Matt Bishop

Orcid: 0000-0002-7301-7060

Affiliations:
  • University of California, Davis, Department of Computer Science


According to our database1, Matt Bishop authored at least 190 papers between 1979 and 2023.

Collaborative distances:

Timeline

Legend:

Book 
In proceedings 
Article 
PhD thesis 
Dataset
Other 

Links

Online presence:

On csauthors.net:

Bibliography

2023
Toward Common Weakness Enumerations in Industrial Control Systems.
IEEE Secur. Priv., 2023

Case Study: Mapping an E-Voting Based Curriculum to CSEC2017.
Proceedings of the 54th ACM Technical Symposium on Computer Science Education, Volume 1, 2023

Validation of a Secure Programming Concept Inventory.
Proceedings of the 54th ACM Technical Symposium on Computer Science Education, Volume 2, 2023

Introduction to the Minitrack on Cyber Deception and Cyberpsychology for Defense.
Proceedings of the 56th Hawaii International Conference on System Sciences, 2023

An Adaptive Plug-and-Play (PnP) Interactive Platform for an E-Voting Based Cybersecurity Curricula.
Proceedings of the Human Aspects of Information Security and Assurance, 2023

2022
A Praise for Defensive Programming: Leveraging Uncertainty for Effective Malware Mitigation.
IEEE Trans. Dependable Secur. Comput., 2022

Explaining RADAR features for detecting spoofing attacks in Connected Autonomous Vehicles.
CoRR, 2022

Autonomous Vehicle Security: Composing Attack, Defense, and Policy Surfaces.
Proceedings of the 2022 New Security Paradigms Workshop, 2022

SecTutor: An Intelligent Tutoring System for Secure Programming.
Proceedings of the Information Security Education - Adapting to the Fourth Industrial Revolution, 2022

2021

A New Method for Flow-Based Network Intrusion Detection Using the Inverse Potts Model.
IEEE Trans. Netw. Serv. Manag., 2021

Electronic Voting Technology Inspired Interactive Teaching and Learning Pedagogy and Curriculum Development for Cybersecurity Education.
Proceedings of the Information Security Education for Cyber Resilience, 2021

Measuring Self-efficacy in Secure Programming.
Proceedings of the Information Security Education for Cyber Resilience, 2021

A Brief History and Overview of WISE.
Proceedings of the Information Security Education for Cyber Resilience, 2021

Introduction to the Minitrack on Cyber Deception and Cyber Psychology for Defense.
Proceedings of the 54th Hawaii International Conference on System Sciences, 2021

2020
Education for the Multifaith Community of Cybersecurity.
Proceedings of the Information Security Education. Information Security in Action, 2020

Trust-Based Security; Or, Trust Considered Harmful.
Proceedings of the NSPW '20: New Security Paradigms Workshop 2020, 2020

Anomaly Detection for Science DMZs Using System Performance Data.
Proceedings of the International Conference on Computing, Networking and Communications, 2020

Introduction to the Minitrack on Inside the Insider Threat.
Proceedings of the 53rd Hawaii International Conference on System Sciences, 2020

Insider Attack Detection for Science DMZs Using System Performance Data.
Proceedings of the 8th IEEE Conference on Communications and Network Security, 2020

2019
A new method for flow-based network intrusion detection using inverse statistical physics.
CoRR, 2019

Design Patterns for Compensating Controls for Securing Financial Sessions.
Proceedings of the 2019 IEEE SmartWorld, 2019

Learning Principles and the Secure Programming Clinic.
Proceedings of the Information Security Education. Education in Proactive Information Security, 2019

Introduction to the Minitrack on Inside the Insider Threats.
Proceedings of the 52nd Hawaii International Conference on System Sciences, 2019

2018
Leveraging Uncertainty for Effective Malware Mitigation.
CoRR, 2018

Internet- and cloud-of-things cybersecurity research challenges and advances.
Comput. Secur., 2018

Special Session: Joint Task Force on Cybersecurity Education.
Proceedings of the 49th ACM Technical Symposium on Computer Science Education, 2018

Augmenting Machine Learning with Argumentation.
Proceedings of the New Security Paradigms Workshop, 2018

A Design for a Collaborative Make-the-Flag Exercise.
Proceedings of the Information Security Education - Towards a Cybersecure Society, 2018

Contrasting the CSEC 2017 and the CAE Designation Requirements.
Proceedings of the 51st Hawaii International Conference on System Sciences, 2018

Introduction to the Minitrack on Insider Threats to Governments and Organizations.
Proceedings of the 51st Hawaii International Conference on System Sciences, 2018

Concept Inventories in Cybersecurity Education: An Example from Secure Programming.
Proceedings of the IEEE Frontiers in Education Conference, 2018

2017
Iterative Analysis to Improve Key Properties of Critical Human-Intensive Processes: An Election Security Example.
ACM Trans. Priv. Secur., 2017

Insider Attack Identification and Prevention in Collection-Oriented Dataflow-Based Processes.
IEEE Syst. J., 2017

ACM Joint Task Force on Cybersecurity Education.
Proceedings of the 2017 ACM SIGCSE Technical Symposium on Computer Science Education, 2017

A Model of Owner Controlled, Full-Provenance, Non-Persistent, High-Availability Information Sharing.
Proceedings of the 2017 New Security Paradigms Workshop, 2017

LeakSemantic: Identifying abnormal sensitive network transmissions in mobile applications.
Proceedings of the 2017 IEEE Conference on Computer Communications, 2017

Evaluating Secure Programming Knowledge.
Proceedings of the Information Security Education for a Global Digital Society, 2017

Cybersecurity Curricular Guidelines.
Proceedings of the Information Security Education for a Global Digital Society, 2017

Introduction to Deception, Digital Forensics, and Malware Minitrack.
Proceedings of the 50th Hawaii International Conference on System Sciences, 2017

Agile Research for Cybersecurity: Creating Authoritative, Actionable Knowledge When Speed Matters.
Proceedings of the 50th Hawaii International Conference on System Sciences, 2017

Introduction to Inside the Insider Threat Minitrack.
Proceedings of the 50th Hawaii International Conference on System Sciences, 2017

The dose makes the poison - Leveraging uncertainty for effective malware detection.
Proceedings of the IEEE Conference on Dependable and Secure Computing, 2017

2016
Is Anybody Home? Inferring Activity From Smart Home Network Traffic.
Proceedings of the 2016 IEEE Security and Privacy Workshops, 2016

Special Session: ACM Joint Task Force on Cyber Education.
Proceedings of the 47th ACM Technical Symposium on Computing Science Education, 2016

I'm not sure if we're okay: uncertainty for attackers and defenders.
Proceedings of the 2016 New Security Paradigms Workshop, 2016

Bear: A Framework for Understanding Application Sensitivity to OS (Mis) Behavior.
Proceedings of the 27th IEEE International Symposium on Software Reliability Engineering, 2016

Introduction to the Inside the Insider Threat Minitrack.
Proceedings of the 49th Hawaii International Conference on System Sciences, 2016

2015
The Case for Unpredictability and Deception as OS Features.
login Usenix Mag., 2015

Realism in Teaching Cybersecurity Research: The Agile Research Process.
Proceedings of the Information Security Education Across the Curriculum, 2015

The Case for Less Predictable Operating System Behavior.
Proceedings of the 15th Workshop on Hot Topics in Operating Systems, 2015

2014
Insider Attack Identification and Prevention Using a Declarative Approach.
Proceedings of the 35. IEEE Security and Privacy Workshops, 2014

Insider Threat Identification by Process Analysis.
Proceedings of the 35. IEEE Security and Privacy Workshops, 2014

Introduction to Digital Forensics: Education, Research, and Practice Minitrack.
Proceedings of the 47th Hawaii International Conference on System Sciences, 2014

2013
Multiclass classification of distributed memory parallel computations.
Pattern Recognit. Lett., 2013

Teaching secure coding: the myths and the realities.
Proceedings of the 44th ACM Technical Symposium on Computer Science Education, 2013

Introducing secure coding in CS0 and CS1 (abstract only).
Proceedings of the 44th ACM Technical Symposium on Computer Science Education, 2013

Forgive and forget: return to obscurity.
Proceedings of the New Security Paradigms Workshop, 2013

Information behaving badly.
Proceedings of the New Security Paradigms Workshop, 2013

Virtual Penetration Testing: A Joint Education Exercise across Geographic Borders.
Proceedings of the Information Assurance and Security Education and Training, 2013

Introduction to Digital Forensics - Education, Research, and Practice Minitrack.
Proceedings of the 46th Hawaii International Conference on System Sciences, 2013

2012
A Taxonomy of Buffer Overflow Characteristics.
IEEE Trans. Dependable Secur. Comput., 2012

Network-theoretic classification of parallel computation patterns.
Int. J. High Perform. Comput. Appl., 2012

Security and Elections.
IEEE Secur. Priv., 2012

A Systematic Process-Model-based Approach for Synthesizing Attacks and Evaluating Them.
Proceedings of the 2012 Electronic Voting Technology Workshop / Workshop on Trustworthy Elections, 2012

Teaching secure coding: report from summit on education in secure software.
Proceedings of the 43rd ACM technical symposium on Computer science education, 2012

Turtles all the way down: a clean-slate, ground-up, first-principles approach to secure systems.
Proceedings of the New Security Paradigms Workshop, 2012

Are Your Papers in Order? Developing and Enforcing Multi-tenancy and Migration Policies in the Cloud.
Proceedings of the 45th Hawaii International International Conference on Systems Science (HICSS-45 2012), 2012

2011
Computer security in the future.
ISC Int. J. Inf. Secur., 2011

Teaching Security Stealthily.
IEEE Secur. Priv., 2011

One of These Records Is Not Like the Others.
Proceedings of the 3rd Workshop on the Theory and Practice of Provenance, 2011

Trust of medical devices, applications, and users in pervasive healthcare.
Proceedings of the PETRA 2011, 2011

Resilience is more than availability.
Proceedings of the 2011 New Security Paradigms Workshop, 2011

Multiprocess malware.
Proceedings of the 6th International Conference on Malicious and Unwanted Software, 2011

Results-oriented security.
Proceedings of the 6th International Conference on Malicious and Unwanted Software, 2011

The Strengths and Challenges of Analogical Approaches to Computer Security Education.
Proceedings of the Information Assurance and Security Education and Training, 2011

Robust Programming by Example.
Proceedings of the Information Assurance and Security Education and Training, 2011

Storm Clouds Rising: Security Challenges for IaaS Cloud Computing.
Proceedings of the 44th Hawaii International International Conference on Systems Science (HICSS-44 2011), 2011

Applying Formal Methods Informally.
Proceedings of the 44th Hawaii International International Conference on Systems Science (HICSS-44 2011), 2011

2010
Aspects of Insider Threats.
Proceedings of the Insider Threats in Cyber Security, 2010

A Risk Management Approach to the "Insider Threat".
Proceedings of the Insider Threats in Cyber Security, 2010

Demythifying Cybersecurity.
IEEE Secur. Priv., 2010

Technology, Training, and Transformation.
IEEE Secur. Priv., 2010

A Clinic for "Secure" Programming.
IEEE Secur. Priv., 2010

Modeling and Analyzing Faults to Improve Election Process Robustness.
Proceedings of the 2010 Electronic Voting Technology Workshop / Workshop on Trustworthy Elections, 2010

Reflections on the 30th Anniversary of the IEEE Symposium on Security and Privacy.
Proceedings of the 31st IEEE Symposium on Security and Privacy, 2010

Hidden Markov Models for Automated Protocol Learning.
Proceedings of the Security and Privacy in Communication Networks, 2010

The security and privacy implications of using social networks to deliver healthcare.
Proceedings of the 3rd International Conference on Pervasive Technologies Related to Assistive Environments, 2010

Relationships and data sanitization: a study in scarlet.
Proceedings of the 2010 Workshop on New Security Paradigms, 2010

Multi-stage delivery of malware.
Proceedings of the 5th International Conference on Malicious and Unwanted Software, 2010

10341 Report - Insider Threats: Strategies for Prevention, Mitigation, and Response.
Proceedings of the Insider Threats: Strategies for Prevention, Mitigation, and Response, 22.08., 2010

10341 Abstracts Collection - Insider Threats: Strategies for Prevention, Mitigation, and Response.
Proceedings of the Insider Threats: Strategies for Prevention, Mitigation, and Response, 22.08., 2010

2009
An exploration of the current state of information assurance education.
ACM SIGCSE Bull., 2009

Live Analysis: Progress and Challenges.
IEEE Secur. Priv., 2009

Are Patched Machines Really Fixed?
IEEE Secur. Priv., 2009

E-Voting and Forensics: Prying Open the Black Box.
Proceedings of the 2009 Electronic Voting Technology Workshop / Workshop on Trustworthy Elections, 2009

Strong mobile device protection from loss and capture.
Proceedings of the 2nd International Conference on Pervasive Technologies Related to Assistive Environments, 2009

Privacy aware data sharing: balancing the usability and privacy of datasets.
Proceedings of the 2nd International Conference on Pervasive Technologies Related to Assistive Environments, 2009

Quis Custodiet ipsos Custodes?: a new paradigm for analyzing security paradigms with appreciation to the Roman poet Juvenal.
Proceedings of the 2009 Workshop on New Security Paradigms, 2009

The sisterhood of the traveling packets.
Proceedings of the 2009 Workshop on New Security Paradigms, 2009

Some "Secure Programming" Exercises for an Introductory Programming Class.
Proceedings of the Information Assurance and Security Education and Training, 2009

Vote Selling, Voter Anonymity, and Forensic Logging of Electronic Voting Machines.
Proceedings of the 42st Hawaii International International Conference on Systems Science (HICSS-42 2009), 2009

Digital Forensics: Defining a Research Agenda.
Proceedings of the 42st Hawaii International International Conference on Systems Science (HICSS-42 2009), 2009

Case Studies of an Insider Framework.
Proceedings of the 42st Hawaii International International Conference on Systems Science (HICSS-42 2009), 2009

Reflections on UNIX Vulnerabilities.
Proceedings of the Twenty-Fifth Annual Computer Security Applications Conference, 2009

Investigating the Implications of Virtual Machine Introspection for Digital Forensics.
Proceedings of the The Forth International Conference on Availability, 2009

2008
The Dynamics of Counting and Recounting Votes.
IEEE Secur. Priv., 2008

Virtual Machine Introspection: Observation or Interference?
IEEE Secur. Priv., 2008

Information Assurance Education: A Work In Progress.
IEEE Secur. Priv., 2008

Twelfth Securities Technologies (ST) Workshop Report.
Proceedings of the 17th IEEE International Workshops on Enabling Technologies: Infrastructures for Collaborative Enterprises, 2008

Computer Forensics in Forensis.
Proceedings of the Third International Workshop on Systematic Approaches to Digital Forensic Engineering, 2008

We have met the enemy and he is us.
Proceedings of the 2008 Workshop on New Security Paradigms, 2008

Of Paper Trails and Voter Receipts.
Proceedings of the 41st Hawaii International International Conference on Systems Science (HICSS-41 2008), 2008

08302 Summary - Countering Insider Threats.
Proceedings of the Countering Insider Threats, 20.07. - 25.07.2008, 2008

08302 Abstracts Collection - Countering Insider Threats.
Proceedings of the Countering Insider Threats, 20.07. - 25.07.2008, 2008

Defining the insider threat.
Proceedings of the 4th annual workshop on Cyber security and information intelligence research, 2008

2007
Modeling network intrusion detection alerts for correlation.
ACM Trans. Inf. Syst. Secur., 2007

Analysis of Computer Intrusions Using Sequences of Function Calls.
IEEE Trans. Dependable Secur. Comput., 2007

I Am a Scientist, Not a Philosopher!
IEEE Secur. Priv., 2007

Achieving Learning Objectives through E-Voting Case Studies.
IEEE Secur. Priv., 2007

About Penetration Testing.
IEEE Secur. Priv., 2007

Risks of e-voting.
Commun. ACM, 2007

Fixing federal e-voting standards.
Commun. ACM, 2007

ST Workshop Final Report.
Proceedings of the 16th IEEE International Workshops on Enabling Technologies: Infrastructures for Collaborative Enterprises (WETICE 2007), 2007

An Analysis of the Hart Intercivic DAU eSlate.
Proceedings of the 2007 USENIX/ACCURATE Electronic Voting Technology Workshop, 2007

Toward Models for Forensic Analysis.
Proceedings of the Second International Workshop on Systematic Approaches to Digital Forensic Engineering, 2007

Cost-Sensitive Intrusion Responses for Mobile Ad Hoc Networks.
Proceedings of the Recent Advances in Intrusion Detection, 10th International Symposium, 2007

How to Design Computer Security Experiments.
Proceedings of the Fifth World Conference on Information Security Education, 2007

E-Voting as a Teaching Tool.
Proceedings of the Fifth World Conference on Information Security Education, 2007

2006
Teaching context in information security.
ACM J. Educ. Resour. Comput., 2006

Who Owns Your Computer?
IEEE Secur. Priv., 2006

Security Verification Techniques Applied to PatchLink COTS Software.
Proceedings of the 15th IEEE International Workshops on Enabling Technologies: Infrastructures for Collaborative Enterprises (WETICE 2006), 2006

Eleventh Securities Technologies (ST) Workshop Report.
Proceedings of the 15th IEEE International Workshops on Enabling Technologies: Infrastructures for Collaborative Enterprises (WETICE 2006), 2006

Some Problems in Sanitizing Network Data.
Proceedings of the 15th IEEE International Workshops on Enabling Technologies: Infrastructures for Collaborative Enterprises (WETICE 2006), 2006

Inconsistency in deception for defense.
Proceedings of the New Security Paradigms Workshop 2006, 2006

Sanitization models and their limitations.
Proceedings of the New Security Paradigms Workshop 2006, 2006

Using Type Qualifiers to Analyze Untrusted Integers and Detecting Security Flaws in C Programs.
Proceedings of the Detection of Intrusions and Malware & Vulnerability Assessment, 2006

2005
Teaching Secure Programming.
IEEE Secur. Priv., 2005

A Human Endeavor: Lessons from Shakespeare and Beyond.
IEEE Secur. Priv., 2005

Application of Lightweight Formal Methods to Software Security.
Proceedings of the 14th IEEE International Workshops on Enabling Technologies (WETICE 2005), 2005

Principles-driven forensic analysis.
Proceedings of the New Security Paradigms Workshop 2005, 2005

Position: "insider" is relative.
Proceedings of the New Security Paradigms Workshop 2005, 2005

The insider problem revisited.
Proceedings of the New Security Paradigms Workshop 2005, 2005

Verify Results of Network Intrusion Alerts Using Lightweight Protocol Analysis.
Proceedings of the 21st Annual Computer Security Applications Conference (ACSAC 2005), 2005

2004
Traducement: A model for record security.
ACM Trans. Inf. Syst. Secur., 2004

Academic Degrees and Professional Certification.
IEEE Secur. Priv., 2004

Joining the Security Education Community.
IEEE Secur. Priv., 2004

Back to School.
IEEE Secur. Priv., 2004

Guarding the Castle Keep: Teaching with the Fortress Metaphor.
IEEE Secur. Priv., 2004

Teaching Robust Programming.
IEEE Secur. Priv., 2004

Cyber defense technology networking and evaluation.
Commun. ACM, 2004

How to Sanitize Data.
Proceedings of the 13th IEEE International Workshops on Enabling Technologies (WETICE 2004), 2004

Introduction to Computer Security.
Addison-Wesley, ISBN: 978-0-321-24744-5, 2004

2003
What Is Computer Security?
IEEE Secur. Priv., 2003

Software Security Checklist for the Software Life Cycle.
Proceedings of the 12th IEEE International Workshops on Enabling Technologies (WETICE 2003), 2003

Addressing Software Security and Mitigations in the Life Cycle.
Proceedings of the 28th Annual IEEE / NASA Software Engineering Workshop (SEW-28 2003), 2003

Testing C Programs for Buffer Overflow Vulnerabilities.
Proceedings of the Network and Distributed System Security Symposium, 2003

Panel: Teaching Undergraduate Information Assurance.
Proceedings of the Security Education and Critical Infrastructures, 2003

Miracle Cures and Toner Cartridges: Finding Solutions to the Spam Problem.
Proceedings of the 19th Annual Computer Security Applications Conference (ACSAC 2003), 2003

2002
Trends in academic research: vulnerabilities analysis and intrusion detection.
Comput. Secur., 2002

A Flexible Containment Mechanism for Executing Untrusted Code.
Proceedings of the 11th USENIX Security Symposium, 2002

2001
Development of a Software Security Assessment Instrument to Reduce Software Security Risk.
Proceedings of the 10th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE 2001), 2001

How Useful is Software Fault Injection for Evaluating the Security of COTS Products?
Proceedings of the 17th Annual Computer Security Applications Conference (ACSAC 2001), 2001

2000
Education in information security.
IEEE Concurr., 2000

Supporting reconfigurable security policies for mobile programs.
Comput. Networks, 2000

Reducing Software Security Risk through an Integrated Approach.
Proceedings of the 9th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE 2000), 2000

Using Conservation of Flow as a Security Mechanism in Network Protocols.
Proceedings of the 2000 IEEE Symposium on Security and Privacy, 2000

Analyzing Single-Server Network Inhibition.
Proceedings of the 13th IEEE Computer Security Foundations Workshop, 2000

1999
Vulnerability Analysis: An Extended Abstract.
Proceedings of the Recent Advances in Intrusion Detection, Second International Workshop, 1999

1998
The Solar Trust Model: Authentication Without Limitation.
Proceedings of the 14th Annual Computer Security Applications Conference (ACSAC 1998), 1998

1997
Property-based testing: a new approach to testing for assurance.
ACM SIGSOFT Softw. Eng. Notes, 1997

1996
Secruity Enables Electronic Commerce.
J. Netw. Syst. Manag., 1996

Conspiracy and Information Flow in the Take-Grant Protection Model.
J. Comput. Secur., 1996

Checking for Race Conditions in File Accesses.
Comput. Syst., 1996

1995
Theft of Information in the Take-Grant Protection Model.
J. Comput. Secur., 1995

Improving system security via proactive password checking.
Comput. Secur., 1995

1993
Teaching Computer Security.
Proceedings of the Computer Security, 1993

1991
An Authentication Mechanism for USENET.
Proceedings of the Usenix Winter 1991 Conference, Dallas, TX, USA, January 1991, 1991

Password management.
Proceedings of the Compcon Spring '91, San Francisco, 1991

1990
Collaboration using Roles.
Softw. Pract. Exp., 1990

A security analysis of the NTP protocol version 2.
Proceedings of the Sixth Annual Computer Security Applications Conference, 1990

1989
UNIX security in a supercomputing environment.
Proceedings of the Proceedings Supercomputing '89, Reno, NV, USA, November 12-17, 1989, 1989

Privacy-Enhanced Electronic Mail.
Proceedings of the Distributed Computing And Cryptography, 1989

A model of security monitoring.
Proceedings of the Fifth Annual Computer Security Applications Conference, 1989

1988
An Application of a Fast Data Encryption Standard Implementation.
Comput. Syst., 1988

1987
Profiling Under UNIX by Patching.
Softw. Pract. Exp., 1987

1986
A pauper's callback scheme.
Comput. Secur., 1986

Analyzing the Security of an Existing Computer System.
Proceedings of the Fall Joint Computer Conference, November 2-6, 1986, Dallas, Texas, USA, 1986

1981
Hierarchical Take-Grant Protection Systems.
Proceedings of the Eighth Symposium on Operating System Principles, 1981

1979
The Transfer of Information and Authority in a Protection System.
Proceedings of the Seventh Symposium on Operating System Principles, 1979


  Loading...