Matt Bishop
#138,743
Most Influential Person Now
Matt Bishop's AcademicInfluence.com Rankings
Matt Bishopcriminal-justice Degrees
Criminal Justice
#162
World Rank
#186
Historical Rank
Cyber Security
#16
World Rank
#18
Historical Rank
Matt Bishopcomputer-science Degrees
Computer Science
#6531
World Rank
#6884
Historical Rank
Cybersecurity
#16
World Rank
#18
Historical Rank
Database
#3611
World Rank
#3762
Historical Rank
Download Badge
Criminal Justice Computer Science
Matt Bishop's Degrees
- PhD Computer Science Stanford University
- Masters Computer Science Stanford University
Similar Degrees You Can Earn
Why Is Matt Bishop Influential?
(Suggest an Edit or Addition)Matt Bishop's Published Works
Number of citations in a given year to any of this author's works
Total number of citations to an author for the works they published in a given year. This highlights publication of the most important work(s) by the author
Published Works
- Computer Security: Art and Science (2002) (1341)
- What Is Computer Security? (2018) (745)
- Checking for Race Conditions in File Accesses (1996) (317)
- Improving system security via proactive password checking (1995) (180)
- About Penetration Testing (2007) (174)
- Storm Clouds Rising: Security Challenges for IaaS Cloud Computing (2011) (169)
- Introduction to Computer Security (2004) (156)
- A Critical Analysis of Vulnerability Taxonomies (1996) (132)
- Defining the insider threat (2008) (132)
- Virtual Machine Introspection: Observation or Interference? (2008) (119)
- A Taxonomy of UNIX System and Network Vulnerabilities (1997) (116)
- Property-based testing: a new approach to testing for assurance (1997) (115)
- Testing C Programs for Buffer Overflow Vulnerabilities (2003) (106)
- Modeling network intrusion detection alerts for correlation (2007) (103)
- The Art and Science of Computer Security (2002) (99)
- Is Anybody Home? Inferring Activity From Smart Home Network Traffic (2016) (98)
- Digital Forensics: Defining a Research Agenda (2009) (93)
- The transfer of information and authority in a protection system (1979) (86)
- Software security checklist for the software life cycle (2003) (84)
- A Flexible Containment Mechanism for Executing Untrusted Code (2002) (79)
- We have met the enemy and he is us (2009) (70)
- Attack class: address spoofing (1997) (70)
- Using conservation of flow as a security mechanism in network protocols (2000) (66)
- Live Analysis: Progress and Challenges (2009) (64)
- Cost-Sensitive Intrusion Responses for Mobile Ad Hoc Networks (2007) (64)
- Risks of e-voting (2007) (63)
- Computer Forensics in Forensis (2008) (63)
- Analysis of Computer Intrusions Using Sequences of Function Calls (2007) (63)
- Insider Threats in Cyber Security (2010) (61)
- A standard audit trail format (1995) (57)
- Vulnerabilities Analysis (1967) (54)
- An exploration of the current state of information assurance education (2010) (51)
- Toward Models for Forensic Analysis (2007) (47)
- Education in information security (2000) (47)
- Position: "insider" is relative (2005) (47)
- A Risk Management Approach to the "Insider Threat" (2010) (46)
- Insider Threat Identification by Process Analysis (2014) (44)
- Countering Insider Threats (2008) (44)
- How to Design Computer Security Experiments (2007) (44)
- Verify results of network intrusion alerts using lightweight protocol analysis (2005) (41)
- The threat from the net [Internet security] (1997) (41)
- Investigating the Implications of Virtual Machine Introspection for Digital Forensics (2009) (40)
- Security Analysis of the Diebold AccuBasic Interpreter (2006) (39)
- Case Studies of an Insider Framework (2009) (39)
- Supporting reconfigurable security policies for mobile programs (2000) (37)
- An Analysis of the Hart Intercivic DAU eSlate (2007) (37)
- An Application of a Fast Data Encryption Standard Implementation (1988) (37)
- The insider problem revisited (2005) (36)
- A model of security monitoring (1989) (35)
- Fixing federal e-voting standards (2007) (35)
- Resilience is more than availability (2011) (35)
- Reducing software security risk through an integrated approach (2000) (35)
- How to sanitize data? (2004) (35)
- How To Write a Setuid Program (2001) (34)
- Relationships and data sanitization: a study in scarlet (2010) (34)
- Teaching Secure Programming (2005) (32)
- Aspects of Insider Threats (2010) (32)
- A New Method for Flow-Based Network Intrusion Detection Using the Inverse Potts Model (2019) (31)
- Inconsistency in deception for defense (2006) (31)
- Principles-driven forensic analysis (2005) (31)
- Multi-stage delivery of malware (2010) (30)
- Development of a software security assessment instrument to reduce software security risk (2001) (29)
- Computer security education: training, scholarship, and research (2002) (27)
- Theft of Information in the Take-Grant Protection Model (1995) (27)
- Multiprocess malware (2011) (27)
- A Taxonomy of Buffer Overflow Characteristics (2012) (26)
- Modeling and Analyzing Faults to Improve Election Process Robustness (2010) (26)
- The Dynamics of Counting and Recounting Votes (2008) (25)
- Password management (1991) (24)
- Sanitization models and their limitations (2006) (24)
- A security analysis of the NTP protocol version 2 (1990) (23)
- An Overview of Computer Viruses in a Research Environment (1991) (23)
- LeakSemantic: Identifying abnormal sensitive network transmissions in mobile applications (2017) (22)
- Analyzing single-server network inhibition (2000) (22)
- The Solar Trust Model: authentication without limitation (1998) (21)
- A Clinic for "Secure" Programming (2010) (21)
- Addressing software security and mitigations in the life cycle (2003) (20)
- Joining the Security Education Community (2004) (20)
- Application of lightweight formal methods to software security (2005) (20)
- Extending The Take-Grant Protection System (1996) (20)
- Profiling under UNIX by patching (1987) (19)
- Conspiracy and Information Flow in the Take-Grant Protection Model (1996) (19)
- Privacy aware data sharing: balancing the usability and privacy of datasets (2009) (19)
- Cybersecurity Curricular Guidelines (2017) (19)
- Using Type Qualifiers to Analyze Untrusted Integers and Detecting Security Flaws in C Programs (2006) (19)
- Proactive Password Checking (1992) (18)
- A Systematic Process-Model-based Approach for Synthesizing Attacks and Evaluating Them (2012) (18)
- Race Conditions, Files, and Security Flaws; or the Tortoise and the Hare Redux (1995) (18)
- Hidden Markov Models for Automated Protocol Learning (2010) (18)
- Second International Workshop on Systematic Approaches to Digital Forensic Engineering (2007) (17)
- Some Problems in Sanitizing Network Data (2006) (17)
- A Proactive Password Checker (1990) (17)
- Protocol Vulnerability Analysis (2005) (17)
- Insider Attack Identification and Prevention Using a Declarative Approach (2014) (17)
- Tree Approach to Vulnerability Classification (2005) (17)
- An Isolated Network for Research (1996) (17)
- Process Migration for Heterogeneous Distributed Systems (1995) (16)
- 08302 Summary - Countering Insider Threats (2008) (16)
- Academia and Education in Information Security: Four Years Later (2000) (16)
- Teaching context in information security (2006) (15)
- Summit on Education in Secure Software Final Report (2011) (15)
- Hierarchical Take-Grant Protection systems (1981) (15)
- Vote Selling, Voter Anonymity, and Forensic Logging of Electronic Voting Machines (2009) (15)
- Turtles all the way down: a clean-slate, ground-up, first-principles approach to secure systems (2012) (15)
- AZALIA: an A to Z assessment of the likelihood of insider attack (2009) (14)
- Teaching Computer Security (1993) (14)
- Guarding the Castle Keep: Teaching with the Fortress Metaphor (2004) (14)
- E-Voting and Forensics: Prying Open the Black Box (2009) (13)
- A Security Analysis of the NTP Protocol (1990) (13)
- Your Security Policy is What (2006) (13)
- A Critical Analysis of the Centers of Academic Excellence Program (2009) (13)
- Addressing cyber security skills: the spectrum, not the silo (2020) (13)
- Academic Degrees and Professional Certification (2004) (12)
- Internet- and cloud-of-things cybersecurity research challenges and advances (2018) (12)
- The Strategy and Tactics of Information Warfare (2003) (12)
- The state of infosec education in academia: present and future directions (1997) (12)
- Network-theoretic classification of parallel computation patterns (2011) (12)
- The Case for Less Predictable Operating System Behavior (2015) (12)
- Robust Programming by Example (2009) (12)
- Demythifying Cybersecurity (2010) (11)
- Who owns your computer? [digital rights management] (2006) (11)
- I Am a Scientist, Not a Philosopher! (2007) (11)
- ACM Joint Task Force on Cybersecurity Education (2017) (10)
- Forgive and forget: return to obscurity (2013) (10)
- The sisterhood of the traveling packets (2009) (10)
- Teaching secure coding: the myths and the realities (2013) (10)
- Achieving Learning Objectives through E-Voting Case Studies (2007) (10)
- Dynamic, Flexible, and Optimistic Access Control (2013) (10)
- Goal-Oriented Auditing and Logging (1996) (10)
- Of Paper Trails and Voter Receipts (2008) (10)
- Teaching robust programming (2004) (9)
- Applying the Take-Grant Protection Model (1990) (9)
- Realism in Teaching Cybersecurity Research: The Agile Research Process (2015) (9)
- Multiclass classification of distributed memory parallel computations (2012) (9)
- UNIX Security: Threats and Solutions (1996) (9)
- Teach the Hands, Train the Mind ... A Secure Programming Clinic (2015) (9)
- Practical take-grant systems: do they exist? (1984) (9)
- Facebook goes to the doctor (2011) (8)
- Miracle cures and toner cartridges:finding solutions to the spam problem (2003) (8)
- Privacy-Enhanced Electronic Mail (1989) (8)
- Analysis of the ILOVEYOU Worm (2000) (8)
- Summit on Education in Secure Software (2011) (7)
- Information Assurance Education: A Work In Progress (2008) (7)
- A Human Endeavor: Lessons from Shakespeare and Beyond (2005) (7)
- Uncovering Assumptions in Information Security (2005) (7)
- Trends in academic research: vulnerabilities analysis and intrusion detection (2002) (7)
- Vulnerability Analysis: An Extended Abstract (1999) (7)
- Teaching secure coding: report from summit on education in secure software (2012) (7)
- Secure Coding Education: Are We Making Progress? (2012) (7)
- Anatomy of a Proactive Password Changer (2004) (6)
- The security and privacy implications of using social networks to deliver healthcare (2010) (6)
- Information behaving badly (2013) (6)
- Some "Secure Programming" Exercises for an Introductory Programming Class (2009) (6)
- Contrasting the CSEC 2017 and the CAE Designation Requirements (2018) (6)
- Analyzing the Security of an Existing Computer System (1986) (6)
- Computer Security in Introductory Programming Classes (1997) (6)
- Resolving the Unexpected in Elections: Election Officials' Options (2008) (6)
- Traducement: A model for record security (2004) (6)
- Reflections on the 30th Anniversary of the IEEE Symposium on Security and Privacy (2010) (5)
- Antimalware software: Do we measure resilience? (2013) (5)
- Quis Custodiet ipsos Custodes?: a new paradigm for analyzing security paradigms with appreciation to the Roman poet Juvenal (2009) (5)
- One of These Records Is Not Like the Others (2011) (5)
- Are Your Papers in Order? Developing and Enforcing Multi-tenancy and Migration Policies in the Cloud (2012) (5)
- A Taxonomy of Buffer Overflow Preconditions (2010) (5)
- Bear: A Framework for Understanding Application Sensitivity to OS (Mis) Behavior (2016) (5)
- Toward Metrics for Cyber Resilience (2012) (5)
- The dose makes the poison — Leveraging uncertainty for effective malware detection (2017) (5)
- Iterative Analysis to Improve Key Properties of Critical Human-Intensive Processes (2017) (5)
- Information Security Education for a Global Digital Society - 10th IFIP WG 11.8 World Conference, WISE 10, Rome, Italy, May 29-31, 2017, Proceedings (2017) (5)
- An Interface Language Between Specifications and Testing (1995) (5)
- Evaluating Secure Programming Knowledge (2017) (5)
- UNIX security in a supercomputing environment (1989) (5)
- A Praise for Defensive Programming: Leveraging Uncertainty for Effective Malware Mitigation (2020) (5)
- What Do Firewalls Protect?An Empirical Study of Firewalls, Vulnerabilities, and Attacks (2010) (5)
- A Security Analysis of Version 2 of the Network Time Protocol NTP: A Report to the Privacy and Security Research Group (1991) (4)
- Inside r Threats: Strategies for Prevention, Mitigation, and Response (2010) (4)
- Modeling Faults to Improve Election Process Robustness (2010) (4)
- Reflections on UNIX Vulnerabilities (2009) (4)
- Distributed Helios - Mitigating Denial of Service Attacks in Online Voting (2016) (4)
- Information Survivability, Security, and Fault Tolerance (1984) (4)
- Learning Principles and the Secure Programming Clinic (2019) (4)
- Essential Research Needed to Support UOCAVA-MOVE Act Implementation at the State and Local Levels (2010) (4)
- Towards Metrics for Cyber Security (2012) (4)
- Best Practices and Worst Assumptions (2005) (4)
- Trust of medical devices, applications, and users in pervasive healthcare (2011) (3)
- A policy-based vulnerability analysis framework (2010) (3)
- Strong mobile device protection from loss and capture (2009) (3)
- A Practical Formalism for Vulnerability Comparison (2006) (3)
- Applying Formal Methods Informally (2011) (3)
- Agile Research for Cybersecurity: Creating Authoritative, Actionable Knowledge When Speed Matters (2017) (3)
- Security and Elections (2012) (3)
- Information Security Education Across the Curriculum: 9th IFIP WG 11.8 World Conference, WISE9, Hamburg, Germany, May 26–28, 2015, Proceedings (2015) (3)
- Are Patched Machines Really Fixed? (2009) (3)
- Practice, Practice, Practice … Secure Programmer! (2015) (3)
- 10341 Report - Insider Threats: Strategies for Prevention, Mitigation, and Response (2010) (3)
- Collaboration using roles (1990) (3)
- An Authentication Mechanism for USENET (1991) (3)
- A Design for a Collaborative Make-the-Flag Exercise (2018) (3)
- Special Session: Joint Task Force on Cybersecurity Education (2018) (2)
- Inside the Insider Threat (Introduction) (2016) (2)
- Use My Digital Forensics Tool...It’s Shiny! (2019) (2)
- 08302 Abstracts Collection - Countering Insider Threats (2008) (2)
- Dependable security: testing network intrusion detection systems (2007) (2)
- Proceedings of the 2010 Workshop on Governance of Technology, Information and Policies (2010) (2)
- Privacy aware micro data sanitization (2009) (2)
- Augmenting Machine Learning with Argumentation (2018) (2)
- Fixing federal E-voting standards - Without a threat model and a system model, voting standards cannot ensure the integrity or accuracy of the voting process. (2007) (2)
- Concept Inventories in Cybersecurity Education: An Example from Secure Programming (2018) (2)
- The Case for Unpredictability and Deception as OS Features (2015) (2)
- A new method for flow-based network intrusion detection using inverse statistical physics (2019) (2)
- Computer security in the future (2011) (2)
- Effect of the Secure Programming Clinic on Learners' Secure Programming Practices - eScholarship (2016) (2)
- Attribution requirements for next generation Internets (2011) (2)
- Sixth Workshop on Education in Computer Security (WECS6): Avoiding Fear, Uncertainty and Doubt Through Effective Security Education (2004) (1)
- Results-oriented security (2011) (1)
- Workshop on the Joint Task Force Cybersecurity Curricular Guidelines (2017) (1)
- Leveraging Uncertainty for Effective Malware Mitigation (2018) (1)
- Insider Attack Identification and Prevention Using a (2014) (1)
- Misuse Detection Research Study Reader's Digest Condensed Version (1996) (1)
- Analysis of Volume Testing of the AccuVote TSx / AccuView (2005) (1)
- Information Security and Privacy - Challenges and Outlook (2021) (1)
- Introduction to Digital Forensics: Education, Research, and Practice Minitrack (2015) (1)
- Design Patterns for Compensating Controls for Securing Financial Sessions (2019) (1)
- Insider Threat Identification by Process Analysis (2014) (1)
- Learning and Experience in Computer Security Education ( Invited Paper ) (2013) (1)
- Anomaly Detection for Science DMZs Using System Performance Data (2020) (1)
- Learning and Experience in Computer Security Education (2012) (1)
- Attribution in the Future Internet: The Second Summer of the Sisterhood (2013) (1)
- Access control and privacy in large distributed systems (1986) (1)
- Ten Years Past and Ten Years from Now (2010) (1)
- I'm not sure if we're okay: uncertainty for attackers and defenders (2016) (1)
- Introduction to Deception, Digital Forensics, and Malware Minitrack (2017) (1)
- How useful is software fault injection for evaluating the security of COTS products? (2001) (1)
- An Overview of Electronic Voting and Security (2004) (1)
- Insider Attack Detection for Science DMZs Using System Performance Data (2020) (1)
- Writing Safe Setuid Programs (1999) (1)
- Technology, Training, and Transformation (2010) (1)
- Introduction to the Inside the Insider Threat Minitrack (2016) (1)
- Insider Attack Identification and Prevention in Collection-Oriented Dataflow-Based Processes (2017) (1)
- Introducing secure coding in CS0 and CS1 (abstract only) (2013) (1)
- Implementation notes on bdes(1) (1991) (1)
- Trust-Based Security; Or, Trust Considered Harmful (2020) (1)
- A Comprehensive Framework for Using Iterative Analysis to Improve Human-Intensive Process Security: An Election Example (2017) (1)
- Comparing Authentication Techniques (1991) (1)
- New Security Paradigms Workshop (2010) (1)
- E-Voting as a Teaching Tool (2007) (1)
- The fast encryption package (1988) (0)
- Introduction to HICCS-49 Digital Forensics -- Education, Research and Practice Minitrack (2013) (0)
- Effects of Attribution Policies: The Second Summer of the Sisterhood (2012) (0)
- Insider Threat (2021) (0)
- 2008 Reviewers (2008) (0)
- Introduction to the Minitrack on Inside the Insider Threats (2019) (0)
- Education for the Multifaith Community of Cybersecurity (2020) (0)
- SecTutor: An Intelligent Tutoring System for Secure Programming (2022) (0)
- Portability in C-- A Case Study (2004) (0)
- Computer Security Education: Training, Scholarship, and Research (Supplement to Computer Magazine) (2002) (0)
- General information (2011) (0)
- Parallel Computer Needs at Dartmouth College (1992) (0)
- How to Design Computer Security Experiments - eScholarship (2007) (0)
- UC Davis UC Davis Previously Published Works Title Multiclass Classification of Distributed Memory Parallel Computations (2012) (0)
- Reducing software security risk (2004) (0)
- Essential Baseline Research for UOCAVA-MOVE Act Implementation at the State - Local Levels (2010) (0)
- Eleventh Securities Technologies (ST) Workshop Report (2006) (0)
- Vulnerabilities Regarding Their Impact on (2006) (0)
- Annotated Bibliography of Expert Reports on Voting Systems Wertheimer, Michael A. Trusted Agent Report: Diebold Accuvote-ts Voting System (report Prepared under Cover of Raba Innovative Solution Cell on Behalf of Maryland General (2007) (0)
- Protocol Vulnerability Analysis ( draft ) (2004) (0)
- A pauper's callback scheme (1986) (0)
- Introduction to Digital Forensics -- Education, Research, and Practice Minitrack (2012) (0)
- How to Encrypt /usr/dict/words in About a Second (1992) (0)
- Recent Changes to Privacy Enhanced Electronic Mail (1993) (0)
- A 12-Step Program for Cybersecurity. (2010) (0)
- A Model of Owner Controlled, Full-Provenance, Non-Persistent, High-Availability Information Sharing (2017) (0)
- Some attributes of a language for property-based testing. (2004) (0)
- The solar trust model, identity, and anonymity (2012) (0)
- Your Security Policy is What?? - eScholarship (2006) (0)
- Introduction to the Minitrack on Cyber Deception and Cyber Psychology for Defense (2021) (0)
- Deception, Digital Forensics, and Malware Minitrack (Introduction) (2017) (0)
- Key Challenges in Sanitizing Transportation Data to Protect Sensitive Information (2021) (0)
- Security Educational Panel (2019) (0)
- Proceedings of the 2012 Workshop on Learning from Authoritative Security Experiment Results (2012) (0)
- How Anonymous Is My Anonymized Data (2020) (0)
- The Sharing of Rights and Information in a Capability-Based Protection System (1988) (0)
- Security enables electronic commerce (1996) (0)
- Security Management and Policies (2008) (0)
- Multiprocess Malware - eScholarship (2011) (0)
- PatchLink Unix agent verification and assessment (2006) (0)
- Twelfth Securities Technologies (ST) Workshop Report (2008) (0)
- Special Session: ACM Joint Task Force on Cyber Education (2016) (0)
- Security Analyses of Network Time Services (1992) (0)
- Modeling Computer In security (2008) (0)
- Security Verification Techniques Applied to PatchLink COTS Software (2006) (0)
- Teaching Security Stealthily (2011) (0)
- The Risk of Propagating Standards (2013) (0)
- Insider Detection by Process Analysis (2014) (0)
- Proceedings of the 2016 Information Security Research and Education (INSuRE) Conference (INSuRECon-16) (2016) (0)
- Mathematical Models of Computer Security (2015) (0)
- THANKS TO OUR SUMMARIZERS 19 th USENIX Security Symposium (2010) (0)
- ST Workshop Final Report (2007) (0)
- Tr num − A Program To Number Figures (1986) (0)
- Virtual Penetration Testing: A Joint Education Exercise across Geographic Borders (2013) (0)
- Introduction to the Minitrack on Inside the Insider Threat (2020) (0)
- Back to School (2004) (0)
- An integrated approach to reducing information technology security risk in the software life cycle (2004) (0)
- Caution: Danger Ahead (with Big Data) (2013) (0)
- De-Mythifying Cyber Security. (2010) (0)
- Reducing Software Security Risk (RSSR) (2003) (0)
- A Set of Privacy Preserving Requirements For Smart Home Control System Mobile Apps (2015) (0)
- THANKS TO OUR SUMMARIZERS (2006) (0)
- Panel: Teaching Undergraduate Information Assurance (2003) (0)
- Detection and Removal of IP Spoofing through Extended-Inter Domain Packet Filter Architecture (2020) (0)
- Computer Security Education: a Training Course on Unix Security the Role of Research in Training Education (0)
- Some Thoughts on Teaching Secure Programming (2013) (0)
- Measuring Self-efficacy in Secure Programming (2021) (0)
- Resilient Data : An Interdisciplinary Approach (2020) (0)
- The Strengths and Challenges of Analogical Approaches to Computer Security Education (2009) (0)
- 10341 Abstracts Collection - Insider Threats: Strategies for Prevention, Mitigation, and Response (2010) (0)
- Risk Aware Intrusion Detection and Response Mechanism for MANET (2018) (0)
- The RIACS Intelligent Auditing and Categorizing System (1988) (0)
- Program Chairs Message (2019) (0)
- Introduction to the Minitrack on Insider Threats to Governments and Organizations (2018) (0)
- Collaboration using roles. [in computer network security] (1990) (0)
- We're excited that the ELCA has selected our synod to pilot this program for the church, and we're grateful to have the opportunity to begin this journey together with you. (2015) (0)
- Risks of e-voting - eScholarship (2007) (0)
- Case Study: Mapping an E-Voting Based Curriculum to CSEC2017 (2023) (0)
- Implementation notes on bdes(1). [data encryption implementation] (1991) (0)
- Malfeasance: a foundation for traducement, libel, heresy, and other traditional security policies (2004) (0)
- Security Analysis of Scantegrity, an Electronic Voting System (2016) (0)
- Security applications of the epsilon-machine (2010) (0)
- Insider Misuse , with Relevance to Integrity and Accountability in Elections and Other Applications (2008) (0)
- Vulnerabilities Regarding Their Impact on 2 Security Policy (2006) (0)
This paper list is powered by the following services:
What Schools Are Affiliated With Matt Bishop?
Matt Bishop is affiliated with the following schools:
