Home Comments


Selected Publications by Jim Yuill, et al.



These papers are from my computer-security research at North Carolina State University. 

I was a PhD student there, then later a post-doc researcher and a teaching professor.

For some papers, its “Google Scholar citation count is given.

      This count is the number of scholarly publications that cite the paper, as of 10/2023.

      Approximately, only 25% of scientific papers have over 10 citations, and only 2% have over 100 citations.



Deception-Based Intrusion Detection Systems (IDS)


Defensive Computer-Security Deception Operations:  Processes, Principles and Techniques

      Ph.D. Thesis, North Carolina State University, 2006.

      Includes principles for designing deception-operations, and two deception-based IDSes

      Google Scholar citation count:  61


Honeyfiles:  Deceptive Files for Intrusion Detection

      Proceedings of the 2004 IEEE Workshop on Information Assurance, West Point, NY,  June 2004.

      A deception-based IDS, which uses bait files for hackers.

      Google Scholar citation count:  206



Designing Deception-Operations for Computer Security


Deception for Computer Security Defense

      Technical report for the US Dept. of Defense, January 2004.

      Includes principles for designing deception-operations, and two deception-based devices.

      Google Scholar citation count:  N/A (not published)


Using Deception to Hide Things from Hackers :  Processes, Principles, and Techniques

      Journal of Information Warfare, 5(3):26-40, November 2006.

      A novel model of deceptive hiding, with application to computer security.

      Google Scholar citation count:  111



Computer-Security Incident Response


“Intrusion-Detection for Incident-Response : using a military battlefield-intelligence process”

      Computer Networks, Elsevier, 34(4): 671-697, October 2000.

      Available on request

      Applies the US military’s battlefield-intelligence process to tracking-down hackers on a network.

      Google Scholar citation count:  58


Developing Standardized Processes for Incident Response:  Challenges and Opportunities

      Department of Defense Cyber Crime Conference 2012, Atlanta, GA, January 2012.

      Slides for a 2-hour presentation.

      Google Scholar citation count:  N/A (not published)



Computer-Security Practices and Standards


Choosing System Security-Engineering Practices :  evaluation criteria and a selected survey

      Technical Report, 2008

      Principles for evaluating system security-engineering practices, e.g., CC, Microsoft’s SDL, etc.

      Google Scholar citation count:  N/A (not published)