Selected Publications by Jim Yuill

 

 

These papers are from my computer-security research at North Carolina State University.

I was a PhD student there, then later a post-doc researcher and a teaching professor.

For some papers, their “Google Scholar citation count” is given.

●      This count is the number of scholarly publications that cite the paper, as of 10/2023.

●      Approximately, only 25% of scientific papers have over 10 citations, and only 2% have over 100 citations.

 

 

Deception-Based Intrusion Detection Systems (IDSes)

 

“Defensive Computer-Security Deception Operations: Processes, Principles and Techniques”

●      Ph.D. Thesis, North Carolina State University, 2006

●      Includes principles for designing deception operations, and two deception-based IDSes

●      Google Scholar citation count: 61

 

“Honeyfiles: Deceptive Files for Intrusion Detection”

●      Proceedings of the 2004 IEEE Workshop on Information Assurance, West Point, NY, June 2004

●      A deception-based IDS, which uses bait files for hackers

●      Google Scholar citation count: 206

 

 

Designing Deception-Operations for Computer Security

 

“Deception for Computer Security Defense”

●      Technical report for the Office of the Secretary of Defense, January 2004

●      Includes principles for designing deception operations, and two deception-based devices

●      Google Scholar citation count: N/A (not published)

 

“Using Deception to Hide Things from Hackers: Processes, Principles, and Techniques”

●      Journal of Information Warfare, November 2006

●      A novel model of deceptive hiding, with application to computer security.

●      Google Scholar citation count: 111

 

 

Computer-Security Incident Response

 

“Intrusion-Detection for Incident Response, Using a Military Battlefield-Intelligence Process”

●      Computer Networks, Elsevier, October 2000

●      Applies the US military’s battlefield-intelligence process to tracking-down hackers on a network

●      The link is to an excerpt, and the full paper is available on request.

●      Google Scholar citation count: 58

 

“Developing Standardized Processes for Incident Response: Challenges and Opportunities”

●      18th ACM Conference on Computer and Communications Security, Chicago, IL, October 2011

●      Department of Defense Cyber Crime Conference 2012, Atlanta, GA, January 2012

●      Slides for a 2-hour tutorial presentation

●      Google Scholar citation count: N/A (not published)

 

 

Computer-Security Practices and Standards

 

“Choosing System Security-Engineering Practices: Evaluation Criteria and a Selected Survey”

●      Technical Report, 2008

●      3rd International Conference of the Virtual Computing Initiative, Research Triangle Park, NC, October 2009

●      Principles for evaluating system security-engineering practices, e.g., NIST, Microsoft’s SDL, etc.

●      Google Scholar citation count: N/A (not published)

 

“Common Criteria: A Survey of Its Problems and Criticism”

●      Technical Report, 2008

●      Department of Defense Cyber Crime Conference 2009, St. Louis, MO, January 2009

●      Analysis of the literature on Common Criteria, a computer-security standard

●      Google Scholar citation count: N/A (not published)