References

[1] 90210, “Bypassing Klister 0.4 with No Hooks or Running a Controlled Thread Scheduler,” 29A magazine 8 (2004).

[2] F. W. Abagnale, Stealing Your Life: The Ultimate Identity Theft Prevention Plan (Broadway Books, 2007).

[3] AdBrite, http://www.adbrite.com.

[4] AdWatcher, http://www.adwatcher.com.

[5] M. Alexander, “Your Medical Records Stolen,” Reader’s Digest, Nov. 2006, 86–93.

[6] A. Alsaid and C. J. Mitchell, “Preventing Phishing Attacks Using Trusted Computing Technology,” in Proceedings of the 6th International Network Conference (INC ’06), July 2006, 221–228.

[7] T. Alves and D. Felton, “TrustZone: Integrated Hardware and Software Security—Enabling Trusted Computing in Embedded Systems” (white paper, ARM, July 2004), http://www.arm.com/pdfs/TZ\_Whitepaper.pdf.

[8] V. Anandpara, A. Dingman, M. Jakobsson, D. Liu, and H. Roinestad, “Phishing IQ Tests Measure Fear, Not Ability,” extended abstract, USEC, 2007.

[9] J. Anderson and D. Fish, “Sotelo v. DirectRevenue, LLC: Paving the Way for a Spyware-Free Internet,” Santa Clara Computer and High Technology Law Journal 22 (2006): 841.

[10] R. M. Anderson and R. M. May, Infectious Diseases in Humans (Oxford University Press, 1992).

[11] Anonymous, “FDA Approves Three-in-One HIV Therapy,” Drug Store News, 2000, http://www.findarticles.com/p/articles/mi_m3374/is_19_22/ai_68876802.

[12] Anonymous, “Gone in 20 Minutes: Using Laptops to Steal Cars,” Left Lane News, 2006, http://www.leftlanenews.com/2006/05/03/gone-in-20-minutes-using-laptops-to-steal-cars/.

[13] Anti-Phishing Working Group, Phishing Activity Trends Report (technical report, May 2006).

[14] Anti-Phishing Working Group, “Anti-Phishing Reports,” http://www.antiphishing.org/reports/ (accessed Aug. 2006).

[15] K. Aoki, J. Boyle, and J. Jenkins, “Bound by Law,” http://www.law.duke.edu/cspd/comics/ (accessed July 2007).

[16] Apple Support, “Small Number of Video iPods Shipped with Windows Virus,” http://www.apple.com/support/windowsvirus/ (accessed Feb. 2007).

[17] Anti-Phishing Working Group, “Consumer Advice: How to Avoid Phishing Scams,” http://www.antiphishing.org/consumer\_recs.html (accessed July 2, 2007).

[18] M. Arata, Preventing Identity Theft for Dummies (John Wiley & Sons, 2004).

[19] B. Arbaugh, “Improving the TCPA Specification,” IEEE Computer 35, no. 8 (Aug. 2002): 77–79.

[20] I. Arce and E. Levy, “An Analysis of the Slapper Worm,” IEEE Security and Privacy 1, no. 1 (Jan./Feb. 2003): 82–87, http://csdl.computer.org/dl/mags/sp/2003/01/j1082.htm.

[21] AT&T, “Internet Safety Game for Kids,” http://www.att.com/gen/general?_pid=1391 (accessed July 2, 2007).

[22] AT&T, “Customer Education,” http://www.att.com/gen/landing-pages?_pid=6456 (accessed July 2, 2007).

[23] AT&T, “Identifying and Protecting Against Phishing and Other Suspicious E-mails,” http://att.centralcast.net/att\_safety/Phishing/ (accessed July 2, 2007).

[24] McAfee AvertLabs, “Rootkits: The Growing Threat,” Apr. 2006.

[25] G. Avoine, “Security and Privacy in RFID Systems,” http://lasecwww.epfl.ch/~gavoine/rfid/.

[26] B. Balacheff, D. Chan, L. Chen, S. Pearson, and G. Proudler, “Securing Intelligent Adjuncts Using Trusted Computing Platform Technology,” in Proceedings of the 4th Working Conference on Smartcard Research and Advanced Applications 177–195 (Kluwer Academic Publishers, 2001).

[27] S. Balfe and K. G. Paterson, Augmenting Internet-Based Card Not Present Transactions with Trusted Computing: An Analysis (Technical Report RHUL-MA-2006-9, Department of Mathematics, Royal Holloway, University of London, 2006), http://www.rhul.ac.uk/mathematics/techreports.

[28] S. Balfe and K. G. Paterson, e-EMV: Emulating EMV for Internet Payments Using Trusted Computing Technology (Technical Report RHUL-MA-2006-10, Department of Mathematics, Royal Holloway, University of London, 2006), http://www.rhul.ac.uk/mathematics/techreports.

[29] E. Bangeman, “Where’s the Harmony? iPod Firmware Update Shuts Out Real,” Dec. 14, 2006, http://arstechnica.com/news.ars/post/20041214-4466.html (accessed Feb. 2007).

[30] Banner Box. http://www.bannerbox.co.uk.

[31] A. L. Barabási and R. Albert, “Emergence of Scaling in Random Networks,” Science 286 (1999): 509–512.

[32] S. Bardzell and J. Bardzell, “Docile Avatars: Aesthetics, Experience, and Sexual Interaction in Second Life,” in Proceedings of HCI2007: HCI But Not as We Know It, 3–12 (Lancaster, UK: Sept. 2007).

[33] P. Barham, B. Dragovic, K. Fraser, S. Hand, T. Harris, A. Ho, R. Neugebauery, I. Pratt, and A. Warfield, “XEN and the Art of Virtualization,” in Proceedings of the 19th ACM Symposium on Operating Systems Principles (SOSP ’03), 164–177 (ACM Press, Oct. 2003).

[34] A. Barth, D. Boneh, A. Bortz, C. Jackson, J. Mitchell, W. Shao, and E. Stinson, “Detecting Fraudulent Clicks from Botnets 2.0” (talk given at AdFraud, 2007), http://crypto.stanford.edu/adfraud/talks/adam.ppt.

[35] P. L. Bellia, “Spyware and the Limits of Surveillance Law,” Berkeley Technology Law Journal 20 (2005): 1283, 1301.

[36] H. Berghel, “Wireless Infidelity I: War Driving,” Communications of the ACM 47 (Sept. 2004): 21–26.

[37] “How Much Information?” 2003, http://www.sims.berkeley.edu:8000/research/projects/how-much-info-2003/internet.htm.

[38] J. L. Bernardes, R. Tori, E. Jacober, R. Nakamura, and R. Bianchi. “A Survey on Networking for Massively Multiplayer Online Games,” WJogos, 2003, http://www.interlab.pcs.poli.usp.br/artigos/WJogos03-Interlab-MMO.pdf.

[39] B. Betts, “Unwanted E-card Conceals a Storm,” http://www.theregister.co.uk/2007/06/29/ecard\_storm\_trojan/ (accessed June 29, 2007).

[40] A. Bittau, M. Handley, and J. Lackey, “The Final Nail in WEP’s Coffin,” in The 2006 IEEE Symposium on Security and Privacy SP ’06, 2006.

[41] Bittorrent homepage, http://www.bittorrent.com.

[42] McAfee Avert Labs blog, “Hide Me Sony One More Time,” http://www.avertlabs.com/research/blog/index.php/2007/08/28/hide-me-sony-one-more-time/.

[43] “German BMW Banned from Google,” http://blog.outer-court.com/archive/2006-02-04-n60.html.

[44] S. C. Bono, M. Green, A. Stubblefield, A. Juels, A. D. Rubin, and M. Szydlo, “Security Analysis of a Cryptographically-Enabled RFID Device,” in Proc. 14th USENIX Security Symposium, 1–16 (Baltimore: 2005).

[45] Bro Intrusion Detection System, “Bro Overview,” http://bro-ids.org (accessed Feb. 2007).

[46] J. A. Calandrino, A. J. Feldman, J. A. Halderman, D. Wagner, H. Yu, and W. P. Zeller, “Source Code Review of the Diebold Voting System,” http://www.sos.ca.gov/elections/voting_systems/ttbr/diebold-source-public-jul29.pdf.

[47] “Canon EOS 300D, Alternative Firmware Upgrade,” http://www.digit-life.com/articles2/canon300dfw2/ (accessed Feb. 2007).

[48] J. Carr, “Not-So-Sweet Charity: Credit Card Fraud Takes a Charitable Twist,” SC Magazine, July 6, 2006, http://scmagazine.com/us/news/article/669553/not-so-sweet-charity-credit-card-fraud-takes-charitable-twist/.

[49] E. Castronova, “Virtual Worlds: A First-Hand Account of Market and Society on the Cyberian Frontier,” CESifo Working Paper Series, no. 618 (2001), http://ssrn.com/abstract=294828.

[50] S. Cesare, “Runtime Kernel Kmem Patching,” http://www.uebi.net/silvio/runtime-kernel-kmem-patching.txt.

[51] Chase, “Phishing,” http://www.chase.com/ccp/index.jsp?pg\_name=ccpmapp/shared/assets/page/Phishing (accessed Feb. 8, 2007).

[52] B. D. Chen and M. Mahesweran, “A Cheat Controlled Protocol for Centralized Online Multiplayer Games,” in Proceedings of 3rd ACM SIGCOMM Workshop on Network and System Support for Games, 139–143 (Portland, OR: 2004).

[53] H. Cheung, “The Feds Can Own Your WLAN Too,” http://www.tomsnetworking.com/2005/03/31/the_feds_can_own_your_wlan_to%o/ (accessed Feb. 2007).

[54] Citibank, “E-mail Fraud and Security—Learn About Spoofs,” http://www.citi.com/domain/spoof/learn.htm (accessed Feb. 8, 2007).

[55] Clandestiny, “Designing a Kernel Key Logger: A Filter Driver Tutorial,” 2005, http://lyyer.blog.sohu.com/42601244.html.

[56] P. C. Clark and L .J. Hoffman, “BITS: A Smartcard Protected Operating System,” Communications of the ACM 37 (Nov. 1994): 66–94.

[57] ClickProtector, http://www.clickprotector.com/.

[58] Clicksor, http://www.clicksor.com.

[59] CMLA, Client Adopter Agreement (Technical Report Revision 1.00050708, The Content Management License Administrator Limited Liability Company [CMLA, LLC], Aug. 2005).

[60] B. Cogswell and M. Russinovich, “Rootkit Revealer,” 2005, http://www.microsoft.com/technet/sysinternals/Security/RootkitRevealer.mspx.

[61] J. M. Collins, Investigating Identity Theft: A Guide for Businesses, Law Enforcement, and Victims (John Wiley & Sons, 2006).

[62] Federal Election Commission, “About the FEC,” http://www.fec.gov/about.shtml.

[63] Federal Trade Commission, “FTC Shuts Down Spyware Operation: Outfit Used Unsuspecting Bloggers to Spread Its Malicious Code,” press release, Nov. 10, 2005, http://www.ftc.gov/opa/2005/11/enternet.shtm.

[64] Federal Election Commission, “Sale and Use of Campaign Information,” http://www.fec.gov/pages/brochures/sale_and_use_brochure.pdf.

[65] “State of Spyware Q2 2006, Consumer Report,” http://www.webroot.com/resources/stateofspyware/excerpt.html.

[66] ConsumersUnion.org, “Tsunami Scams Underscore Need for Caution When Giving to Charities Online,” press release, Jan. 11, 2005, http://www.consumersunion.org/pub/core_financial_services/001781.html.

[67] Microsoft Corporation, “The Windows Malicious Software Removal Tool: Progress Made, Trends Observed,” June 2006.

[68] Microsoft Corporation, “Windows Vista Security Enhancements,” 2007, http://www.microsoft.com/presspass/newsroom/security/VistaSecurity.mspx.

[69] K. Crawford, “Google CFO: Fraud a Big Threat,” CNNMoney.com, http://money.cnn.com/2004/12/02/technology/google_fraud/.

[70] M. Crawford, “Phishing Education for Banking Customers Useless,” http://www.computerworld.com.au/index.php?id=1486962899&eid=-255 (accessed July 2, 2007).

[71] Crazylord, “Playing with Windows /dev/(k)mem,” Phrack Magazine, 2002, http://www.phrack.org/archives/59/p59-0x10.txt.

[72] Wikipedia, “Cross-site request forgery (CSRF),” http://en.wikipedia.org/wiki/Cross-site_request_forgery.

[73] G. Cybenko, A. Giani, C. Heckman, and P. Thompson, “Cognitive Hacking: Technological and Legal Issues,” in Proceedings of Law and Technology, 2002, http://www.ists.dartmouth.edu/library/cht1102.pdf.

[74] Cyota, http://www.rsa.com/node.aspx?id=3017.

[75] D. Dagon, G. Lu, C. Zou, J. Grizzard, S. Dwivedi, W. Lee, and R. Lipton. “A Taxonomy of Botnets” (manuscript).

[76] D. Dagon, C. Zou, and W. Lee, “Modeling Botnet Propagation Using Time Zones,” in Proceedings of the 13th Annual Network and Distributed Systems Symposium (NDSS), 2006.

[77] J. Dall and M. J. Christensen, “Random Geometric Graphs,” Phys. Rev. E 66(1):016121, (July 2002).

[78] R. Das and P. Harrop, “RFID Forecasts, Players, and Opportunities 2006–2016,” IDTechEx, 2006, http://www.idtechex.com/products/en/view.asp?productcategoryid=93.

[79] N. Daswani, M. Stoppelman, and The Google Click Quality and Security Teams, “The Anatomy of Clickbot.A,” First Workshop on Hot Topics in Understanding Botnets (HotBots), 2007, http://www.usenix.org/events/hotbots07/tech/full_papers/daswani/daswani.pdf.

[80] N. Daswani, C. Kern, and A. Kesavan, Foundations of Security: What Every Programmer Needs to Know (Apress, 2007).

[81] J. Davis, “Hackers Take Down the Most Wired Country in Europe,” Wired Magazine, http://www.wired.com/politics/security/magazine/15-09/ff_estonia.

[82] “NHTSA ODI—Recalls, NHTSA campaign ID number 06V039000,” U.S. National Highway Traffic Safety Administration, Office of Defects Investigation, Feb. 7, 2006, http://www-odi.nhtsa.dot.gov/cars/problems/recalls/recallresults.cfm?start=1&SearchType=QuickSearch&rcl_ID=06V039000&summary=true&PrintVersion=NO (accessed Feb. 2007).

[83] DD WRT, http://www.dd-wrt.com/dd-wrtv2/ddwrt.php (accessed Feb. 2007).

[84] A. Paes de Barros, A. Fucs, and V. Pereira, “New Botnet Trends and Threats,” Black Hat Europe, 2007, http://www.blackhat.com/presentations/bh-europe-07/Fucs-Paes-de-Barros-Pereira/Whitepaper/bh-eu-07-barros-WP.pdf.

[85] D. Dean, E. W. Felten, and D. S. Wallach, “Java Security: from HotJava to Netscape and Beyond,” in IEEE Symposium on Security and Privacy, 1996.

[86] R. Dhamija and J. D. Tygar, “The Battle Against Phishing: Dynamic Security Skins,” in SOUPS ’05: Proceedings of the Symposium on Usable Privacy and Security, 2005.

[87] R. Dhamija, J. D. Tygar, and M. Hearst, “Why Phishing Works,” in Proceedings of the Conference on Human Factors in Computing Systems, 2006.

[88] DHS-SRI Identity Theft Technology Council and the Anti-Phishing Working Group, “The Crimeware Landscape: Malware, Phishing, Identity Theft and Beyond,” http://www.antiphishing.org/reports/APWG_CrimewareReport.pdf.

[89] R. Dingledine, N. Mathewson, and P. Syverson, “Tor, the Second-Generation Onion Router,” in 13th USENIX Security Symposium, Aug. 2004.

[90] D. Dittrich, “The ‘stacheldraht’ Distributed Denial of Service Attack Tool,” Dec. 1999, http://staff.washington.edu/dittrich/misc/stacheldraht.analysis.

[91] C. E. Drake, J. J. Oliver, and E. J. Koontz, “Anatomy of a Phishing Email,” Conference on Email and Anti-Spam, 2004, http://www.ceas.cc/papers-2004/114.pdf.

[92] eBay, “Reporting Spoof (Fake) Emails,” http://pages.ebay.com/help/confidence/spoof-email.html (accessed Feb. 8, 2007).

[93] eBay. “Spoof Email Tutorial,” http://pages.ebay.com/education/spooftutorial/ (accessed Feb. 8, 2007).

[94] A. Eckelberry, “A Look into the Mind of Spyware Criminals,” Sunbelt Blog posting, Aug. 24, 2005, http://sunbeltblog.blogspot.com/2005/08/look-into-mind-of-spyware-criminals.html.

[95] B. Edelman, “Claria’s Misleading Installation Methods—Ezone.com,” http://www.benedelman.org/spyware/installations/ezone-claria/.

[96] B. Edelman, “Documentation of Gator Advertisements and Targeting,” http://cyber.law.harvard.edu/people/edelman/ads/gator/.

[97] B. Edelman, “‘Spyware’: Research, Testing, Legislation, and Suits,” http://www.benedelman.org/spyware/.

[98] B. Edelman, “WhenU License Agreement Is Forty Five Pages Long,” http://www.benedelman.org/spyware/whenu-license/.

[99] B. Edelman, “Hotbar Advertising—Screenshots,” May 2005, http://www.benedelman.org/spyware/installations/kidzpage-hotbar/details-ads.html.

[100] A. Emigh, “The Crimeware Landscape: Malware, Phishing, Identity Theft and Beyond,” http://www.antiphishing.org/reports/APWG_CrimewareReport.pdf.

[101] A. Emigh, “Online Identity Theft: Phishing Technology, Chokepoints and Countermeasures,” ITTC Report on Online Identity Theft Technology and Countermeasures, http://www.antiphishing.org/Phishing-dhs-report.pdf.

[102] eMule homepage, http://www.emule-project.net.

[103] EMVCo, Book 1—Application Independent ICC to Terminal Interface Requirements, 4.1 ed. (EMVCo., May 2004), http://www.emvco.com.

[104] EMVCo, Book 2—Security and Key Management, 4.1 ed. (EMVCo., May 2004), http://www.emvco.com.

[105] EMVCo, Book 3—Application Specification, 4.1 ed. (EMVCo., May 2004), http://www.emvco.com.

[106] EMVCo, Book 4—Cardholder, Attendant, and Acquirer Interface Requirements, 4.1 ed. (EMVCo., June 2004), http://www.emvco.com.

[107] “2006 to Date Emission Related Recall and Voluntary Service Campaigns Performed on Light-Duty Vehicles and Light Duty Trucks,” U.S. Environmental Protection Agency, Oct. 17, 2006, http://www.epa.gov/otaq/cert/recall/2006recallreport6.pdf (accessed Feb. 2007).

[108] Ericsson, “Ericsson and Compaq Form Strategic Partnership to Build Next Generation Switches Based on AlphaServers,” press release, Oct. 10, 2000, http://www.ericsson.com/ericsson/press/releases/old/archive/2000Q4/20001010-0060.html.

[109] J. Evers, “Earthlink Nabs Aluria’s Anti-spyware,” ZDNet News.com, Aug. 22, 2005, http://news.zdnet.com/2100-1009_22-5841387.html.

[110] G. Evron, “Estonia: Information Warfare and Strategic Lessons,” Blackhat Briefings, 2007.

[111] Exploit, “From Half-Real: A Dictionary of Video Game Theory,” http://www.half-real.net/dictionary/#exploit (accessed Oct. 26, 2006).

[112] F-Secure, Blacklight, 2005, http://www.f-secure.com/blacklight.

[113] D. Fallows, “Pew Internet and American Life Project,” http://www.pewinternet.org/pdfs/PIP_Spam_Ap05.pdf (accessed Apr. 2006).

[114] Holy Father, “Hacker Defender,” http://hxdef.org.

[115] Spyware, http://www.ftc.gov/bcp/conline/pubs/alerts/spywarealrt.htm.

[116] Federal Trade Commission, “Monitoring Software” on Your PC: Spyware, Adware, and Other Software (staff report, 2005).

[117] P. Ferrie, “Attacks on Virtual Machines,” http://www.symantec.com/avcenter/reference/Virtual_Machine_Threats.pdf.

[118] P. Ferrie, “Tumours and Polips,” Virus Bulletin, July 2006, http://pferrie.tripod.com/papers/polip.pdf.

[119] Federal Financial Institutions Examination Council, “Authentication in an Internet Banking Environment,” Oct. 12, 2005, http://www.ffiec.gov/pdf/authentication\_guidance.pdf.

[120] K. Finkenzeller, RFID Handbook: Fundamentals and Applications in Contactless Smart Cards and Identification (John Wiley & Sons, 2003).

[121] P. Finn and M. Jakobsson, “Designing and Conducting Phishing Experiments,” in “Usability and Security,” special issue, IEEE Technology and Society Magazine, 2007.

[122] “Firewire—All Your Memory Are Belong to Us,” May 2005, http://md.hudora.de/presentations/#firewire-cansecwest.

[123] S. R. Fluhrer, I. Mantin, and A. Shamir, “Weaknesses in the Key Scheduling Algorithm of RC4,” in SAC ’01: Revised Papers from the 8th Annual International Workshop on Selected Areas in Cryptography, 1–24 (Springer-Verlag, 2001).

[124] SecurityFocus, “Digital Plague Hits Online Game World of Warcraft,” 27 Sept. 2005, http://www.securityfocus.com/news/11330 (accessed Mar. 30, 2007).

[125] B. J. Fogg, J. Marshall, O. Laraki, A. Osipovich, C. Varma, N. Fang, J. Paul, A. Rangnekar, J. Shon, P. Swani, and M. Treinen, “What Makes Web Sites Credible? A Report on a Large Quantitative Study,” in CHI ’01: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, 61–68 (ACM Press, 2001).

[126] B. J. Fogg, C. Soohoo, D. R. Danielson, L. Marable, J. Stanford, and E. R. Tauber, “How Do Users Evaluate the Credibility of Web Sites? A Study with Over 2,500 Participants,” in DUX ’03: Proceedings of the 2003 Conference on Designing for User Experiences,” 1–15 (ACM Press, 2003).

[127] The Internet Corporation for Assigned Names and Numbers, “Uniform Domain-Name Dispute-Resolution Policy,” http://www.icann.org/udrp/udrp.htm.

[128] U.S.-Canada Power System Outage Task Force, “Final Report on the August 14, 2003 Blackout in the United States and Canada: Causes and Recommendations,” Apr. 2004, https://reports.energy.gov/BlackoutFinal-Web.pdf (accessed Feb. 2007).

[129] M. J. Frank, From Victim to Victor: A Step-by-Step Guide for Ending the Nightmare of Identity Theft (Porpoise Press, 2004).

[130] J. Franklin, D. McCoy, P. Tabriz, V. Neagoe, J. Van Randwyk, and D. Sicker. “Passive Data Link Layer 802.11 Wireless Device Driver Fingerprinting,” in USENIX-SS ’06: Proceedings of the 15th Conference on USENIX Security Symposium, 12 (Berkeley: USENIX Association, 2006).

[131] M. Frilingos, “As Big as... a Carlton Beer Ad,” The Daily Telegraph: Local, July 23, 2005, at 8.

[132] Federal Trade Commission, “Report Spam,” http://www.ftc.gov/bcp/conline/edcams/spam/report.html.

[133] Fuzen op, “The FU Rootkit,” http://www.rootkit.com/.

[134] Y. Gable, “DoS Extortion Is No Longer Profitable,” Symantec Security Response blog, Apr. 2007, http://www.symantec.com/enterprise/security_response/weblog/2007/04/dos_extortion_is_no_longer_pro.html.

[135] S. Gajek, A.-R. Sadeghi, C. Stüble, and M. Winandy, “Compartmented Security for Browsers—Or How to Thwart a Phisher with Trusted Computing,” in Proceedings of the 2nd International Conference on Availability, Reliability and Security (ARES ’07), 120–127 (Los Alamitos, CA, Washington, DC: IEEE Computer Society, 2007).

[136] E. Gallery, “Authorisation Issues for Mobile Code in Mobile Systems” (Ph.D. thesis, Department of Mathematics, Royal Holloway, University of London, 2007).

[137] Gallup Poll web site, http://www.galluppoll.com/.

[138] D. B. Game, A. F. Blakley, and M. J. Armstrong, “The Legal Status of Spyware,” Federal Communications Law Journal 59 (2006): 157, 161.

[139] GameGuru.com, “‘World of Warcraft’ Could Get a Security Dongle,” Jan. 16, 2007, http://www.gameguru.in/pc/2007/16/world-of-warcraft-could-get-a-security-dongle/ (accessed Mar. 30, 2007).

[140] M. Gandhi, M. Jakobsson, and J. Ratkiewicz, “Badvertisements: Stealthy Click-Fraud with Unwitting Accessories,” in “Anti-Phishing and Online Fraud, Part I,” special issue, Journal of Digital Forensic Practice 1, no. 2 (Nov. 2006).

[141] S. L. Garfinkel and R. C. Miller, “Johnny 2: A User Test of Key Continuity Management with S/MIME and Outlook Express,” in Proceedings of the 2005 Symposium on Usable Privacy and Security, 2005, 13–24.

[142] T. Garfinkel, M. Rosenblum, and D. Boneh, “Flexible OS Support and Applications for Trusted Computing,” in Proceedings of the 9th USENIX Workshop on Hot Topics on Operating Systems (HotOS-IX), 145–150 (Kauai, HI: USENIX, The Advanced Computing Systems Association, May 2003).

[143] Gartner, “Gartner Says Number of Phishing E-Mails Sent to U.S. Adults Nearly Doubles in Just Two Years,” http://www.gartner.com/it/page.jsp?id=498245.

[144] M. Gast, 802.11 Wireless Networks: The Definitive Guide, 2nd ed., (O’Reilly, 2005).

[145] C. Gentry, Z. Ramzan, and S. Stubblebine, “Secure Distributed Human Computation,” in Proceedings of ACM Conference on Electronic Commerce, 2005.

[146] Gnutella protocol specification, http://www.the-gdf.org/wiki/index.php?title=Gnutella_Protocol_Development.

[147] P. Golle and N. Duchenault, “Preventing Bots from Playing Online Games,” Computers in Entertainment 3, no. 3 (2005).

[148] P. Golle and D. Wagner, “Cryptanalysis of a Cognitive Authentication Scheme,” in IEEE Security and Privacy, 2007.

[149] J. Goodell, “How to Fake a Passport,” New York Times, 2006, http://query.nytimes.com/gst/fullpage.html?sec=travel&res=980CE6D6133DF933A25751C0A9649C8B63.

[150] “Hosting Company AIT Leads Class-Action Suit Against Google,” Dec. 28, 2005, http://www.marketwire.com/mw/release_html_b1?release_id=103417.

[151] “Feds Arrest Alleged Google Extortionist,” Mar. 22, 2004, http://www.internetnews.com/bus-news/article.php/3329281.

[152] S. Gordon and R. Ford, “On the Definition and Classification of Cybercrime,” Journal in Computer Virology 2, no. 1 (July 2006): 13–20.

[153] P. Grassberger, “On the Critical Behavior of the General Epidemic Process and Dynamical Percolation,” Math. Biosci. 63 (1983): 157.

[154] S. Greengard, “Driving Change in the Auto Industry,” RFID Journal, Apr. 2004, http://www-03.ibm.com/solutions/businesssolutions/sensors/doc/content/bin/RFID_Journal_driving_change_in_the_auto_industry.pdf.

[155] V. Griffith and M. Jakobsson, “Messin’ with Texas, Deriving Mother’s Maiden Names Using Public Records,” ACNS, June 2005.

[156] J. Grizzard, V. Sharma, C. Nunnery, B. B. Kang, and D. Dagon, “Peer-to-Peer Botnets: Overview and Case Study,” in First Workshop on Hot Topics in Understanding Botnets (HotBots), 2007.

[157] J. Grossman and T. C. Niedzialkowski, “Hacking Intranet Websites from the Outside: JavaScript Malware Just Got a Lot More Dangerous,” Black Hat Briefings, 2006.

[158] D. Groth, “Comment on Stephano and Groth’s USEable security: Interface Design Strategies for Improving Security,” personal communication, Aug. 2006.

[159] Anti-Phishing Working Group, “Phishing Activity Trends: Report for the Month of May 2007,” http://www.antiphishing.org/reports/apwg_report_may_2007.pdf.

[160] Anti-Phishing Working Group, “Phishing Activity Trends Report,” Apr. 2007, http://www.antiphishing.org/reports/apwg_report_april_2007.pdf.

[161] Princeton Secure Internet Programming Group, “DNS Attack Scenario,” Feb. 1996, http://www.cs.princeton.edu/sip/news/dns-scenario.html.

[162] J. Gulbrandsen, “How Do Windows NT System Calls Really Work?” Aug. 2004, http://www.codeguru.com/cpp/w-p/system/devicedriverdevelopment/article.php/c8035.

[163] J. A. Halderman, B. Waters, and E. Felten, “A Convenient Method for Securely Managing Passwords,” in Proceedings of the 14th International World Wide Web Conference, 2005.

[164] Halflife, “Abuse of the Linux Kernel for Fun and Profit,” Phrack Magazine, http://www.phrack.org/archives/50/P50-05.

[165] G. P. Hancke, “Practical Attacks on Proximity Identification Systems,” short paper, in Proceedings of the IEEE Symposium on Security and Privacy, 328–333 (Washington, DC: IEEE Symposium on Security and Privacy, 2006).

[166] J. Heasman, “Implementing and Detecting a PCI Rootkit,” http://www.ngssoftware.com/research/papers/Implementing_And_Detecting_A_PCI_Rootkit.pdf.

[167] J. Heasman, “Implementing and Detecting an ACPI BIOS Rootkit,” Black Hat Federal, 2006.

[168] “Hector’s World,” http://www.hectorsworld.com/ (accessed July 3, 3007).

[169] A. Helmy, “Small Worlds in Wireless Networks,” IEEE Comm. Lett. 7 (2003): 490–492.

[170] C. Herrmann, M. Barthélemy, and P. Provero, “Connectivity Distribution of Spatial Networks,” Phys. Rev. E 68:026128 (2003).

[171] Hewlett-Packard, Intel, and Microsoft, “Advanced Configuration and Power Interface Specification,” 2005, http://www.acpi.info/.

[172] T. S. Heydt-Benjamin, D. V. Bailey, K. Fu, A. Juels, and T. O’Hare, “Vulnerabilities in First-Generation RFID-Enabled Credit Cards,” Oct. 2006, http://prisms.cs.umass.edu/~kevinfu/papers/RFID-CC-manuscript.pdf.

[173] U.S. Congress, House, Committee on Government Reform, Subcommittee on Technology, Information Policy, Intergovernmental Relations and the Census, “Electronic Voting Offers Opportunities and Presents Challenges,” testimony prepared by R. C. Hite, also available at http://www.gao.gov/new.items/d04766t.pdf.

[174] R. Hof, “Second Life’s First Millionaire,” BusinessWeek, Nov. 26, 2006, http://www.businessweek.com/the_thread/techbeat/archives/2006/11/second_lifes_fi.html (accessed Feb. 2007).

[175] G. Hoglund, “Loading Rootkit Using systemloadandcallimage,” http://archives.neohapsis.com/archives/ntbugtraq/2000-q3/0114.html.

[176] G. Hoglund and J. Butler, Rootkits: Subverting the Windows Kernel (Addison-Wesley, 2006).

[177] G. Hoglund and J. Butler, Rootkits: Subverting the Windows Kernel (Addison-Wesley, 2006).

[178] G. Hoglund and G. McGraw, Exploiting Software: How to Break Code (Addison-Wesley, 2004).

[179] G. Hoglund and G. McGraw, Exploiting Online Games: Cheating Massively Distributed Systems (Addison-Wesley, 2008).

[180] U.S. Congress, Senate, Commerce Hearing on Seaport Security, July 2001, also available at http://commerce.senate.gov/hearings/072401EFH.pdf.

[181] N. Hopper and M. Blum, “Secure Human Identification Protocols,” in Proceedings of Asiacrypt, 2001.

[182] M. Hottell, D. Carter, and M. Deniszczuk, “Predictors of Home-Based Wireless Security,” in The Fifth Workshop on the Economics of Information Security, 2006.

[183] WiGLE Wireless Geographic Logging Engine, http://www.wigle.net/.

[184] WiGLE General Stats, http://www.wigle.net/gps/gps/main/stats/ (accessed Feb. 2007).

[185] J. Hu, “180solutions Sues Allies Over Adware: The Advertising Software Maker Alleges That Two Partners Loaded Its Ad-Serving Software onto People’s PCs without First Getting Their Consent,” CNET News.com, July 28, 2004, http://www.news.com/2110-1024_3-5287885.html.

[186] “India’s Secret Army of Online Ad ‘Clickers,’” May 3, 2004, http://timesofindia.indiatimes.com/articleshow/msid-654822,curpg-1.cms.

[187] G. Hunt and D. Brubacher, “Detours: Binary Interception of win32 Functions,” in Proceedings of the 3rd USENIX Windows NT Symposium, 1999, 135–143, http://research.microsoft.com/sn/detours.

[188] I-forgot-my-password.com.

[189] “IEEE-SA GetIEEE 802.11 LAN/MAN wireless LANS,” http://standards.ieee.org/getieee802/802.11.html (accessed Feb. 2007).

[190] Symantec Inc., “Symantec and Intel Collaborate to Change Computer Security Model,” http://www.symantec.com/about/news/release/article.jsp?prid=20060424_02.

[191] Intel, “LaGrande Technology Architectural Overview” (Technical Report 252491-001, Intel Corporation, Sept. 2003).

[192] Intel, IA-32 Intel Architecture Software Developer’s Manual, System Programming Guide, Volume: 3 (Intel Corporation, 2005).

[193] “Anti-Virus USB Drive from IOCell,” http://www.getusb.info/anti-virus-usb-drive-from-iocell/.

[194] N. Itoi, W. A. Arbaugh, S. J. Pollack, and D. M. Reeves, “Personal Secure Booting,” in Proceedings of the 6th Australasian Conference on Information Security and Privacy (ACISP ’01), in Computer Science Lecture Notes (LNCS) 2119 (July 2001): 130–141.

[195] C. Jackson, A. Barth, A. Bortz, W. Shao, and D. Boneh, “Protecting Browsers from DNS Rebinding Attacks,” in Proceedings of ACM Conference on Communications Security, 2007, http://crypto.stanford.edu/dns/.

[196] C. Jackson, D. Boneh, and J. C. Mitchell, “Stronger Password Authentication Using Virtual Machines” (paper submitted for publication, Stanford University, 2006), http://crypto.stanford.edu/spyblock/spyblock.pdf.

[197] T. Jagatic, N. Johnson, M. Jakobsson, and F. Menczer, “Social Phishing,” Communications of the ACM, Oct. 2007.

[198] M. Jakobsson, “The Human Factor in Phishing,” Privacy and Security of Consumer Information, 2007, http://www.informatics.indiana.edu/markus/papers/aci.pdf.

[199] M. Jakobsson, T. Jagatic, and S. Stamm, “Phishing for Clues,” http://www.browser-recon.info.

[200] M. Jakobsson and J. Ratkiewicz, “Designing Ethical Phishing Experiments: A Study of (ROT13) rOnl Auction Query Features,” in Proceedings of the 15th Annual World Wide Web Conference, 2006.

[201] M. Jakobsson and S. Stamm, “Socially Propagated Malware,” 2006, http://www.stop-phishing.com.

[202] M. Jakobsson and S. Myers, eds., Phishing and Countermeasures: Understanding the Increasing Problem of Identity Theft (John Wiley & Sons, 2007).

[203] J. Jeff, Y. Alan, B. Ross, and A. Alasdair, “The Memorability and Security of Passwords—Some Empirical Results,” 2000.

[204] A. Juels, “RFID Security and Privacy: A Research Survey,” IEEE Journal on Selected Areas in Communication, 2006, http://www.rsasecurity.com/rsalabs/staff/bios/ajuels/publications/pdfs/rfid_survey_28_09_05.pdf.

[205] A. Juels, R. L. Rivest, and M. Szydlo, “The Blocker Tag: Selective Blocking of RFID Tags for Consumer Privacy,” in Proceedings of the 10th ACM Conference on Computer and Communications Security (ACM Press, 2003).

[206] E. Jung, “PasswordMaker,” http://passwordmaker.mozdev.org.

[207] D. Kaminsky, “The Black Ops of DNS” (presentation, BlackHat 2004), http://www.blackhat.com/presentations/bh-usa-04/bh-us-04-kaminsky/bh-us-04-kaminsky.ppt.

[208] A. Karasaridis, B. Rexroad, and D. Hoeflin, “Wide-Scale Botnet Detection and Characterization,” in First Workshop on Hot Topics in Understanding Botnets (HotBots), 2007.

[209] D. Kawamoto, “Virus Writers Follow the Money,” CNET News, 2005, http://news.zdnet.com/2100-1009_22-5628512.html.

[210] M. J. Keeling, “The Effects of Local Spatial Structure on Epidemiological Invasions,” Proc. R. Soc. Lond. B 266 (1999): 859–867.

[211] G. Keizer, “Adware Purveyor Claims Extortion by Own Distributor,” Techweb Network, Nov. 3, 2005, http://www.techweb.com/wire/security/173402770.

[212] G. Keizer, “New Bot-Powered eBay Scam Uncovered,” TechWeb Technology News, July 31, 2006, http://www.techweb.com/showArticle.jhtml?articleID=191600603&cid=RSSfeed_TechWeb.

[213] Z. Kfir and A. Wool, “Picking Virtual Pockets Using Relay Attacks on Contactless Smartcards,” in Proc. IEEE Secure Comm., 47–58 (Los Alamitos, CA: 2005).

[214] L. Kindermann, “MyAddress Java Applet (To Discover a PC’s Internal IP Address),” 2002, http://www.reglos.de/myaddress/MyAddress.html.

[215] S. T. King, P. M. Chen, Y.-M. Wang, C. Verbowski, Helen J. Wang, and Jacob R. Lorch, “SubVirt: Implementing Malware with Virtual Machines,” in Proceedings of the 2006 IEEE Symposium on Security and Privacy (S&P ’06), 314–327 (Washington, DC: IEEE Computer Society, 2006).

[216] E. Kirda, C. Kruegel, G. Banks, G. Vigna, and R. Kemmerer, “Behavior-Based Spyware Detection,” in Proceedings of 15th USENIX Security Symposium, Aug. 2006.

[217] Kismet, http://www.kismetwireless.net (accessed Feb. 2007).

[218] D. V. Klein, “‘Foiling the Cracker’—A Survey of, and Improvements to, Password Security,” in Proceedings of the Second USENIX Workshop on Security, Summer 1990, 5–14.

[219] B. Krebs, “Data Thefts May Be Linked: Warrants Served in LexisNexis Account Breach,” Washington Post, May 20, 2005.

[220] B. Krebs, “Katrina Phishing Scams Begin,” in “Security Fix” blog, Washington Post, Aug. 31, 2005, http://blog.washingtonpost.com/securityfix/2005/08/katrina_phishing_scams_begin_1.html.

[221] M. Krebs, “Vehicle Theft on the Rise,” Cars.com, Mar. 2005, http://www.cars.com/go/advice/Story.jsp?section=safe&story=secStat&subject=safe_sec&referer=&aff=msnbc.

[222] P. Kumaraguru, Y. W. Rhee, A. Acquisti, L. Cranor, J. Hong, and E. Nunge, “Protecting People from Phishing: The Design and Evaluation of an Embedded Training Email System” (Technical Report CMU-CyLab-06-017, Nov. 2006).

[223] P. Kumaraguru, S. Sheng, A. Acquisti, L. F. Cranor, and J. Hong, “Teaching Johnny Not to Fall for Phish” (technical report, Feb. 2007).

[224] C. Kuo, V. Goh, and A. Tang, “Design and Evaluation Method for Secure 802.22 Network Configuration” (poster presented at the 2005 Symposium on Usable Privacy and Security, 2005).

[225] C. Kuo, V. Goh, A. Tang, A. Perrig, and J. Walker, “Empowering Ordinary Consumers to Securely Configure Their Mobile Devices and Wireless Networks,” Dec. 7, 2005, http://www.cylab.cmu.edu/files/cmucylab05005.pdf (accessed Feb. 2007).

[226] R. Kuster, “Three Ways to Inject Your Code into Another Process,” http://www.codeproject.com/threads/winspy.asp.

[227] V. T. Lam, S. Antonatos, P. Akriditis, and K. G. Anangnostakis, “Puppetnets: Misusing Web Browsers as a Distributed Attack Infrastructure,” in Proceedings of ACM Conference on Communications and Computer Security, 2006.

[228] M. Landler and J. Markoff, “Digital Fears Emerge After Data Siege in Estonia,” New York Times, May 29, 2007, http://www.nytimes.com/2007/05/29/technology/29estonia.html?_r=1&adxnnl=1&oref=slogin&adxnnlx=1190414180-FHjhCCSZ4A0Uxh+bBKuo3Q.

[229] C. Landwehr, “Secure Grid Computing: An Empirical View,” http://www.laas.fr/IFIPWG/Workshops&Meetings/48/WS1/10-Landwehr.pdf.

[230] “Company Files Fraud Lawsuit Against Yahoo,” May 1, 2006, http://www.washingtonpost.com/wp-srv/technology/documents/yahoo_may2006.pdf.

[231] R. Laudanski, “Botmasters Take Heed: You Are Being Put on Notice,” Castlecops web site, Oct. 1, 2007, http://www.castlecops.com.

[232] T. Lemke, “Spammers Make Profits without Making a Sale,” Washington Times, 2003, http://www.washingtontimes.com/business/20030803-110550-8329r.htm.

[233] R. Lemos, “Attackers Strike Using Web Ads,” CNET News.com, Nov. 2004, http://news.com.com/Attackers+strike+using+Web+ads/2100-7349_3-5463323.html.

[234] R. Lemos, “More Security Hiccups for IE,” CNET News.com, Nov. 2004, http://news.com.com/More+security+hiccups+for+IE/2100-1002_3-5457105.html.

[235] N. G. Leveson and C. S. Turner, “An Investigation of the Therac-25 Accidents,” Computer 26, no. 7 (1993): 18–41.

[236] Z. Li, X. Wang, and J. Y. Choi, “Spyshield: Preserving Privacy from Spyware Add-Ons,” in Proceedings of Recent Advance in Intrusion Detection (RAID), Sept. 2007.

[237] Z. Liang and R. Sekar, “Automatic Generation of Buffer Overflow Attack Signatures: An Approach Based on Program Behavior Models,” in Proceedings of ACSAC, 2005, 215–224.

[238] LimeWire homepage, http://www.limewire.org.

[239] “The Linux Mobile Phones Showcase,” Dec. 18, 2006, http://www.linuxdevices.com/articles/AT9423084269.html (accessed Feb. 2007).

[240] LinuxLookup.com, “Linux Users Banned from World of Warcraft?” Nov. 15, 2006, http://www.linuxlookup.com/2006/nov/15/linux_users_banned_from_world_of_warcraft (accessed June 8, 2007).

[241] J. L. Lions, “ARIANE 5: Flight 501 Failure; Report by the Inquiry Board,” July 19, 1996, http://www.holub.com/goodies/ariane5.html (accessed Feb. 2007).

[242] C. Lombardi, “Claria to Exit Adware Business: Company Formerly Known as Gator Sets Its Sights on Search, as It Seeks Credibility Among Online Publishers,” CNET News.com, Mar. 22, 2006, http://www.news.com/2100-1024_3-6052623.html.

[243] S. Lowe, “Are Container Shippers and Consignees Cutting Cost Corners to Sacrifice the Security and the Safety of the Citizens of USA and Europe?” Directions Magazine, May 2005, http://www.directionsmag.com/press.releases/index.php?duty=Show&id=11727.

[244] “Mailfrontier Phishing IQ test II,” http://survey.mailfrontier.com/forms/msft\_iq\_test.html (accessed May 2007).

[245] P. Maymounkov and D. Mazières, “Kademlia: A Peer-to-Peer Information System Based on the XOR Metric,” in Proceedings of the 1st International Workshop on Peer-to-Peer Systems, 2002.

[246] S. McCloud, Understanding Comics: The Invisible Art (HarperCollins Publishers, 1993).

[247] J. M. McCune, A. Perrig, and M. K. Reiter, “Bump in the Ether: A Framework for Securing Sensitive User Input,” in Proceedings of the 2006 USENIX Annual Technical Conference, June 2006, 185–198.

[248] M. McGee, “RFID Can Help Relieve the Fear of Surgery,” Information Week, Apr. 2005, http://informationweek.com/story/showArticle.jhtml?articleID=161601037.

[249] G. McGraw, Software Security: Building Security In (Addison-Wesley, 2006).

[250] G. McGraw and G. Morrisett, “Attacking Malicious Code: A Report to the Infosec Research Council,” IEEE Software 17, no. 5 (2000): 33–41.

[251] R. McMillan, “Man Charged in Hurricane Katrina Phishing Scams,” IDG News Service, Aug. 2006, http://www.infoworld.com/article/06/08/18/HNkatrinaphishing_1.html.

[252] R. McMillan, “Consumers to Lose $2.8 Billion to Phishers in 2006,” http://www.pcworld.com/article/id,127799/article.html.

[253] B. S. McWilliams, Spam Kings (O’Reilly, 2004).

[254] M. Meiss, “Case Study: Race Pharming,” in Phishing and Countermeasures: Understanding the Increasing Problem of Electronic Identity Theft (Wiley, 2007), 133–136.

[255] Microsoft, “Recognize Phishing Scams and Fraudulent E-mails,” http://www.microsoft.com/athome/security/email/phishing.mspx (accessed Feb. 8, 2007).

[256] Browser extensions, http://msdn.microsoft.com/workshop/browser/ext/extensions.asp.

[257] R. Miller, S. Garfinkel, F. Menczer, and R. Kraut, “When User Studies Attack: Evaluating Security by Intentionally Attacking Users” (panel at SOUPS 2005). Slides available at http://cups.cs.cmu.edu/soups/2005/program.html.

[258] L. Minnite and D. Callahan, “Secure the Vote: An Analysis of Election Fraud,” http://www.demos.org/pubs/EDR_-_Securing_the_Vote.pdf.

[259] C. J. Mitchell, ed., Trusted Computing, IEE Professional Applications of Computing Series 6, (The Institute of Electrical Engineers (IEE), Apr. 2005).

[260] K. D. Mitnick and W. L. Simon, The Art of Deception: Controlling the Human Element of Security (John Wiley & Sons, 2002).

[261] Miva AdRevenue Express, http://www.miva.com.

[262] C. Moore and M. E. J. Newman, “Epidemics and Percolation in Small-World Networks,” Phys. Rev. E 61 (2000): 5678.

[263] A. Moshchuk, T. Bragin, S. Gribble, and H. Levy, “A Crawler-Based Study of Spyware on the Web,” in Proceedings of the 13th Annual Network and Distributed System Security Symposium (NDSS 2006), Feb. 2006.

[264] F-Secure phishing demo, http://www.youtube.com/watch?v=D54nTfLhRr4 (accessed July 3, 2007).

[265] Livesecurity, “US Bank Phishing Attack Exposed,” http://www.youtube.com/watch?v=n2QKQkuSB4Q (accessed Mar. 27, 2007).

[266] “Mozillazine: Extension Development,” http://kb.mozillazine.org/Dev_:_Extensions.

[267] Napster homepage, http://www.napster.com/.

[268] R. Naraine, “‘Pump-and-Dump’ Spam Surge Linked to Russian Bot Herders,” eWeek, Nov. 16, 2006, http://www.eweek.com/article2/0,1895,2060235,00.asp.

[269] R. Naraine, “Spam Trojan Installs Own Anti-virus Scanner,” eWeek, Oct. 20, 2006, http://www.eweek.com/article2/0,1895,2034680,00.asp.

[270] A. Narayanan and V. Shmatikov, “Fast Dictionary Attacks on Passwords Using Time-Space Tradeoff,” ACM CCS, 2005.

[271] G. Naumovich and N. D. Memon, “Preventing Piracy, Reverse Engineering, and Tampering,” IEEE Computer 36, no. 7 (2003): 64–71.

[272] G. Nemeth and G. Vattay, “Giant Clusters in Random Ad Hoc Networks,” Phys. Rev. E 67:036110 (2003).

[273] NetSmartzKids, “Teaching Kids What to Watch Out for Online,” http://www.netsmartzkids.org/indexFL.htm (accessed July 2, 2007).

[274] BBC News, “Halt E-voting, Says Election Body,” Aug. 2007, http://news.bbc.co.uk/2/hi/uk_news/politics/6926625.stm.

[275] OUT-LAW News, “FIFA Warns Football Fans of Phishing Scam,” Sept. 2005, http://www.out-law.com/page-6171.

[276] News.com, “‘World of Warcraft’ Battles Server Problems,” CNET News.com, Apr. 24, 2006, http://news.com.com/World+of+Warcraft+battles+server+problems/2100-1043_3-6063990.html (accessed Mar. 30, 2007).

[277] H. Niksi, “GNU Wget,” available from the master GNU archive site http://prep.ai.mit.edu and its mirrors.

[278] “Nmap—Free Security Scanner for Network Exploration and Security Audits,” http://insecure.org/nmap/ (accessed Feb. 2006).

[279] M. O’Connor, “U.S. Bill Includes RFID Provision for Pets,” RFID Journal, 2005, http://www.rfidjournal.com/article/articleview/2219/1.

[280] M. O’Connor, “Glaxosmithkline Tests RFID on HIV Drug,” RFID Journal, 2006, http://www.rfidjournal.com/article/articleview/2219/1/1/.

[281] P. Oechslin, “Making a Faster Cryptanalytical Time-Memory Trade-Off,” Advances in Cryptology—CRYPTO, 2003.

[282] Council of Europe, “Convention on Cybercrime,” Nov. 2001, http://conventions.coe.int/Treaty/en/Treaties/Html/185.htm.

[283] U.S. Department of Justice, “Creator and Four Users of Loverspy Spyware Program Indicted,” press release, Aug. 26, 2005, http://www.cybercrime.gov/perezIndict.htm.

[284] National Institute of Standards and Technology, “Draft Special Publication 800-98, Guidance for Securing Radio Frequency Identification (RFID) Systems,” Sept. 2006, http://csrc.nist.gov/publications/drafts/800-98/Draft-SP800-98.pdf.

[285] Official AdWords blog, “Invalid Clicks—Google’s Overall Numbers,” http://adwords.blogspot.com/2007/02/invalid-clicks-googles-overall-numbers.html (accessed Feb. 2007).

[286] The Ohio State University Libraries, “Thomas Nast,” http://cartoons.osu.edu/nast/.

[287] S. Olsen, “Microsoft Said to Be Mulling Purchase of Claria: A Buyout Would Give MSN Several Key Assets, But Would Put It Under the Watchful Eye of Consumer Watchdogs,” CNET News.com, June 30, 2005, http://www.news.com/Microsoft-said-to-be-mulling-purchase-of-Claria/2100-1030_3-5769583.html?tag=html.alert.

[288] OMA, “Digital Rights Management V1.0” (Technical Specification OMA-Download-DRM-V1 0-20040615-A, The Open Mobile Alliance [OMA], June 2004).

[289] OMA, “DRM Architecture Specification V1.0” (Technical Specification OMA-Download-ARCH-V1 0-20040625-A, The Open Mobile Alliance [OMA], June 2004).

[290] OMA, “DRM Architecture V2.0” (Technical Specification OMA-DRMARCH-V2 0-2004071515-C, The Open Mobile Alliance [OMA], July 2004).

[291] OMA, “DRM Specification V2.0” (Technical Specification OMA-DRMDRM-V2 0-20040716-C, The Open Mobile Alliance [OMA], July 2004).

[292] ABC News Online, “Online Gamer Killed for Selling Cyber Sword,” ABC.net.au, Mar. 30, 2005, http://www.abc.net.au/news/newsitems/200503/s1334618.htm (accessed June 8, 2007).

[293] Fuzen Op, “FU Rootkit,” 2004, http://www.rootkit.com/project.php?id=12.

[294] OpenFT homepage, http://www.openft.org.

[295] OpenWrt, http://openwrt.org (accessed Feb. 2007).

[296] “Click Fraud Gets Day in Court—Maybe,” Apr. 21, 2005, http://searchlineinfo.com/Click_fraud_lawsuit/.

[297] “The New p0f: 2.0.8 (2006-09-06),” http://lcamtuf.coredump.cx/p0f.shtml (accessed Feb. 2007).

[298] Palmers, “Advances in Kernel Hacking,” Phrack Magazine, http://www.phrack.org/archives/58/p58-0x06.

[299] D. Pappalardo and E. Messmer, “Extortion via DDoS on the Rise,” Computer World, May 16, 2005, http://www.computerworld.com/printthis/2005/0,4814,101761,00.html.

[300] B. Parno, C. Kuo, and A. Perrig, “Authentication and Fraud Detection: Phoolproof Phishing Prevention,” in Proceedings of Financial Cryptography and Data Security (FC ’06), 2006.

[301] Passmark, http://www.passmarksecurity.com.

[302] R. Pastor-Satorras and A. Vespignani, “Epidemic Spreading in Scale-Free Networks,” Phys. Rev. Lett. 86 (2001): 3200–3203.

[303] PayPal, “Can You Spot Phishing?” https://www.paypal.com/fightphishing.

[304] PayPal, “Protect Yourself from Fraudulent Emails,” https://www.paypal.com/cgi-bin/webscr?cmd=\_vdc-security-spoof-outside (accessed Feb. 8, 2007).

[305] “Staggering Identity Theft Ring Discovered Over the Weekend,” http://www.pcsecuritynews.com/news/sunbelt-coolwebsearch-identity-theft.wpml.

[306] D. Pearson, “Storm Worm DDoS Threat to the EDU Sector,” REN-ISAC mailing list, Aug. 9, 2007, http://lists.sans.org/pipermail/unisog/2007-August/027405.html.

[307] S. Pearson, ed., Trusted Computing Platforms: TCPA Technology in Context, (Prentice Hall, 2003).

[308] R. Pedroncelli, “Recordings Reveal Schwarzenegger Annoyed by Democrats, GOP Alike,” USA Today, Feb. 5, 2007, http://www.usatoday.com/news/nation/2007-02-05-schwarzenegger-recordings_x.htm.

[309] M. Peinado, Y. Chen, P. England, and J. Manferdelli, “NGSCB: A Trusted Open System,” in H. Wang, J. Pieprzyk, and V. Varadharajan, eds., Proceedings of 9th Australasian Conference on Information Security and Privacy, (ACISP ’04), volume 3108 of Lecture Notes in Computer Science (LNCS), pages 86–97 (Springer–Verlag, July 13–15, 2004).

[310] M. Peinado, P. England, and Y. Chen, “An Overview of NGSCB,” in Trusted Computing, IEE Professional Applications of Computing Series 6 (The Institute of Electrical Engineers (IEE), Apr. 2005) 115–141.

[311] P. D. Petkov, Javascript Address Info web page, http://www.gnucitizen.org/projects/javascript-address-info/ (accessed Mar. 12, 2007).

[312] “Top 20 Names” http://www.bowwow.com.au/top20/index.asp (accessed Sept. 2007).

[313] Anti-Phishing Working Group, Resources, http://www.apwg.org/resources.html#advice.

[314] Plaguez, “Weakening the Linux Kernel,” Phrack Magazine, http://www.phrack.org/archives/52/P52-18.

[315] P. Pollack, “Verisign Announces Two-Factor Authentication System,” Ars Technica, Feb. 13, 2006, http://arstechnica.com/news.ars/post/20060213-6174.html.

[316] K. Poulsen, “Guilty Plea in Kinko’s Keystroke Caper,” SecurityFocus, July 2003, http://www.securityfocus.com/news/6447.

[317] K. Poulsen, “Windows Root Kits a Stealthy Threat,” SecurityFocus, Mar. 2003, http://www.securityfocus.com/news/2879.

[318] Pragmatic, “Complete Linux Loadable Kernel Modules,” http://www.thc.org/papers/LKM_HACKING.html.

[319] Associated Press, “Body ID: Barcodes for Cadavers,” Wired News, Feb. 2005, http://www.wired.com/news/medtech/0,1286,66519,00.html?tw=rss.TEK.

[320] V. Prevelakis and D. Spinellis, “The Athens Affair: How Some Extremely Smart Hackers Pulled Off the Most Audacious Cell-Network Break-In Ever,” IEEE Spectrum Online, 2007, http://www.spectrum.ieee.org/jul07/5280.

[321] The Honeynet Project, “Know Your Enemy: Tracking Botnets,” http://www.honeynet.org/papers/bots/.

[322] The Honeynet Project, “Know Your Enemy: Fast-Flux Service Networks,” July 2007, http://www.honeynet.org/papers/ff/fast-flux.html.

[323] N. Provos and T. Holz, Virtual Honeypots: From Botnet Tracking to Intrusion Detection (Addison-Wesley, 2008).

[324] Wikipedia, “Pump and dump,” http://en.wikipedia.org/wiki/Pump_and_dump.

[325] Quova, http://www.quova.com.

[326] M. Rajab, J. Zarfoss, F. Monrose, and A. Terzis, “My Botnet Is Bigger Than Yours (Maybe Better Than Yours): Why Size Estimates Remain Challenging,” in First Workshop on Hot Topics in Understanding Botnets (HotBots), 2007.

[327] Z. Ramzan, “Drive-by Pharming: How Clicking on a Link Can Cost You Dearly,” Symantec Security Response web log, Feb. 15, 2007, http://www.symantec.com/enterprise/security_response/weblog/2007/02/driveby_pharming_how_clicking_1.html.

[328] S. S. Rao, “Counterspy,” Forbes Magazine, Feb. 2005, http://www.landfield.com/isn/mail-archive/2001/Jan/0113.html.

[329] M. Rasch, “Can Writing Software Be a Crime?” SecurityFocus, Oct. 3, 2005, http://www.securityfocus.com/columnists/360/1.

[330] M. K. Reiter, V. Anupam, and A. Mayer, “Detecting Hit Shaving in ClickThrough Payment Schemes,” in Proceedings of the 3rd USENIX Workshop on Electronic Commerce, 1998, 155–166.

[331] Symantec Security Response, “Backdoor.Rustock,” http://www.symantec.com/security_response/writeup.jsp?docid=2006-011309-5412-99.

[332] Symantec Security Response, “Backdoor.Ryknos writeup,” http://www.symantec.com/security_response/writeup.jsp?docid=2005-111012-2048-99.

[333] Symantec Security Response, “Infostealer.Banker.D,” http://www.symantec.com/security_response/writeup.jsp?docid=2007-052710-0541-99.

[334] Symantec Security Response, “Infostealer.Bzup,” http://www.symantec.com/security_response/writeup.jsp?docid=2006-080315-1729-99.

[335] Symantec Security Response, “Infostealer.Gampass,” http://www.symantec.com/security_response/writeup.jsp?docid=2006-111201-3853-99.

[336] Symantec Security Response, “Infostealer.Lineage,” http://www.symantec.com/security_response/writeup.jsp?docid=2005-011211-3355-99.

[337] Symantec Security Response, “Rootkit definition,” http://www.symantec.com/enterprise/security_response/glossary.jsp.

[338] Symantec Security Response, “Trojan.Checkraise,” http://www.symantec.com/security_response/writeup.jsp?docid=2006-051614-4752-99.

[339] Symantec Security Response, “Trojan.Dowiex,” http://www.symantec.com/security_response/writeup.jsp?docid=2006-101716-2136-99.

[340] Symantec Security Response, “Trojan.Gpcoder,” http://www.symantec.com/security_response/writeup.jsp?docid=2005-052215-5723-99.

[341] Symantec Security Response, “Trojan.Peacomm,” http://www.symantec.com/security_response/writeup.jsp?docid=2007-011917-1403-99.

[342] Symantec Security Response, “Trojan.Welomoch writeup,” http://www.symantec.com/security_response/writeup.jsp?docid=2005-120709-5703-99.

[343] Symantec Security Response, “W31.Korgo.Q,” http://www.symantec.com/security_response/writeup.jsp?docid=2005-011215-592499&tabid=2.

[344] Symantec Security Response, “W32.gaobot.gen!poly,” http://www.symantec.com/security_response/writeup.jsp?docid=2004-031915-3501-99&tabid=2.

[345] Symantec Security Response, “W32.hllw.gaobot.ag,” http://www.symantec.com/security_response/writeup.jsp?docid=2003-092318-4059-99.

[346] Symantec Security Response, “W32.Nugache.A@mm,” http://www.symantec.com/security_response/writeup.jsp?docid=2006-043016-0900-99.

[347] Symantec Security Response, “Trojan.slanret,” Jan. 2003, http://www.symantec.com/security_response/writeup.jsp?docid=2003-012916-5726-99.

[348] Symantec Security Response, “Spyware.apropos.c,” Feb. 2007, http://www.symantec.com/security_response/writeup.jsp?docid=2005-102112-2934-99.

[349] T. Ricker, “Kanguru’s 64GB Flash Drive Max,” http://www.engadget.com/2006/04/07/kangurus-64gb-flash-drive-max-only-2-800/ (accessed Oct. 2007).

[350] M. Rieback, B. Crispo, and A. Tanenbaum, “Is Your Cat Infected with a Computer Virus?” in Proceedings of the IEEE Pervasive Computing and Communications, 169–179 (Pisa, Italy: Mar. 2006), http://www.rfidguardian.org/papers/percom.06.pdf.

[351] M. Rieback, G. Gaydadjiev, B. Crispo, R. Hofman, and A. Tanenbaum, “A Platform for RFID Security and Privacy Administration,” in Proceedings of the USENIX/SAGE Large Installation System Administration Conference, 89–102 (Washington, DC: Dec. 2006).

[352] R. L. Rivest, “The MD5 Message Digest Algorithm,” Internet RFC 1321, Apr. 1992.

[353] Wikipedia, “robots.txt,” http://en.wikipedia.org/wiki/Robots_Exclusion_Standard.

[354] “RockBox—Open Source Jukebox Firmware,” http://www.rockbox.org/ (accessed Feb. 2007).

[355] D. B. Roddy, “Rendell Vows Action on Voter Scams; Pitt Students Tricked,” Pittsburgh Post-Gazette, Oct. 27, 2004, http://www.post-gazette.com/pg/04301/402432.stm.

[356] J. Roskind, “Attacks Against the Netscape Browser,” (invited talk, RSA Data Security Conference, 2001).

[357] B. Ross, C. Jackson, N. Miyake, D. Boneh, and J. Mitchell, “Stronger Password Authentication Using Browser Extensions,” in Proceedings of the 14th USENIX Security Symposium, 2005.

[358] L. Rozen, “New NAACP Report on GOP Voter Suppression Efforts Against Minority Voters in America,” Nov. 2004, http://www.warandpiece.com/blogdirs/001293.html.

[359] RSA SecurID, http://www.rsa.com/node.aspx?id=1156.

[360] A. Rubin, Brave New Ballot: The Battle to Safeguard Democracy in the Age of Electronic Voting (Morgan Road Books, 2006).

[361] M. Russinovich, Microsoft Windows Internals, 4th ed., vol. 4 (Microsoft Press, Dec. 2004).

[362] M. Russinovich, “Sony, Rootkits and Digital Rights Management Gone Too Far,” October 2005, http://blogs.technet.com/markrussinovich/archive/2005/10/31/sony-rootkits-and-digital-rights-management-gone-too-far.aspx.

[363] J. Rutkowska, “How to Detect VMM Using (Almost) One CPU Instruction,” 2004, http://www.invisiblethings.org/papers/redpill.html.

[364] J. Rutkowska, “Subverting Vista Kernel For Fun And Profit,” Black Hat USA, Aug. 2006, http://www.blackhat.com/presentations/bh-usa-06/BH-US-06-Rutkowska.pdf.

[365] S. Sarma, S. Weis, and D. Engels, “RFID Systems and Security and Privacy Implications,” in Proceedings of Cryptographic Hardware and Embedded Systems (CHES 2002), LNCS, 2523 (Aug. 2002): 454–469.

[366] S. Schecter, R. Dhamija, A. Ozment, and I. Fischer, “The Emperor’s New Security Indicators: An Evaluation of Website Authentication and the Effect of Role Playing on Usability Studies,” in Proceedings of IEEE Symposium on Security and Privacy (2007).

[367] B. Schneier, Secrets and Lies: Digital Security in a Networked World (John Wiley & Sons, 2000).

[368] Secunia Research, “Multiple Browsers Tabbed Browsing Vulnerabilities,” http://secunia.com/secunia\_research/2004-10/advisory/ (accessed July 3, 2007).

[369] U.S. Securities and Exchange Commission, “Pump and Dump Schemes,” http://www.sec.gov/answers/pumpdump.htm.

[370] L. Seltzer, “Spotting Phish and Phighting Back,” eWeek.com, Aug. 2004, http://www.eweek.com/article2/0,1759,1630161,00.asp.

[371] R. Shah and C. Sandvig, “Software Defaults as De Facto Regulation: The Case of Wireless Aps” (The 33rd Research Conference on Communication, Information and Internet Policy, Arlington, VA, Sept. 2005).

[372] E. Shanahan, “ID Thieves’ New Tricks,” Reader’s Digest, June 2006, 82–87.

[373] S. Sheng, B. Magnien, P. Kumaraguru, A. Acquisti, L. Cranor, J. Hong, and E. Nunge, “Anti-phishing Phil: The Design and Evaluation of a Game That Teaches People Not to Fall for Phish,” in Proceedings of the 2007 Symposium On Usable Privacy and Security, July 2007.

[374] A. Shipp, “New Trojans Plunder Bank Accounts,” CNET News.com, Feb. 17, 2006, http://news.com.com/New+Trojans+plunder+bank+accounts/2100-7349_3-6041173.html.

[375] P. Silberman and C.H.A.O.S., “Futo,” http://www.uninformed.org/?v=3&a=7&t=pdf.

[376] E. Skoudis, “Even Nastier: Traditional Rootkits,” http://www.informit.com/articles/article.asp?p=23463&redir=1&rl=1.

[377] P. Sloan, “The Man Who Owns the Internet,” Business 2.0 Magazine, http://money.cnn.com/magazines/business2/business2_archive/2007/06/01/100050989/index.htm.

[378] J. Smed and H. Hakonen, “Towards a Definition of a Computer Game” (Technical Report 553, Turku Centre for Computer Science, 2003), http://staff.cs.utu.fi/~jounsmed/papers/TR553.pdf.

[379] J. Smith, “Playing Dirty, Understanding Conflicts in Multiplayer Games,” 5th Annual Conference of the Association of Internet Researchers, 2004, http://jonassmith.dk/weblog/uploads/playing_dirty.pdf.

[380] S. Smith, “Another Big Thing, Part 1,” Symantec Security Response blog, May 2007, http://www.symantec.com/enterprise/security_response/weblog/2007/05/another_big_thing.html.

[381] “Snort—The De Facto Standard for Intrusion Detection/Prevention,” http://www.snort.org (accessed Feb. 2007).

[382] L. Sobrado and J. C. Birget, “Graphical Passwords,” The Rutgers Scholar 4 (2002).

[383] “Social Engineering, the USB Way,” June 7, 2006, http://www.darkreading.com/document.asp?doc_id=95556&WT.svl=column1_1.

[384] S. Sparks and J. Butler, “Shadow Walker—Raising the Bar for Windows Rootkit Detection,” Phrack Magazine, 2005, http://www.phrack.org/archives/63/p63-0x08\_Raising\_The\_Bar\_For\_Windows\_Rootkit\_Detection.txt.

[385] Definition of spidering, http://www.mbgj.org/glossary_se_terms.htm.

[386] S. Srikwan and M. Jakobsson, http://www.SecurityCartoon.com (accessed May 16, 2007).

[387] Netcraft News, “More Than 450 Phishing Attacks Used ssl in 2005,” http://news.netcraft.com/archives/2005/12/28/more\_than\_450\_phishing\_attacks\_used\_ssl\_in\_2005.html (accessed July 3, 2007).

[388] S. Stamm, M. Jakobsson, and M. Gandhi, “Verybigad.com: A Study in Socially Transmitted Malware,” http://www.indiana.edu/~phishing/verybigad/.

[389] S. Stamm, Z. Ramzan, and M. Jakobsson, “Drive-by Pharming” (Technical Report TR641, Indiana University, Dec. 2006).

[390] A. Stephano and D. P. Groth, “USEable Security: Interface Design Strategies for Improving Security,” in 3rd International Workshop on Visualization for Computer Security (Fairfax County, VA, Nov. 2006).

[391] J. Stewart, “Phatbot Trojan Analysis,” Secureworks.com, Mar. 15, 2004, http://www.secureworks.com/research/threats/phatbot.

[392] D. Stinson, Cryptography: Theory and Practice, 3rd ed. (CRC Press, Nov. 2005).

[393] I. Stoica, R. Morris, D. Karger, M. F. Kaashoek, and H. Balakrishnan, “Chord: A Scalable Peer-to-Peer Lookup Service for Internet Applications,” in Proceedings of ACM SIGCOMM, 2001.

[394] D. Strom, “5 Disruptive Technologies to Watch in 2007,” InformationWeek, Jan. 2007, http://www.informationweek.com/news/showArticle.jhtml?articleID=196800208.

[395] A. Stubblefield, J. Ioannidis, and A. D. Rubin, “A Key Recovery Attack on the 802.11b Wired Equivalent Privacy Protocol (WEP),” ACM Trans. Inf. Syst. Secur. 7, no. 2 (2004): 319–332.

[396] A. Stubblefield, J. Ionnidis, and A. D. Rubin, “Using the Fluhrer, Mantin, and Shamir Attack to Break WEP,” in Network and Distributed Systems Security Symposium NDSS, 2002.

[397] B. Sullivan, “Lieberman Campaign Site, E-mail Hacked,” MSNBC, Aug. 8, 2006, http://www.msnbc.msn.com/id/14245779.

[398] B. Sullivan, The Secret Tricks That Spammers Use,” MSNBC News, 2003, http://www.msnbc.msn.com/id/3078640/.

[399] A. Sundaram, “An Introduction to Intrusion Detection,” Crossroads 2, no. 4 (1996).

[400] Symantec, “Symantec Internet Security Threat Report, Edition XI,” http://www.symantec.com/threatreport/.

[401] Symantec, “Symantec Internet Security Threat Report, Edition XII,” http://www.symantec.com/threatreport/.

[402] Symantec Security Response, “Infostealer.Bankash.G,” Feb. 2006, http://www.symantec.com/security\_response/writeup.jsp?docid=2006-010317-5218-99.

[403] Symantec Security Response, “Trojan.Archiveus,” May 2006, http://www.symantec.com/security\_response/writeup.jsp?docid=2006-050601-0940-99.

[404] P. Szor, The Art of Computer Virus Research and Defense (Addison-Wesley, 2005).

[405] T. Kojm, ClamAV homepage, http://www.clamav.net.

[406] K. Tan, K. Killourhy, and R. Maxion, “Undermining an Anomaly-Based Intrusion Detection System Using Common Exploits,” in Proceedings of the 5th International Symposium on Recent Advances in Intrusion Detection, 2002.

[407] L. Tang, J. Li, J. Zhou, Z. Zhou, H. Wang, and K. Li, “Freerank: Implementing Independent Ranking Service for Multiplayer Online Games,” NetGames, 2005, Oct. 10–11, 2005.

[408] TCG, “TCG Generic Server Specification” (TCG Specification Version 1.0 Final, The Trusted Computing Group [TCG], Portland, OR, July 2005).

[409] TCG, “TCG PC Client Specific Implementation Specification for Conventional BIOS” (TCG Specification Version 1.2 Final, The Trusted Computing Group [TCG], Portland, OR, July 2005).

[410] TCG, “TPM Main, Part 1: Design Principles” (TCG Specification Version 1.2, Revision 94, The Trusted Computing Group [TCG], Portland, OR, Mar. 2006).

[411] TCG, “TPM Main, Part 2: TPM Data Structures” (TCG Specification Version 1.2, Revision 94, The Trusted Computing Group (TCG), Portland, OR, Mar. 2006).

[412] TCG, “TPM Main, Part 3: Commands” (TCG Specification Version 1.2, Revision 94, The Trusted Computing Group (TCG), Portland, OR, Mar. 2006).

[413] TCG, “TNC Architecture for Interoperability” (TCG Specification Version 1.2, Revision 4, The Trusted Computing Group (TCG), Portland, OR, Sept. 2007).

[414] TCG MPWG, “The TCG Mobile Trusted Module Specification” (TCG Specification Version 0.9, Revision 1, The Trusted Computing Group (TCG), Portland, OR, Sept. 2006).

[415] Google Click Quality Team, “How Fictitious Clicks Occur in Third-Party Click Fraud Audit Reports,” Aug. 2006, http://www.google.com/adwords/ReportonThird-PartyClickFraudAuditing.pdf.

[416] PaX Team, Homepage of the PaX team, http://pax.grsecurity.net.

[417] Tech Web Technology News, “New Phishing Scam Takes Advantage of Election Hype,” Oct. 2004, http://www.techweb.com/wire/security/49400811.

[418] TechCrunch.com, “Metaverse Breached: Second Life Customer Database Hacked,” Sept. 8, 2006, http://www.techcrunch.com/2006/09/08/metaverse-breached-second-life-customer-database-hacked/ (accessed Mar. 30, 2007).

[419] E. Tews, R.-P. Weinmann, and A. Pyshkin, “Breaking 104 Bit WEP in Less Than 60 Seconds” (Cryptology ePrint Archive, Report 2007/120, 2007), http://eprint.iacr.org/.

[420] R. Thayer, N. Doraswamy, and R. Glenn, “IP Security Document Roadmap,” RFC 2411, Nov. 1998, http://rfc.net/rfc2411.html (accessed Feb. 2007).

[421] The Associated Press, “GE Energy Acknowledges Blackout Bug,” Feb. 2004, http://www.securityfocus.com/news/8032 (accessed Feb. 2007).

[422] “How the Public and Private Sectors Are Working Together to Help Consumers and Put Fraudsters Behind Bars,” http://www.treas.gov/press/releases/js2501.htm.

[423] Truff, “Infecting Loadable Kernel Modules,” Phrack Magazine, http://www.phrack.org/archives/61/p61-0x0a_Infecting_Loadable_Kernel_Modules.txt.

[424] K. Tsipenyuk, B. Chess, and G. McGraw, “Seven Pernicious Kingdoms: A Taxonomy of Software Security Errors,” in NIST Workshop on Software Security Assurance Tools, Techniques, and Metrics (SSATTM) (Los Angeles: 2005).

[425] A. Tsow, “Phishing with Consumer Electronics—Malicious Home Routers,” in Models of Trust for the Web, a Workshop at the 15th International World Wide Web Conference (WWW), 2006.

[426] A. Tsow, M. Jakobsson, L. Yang, and S. Wetzel, “Warkitting: The Driveby Subversion of Wireless Home Routers,” special issue 3, in Journal of Digital Forensic Practice 1 (Nov. 2006).

[427] A. Tuzhilin, “The Lane’s Gifts v. Google Report,” July 2006, http://googleblog.blogspot.com/pdf/Tuzhilin_Report.pdf.

[428] J. D. Tygar and B. Yee, “Dyad: A System for Using Physically Secure Coprocessors (Technical Report CMU-CS-91-140R, Carnegie Mellon University, Pittsburgh, PA, May 1991).

[429] Economist Intelligence Unit, “Symantec Ensuring Mobile Security (Survey of 248 Company Executives and Senior IT Employees),” Jan. 2006, http://www.symantec.com/content/en/us/about/media/mobile-security\_Full-Report.pdf.

[430] U.S. Department of Homeland Security and SRI International Identity Theft Technology Council and the Anti-Phishing Working Group, “The Crimeware Landscape: Malware, Phishing, Identity Theft and Beyond,” Oct. 2006, http://www.antiphishing.org/reports/APWG\_CrimewareReport.pdf.

[431] http://www.usbhacks.com/2006/10/07/usb-hacksaw/.

[432] USB switchblade, http://www.usbhacks.com/2006/10/07/usb-switchblade/.

[433] “Fifth-Generation iPods Hit with Windows Virus,” Oct. 2006, http://www.itbusinessedge.com/item/?ci=21164.

[434] “Man Used MP3 Player to Hack ATMs,” http://www.theregister.co.uk/2006/11/18/mp3_player_atm_hack/.

[435] Sanctuary Device Control, http://www.lumension.com/usb_security.jsp (accessed Oct. 2007).

[436] USB 2 flash drive PRO 2, http://www.buslinkbuy.com/products.asp?sku=BDP2%2D64G%2DU2.

[437] Episode 2×02. http://wiki.hak5.org/wiki/Episode_2x02.

[438] http://www.lcpsoft.com/english/download.htm.

[439] Wikipedia, “Live USB,” http://en.wikipedia.org/wiki/LiveUSB (accessed 2007).

[440] “USB Memory Sticks Pose New Dangers—Some New Drives Can Be Used to Automatically Run Malware,” http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=storage&articleId=9003592&taxonomyId=19&intsrc=kc_top.

[441] “Gartner Says Number of Phishing E-mails Sent to U.S. Adults Nearly Doubles in Just Two Years,” http://www.gartner.com/it/page.jsp?id=498245.

[442] http://us1.samba.org/samba/ftp/pwdump/.

[443] http://www.bindview.com/Support/RAZOR/Utilities/Windows/pwdump2_readme.cfm.

[444] http://www.polivec.com/pw3dump/default.htm.

[445] “Apple Video iPods. Now with Malware,” http://www.2-spyware.com/news/post135.html.

[446] “Windows Keys,” http://www.lostpassword.com/windows.htm.

[447] “Using a Windows Key Bootable USB Flash Drive,” http://www.lostpassword.com/windows-howto.htm#usb-flash (accessed June 2007).

[448] “Remove Rjump,” description and removal instructions, http://www.2-spyware.com/remove-rjump.html.

[449] SAMDump, http://www.atstake.com/products/lc/download.html.

[450] http://www.insidepro.com.

[451] Wikipedia, “U3,” http://en.wikipedia.org/wiki/U3.

[452] W32/RJump.worm, http://vil.nai.com/vil/content/v_139985.htm.

[453] Wikipedia, “USB Flash Drive,” http://en.wikipedia.org/wiki/USB_flash_drive (accessed Oct. 2007).

[454] “How to Hack or Crack a Windows XP Administrator Password,” http://www.clazh.com/how-to-hack-or-crack-a-windows-xp-administrator-password/.

[455] Wikipedia, “Zune,” http://en.wikipedia.org/wiki/Zune.

[456] P. C. van Oorschot, “Revisiting Software Protection,” in Proceedings of ISC, 2003, 1–13.

[457] M. Vargas, “2002 Retail Security Survey Shows U.S. Retails Losing $31 Billion to Theft,” About.com, 2002, http://retailindustry.about.com/od/statistics_loss_prevention/l/aa021126a.htm.

[458] Virtual Economy Research Network (VERN), “How Big Is the RMT Market Anyway?” Mar. 8, 2007, http://virtual-economy.org/blog/how_big_is_the_rmt_market_anyw (accessed May 23, 2007).

[459] P. Viscarola and W. A. Mason, Windows NT Device Driver Development (New Riders Press, Nov. 1998).

[460] Vladnik, “Fly-by Malware Installation Demo,” July 20, 2006, http://www.youtube.com/watch?v=oU1gcprFEPU.

[461] VMWare, “VMWare Server: Free Virtualization for Windows and Linux Servers,” http://www.vmware.com/pdf/server_datasheet.pdf.

[462] R. Vogt, J. Aycock, and M. J. Jacobson. “Army of Botnets,” in Proceedings of Network and Distributed Systems Security (NDSS), 2007.

[463] N. Walters, “Spyware and Identity Theft,” http://www.aarp.org/research/technology/onlineprivacy/fs126_spyware.html.

[464] K. Wang, G. Cretu, and S. J. Stolfo, “Anomalous Payload-Based Worm Detection and Signature Generation,” RAID, Sept. 2005.

[465] X. Wang, Z. Li, J. Xu, M. K. Reiter, C. Kil, and J. Y. Choi, “Packet Vaccine: Black-Box Exploit Detection and Signature Generation,” in ACM Conference on Computer and Communications Security, 2006, 37–46.

[466] Y.-M. Wang, D. Beck, J. Wang, C. Verbowski, and B. Daniels, “Strider Typo-Patrol: Discovery and Analysis of Systematic Typo-Squatting” (Technical Report MSR-TR-2006-40, Microsoft Research, 2006), http://research.microsoft.com/Typo-Patrol/.

[467] D. J. Watts and S. H. Strogatz, “Collective Dynamics of ‘Small-World’ Networks,” Nature 393 (1998): 440.

[468] Weasal, “Unloading Those Pesky Keyboard Filter Drivers!” http://www.rootkit.com/newsread.php?newsid=398.

[469] Weasal, “How to Really Really Hide from the SC Manager,” 2006, http://www.rootkit.com/newsread.php?newsid=419.

[470] F-Secure Weblog, “Sony’s USB Rootkit vs. Sony’s Music Rootkit,” http://www.f-secure.com/weblog/archives/archive-082007.html.

[471] Webwhacker 5.0, http://www.bluesquirrel.com/products/webwhacker/ (accessed July 2007).

[472] D. Weinshall, “Cognitive Authentication Schemes Safe Against Spyware,” short paper, Symposium on Security and Privacy, 2006, 295–300.

[473] M. Weiser, “The Computer for the Twenty-first Century,” Scientific American, 1991, 94–100.

[474] M. Weiser, “The World Is Not a Desktop,” ACM Interactions, 1994, 7–8.

[475] H. Welte, M. Meriac, and B. Meriac, OpenPICC, http://www.openpcd.org/openpicc.0.html.

[476] J. Westhues, “A Test Instrument for HF/LF RFID,” Jan. 2007, http://cq.cx/proxmark3.pl.

[477] T. Whalen and K. M. Inkpen, “Gathering Evidence: Use of Visual Security Cues in Web Browsers,” in GI ’05: Proceedings of Graphics Interface 2005, 137–144 (School of Computer Science, University of Waterloo, Waterloo, ON, 2005. Canadian Human-Computer Communications Society).

[478] S. Williams and C. Kindel, “The Component Object Model: A Technical Overview,” http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dncomg/html/msdn_comppr.asp.

[479] Wired, “Hackers Put ‘Bane’ in Shadowbane,” May 3, 2003, http://www.wired.com/gaming/gamingreviews/news/2003/05/59034 (accessed Mar. 30, 2007).

[480] J. Wright, “Weaknesses in Wireless LAN Session Containment,” May 19, 2005, http://i.cmpnet.com/nc/1612/graphics/SessionContainment_file.pdf (accessed Feb. 2007).

[481] M. Wu, R. Miller, and S. Garfinkel, “Do Security Toolbars Actually Prevent Phishing Attacks?” in Proc. CHI, 2006.

[482] J. Xu, P. Ning, C. Kil, Y. Zhai, and C. Bookholt, “Automatic Diagnosis and Response to Memory Corruption Vulnerabilities,” in CCS ’05: Proceedings of the 12th ACM Conference on Computer and Communications Security (ACM Press, 2005), 223–234.

[483] “Yahoo Settles ‘Click Fraud’ Lawsuit,” June 28, 2006, http://www.msnbc.msn.com/id/13601951/.

[484] J. Yan and H. J. Choi, “Security Issues in Online Games,” The Electronic Library 20, no. 2 (2002). A previous version appears in Proc. of International Conference on Application and Development of Computer Games (City University of Hong Kong, Nov. 2001).

[485] J. Yan and B. Randell, “A Systematic Classification of Cheating in Online Games,” (NetGames ’05 conference, Oct. 10–11, 2005).

[486] K. -P. Yee and K. Sitaker, “Passpet: Convenient Password Management and Phishing Protection,” in Proceedings of the Symposium on Usable Privacy and Security (SOUPS), 2006.

[487] A. Young and M. Yung, Malicious Cryptography: Exposing Cryptovirology (John Wiley & Sons, 2004).

[488] Ernst and Young, “Retailers Lose Billions Annually to Inventory Shrinkage,” 2002, http://retailindustry.about.com/cs/lp_retailstore/a/bl_ey051303.htm.

[489] J. Zagal, M. Mateas, C. Fernandez-Vara, B. Hochhalter, and N. Lichti, “Towards an Ontological Language for Game Analysis,” in Proceedings of the Digital Interactive Games Research Association Conference (Vancouver, BC, June 2005), http://www.cc.gatech.edu/grads/z/Jose.Zagal/Papers/OntologyDIGRA2005.pdf.

[490] M. Zalewski, Silence on the Wire: A Field Guide to Passive Reconnaissance and Indirect Attacks (No Starch Press, 2005).

[491] S. Zander, I. Leeder, and G. Armitage, “Achieving Fairness in Multiplayer Network Games through Automated Latency Balancing,” in Proceedings of the 2005 ACM SIGCHI International Conference on Advances in Computer Entertainment Technology, 117–124 (Valencia, Spain, 2005).

[492] T. Zeller, “Black Market in Stolen Credit Card Data Thrives on Internet,” New York Times, 2005, http://www.nytimes.com/2005/06/21/technology/21data.html?ei=5088&en=c06809aa240685f8&ex=1277006400&adxnnl=1&partner=rssnyt&emc=rss&pagewanted=all&adxnnlx=1162917731-sbNrtWOThtPy3rRh+yHnAQ.

[493] K. Zetter, “Hackers Annihilate Wi-Fi Record,” Wired News, Aug. 2, 2005, http://www.wired.com/news/wireless/0,1382,68395,00.html?tw=wn_tophead_3, 2 (accessed Feb. 2007).

[494] C. C. Zou and R. Cunningham, “Honeypot-Aware Advanced Botnet Construction and Maintenance,” in Proceedings of the International Conference on Dependable Systems and Networks, 2006.

[495] D. D. Zovi, “Hardware Virtualization Based Rootkits,” Black Hat USA, Aug. 2006, http://www.blackhat.com/presentations/bh-usa-06/BH-US-06-Zovi.pdf.

[496] “Sales in Virtual Goods Top $100 Million.” New Scientist, Oct. 29, 2004. Retrieved May 23, 2007, http://www.newscientist.com/article.ns?id=dn6601.

[497] “Warcraft Gamers Locked Out After Trojan Attack.” Register, Sept. 29, 2006. Retrieved June 8, 2007, http://www.theregister.co.uk/2006/09/29/warcraft_trojan_attack/.

[498] Symantec Security Response “Symantec’s Antispyware Approach.” Available from http://www.symantec.com/business/security_response/antispyware_approach.jsp.