Selected Publications by Jim Yuill, et al.

 

 

These papers are from my computer-security research at North Carolina State University. 

I was a PhD student there, then later a post-doc researcher and a teaching professor.

 

The “Google Scholar citation count” is the number of scholarly publications that cite the paper, as of 10/2023.

Approximately, only 25% of scientific papers have over 10 citations, and only 2% have over 100 citations.

 

 

Deception-Based Intrusion Detection Systems (IDS)

 

“Defensive Computer-Security Deception Operations:  Processes, Principles and Techniques”

●      Ph.D. Thesis, North Carolina State University, 2006.

●      Includes principles for designing deception-operations, and two deception-based IDSes

●      Google Scholar citation count:  61

 

“Honeyfiles:  Deceptive Files for Intrusion Detection”

●      Proceedings of the 2004 IEEE Workshop on Information Assurance, West Point, NY,  June 2004.

●      A deception-based IDS, which uses bait files for hackers.

●      Google Scholar citation count:  206

 

 

Designing Deception-Operations for Computer Security

 

“Deception for Computer Security Defense”

●      Technical report for the US Dept. of Defense, January 2004.

●      Includes principles for designing deception-operations, and two deception-based devices.

●      Google Scholar citation count:  N/A (not published)

 

“Using Deception to Hide Things from Hackers :  Processes, Principles, and Techniques”

●      Journal of Information Warfare, 5(3):26-40, November 2006.

●      A novel model of deceptive hiding, with application to computer security.

●      Google Scholar citation count:  111

 

 

Computer-Security Incident Response

 

“Intrusion-Detection for Incident-Response : using a military battlefield-intelligence process”

●      Computer Networks, Elsevier, 34(4): 671-697, October 2000.

●      Available on request

●      Applies the US military’s battlefield-intelligence process to tracking-down hackers on a network.

●      Google Scholar citation count:  58

 

“Developing Standardized Processes for Incident Response:  Challenges and Opportunities”

●      Department of Defense Cyber Crime Conference 2012, Atlanta, GA, January 2012.

●      Slides for a 2-hour presentation.

●      Google Scholar citation count:  N/A (not published)

 

 

Computer-Security Practices and Standards

 

“Choosing System Security-Engineering Practices :  evaluation criteria and a selected survey”

●      Technical Report, 2008

●      Principles for evaluating system security-engineering practices, e.g., CC, Microsoft’s SDL, etc.

●      Google Scholar citation count:  N/A (not published)