Announcements

Center for Information Protection
UC Davis is planning to join the NSF I/UCRC Center for Information Protection. We are looking for companies to join our Industrial Advisory Board.
Find out more here!

Conferences and Workshops

• NSPW 2008
• ESSoS 2009
• WISE 6, 2009

My Links

• My Home Page
• Books
• Classes
• Papers
• Reports and Notes
• Research
• Security in Programming
• Service
• Students
• Talks
• Miscellaneous
• My Family
• About Me (CV and such)

Other Links

• MyUCDavis
• Computer Security Lab
• Dept. of Computer Science
• College of Engineering
• University of California, Davis
• City of Davis
• County of Yolo
• State of California
• United States of America

This Quarter’s Classes

Office Hours for This Quarter

Contacting Me

Papers

These are some of the papers I’ve published. I’m adding to them slowly, so if you see something you want but it isn’t there, let me know.

The papers are in Postscript (PS) and PDF (PDF) format. In some cases, I needed to generate HTML, and when I did, I made it available.

2008

• M. Bishop, S. Engle, C. Gates, S. Peisert, and S. Whalen, “We Have Met the Enemy and He Is Us”, to appear in Proceedings of the 2008 New Security Paradigms Workshop (Sep. 2008).
• S. Peisert, M. Bishop, and K. Marzullo, “Computer Forensics In Forensis,” Proceedings of the Third International IEEE Workshop on Systematic Approaches to Digital Forensic Engineering pp. 102–122 (May 2008).
• M. Bishop and C. Gates, “Defining the Insider Threat,” Proceedings of the Cyber Security and Information Intelligence Workshop (May 2008).
• A. Yasinsac and M. Bishop, “The Dynamics of Counting and Recounting Votes,” IEEE Security and Privacy 6(3) pp. 22–29 (May 2008).
• M. Bishop, “Some Exercises for an Introductory Class,” Faculty Workshop on Secure Software Development (Apr. 2008).
• M. Dark and M. Bishop, “Evaluating the Efficacy of Software Security Curriculum Exercises,” Faculty Workshop on Secure Software Development (Apr. 2008).
• S. Peisert, M. Bishop, and K. Marzullo, “Computer Forensics in Forensis,” ACM SIGOPS Operating Systems Review 42(3) pp. 112–122 (Apr. 2008).
• A. Yasinsac and M. Bishop, “Of Paper Trails and Voter Receipts,” Proceedings of the 2008 Hawaii International Conference on System Sciences (Jan. 2008).

2007

• M. Bishop and D. Wagner, “Risks of E-Voting,” Communications of the ACM 50(11) p. 120 (Nov. 2007).
• E. Proebstel, S. Riddle, F. Hsu, J. Cummins, F. Oakley, T. Stanionis, and M. Bishop, “An Analysis of the Hart Intercivic DAU eSlate,” Proceedings of the 2007 USENIX/ACCURATE Electronic Voting Technology Workshop (Aug. 2007).
• S. Peisert and M. Bishop, “I’m a Scientist, Not a Philosopher!” IEEE Security & Privacy Magazine 5(4) pp. 48–51 (July 2007).
• C. Gates, C. Taylor, and M. Bishop, “Dependable Security: Testing Network Intrusion Detection Systems,” poster paper, Proceedings of the Third Workshop on Hot Topics in System Dependability paper 19 (June 2007).
• S. Peisert and M. Bishop, “How to Design Computer Security Experiments,” Proceedings of the World Conference on Information Security Education pp. 141–148 (June 2007).
• M. Bishop, “E-Voting as a Teaching Tool,” Proceedings of the World Conference on Information Security Education pp. 17–24 (June 2007).
• S. Peisert, M. Bishop, S. Karin, and K. Marzullo, “Towards Models for Forensic Analysis,” Proceedings of the Second International Workshop on Systematic Approaches to Digital Forensic Engineering pp. 3–15 (Apr. 2007).
• S. Peisert, M. Bishop, S. Karin, and K. Marzullo, “Analysis of Computer Intrusions Using Sequences of Function Calls,” IEEE Transactions on Dependable and Secure Computing 4(2) pp. 137–150 (Apr. 2007).
• E. Barr, M. Bishop, and M. Gondree, “Fixing Federal E-Voting Standards,” Communications of the ACM 50(3) pp. 19–24 (Mar. 2007).
• J. Zhou, M. Heckman, B. Reynolds, A. Carlson, and M. Bishop, “Modeling Network Intrusion Detection Alerts for Correlation,” ACM Transactions on Information and System Security 10(1) pp. 1–31 (Feb. 2007).
• M. Bishop and D. Frincke, “ Achieving Learning Objectives through E-Voting Case Studies,” IEEE Security & Privacy Magazine 5(1) pp. 53–56 (Jan. 2007).

2006

• M. Bishop, “Teaching Context in Information Security,” Journal on Educational Resources in Computing 6(3) article #3 (Sep. 2006).
• R. Crawford, M. Bishop, B. Bhumiratana, L. Clark, and K. Levitt, “Sanitization Models and their Limitations,” Proceedings of the New Security Paradigms Workshop pp. 41–56 (Sep. 2006).
• V. Neagoe and M. Bishop, “Inconsistency in Deception for Defense,” Proceedings of the New Security Paradigms Workshop pp. 31–38 (Sep. 2006).
• E. Ceesay, J. Zhou, M. Gertz, K. Levitt, and M. Bishop, “Using Type Qualifiers to Analyze Untrusted Integers and Detecting Security Flaws in C Programs,” Proceedings of the GI/IEEE SIG SIDAR Conference on Detection and Intrusions and Malware and Vulnerability Assessment pp. 1–16 (July 2006).
• D. Gilliam, J. Powell, M. Bishop, C. Andrews, and S. Jog, “Security Verification Techniques Applied to PatchLink COTS Software,” Proceedings of the 15th IEEE International Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises pp. 319–325 (June 2006).
• M. Bishop, R. Crawford, B. Bhumiratana, L. Clark, and K. Levitt, “Some Problems in Sanitizing Network Data,” Proceedings of the 15th IEEE International Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises pp. 307–312 (June 2006).
• D. Gilliam and M. Bishop, “WETICE 2006 Eleventh Securities Technologies (ST) Workshop Report,” Proceedings of the 15th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprise pp. 305–306 (June 2006).
• M. Bishop and S. Engle, “The Software Assurance CBK and University Curricula,” Proceedings from the Tenth Colloquium on Information Systems Security Education pp. 14–21 (June 2006).
• M. Bishop and B. J. Orvis, “A Clinic to Teach Good Programming Practices,” Proceedings from the Tenth Colloquium on Information Systems Security Education pp. 168–174 (June 2006).
• M. Bishop and D. Frincke, “Who Owns Your Computer?,” IEEE Security & Privacy Magazine 4(2) pp. 61–63 (Mar. 2006).

2005

• J. Zhou, A. Carlson, and M. Bishop, “Verify Results of Network Intrusion Alerts Using Lightweight Protocol Analysis,” Proceedings of the 21st Annual Computer Security Applications Conference pp. 117–126 (Dec. 2005).
• S. Peisert, M. Bishop, S. Karin, and K. Marzullo, “Principles-Driven Forensic Analysis,” Proceedings of the 2005 New Security Paradigms Workshop pp. 85–93 (Sep. 2005).
• M. Bishop, “Position: ‘Insider’ is Relative” Proceedings of the New Security Paradigms Workshop pp. 77–78 (Sep. 2005).
• M. Bishop, “The Insider Problem Revisited” Proceedings of the New Security Paradigms Workshop pp. 75–76 (Sep. 2005).
• M. Bishop and D. Frincke, “Teaching Secure Programming,” IEEE Security & Privacy Magazine 3(5) pp. 54–56 (Sep. 2005).
• M. Bishop and D. Frincke, “A Human Endeavor: Lessons from Shakespeare and Beyond,” IEEE Security & Privacy Magazine 3(4) pp. 49–51 (July 2005).
• D. Gilliam, J. Powell, and M. Bishop, “Application of Lightweight Formal Methods to Software Security,” Proceedings of the 14th IEEE International Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises pp. 160–165 (June 2005).
• M. Bishop, “Best Practices and Worst Assumptions,” Proceedings of the 9th Colloquium for Information Systems Security Education pp. 18–25 (June 2005).
• M. Bishop and H. Armstrong, “Uncovering Assumptions in Information Security,” Proceedings of the Fourth World Conference on Information Security Education pp. 223–231 (May 2005).

2004

• T. Walcott and M. Bishop, “Traducement: A Model for Record Security,” ACM Transactions on Information Systems Security 7(4) pp. 576–590 (Nov. 2004).
• M. Bishop and D. Frincke, “Academic Degrees and Professional Certification,” IEEE Security & Privacy Magazine 2(6) pp. 56–58 (Nov. 2004).
• D. Frincke and M. Bishop, “Joining the Security Education Community,” IEEE Security & Privacy Magazine 2(5) pp. 61–63 (Sep. 2004).
• M. Bishop, “Teaching Context in Information Security,” Proceedings of the Sixth Workshop on Education in Computer Security pp. 29–35 (July 2004).
• D. Frincke and M. Bishop, “Back to School,” IEEE Security & Privacy Magazine 2(4) pp. 54–56 (July 2004).
• M. Bishop, B. Bhumiratana, R. Crawford, and K. Levitt, “How to Sanitize Data,” Proceedings of the 13th IEEE International Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises pp. 217–222 (June 2004).
• D. Frincke and M. Bishop, “Guarding the Castle Keep: Teaching with the Fortress Metaphor,” IEEE Security & Privacy Magazine 2(3) pp. 69–72 (May 2004).
• R. Bajcsy, T. Benzel, M. Bishop, B. Braden, C. Brodley, S. Fahmy, S. Floyd, W. Hardaker, A. Joseph, G. Kesidis, K. Levitt, B. Lindell, P. Liu, D. Miller, R. Mundy, C. Neuman, R. Ostrenga, V. Paxson, P. Porras, C. Rosenberg, J. D. Tygar, S. Sastry, D. Sterne, and S. Wu, “Cyber Defense Technology Networking and Evaluation,” Communications of the ACM 47(3) pp. 58–61 (Mar. 2004).

2003

• M. Clifford, D. Faigin, M. Bishop, and T. Brutch, “Miracle Cures and Toner Cartridges: Finding Solutions to the Spam Problem,” Proceedings of the 19th Annual Computer Security Applications Conference pp. 428–429 (Dec. 2003).
• D. Gilliam, J. Powell, E. Haugh, and M. Bishop, “Addressing Software Security Risk Mitigation in the Life Cycle,” Proceedings of the 28th Annual NASA/IEEE Goddard Software Engineering Workshop pp. 201–206 (Dec. 2003).
• M. Bishop and E. Goldman, “The Strategy and Tactics of Information Warfare,” Contemporary Security Policy 24(1) pp. 113–139 (June 2003).
• D. Gilliam, T. Wolfe, J. Sherif, and M. Bishop, “Software Security Checklist for the Software Life Cycle,” Proceedings of the 12th IEEE International Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises pp. 243–248 (June 2003).
• M. Bishop, “Teaching Undergraduate Information Assurance,” Security Education and Critical Infrastructure: Proceedings of the Third World Conference on Information Security Education pp. 169–171 (June 2003).
• E. Haugh and M. Bishop, “Testing C Programs for Buffer Overflow Vulnerabilities,” Proceedings of the 2003 Symposium on Networked and Distributed System Security pp. 123–130 (Feb. 2003).
• M. Bishop, “What Is Computer Security?,” IEEE Security & Privacy Magazine 1(1) pp. 67–69 (Jan. 2003).

2002

• D. Peterson, M. Bishop, and R. Pandey, “A Flexible Containment Mechanism for Executing Untrusted Code,” Proceedings of the 11th USENIX UNIX Security Symposium pp. 207–225 (Aug. 2002).
• M. Bishop, “Computer Security Education: Training, Scholarship, and Research,” IEEE Computer 35(4), Part Privacy and Security Supplement pp. 31–33 (Apr. 2002).

2001

• J. Reynolds, M. Bishop, A. Ghosh, and J. Whittaker, “How Useful is Software Fault Injection for Evaluating the Security of COTS Products,” Proceedings of the 17th Annual Computer Security Applications Conference pp. 339–340 (Dec. 2001).
• D. Gilliam, J. Powell, J. Kelly, and M. Bishop, “Reducing Software Security Risk Through an Integrated Approach,” Proceedings of the 26th Annual NASA/IEEE Goddard Software Engineering Workshop pp. 36–42 (Nov. 2001).
• D. Gilliam, J. Kelly, J. Powell, and M. Bishop, “Development of a Software Security Assessment Instrument to Reduce Software Security Risk,” Proceedings of the 10th IEEE International Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises pp. 144–149 (June 2001).

2000

• D. Faigin, M. Clifford, M. Bishop, and M. Abrams, “Defining, Computing, and Interpreting Trust,” Proceedings of the 16th Annual Computer Security Applications Conference p. 88 (Dec. 2000).
• M. Bishop, “Education in Information Security,” IEEE Concurrency 8(4) pp. 4–8 (Oct. 2000).
• T. Aura, M. Bishop, and D. Sniegowski, “Analyzing Single-Server Network Inhibition,” Proceedings of the 13th IEEE Computer Security Foundations Workshop pp.108–117 (July 2000).
• B. Hashii, S. Malabarba, R. Pandey, and M. Bishop, “Supporting Reconfigurable Security Policies for Mobile Programs,” Computer Networks 33(1-6) pp. 77–93 (June 2000).
• J. Hughes, T. Aura, and M. Bishop, “Using Conservation of Flow as a Security Mechanism in Network Protocols,” Proceedings of the 2000 IEEE Symposium on Security and Privacy pp. 132–141 (May 2000).

1999

• M. Bishop, “What Do We Mean By ‘Computer Security Education’?,” Proceedings of the 22nd National Information Systems Security Conference p. 604 (Oct. 1999).
• M. Bishop, “Vulnerabilities Analysis,” Proceedings of the Symposium on Recent Advances in Intrusion Detection pp. 125–136 (Sep. 1999).

1998

• M. Clifford, C. Lavine, and M. Bishop, “The Solar Trust Model: Authentication Without Limitation,” Proceedings of the 14th Annual Computer Security Applications Conference pp. 300–307 (Dec. 1998).
• M. Bishop, S. Cheung, J. Frank, J. Hoagland, S. Samorodin, and C. Wee, “Internet Attacks: How they Occur and How to Protect Against Them,” Engineering World 8(3) pp. 32–38 (June/July 1998); abridged from “The Threat from the Net,” IEEE Spectrum 34(8) pp. 56–63 (Aug. 1997).

1997

• M. Bishop, S. Cheung, J. Frank, J. Hoagland, S. Samorodin, and C. Wee, “The Threat from the Net,” IEEE Spectrum 34(8) pp. 56–63 (Aug. 1997).
• G. Fink and M. Bishop, “Property Based Testing: A New Approach to Testing for Assurance,” ACM SIGSOFT Software Engineering Notes 22(4) pp. 74–80 (July 1997).
• M. Bishop, “The State of INFOSEC Education in Academia: Present and Future Directions,” Proceedings of the National Colloquium on Information System Security Education pp. 19–33 (Apr. 1997).
• P. Denning and M. Bishop, Network and Data Security, ACM Professional Knowledge Program, http://www.cne.gmu.edu/modules/acmpkp/security/map_frm.html (Mar. 1997).
• M. Bishop, “Information Survivability, Security, and Fault Tolerance,” Proceedings of the Information Survivability Workshop, paper #6 (Feb. 1997).
• M. Bishop, “Teaching Computer Security,” Proceedings of the Workshop on Education in Computer Security pp. 78–82 (Jan. 1997).

1996

• M. Bishop, “Conspiracy and Information Flow in the Take-Grant Protection Model,” Journal of Computer Security 4(4) pp. 331–359 (1996).
• L. Heberlein and M. Bishop, “Attack Class: Address Spoofing,” Proceedings of the Nineteenth National Information Systems Security Conference pp. 371–377 (Oct. 1996).
• M. Bishop and L. Heberlein, “An Isolated Network for Research,” Proceedings of the Nineteenth National Information Systems Security Conference pp. 349–360 (Oct. 1996).
• >M. Bishop and M. Dilger, “Checking for Race Conditions in File Accesses,” Computing Systems 9(2) pp. 131–152 (Spring 1996).

1995

• M. Bishop, “A Standard Audit Trail Format,” Proceedings of the Eighteenth National Information Systems Security Conference pp. 136–145 (Oct. 1995).
• M. Bishop and D. Klein, “Improving System Security Through Proactive Password Checking,” Computers and Security 14(3) pp. 233–249 (May/June 1995).
• M. Bishop, “Theft of Information in the Take-Grant Protection Model,” Journal of Computer Security 3(4) pp. 283–309 (1994/1995).

1994

• M. Bishop, “Guest Editorial,” Computing Systems 7(4) pp. v-vii (Winter 1994).

1993

• M. Bishop, “Teaching Computer Security,” Proceedings of the Eighth International Conference on Information Security pp. 43–52 (May 1993).
• M. Bishop, “Recent Changes to Privacy-Enhanced Electronic Mail,” Journal of Internetworking: Research and Experience 4(1) pp. 47–59 (Mar. 1993).

1992

• M. Bishop, “Anatomy of a Proactive Password Checker,” Proceedings of the Third UNIX Security Symposium pp. 130–139 (Sep. 1992).
• M. Bishop, “Proactive Password Checking,” Proceedings of the Fourth Workshop on Computer Security Incident Handling pp. W11:1–9 (Aug. 1992).
• M. Bishop, “A Cautionary Tale,” Proceedings of the Workshop on Future Directions in Computer Misuse and Anomaly Detection, pp. 110–114 (Mar. 1992).

1991

• M. Bishop, “Privacy-Enhanced Electronic Mail,” Journal of Internetworking: Research and Experience 2(4) pp. 199–233 (Dec. 1991).
• M. Bishop, “Comparing Authentication Systems,” Proceedings of the Third Workshop on Computer Incident Handling pp. G–II–1:10 (Aug. 1991).
• M. Bishop, “A Proactive Password Checker,” Proceedings of the Seventh International Conference on Information Security pp. 169–181 (May 1991).
• M. Bishop, “An Overview of Computer Viruses in a Research Environment,” Proceedings of the Fourth Annual Computer Virus and Security Conference, pp. 111–144 (Mar. 1991).
• M. Bishop, “Password Management,” Proceedings of Compcom Spring ’91: Digest of Papers, pp. 167–169 (Feb. 1991).
• M. Bishop, “Authenticated Network News,” Proceedings of the 1991 Winter USENIX Conference, pp. 281–287 (Jan. 1991).

1990

• M. Bishop, “A Security Analysis of the NTP Protocol,” Proceedings of the 6th Annual Computer Security Applications Conference, pp. 20–29 (Dec. 1990).
• M. Bishop, “An Extensible Password Changing Program”, Proceedings of the UNIX Security Workshop II, pp. 15–16 (Aug. 1990).
• M. Bishop, “Collaboration Using Roles,” Software—Practice and Experience 20(5) pp. 485–498 (May 1990).
• M. Bishop, “Storage in C,” C Users’ Journal 8(5) pp. 73–78 (May 1990).

1989

• M. Bishop, “A Model of Security Monitoring,” Proceedings of the 5th Annual Computer Security Applications Conference, pp. 46–52 (Dec. 1989).
• M. Bishop, “UNIX™ Security in a Supercomputing Environment,” Proceedings of the 1989 ACM/IEEE Conference on Supercomputing pp. 693–698 (Nov. 1989).
• M. Bishop, “Privacy-Enhanced Electronic Mail,” Proceedings of the DIMACS Workshop on Distributed Computing and Cryptography, pp. 93–106 (Oct. 1989).

1988

• M. Bishop, “Auditing Files on a Network of UNIX Machines,” Proceedings of the UNIX Security Workshop pp. 51–52 (Aug. 1988).
• M. Bishop, “Theft of Information in the Take-Grant Protection Model,” Proceedings of the Workshop on Foundations of Computer Security, MITRE TR M88-37, pp. 194–218 (June 1988).
• M. Bishop, “An Application of a Fast Data Encryption Standard Implementation,” Computing Systems 1(3) pp. 221–254 (Summer 1988).

1987

• M. Bishop, “Profiling under UNIX™ by Patching,” Software—Practice and Experience 17(10) pp. 729–740 (Oct. 1987).
• M. Bishop, “File Protection in UNIX,” The DEC Professional Special Edition pp. 44–48 (June 1987).
• M. Bishop, “Sharing Accounts,” Proceedings of the Large Installation System Administrator’s Workshop, p. 135 (Apr. 1987).
• M. Bishop, “Array Names and Pointers,” The C Journal 3(1) pp. 44–46 (Spring 1987).
• M. Bishop, “How To Write A Setuid Program,” ;login: 12(1) pp. 5–11 (Jan./Feb. 1987).

1986

• M. Bishop and B. Leiner, “Access Control and Privacy in Large Distributed Systems,” Proceedings of the AIAA/ASIS/DODCI Second Aerospace Computer Security Conference: A Collection of Technical Papers, pp. 95–98 (Dec. 1986).
• M. Bishop, “Analyzing the Security of an Existing Computer System,” Proceedings of the 1986 Fall Joint Computer Conference pp. 1115–1119 (Nov. 1986).
• M. Bishop, “Trnum—A Program to Number Figures,” Text in Computers 1(1) pp. 9–15 (July 1986).
• M. Bishop, “How To Write A Setuid Program,” Cray User Group Proceedings pp. 110–111 (Spring 1986).
• M. Bishop, “Scope in C,” The C Journal 2(1) pp. 40–47 (Spring 1986).
• M. Bishop, “Portability in C—A Case Study,” The C Journal 1(4) p. 25–31 (Winter 1986).
• M. Bishop, "A Pauper’s Callback Scheme," Computers and Security 5(2) pp. 141-144 (June 1986).

1981

• M. Bishop, “Hierarchical Take-Grant Protection Systems,” Proceedings of the Eighth Symposium in Operating Systems Principles pp. 107–123 (Dec. 1981).

1979

• M. Bishop and L. Snyder, “The Transfer of Information and Authority in a Protection System,” Proceedings of the Seventh Symposium in Operating Systems Principles pp. 45–54 (Dec. 1979).

There’s nothing to writing. All you do is sit at a typewriter and open a vein.
    — Red Smith