Home Comments

 

Selected Publications by Jim Yuill

 

 

These papers are from my computer-security research at North Carolina State University.

I was a PhD student there, then later a post-doc researcher and a teaching professor.


For some papers, its “Google Scholar citation count is given.

      This count is the number of scholarly publications that cite the paper, as of 10/2023.

      Approximately, only 25% of scientific papers have over 10 citations, and only 2% have over 100 citations.

 

 

Deception-Based Intrusion Detection Systems (IDSes)

 

Defensive Computer-Security Deception Operations: Processes, Principles and Techniques

      Ph.D. Thesis, North Carolina State University, 2006.

      Includes principles for designing deception-operations, and two deception-based IDSes

      Google Scholar citation count: 61

 

Honeyfiles: Deceptive Files for Intrusion Detection

      Proceedings of the 2004 IEEE Workshop on Information Assurance, West Point, NY, June 2004

      A deception-based IDS, which uses bait files for hackers

      Google Scholar citation count: 206

 

 

Designing Deception-Operations for Computer Security

 

Deception for Computer Security Defense

      Technical report for the US Dept. of Defense, January 2004

      Includes principles for designing deception-operations, and two deception-based devices

      Google Scholar citation count: N/A (not published)

 

Using Deception to Hide Things from Hackers: Processes, Principles, and Techniques

      Journal of Information Warfare, November 2006.

      A novel model of deceptive hiding, with application to computer security.

      Google Scholar citation count: 111

 

 

Computer-Security Incident Response

 

“Intrusion-Detection for Incident Response: Using a Military Battlefield-Intelligence Process”

      Computer Networks, Elsevier, October 2000.

      Available on request

      Applies the US military’s battlefield-intelligence process to tracking-down hackers on a network.

      Google Scholar citation count: 58

 

Developing Standardized Processes for Incident Response: Challenges and Opportunities

      18th ACM Conference on Computer and Communications Security, Chicago, IL, October 2011.

      Department of Defense Cyber Crime Conference 2012, Atlanta, GA, January 2012.

      Slides for a 2-hour tutorial presentation

      Google Scholar citation count: N/A (not published)

 

 

Computer-Security Practices and Standards

 

Choosing System Security-Engineering Practices: Evaluation Criteria and a Selected Survey

      Technical Report, 2008

      3rd International Conference of the Virtual Computing Initiative, Research Triangle Park, NC, October 2009

      Principles for evaluating system security-engineering practices, e.g., NIST, Microsoft’s SDL, etc.

      Google Scholar citation count: N/A (not published)

 

Common Criteria: A Survey of Its Problems and Criticism

      Technical Report, 2008

      Department of Defense Cyber Crime Conference 2009, St. Louis, MO, January 2009

      Analysis of the literature on Common Criteria, a computer-security standard

      Google Scholar citation count: N/A (not published)