SDN Bibliography

Summary of a Workshop on Software Certification and Dependabilityz. 2004.

Cascading failure and robustness in metabolic networks. Proceedings of the National Academy of Sciences of the United States of America, 105(36):13223-8, Sept. 2008. 44

Opennetworkinglab/flowvisor - github. https://github.com/OPENNETWORKINGLAB/flowvisor, Mar 2013.

A. Acquisti. Nudging privacy: The behavioral economics of personal information. Security & Privacy, IEEE, 7(6):82-85, 2009.

R. Adkins. An insurance style model for determining the appropriate investment level against maximum loss arising from an information security breach. In Workshop of Economics and Information Security (WEIS), Minneapolis, MN, pages 87-92, 2004.

R. Albert, H. Jeong, and A. Barabasi. Error and attack tolerance of complex networks. Nature, 406(6794):378-82, July 2000.

R. Anderson. Why information security is hard: an economic perspective. In Proceedings of ACSAC 01, Los Alamitos, CA, USA, 2001. IEEE Computer Society.

R. Anderson. Why information security is hard-an economic perspective. In ACSAC '01: Proc. of the 17th Annual Computer Security Applications Conference, page 358, Washington, DC, USA, 2001. IEEE Computer Society.

R. Banham. The enemy within the key to a secure computer system is an honourable and educated workforce. CFO, 20(13):81-86, 2004.

A. Besmer, J. Watson, and H. R. Lipford. The impact of social navigation on privacy policy configuration. In Proceedings of the Sixth Symposium on Usable Privacy and Security, page 7. ACM, 2010.

M. Blaze, J. Feigenbaum, J. Ioannidis, and A. D. Keromytis. The role of trust management in distributed systems security. In Secure Internet Programming, pages 185-210. Springer, 1999.

J. Blythe, L. J. Camp, and V. Garg. Targeted risk communication for computer security. In International Conference on Intelligent User Interfaces, 2 2011.

V. J. Bono. Explanation and Apology. Merit NANOG Mail Archives, 5 1977.

L. Brandimarte, A. Acquisti, and G. Loewenstein. Privacy Concerns and Information Disclosure: An Illusion of Control Hypothesis. Industrial Management & Data Systems, 2010.

C. D. Brummitt, R. M. D'Souza, and E. a. Leicht. Suppressing cascades of load in interdependent networks. Proceedings of the National Academy of Sciences of the United States of America, 109(12):E680-9, Mar. 2012.

S. V. Buldyrev, R. Parshani, G. Paul, H. E. Stanley, and S. Havlin. Catastrophic cascade of failures in interdependent networks. Nature, 464(7291):1025-8, Apr. 2010.

S. Byram, B. Fischhoff, M. Embrey, W. Bruine de Bruin, and S. Thorne. Mental models of women with breast implants: Local complications. Behavioral Medicine, 27(1):4-14, 2001.

L. J. Camp. Reliable, usable signaling to defeat masquerade attacks,. In Workshop on the Economics of Information Security, Cambridge, UK, June 2006. 45

L. J. Camp. Reconceptualizing the role of security user. Daedalus, 140(4):93-107, 2011.

A. Cardillo, M. Zanin, J. G'omez-Gardeñes, M. Romance, A. J. Garc'ia del Amo, and S. Boccaletti. Modeling the multi-layer nature of the European Air Transport Network: Resilience and passengers re-scheduling under random failures. The European Physical Journal Special Topics, 215(1):23-33, Jan. 2013.

J. A. Cazier, B. Shao, and R. D. St Louis. E-business differentiation through value-based trust. Information & Management, 43(6):718-727, 2006.

R. C. Chris Hall and R. Anderson. Resilience of the Internet Interconnection Ecosystem. European Network and Information Security Agency, 2010.

C. Chung, P. Khatkar, T. Xing, J. Lee, and D. Huang. Nice: Network intrusion detection and countermeasure selection in virtual network systems. 2013.

R. Clayton. How much did shutting down mccolo help. Proc. of 6th CEAS, 2009.

R. Cohen, K. Erez, D. Ben-Avraham, and S. Havlin. Resilience of the internet to random breakdowns. Physical review letters, 85(21):4626-8, Nov. 2000.

R. Cohen, K. Erez, D. Ben-Avraham, and S. Havlin. Breakdown of the Internet under Intentional Attack. Physical Review Letters, 86(16):3682-3685, Apr. 2001.

D. Cornish and R. Clarke. The reasoning criminal: Rational choice perspectives on offending. Springer-Verlag, New York, NY, 1986.

L. Cranor and S. Garfinkel. Security and usability: Designing secure systems that people can use. O'Reilly Media, Inc., Sebastopol, CA, 2005.

P. Crucitti, V. Latora, and M. Marchiori. Model for cascading failures in complex networks. Physical Review E, 69(4):045104, Apr. 2004.

P. Crucitti, V. Latora, M. Marchiori, and A. Rapisarda. Efficiency of scale-free networks: error and attack tolerance. Physica A, 320:622-642, 2003.

P. Crucitti, V. Latora, M. Marchiori, and A. Rapisarda. Error and attack tolerance of complex networks. Physica A: Statistical Mechanics and its Applications, 340(1-3):388-394, Sept. 2004.

V. Cupac, J. T. Lizier, and M. Prokopenko. Comparing dynamics of cascading failures between network-centric and power flow models. International Journal of Electrical Power & Energy Systems, 49:369-379, July 2013.

A. Dainotti, E. Aben, A. King, K. Benson, Y. Hyun, and K. Claffy. Monitoring large-scale internet outages. BGPMon, jun 2013.

R. M. Dawes, J. McTavish, and H. Shaklee. Behavior, communication, and assumptions about other people's behavior in a commons dilemma situation. Journal of Personality and Social Psychology, 35(1):1, 1977. 46

A. Dieberger, P. Dourish, K. Höök, P. Resnick, and A. Wexelblat. Social navigation: techniques for building more usable systems. interactions, 7(6):36-45, 2000.

J. Diesner, P. Kumaraguru, and K. M. Carley. Mental models of data privacy and security extracted from interviews with indians. In 55th Annual Conference of the International Communication Association (ICA), New York, NY, 2005.

I. Dobson, B. a. Carreras, V. E. Lynch, and D. E. Newman. Complex systems analysis of series of blackouts: cascading failure, critical points, and self-organization. Chaos (Woodbury, N.Y.), 17(2):026103, June 2007.

G. Dong, L. Tian, D. Zhou, R. Du, J. Xiao, and H. E. Stanley. Robustness of n interdependent networks with partial support-dependence relationship. EPL (Europhysics Letters), 102(6):68004, June 2013.

Z. Dong, J. Camp, and J. Blythe. Beyond the lock icon: Inferring website categories from ssl certificates, 2013.

P. Dourish and D. Redmiles. An approach to usable security based on event monitoring and visualization. Proceedings of the 2002 Workshop on New Security Paradigms, 2002.

C. P. et al. The Internet under Crisis Conditions: Learning from September 11. The National Academies Press, February.

T. Finin, A. Joshi, P. Kolari, A. Java, A. Kale, and A. Karandikar. The information ecology of social media and online communities. AI Magazine, 29(3):77, 2008.

B. Fischhoff. Risk perception and communication unplugged: Twenty years of process1. Risk analysis, 15(2):137-145, 1995.

B. Friedman, D. Hurley, D. C. Howe, H. Nissenbaum, and E. Felten. Users' conceptions of risks and harms on the web: a comparative study. In CHI '02: CHI '02 extended abstracts on Human factors in computing systems, pages 614-615, New York, NY, USA, 2002. ACM Press.

J. Gao, S. V. Buldyrev, S. Havlin, and H. E. Stanley. Robustness of a Network of Networks. Physical Review Letters, 107(19):195701, Nov. 2011.

S. Garfinkle. PGP: Pretty Good Privacy. O'Reilly & Associates, Inc., Sebastopol, CA, 1994.

S. Garfinkle and L. Cranor. Security and Usability. O'Reilly, 2005.

V. Garg and J. Camp. Heuristics and biases: Implications for security design. Technology and Society Magazine, IEEE, 32(1):73-79, 2013.

J. Goecks, W. K. Edwards, and E. D. Mynatt. Challenges in supporting end-user privacy and security management with social navigation. In Proceedings of the 5th Symposium on Usable Privacy and Security, page 5. ACM, 2009.

J. Goecks and E. D. Mynatt. Supporting privacy management via community experience and expertise. In Communities and Technologies 2005, pages 397-417. Springer, 2005. 47

D. Golding, S. Krimsky, and A. Plough. Evaluating risk communication: Narrative vs. technical presentations of information about radon. Risk Analysis, 12(1):27-35, 1992.

R. Govindan and H. Tangmunarunkit. Heuristics for Internet map discovery. In Proceedings IEEE INFOCOM 2000. Conference on Computer Communications. Nineteenth Annual Joint Conference of the IEEE Computer and Communications Societies (Cat. No.00CH37064), volume 3, pages 1371- 1380. IEEE.

S. Grabner-Kraeuter. The role of consumers' trust in online-shopping. Journal of Business Ethics, 39, August 2002.

O. Güell, F. Sagu'es, G. Basler, Z. Nikoloski, and M. A. Serrano. Assessing the significance of knockout cascades in metabolic networks. pages 1-15, Oct. 2012.

R. Guha, R. Kumar, P. Raghavan, and A. Tomkins. Propagation of trust and distrust. In Proceedings of the 13th international conference on World Wide Web, pages 403-412. ACM, 2004.

J.-L. Guillaume and M. Latapy. Bipartite graphs as models of complex networks. Physica A: Statistical Mechanics and its Applications, 371(2):795-813, Nov. 2006.

V. K. Gurbani, M. Scharf, T. Lakshman, V. Hilt, and E. Marocco. Abstracting network state in software defined networks (sdn) for rendezvous services. In Communications (ICC), 2012 IEEE International Conference on, pages 6627-6632. IEEE, 2012.

P. Hines, E. Cotilla-Sanchez, and S. Blumsack. Do topological models provide good information about electricity infrastructure vulnerability? Chaos (Woodbury, N.Y.), 20(3):033122, Sept. 2010.

R. Hiran, N. Carlsson, and P. Gill. Characterizing large-scale routing anomalies: a case study of the china telecom incident. In Passive and Active Measurement, pages 229-238. Springer, 2013.

P. Hunter. Pakistan youtube block exposes fundamental internet security weakness: Concern that pakistani action affected youtube access elsewhere in world. Computer Fraud & Security, 2008(4):10-11, 2008.

J. H. Jafarian, E. Al-Shaer, and Q. Duan. Openflow random host mutation: transparent moving target defense using software defined networking. In Proceedings of the first workshop on Hot topics in software defined networks, HotSDN '12, pages 127-132, New York, NY, USA, 2012. ACM.

H. Jungermann, H. Schutz, and M. Thuring. Mental models in risk assessment: informing people about drugs. Risk Analysis,, 8(1):147-155, 1988.

N. L. Kerr and M. KAUFMAN-GILLILAND. Communication, commitment, and cooperation in social dilemmas. Journal of Personality and Social Psychology, 66(3):513-529, 1994.

J. Kesan and R. Shah. Establishing software defaults: Perspectives from law, cs, and behavioral economics. Illinois Law and Economics Working Papers Series, 2006.

A. Khurshid, W. Zhou, M. Caesar, and P. Godfrey. Veriflow: Verifying network-wide invariants in real time. ACM SIGCOMM Computer Communication Review, 42(4):467-472, 2012. 48

S. Kiesler, L. Sproull, K. Waters, et al. A prisoner's dilemma experiment on cooperation with people and human-like computers. Journal of personality and social psychology, 70:47-65, 1996.

S. Kiesler, B. Zdaniuk, V. Lundmark, and R. Kraut. Troubles with the internet: The dynamics of help at home. Human-Computer Interaction, 15(4):323-351, 2000.

J. Kirk. At&t facebook traffic takes a loop through china. Computerworld, (4), 2011.

C. S. Konheim. Risk communication in the real world. Risk Analysis, 8(3):367-373, 1988.

M. Kurant, P. Thiran, and P. Hagmann. Error and attack tolerance of layered complex networks. Physical Review E, 76(2):026103, Aug. 2007.

L. Lafferty. Medical identity theft: the future threat of health care fraud is now. Journal of Health Care Compliance, 9(1):11-20, 2007.

V. Latora and M. Marchiori. Efficient Behavior of Small-World Networks. Physical Review Letters, 87(19):198701, Oct. 2001.

N. Leveson. Engineering a safer world: Systems thinking applied to safety. MIT Press, 2011.

N. G. Leveson and C. S. Turner. An investigation of the therac-25 accidents. Computer, 26(7):18-41, 1993.

L. Li, D. Alderson, W. Willinger, and J. Doyle. A first-principles approach to understanding the internet's router-level topology. ACM SIGCOMM Computer Communication Review, 34(4):3, Oct. 2004.

S. Lu and S. A. Smolka. Model checking the secure electronic transaction (set) protocol. In Modeling, Analysis and Simulation of Computer and Telecommunication Systems, 1999. Proceedings. 7th International Symposium on, pages 358-364. IEEE, 1999.

R. Maxion and R. Reeder. Improving user-interaction dependability through mitigation of human error. Intl Journal of Human Computer Studies, pages 25-50, 2005.

T. Moore and R. Clayton. Evaluating the wisdom of crowds in assessing phishing websites. In G. Tsudik, editor, Financial Cryptography and Data Security, pages 16-30. Springer-Verlag, Berlin, Heidelberg, 2008.

T. Moore, R. Clayton, and R. Anderson. The economics of online crime. The Journal of Economic Perspectives, 23(3):3-20, 2009.

M. G. Morgan. Risk communication: A mental models approach. Cambridge University Press, 2002.

R. a. Mortier. Control and understanding: Owning your home network. In Communication Systems and Networks (COMSNETS), 2012 Fourth International Conference on, pages 1-10, 2012.

A. Motter and Y.-C. Lai. Cascade-based attacks on complex networks. Physical Review E, 66(6):065102, Dec. 2002.

A. Newell and H. Simon. Human Problem Solving. Prentice-Hall, 1972. 49

D. Newth and J. Ash. Evolving cascading failure resilience in complex networks. Complexity International, 11(2005):125-136, 2005.

H. Nissenbaum. Securing trust online: Wisdom or oxymoron. Boston University Law Review, 81(3):635-664, June 2001.

H. Nissenbaum and E. Felton. Computer security: Competing concepts. In 30th Research Conference on Communication, Information and Internet Policy, location=Washington, DC, publisher=TPRC, mon=October,. 2002.

M. Omer, R. Nilchiani, and A. Mostashari. Measuring the resilience of the global internet infrastructure system. In Systems Conference, 2009 3rd Annual IEEE, pages 156-162. IEEE, 2009.

A. Ozment. Bug auctions: Vulnerability markets reconsidered. In Third Workshop on the Economics of Information Security, Minneapolis, MN, USA, June 2004.

T. Parfitt. Georgian woman cuts off web access to whole of armenia. The Guardian, apr 2011.

S. Patil, X. Page, and A. Kobsa. With a little help from my friends: can social navigation inform interpersonal privacy preferences? In Proceedings of the ACM 2011 conference on Computer supported cooperative work, pages 391-394. ACM, 2011.

E. S. Poole, M. Chetty, R. E. Grinter, and W. K. Edwards. More than meets the eye: transforming the user experience of home network management. In Proceedings of the 7th ACM conference on Designing interactive systems, pages 455-464. ACM, 2008.

E. S. Poole, M. Chetty, T. Morgan, R. E. Grinter, and W. K. Edwards. Computer help at home: methods and motivations for informal technical support. In Proceedings of the 27th international conference on Human factors in computing systems, pages 739-748. ACM, 2009.

P. Porras, S. Shin, V. Yegneswaran, M. Fong, M. Tyson, and G. Gu. A security enforcement kernel for openflow networks. In Proceedings of the first workshop on Hot topics in software defined networks, HotSDN '12, pages 121-126, New York, NY, USA, 2012. ACM.

R. Posner. Rational choice, behavioral economics, and the law. Stanford Law Review, 50(5):1551-1575, 1998.

E. Romijn. Ripe ncc and duke university bgp experiment, 2010.

C. F. Rønnfeldt. Three generations of environment and security research. Journal of Peace Research, pages 473-482, 1997.

S. Sheng, B. Magnien, P. Kumaraguru, A. Acquisti, L. F. Cranor, J. Hong, and E. Nunge. Antiphishing phil: the design and evaluation of a game that teaches people not to fall for phish. In Proceedings of the 3rd symposium on Usable privacy and security, SOUPS '07, pages 88-99, New York, NY, USA, 2007. ACM.

S. Shin, P. Porras, V. Yegneswaran, M. Fong, G. Gu, and M. Tyson. Fresco: Modular composable security services for software-defined networks. Internet Society NDSS (Feb. 2013). To appear, 2013. 50

M. Sirbu and J. D. Tygar. Netbill: An internet commerce system optimized for network-delivered services. Personal Communications, IEEE, 2(4):34-39, 1995.

P. Slovic. Perceptions of risk. Science, pages 280-285, 1987.

P. Slovic. The perception of risk (earthscan risk and society series). 2000.

D. K. Smetters and R. E. Grinter. Moving from the design of usable security technologies to the design of useful secure applications. Proceedings of the 2002 workshop on New security paradigms, 2002.

S. W. Smith. Humans in the loop: Human-computer interaction and security. IEEE Security and Privacy, pages 75-79, 2003.

S. Spiekermann, J. Grossklags, and B. Berendt. E-privacy in 2nd generation e-commerce: privacy preferences versus actual behavior. In Proceedings of the 3rd ACM conference on Electronic Commerce, pages 38-47. ACM, 2001.

H. Tangmunarunkit, R. Govindan, S. Jamin, S. Shenker, and W. Willinger. Network topology generators: degree-based vs. structural. In Proceedings of the 2002 conference on Applications, technologies, architectures, and protocols for computer communications - SIGCOMM '02, page 147, New York, New York, USA, 2002. ACM Press.

K. Thirunarayan, P. Anantharam, C. A. Henson, and A. P. Sheth. Some trust issues in social networks and sensor networks. In Collaborative Technologies and Systems (CTS), 2010 International Symposium on, pages 573-580. IEEE, 2010.

A. Toonk. How the internet in australia went down under. BGPMon, 2 2012.

D. Towsley. On distinguishing between Internet power law topology generators. In Proceedings.Twenty-First Annual Joint Conference of the IEEE Computer and Communications Societies, volume 2, pages 638-647. IEEE, 2002.

D. Wendlandt, D. G. Andersen, and A. Perrig. Perspectives: Improving ssh-style host authentication with multi-path probing. In ATC, volume 8, pages 321-334, 2008.

O. Yagan and D. Cochran. Optimal Allocation of Interconnecting Links in Cyber-Physical Systems: Interdependence, Cascading Failures, and Robustness. IEEE Transactions on Parallel and Distributed Systems, 23(9):1708-1720, Sept. 2012.

C. H. Yeung and D. Saad. Networkinga statistical physics perspective. Journal of Physics A: Mathematical and Theoretical, 46(10):103001, Mar. 2013.

R. Zeckhauser. Comments: behavioral versus rational economics: what you see is what you conquer. The Journal of Business, 59(4):435-449, 1986. 51