] An Architecture for Adaptive Intrusion-Tolerant
Applications
P. Pal, P. Rubel, M. Atighetchi, F. Webber, W. H. Sanders, M. Seri, H.
Ramasamy, J. Lyons, T. Courtney, A. Agbaria, M. Cukier, J. Gossett, and
I. Keidar
Software: Practice and Experience, vol. 36, no. 11-12, September 2006,
pp. 1331-1354.
[J.9] A Global-State-Triggered Fault Injector for
Distributed System Evaluation
R. Chandra, R. M. Lefever, K. Joshi, M. Cukier, and W. H. Sanders
IEEE Transactions on Parallel and Distributed Systems, vol. 15, no. 7,
July 2004, pp. 593-605.
[J.10] Formal Verification of a Intrusion-Tolerant
Group Membership Protocol
H. V. Ramasamy, M. Cukier, and W. H. Sanders
IEICE Transactions on Information and Systems, special issue on
Dependable Computing, vol. E86-D, no. 12, December 2003, pp. 2612-2622.
[J.11] An Adaptive Quality of Service Aware
Middleware for Replicated Services
S. Krishnamurthy, W. H. Sanders, and M. Cukier
IEEE Transactions on Parallel and Distributed Systems, vol. 14, no. 11,
November 2003, pp. 1112-1125.
[J.12] AQuA: An Adaptive Architecture that Provides
Dependable Distributed Objects J. Ren, T. Courtney, M. Cukier, C.
Sabnis, W. H. Sanders, M. Seri, D. A. Karr, P. Rubel, and R. E. Schantz
IEEE Transactions on Computers, vol. 52, no. 1, January 2003, pp.
31-50.
[J.13] An Adaptive Algorithm for Tolerating Value
Faults and Crash Failures
J. Ren, M. Cukier, and W. H. Sanders
Special Issue on Dependable Network Computing in the IEEE Transactions
on Parallel and Distributed Systems, vol. 12, no. 2, February 2001,
pp.173-191.
[J.14] Coverage Estimation Methods for Stratified
Fault-Injection
M. Cukier, D. Powell, and J. Arlat
IEEE Transactions on Computers, vol. 48, no. 7, July 1999, pp.707-723.
Publications in Refereed Symposia/Conferences
[C.1] How Secure are Networked Office Devices?E. Condon, Z. Afoulki, E. Cummins and M. Cukier
in Proc. International Conference on Dependable Systems and Networks (DSN-2011), June 2011. 25% acceptance rate
[C.2] Characterizing Attackers and Attacks: An Empirical Study
G. Salles-Loustau, R. Berthier, E. Collange, B. Sobesto, and M. Cukier
in Proc. 17th Pacific Rim International Symposium on Dependable Computing (PRDC), Pasadena, CA, December 2011
[C.3] DarkNOC: Dashboard for Honeypot Management
B. Sobesto, M. Cukier, M. Hiltunen, D. Kormann, G. Vesonder, and R. Berthier
in Proc. 25th Usenix Large Installation System Administration Conference (LISA’11), Boston, MA, December 2011
[C.4] Nfsight: NetFlow-based Network Awareness Tool
R. Berthier, M. Cukier, M. Hiltunen, D. Kormann, G. Vesonder, and D. Sheleheda
in Proc. 24th Large Installation System Administration Conference (LISA 2010), San Jose, CA, November 2010. 43% acceptance rate
[C.5] Development and Validation of an Information Security Model for Decision Makers
D. Chrun, M. Cukier, A. Mosleh, and G. Sneeringer
in Proc. European Sefety Reliability Conference (ESREL), September 2010
[C.6] Investigating the Impact of Humans in Information Technology Security: A Case Study at the University of Maryland
D. Chrun, M. Cukier, A. Mosleh, and G. Sneeringer
in Proc. 10th International Probabilistic Safety Assessment and Management Conference (PSAM), June 2010
[C.7] A Framework for Software Reliability Management Based on Software Development Profile Model
A. Khoshkhou, M. Cukier, and A. Mosleh
in Proc. 10th International Probabilistic Safety Assessment and Management Conference (PSAM), June 2010
[C.8] Analyzing the Process of Installing Rogue Software
R. Berthier, J. Arjona, and M. Cukier
in Proc. International Conference on Dependable Systems and Networks (DSN-2009), June-July 2009. 33% acceptance rate
[C.9] Evaluating Files to Audit for Detecting Intrusions in FileSystem Data
J. Molina and M. Cukier
in Proc. The 8th IEEE International Symposium on Network Computing and Applications (NCA09), Cambridge, MA, July 9-11, 2009.
[C.10] The Deployment of a Darknet on an Organization-Wide Network: An Empirical Analysis
R. Berthier and M. Cukier
in Proc. 11th IEEE Symposium on High Assurance Systems Engineering (HASE'08), Nanjing, China, December 3 - 5, 2008, pp. 59-68. 22% acceptance rate
[C.11] On the Comparison of Network Attack Datasets: An Empirical Analysis
R. Berthier, D. Kormann, M. Cukier, M. Hiltunen, G. Vesonder, and D. Sheleheda
in Proc. 11th IEEE Symposium on High Assurance Systems Engineering (HASE'08), Nanjing, China, December 3 - 5, 2008, pp. 39-48. 22% acceptance rate
[C.12] On the Use of Security Metrics based on Intrusion Prevention System Event Data: An Empirical Analysis
D. Chrun, M. Cukier, and G. Sneeringer
in Proc. 11th IEEE Symposium on High Assurance Systems Engineering (HASE'08), Nanjing, China, December 3 - 5, 2008, pp. 49-58. 22% acceptance rate
[C.13] Analysis of Computer Security Incident Data Using Time Series Models
E. Condon, Angela He, and M. Cukier
in Proc. 19th IEEE International Symposium on Software Reliability Engineering (ISSRE 2008), Seattle/Redmond, WA, November 11-14, 2008, pp. 77-86. 25% acceptance rate
[C.14] Finding Corrupted Computers Using Imperfect Intrusion Prevention System Event Data
D. Chrun, M. Cukier, and G. Sneeringer
in Proc. 27th International Conference on Computer Safety, Reliability and Security (SAFECOMP 2008), Newcastle upon Tyne, UK, September 22-25, 2008, pp. 221-234.
38% acceptance rate
[C.15] Filesystem Activity Following a SSH Compromise: An Empirical Study of File Sequences
J. Molina, X. Chorin, and M. Cukier
in Proc. 10th International Conference on Information Security and Cryptology (ICISC 2007), Seoul, Korea, November 29-30, 2007, pp. 144-155. 23% acceptance rate
[C.16] Applying Software Reliability Models on Security Incidents
E. Condon, M. Cukier, and T. He
in Proc. 18th IEEE International Symposium on Software Reliability Engineering (ISSRE 2007), Trollhättan, Sweden, November 5-9, 2007, pp. 159-168. 33% acceptance rate
[C.17] A Comparison between Internal and External Malicious Traffic
M. Cukier and S. Panjwani
in Proc. 18th IEEE International Symposium on Software Reliability Engineering (ISSRE 2007), Trollhättan, Sweden, November 5-9, 2007, pp. 109 - 114. 33% acceptance rate
[C.18] Profiling Attacker Behavior Following SSH Compromises
D. Ramsbrock, R. Berthier, and M. Cukier
in Proc. International Conference on Dependable Systems and Networks (DSN-2007), June-July 2007, pp. 119-124. 25% acceptance rate
[C.19] An Empirical Study of Filesystem Activity Following a SSH Compromise
J. Molina, J. Gordon, X. Chorin, and M. Cukier
in Proc. Sixth International Conference on Information, Communications and Signal Processing (ICICS 2007), Singapore, December 10-13, 2007. 42% acceptance rate
[C.20] Modeling the “Symptomatic Fixes” Archetype in Enterprise Computer Security
S. N. Rosenfeld, I. Rus, and M. Cukier
in Proc. 30th Annual International Computer Software and Applications Conference (COMPSAC 2006), Chicago, IL, September 18-21, 2006, pp. 178-188. 31% acceptance rate
[C.21] Assessing the Attack Threat due to IRC Channels
R. Meyer, and M. Cukier
in Proc. International Conference on Dependable Systems and Networks (DSN-2006), Philadelphia, PA, June 25-28, 2006, pp. 467-472. 24% acceptance rate
[C.22] A Statistical Analysis of Attack Data to Separate Attacks
M. Cukier, R. Berthier, S. Panjwani and S. Tan
in Proc. International Conference on Dependable Systems and Networks (DSN-2006), Philadelphia, PA, June 25-28, 2006, pp. 383-392. 24% acceptance rate
[C.23] Modeling and Simulation of the Escalation Archetype in Computer Security
S. N. Rosenfeld, I. Rus, and M. Cukier
in Proc. 2006 Symposium on Simulation Software Security (SSSS06), Huntsville, AL, April 2-6, 2006. 50% acceptance rate
[C.24] Automated Checking for Windows Host Vulnerabilities
M. Tamizi, M. Weinstein, and M. Cukier
in Proc. 16th IEEE International Symposium on Software Reliability Engineering (ISSRE 2005), Chicago, IL, November 8-11, 2005, pp. 139-148. 32% acceptance rate
[C.25] An Experimental Evaluation to Determine if Port Scans are Precursors to an Attack
S. Panjwani, S. Tan, K. Jarrin, and M. Cukier
in Proc. International Conference on Dependable Systems and Networks (DSN-2005), Yokohama, Japan, June 28-July 1, 2005, pp. 602-611. 29% acceptance rate
[C.26] Ferret: A Host Vulnerability Checking Tool
A. Sharma, J. R. Martin, N. Anand, M. Cukier, and W. H. Sanders
in Proc. IEEE Pacific Rim International Symposium on Dependable Computing (PRDC-10), Papeete, Tahiti, French Polynesia, March 3-5, 2004, pp. 389-394. 40% acceptance rate
[C.27] An Experimental Evaluation of Correlated Network Partitions in the Coda Distributed File System
R. M. Lefever, M. Cukier, and W. H. Sanders
in Proc. 22nd Symposium on Reliable Distributed Systems (SRDS 2003), Florence, Italy, October 6-8, 2003, pp. 273-282. 29% acceptance rate
[C.28] Probabilistic Validation of an Intrusion-Tolerant Replication System
S. Singh, M. Cukier, and W. H. Sanders
in Proc. International Conference on Dependable Systems and Networks (DSN-2003), San Francisco, CA, June 22-25, 2003, pp. 615-624. 35% acceptance rate
[C.29] Experimental Evaluation of the Unavailability Induced by a Group Membership Protocol
K. R. Joshi, M. Cukier, and W. H. Sanders
in 4th European Dependable Computing Conference, (A. D. Gvishiani and F. Grandoni, Eds.), LNCS 2485, pp. 140-158, Springer Verlag, 2002.
[C.30] An Adaptive Framework for Tunable Consistency and Timeliness Using Replication
S. Krishnamurthy, W. H. Sanders, and M. Cukier
in Proc. International Conference on Dependable Systems and Networks (DSN-2002), Washington, DC, June 23-26, 2002, pp. 17-26. 31% acceptance rate
[C.31] Quantifying the Cost of Providing Intrusion Tolerance in Group Communication Systems
H. V. Ramasamy, P. Pandey, J. Lyons, M. Cukier, and W. H. Sanders
in Proc. International Conference on Dependable Systems and Networks (DSN-2002), Washington, DC, June 23-26, 2002, pp. 229-238. 31% acceptance rate
[C.32] Passive Replication Schemes in AQuA
Y. Ren, P. Rubel, M. Seri, M. Cukier, W. H. Sanders, and T. Courtney
in Proc. 2002 Pacific Rim International Symposium on Dependable Computing (PRDC2002), Tsukuba, Japan, December 16-18, 2002, pp. 125-130. 65% acceptance rate
[C.33] Formal Specification and Verification of a Group Membership Protocol for an Intrusion-Tolerant Group Communication System
H. V. Ramasamy, M. Cukier, and W. H. Sanders
in Proc. 2002 Pacific Rim International Symposium on Dependable Computing (PRDC2002), Tsukuba, Japan, December 16-18, 2002, pp. 9-18. 65% acceptance rate
[C.34] Probabilistic Validation of Intrusion Tolerance
W. H. Sanders, M. Cukier, F. Webber, P. Pal, and R. Watro
Fast Abstract in the Supplemental Volume of the 2002 International Conference on Dependable Systems & Networks (DSN-2002), Washington, DC, June 23-26, 2002, pp. B-78 to B-79.
[C.35] Providing Intrusion Tolerance with ITUA
T. Courtney, J. Lyons, H. V. Ramasamy, W. H. Sanders, M. Seri, M. Atighetchi, P. Rubel, C. Jones, F. Webber, P. Pal. R. Watro, M. Cukier, and J. Gossett
in the Supplemental Volume of the 2002 International Conference on Dependable Systems & Networks (DSN-2002), Washington, DC, June 23-26, 2002, pp. C-5-1 to C-5-3.
[C.36] A Configurable CORBA Gateway for Providing Adaptable System Properties
M. Seri, T. Courtney, M. Cukier, V. Gupta, S. Krishnamurthy, J. Lyons, H. Ramasamy, J. Ren, and W. H. Sanders
in Supplemental Volume of the 2002 International Conference on Dependable Systems & Networks (DSN-2002), Washington, DC, June 23-26, 2002, pp. G-26 to G-30.
[C.37] Performance Evaluation of a QoS-Aware Framework for Providing Tunable Consistency and Timeliness
S. Krishnamurthy, W. H. Sanders, and M. Cukier
in Proc. Tenth International Workshop on Quality of Service (IWQoS 2002), Miami Beach, FL, May 15-17, 2002, pp. 214-223.
[C.38] Using Bayesian Theory for Estimating Dependability Benchmark Measures
M. Cukier, and C. S. Smidts
in Supplemental Volume of the 2002 International Conference on Dependable Systems & Networks (DSN-2002), Washington, DC, June 23-26, 2002.
[C.39] An Experimental Evaluation of the Responsiveness of Replica Selection Algorithms
S. Krishnamurthy, W. H. Sanders, and M. Cukier
in Proc. of the Seventh IEEE International Workshop on Object-oriented Real-time Dependable Systems (WORDS 2002), San Diego, CA, January 7-9, 2002, pp. 119-127.
[C.40] A Dynamic Replica Selection Algorithm for Tolerating Time Faults in a Replicated Service
S. Krishnamurthy, W. H. Sanders, and M. Cukier
in Proc. International Conference on Dependable Systems and Networks (DSN-2001), Göteborg, Sweden, pp. 107-116, July 2001. 35% acceptance rate
[C.41] An Overview of the AQuA Gateway
M. Seri, T. Courtney, M. Cukier, and W. H. Sanders
in Proc. of the 1st Workshop on The ACE ORB (TAO), St. Louis, MO, August 5-6, 2001.
[C.42] Survival by Defense-Enabling,
P. Pal, F. Webber, R. Schantz, J. Loyall, R. Watro, W. Sanders, M. Cukier, and J. Gossett
in Proc. of the New Security Paradigms Workshop 2001, Cloudcroft, New Mexico, September 11-13, 2001, pp. 71-78.
[C.43] Intrusion Tolerance in ITUA
M. Cukier, J. Lyons, P. Pandey, H. V. Ramasamy, W. H. Sanders, P. Pal, F. Webber, R. Schantz, J. Loyall, R. Watro, M. Atighetchi, and J. Gossett
in Digest of FastAbstracts presented at the International Conference on Dependable Systems and Networks (DSN-2001), Göteborg, Sweden, pp. B-64 to B-65, July 2001.
[C.44] Dynamic Node Management and Measure Estimation in a State-Driven Fault Injector
R. Chandra, M. Cukier, R. M. Lefever, and W. H. Sanders
in Proc. 19th IEEE Symposium on Reliable Distributed Systems (SRDS-2000), Nürnberg, Germany, pp. 248-257, October 2000. 26% acceptance rate
[C.45] Loki: A State-Driven Fault Injector for Distributed Systems
R. Chandra, R. M. Lefever, M. Cukier, and W. H. Sanders
in Proc. International Conference on Dependable Systems and Networks (FTCS-30 and DCCA-8), New York, New York, pp. 237-242, June 2000. 43% acceptance rate
[C.46] Proteus: A Flexible Infrastructure to Implement Adaptive Fault Tolerance in AQuA
C. Sabnis, M. Cukier, J. Ren, P. Rubel, W. H. Sanders, D. E. Bakken, and D. A. Karr
in Dependable Computing for Critical Applications 7, vol. 12 of Dependable Computing and Fault-Tolerant Systems (C. B. Weinstock and J. Rushby, Eds.), pp. 149-168, IEEE Computer Society Press, 1999. 32% acceptance rate
[C.47] Building Dependable Distributed Applications Using AQuA
J. Ren, M. Cukier, P. Rubel, W. H. Sanders, D. E. Bakken, and D. A. Karr
in Proc. 4th IEEE Symposium on High Assurance Systems Engineering (HASE'99), Washington, DC, pp. 189-196, November 1999. 61% acceptance rate
[C.48] Fault Injection Based on the Partial Global State of a Distributed System
M. Cukier, R. Chandra, D. Henke, J. Pistole, and W. H. Sanders
in Proc. 18th IEEE Symposium on Reliable Distributed Systems (SRDS-99), Lausanne, Switzerland, IEEE Computer Society Press, pp. 168-177, October 1999. 43% acceptance rate
[C.49] Building Dependable Distributed Objects with the AQuA Architecture
M. Cukier, J. Ren, P. Rubel, D. E. Bakken, and D. A. Karr
in Digest of Fast Abstracts presented at the 29th Annual International Symposium on Fault-Tolerant Computing (FTCS-29), Madison, WI, pp. 17-18, June 1999.
[C.50] AQuA: An Adaptive Architecture That Provides Dependable Distributed Objects
M. Cukier, J. Ren, C. Sabnis, D. Henke, J. Pistole, W. H. Sanders, D. E. Bakken, M. E. Berman, D. A. Karr, and R. E. Schantz
in Proc. 17th IEEE Symposium on Reliable Distributed Systems (SRDS-98), West Lafayette, IN, pp. 245-253, IEEE Computer Society Press, October 1998. 34% acceptance rate
[C.51] Frequentist and Bayesian Coverage Estimations for Stratified Fault-Injection
M. Cukier, J. Arlat, and D. Powell
in Dependable Computing for Critical Applications 6, vol. 11 of Dependable Computing and Fault-Tolerant Systems (M. Dal Cin, C. Meadows and W. H. Sanders, Eds.), pp.43-61, IEEE Computer Society Press, 1998. 35% acceptance rate
[C.52] Probabilistic Verification of a Synchronous Round-Based Consensus Protocol
H. S. Duggal, M. Cukier, and W. H. Sanders
in Proc. 16th IEEE Symposium on Reliable Distributed Systems (SRDS-97), Durham, NC, pp.165-174, IEEE Computer Society Press, October 1997.
[C.53] Estimation of Time-Dependent Coverage
D. Powell, M. Cukier, J. Arlat, and Y. Crouzet
in Proc. 8th European Workshop on Dependable Computing (EWDC-8), Goteborg, Sweden, April 1997, (20 pages).
[C.54] On Stratified Sampling for High Coverage Estimations
D. Powell, M. Cukier, and J. Arlat
in 2nd European Dependable Computing Conference, (A. Hlawiczka, J. G. Silva and L. Simoncini, Eds.), LNCS 1150, pp.37-54, Springer Verlag, 1996. 39% acceptance rate
[C.55] Software Reliability Analysis of Three Successive Generations of a Switching System
M. Kaâniche, K. Kanoun, M. Cukier, and M. Bastos Martini
in European Dependable Computing Conference 1, (K. Echtle, D. K. Hammer and D. Powell, Eds.), LNCS 852, pp.473-490, Springer Verlag, 1994. 32% acceptance rate
