bibliography.bib

% BOOKS %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

@book{Anderson2001sea,
  author={Anderson, Ross J.},
  title={Security Engineering: A guide to building dependable distributed
    systems},
  publisher={Wiley},
  address={New York},
  year={2001},
  URL={http://www.cl.cam.ac.uk/~rja14/book.html},
  ISBN={0-471-38922-6},
  keywords={Distribuerade system IT-s{\"a}kerhet},
}
@book{Anderson2008sea,
  author={Anderson, Ross J.},
  title={Security Engineering},
  subtitle={A guide to building dependable distributed systems},
  publisher={Wiley},
  address={Indianapolis, IN},
  year={2008},
  edition={2},
  ISBN={978-0-470-06852-6 (hbk.)},
  URL={http://www.cl.cam.ac.uk/~rja14/book.html},
  keywords={IT-s{\"a}kerhet},
}

@book{Peltier2005isr,
  author={Peltier, Thomas R.},
  title={Information security risk analysis},
  publisher={Auerbach},
  address={Boca Raton},
  year={2005},
  edition={2},
  ISBN={0-8493-3346-6},
  keywords={IT-s{\"a}kerhet Datan{\"a}t -- s{\"a}kerhetsaspekter Riskanalys
    Riskhantering},
}
@book{Peltier2010isr,
  author={Peltier, Thomas R.},
  title={Information security risk analysis},
  publisher={Auerbach Publications},
  address={Boca Raton, FL},
  year={2010},
  edition={3},
  ISBN={978-1-4398-3956-0 (hardcover : alk. paper)},
}

@incollection{OED2013cg,
  booktitle={{OED Online}},
  title={cryptography, n.},
  publisher={Oxford University Press},
  year={2013},
  month={3},
  note={Hämtad den 5 april 2013},
  URL={http://www.oed.com/view/Entry/45374?redirectedFrom=cryptography&},
}
@incollection{OED2013c,
  booktitle={{OED Online}},
  title={crypto-, comb. form},
  publisher={Oxford University Press},
  year={2013},
  month={3},
  note={Hämtad den 5 april 2013},
  URL={http://www.oed.com/view/Entry/45363},
}
@incollection{OED2013g,
  booktitle={{OED Online}},
  title={graphy-, comb. form},
  publisher={Oxford University Press},
  year={2013},
  month={3},
  note={Hämtad den 5 april 2013},
  URL={http://www.oed.com/view/Entry/80855},
}

% NEWS ARTICLES %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

@unpublished{Fisher2011rsa,
  author={Fisher, Dennis},
  title={{RSA}: {SecurID} Attack Was Phishing Via an {Excel} Spreadsheet},
  publisher={threat post},
  year={2011},
  month={4},
  URL={https://threatpost.com/en_us/blogs/rsa-securid-attack-was-phishing-excel-spreadsheet-040111},
}
@misc{Hunt2011abs,
  author={Hunt, Troy},
  title={A brief {Sony} password analysis},
  year={2011},
  month={6},
  URL={http://www.troyhunt.com/2011/06/brief-sony-password-analysis.html},
}
@misc{Honan2012haa,
  author={Honan, Mat},
  title={How {Apple} and {Amazon} Security Flaws Led to My Epic Hacking},
  year={2012},
  month={8},
  URL={http://www.wired.com/threatlevel/2012/08/mat-hacked/},
}
@misc{Zetter2012hnt,
  author={Zetter, Kim},
  title={How Not to Become {Mat Honan}: A Short Primer on Online Security},
  year={2012},
  month={8},
  URL={http://www.wired.com/threatlevel/2012/08/how-not-to-become-mat-honan/},
}
@misc{Cluley2012twp,
  author={Cluley, Graham},
  title={The worst passwords you could ever choose exposed by {Yahoo Voices}
    hack},
  year={2012},
  month={7},
  URL={http://nakedsecurity.sophos.com/2012/07/13/yahoo-voices-poor-passwords/},
}
@misc{Oberheide2010bao,
  author={Oberheide, Jon},
  title={Brief analysis of the Gawker password dump},
  year={2010},
  month={12},
  URL={https://blog.duosecurity.com/2010/12/brief-analysis-of-the-gawker-password-dump/}
}
@misc{Cubrilovic2009rhf,
  author={Cubrilovic, Nik},
  title={{RockYou Hack: From Bad to Worse}},
  year={2009},
  month={12},
  URL={http://techcrunch.com/2009/12/14/rockyou-hack-security-myspace-facebook-passwords/},
}

@misc{Lindkvist2012tdf,
  author={Lindkvist, Ida},
  title={Tietohaveriet -- dag för dag},
  year={2012},
  month={2},
  day={22},
  publisher={Computer Sweden},
  URL={https://computersweden.idg.se/2.2683/1.434018/tietohaveriet---dag-for-dag},
}

@misc{Register2011bjr,
  author={{Team Register}},
  title={{BA} jihadist relied on Jesus-era encryption},
  year={2011},
  month={3},
  URL={http://www.theregister.co.uk/2011/03/22/ba_jihadist_trial_sentencing/},
}
@misc{Roberts2012wia,
  author={Roberts, Paul},
  title={Wayward {Instagram} account creates security scare for {Norwegian} 
    Royal family},
  year={2012},
  month={8},
  URL={http://nakedsecurity.sophos.com/2012/08/23/instagram-norway-royals/},
}
@misc{Brading2012tpl,
  author={Brading, Anna},
  title={Twitter + location = {WeKnowYourHouse}},
  year={2012},
  month={8},
  URL={http://nakedsecurity.sophos.com/2012/08/15/twitter-location-weknowyourhouse/},
}
@misc{Jones2013targethack,
  author={Jones, Willie},
  title={{Target Hack Stole Millions of Credit and Debit Cards}},
  journal={IEEE Spectrum},
  month={12},
  year={2013},
  URL={http://spectrum.ieee.org/riskfactor/computing/it/target-hack-stole-millions-of--credit-and-debit-cards},
}
@misc{Ducklin2014targethack,
  author={Ducklin, Paul},
  title={Target's data breach MUCH bigger than first thought - now more than 
    100,000,000 records},
  month={1},
  year={2014},
  URL={http://nakedsecurity.sophos.com/2014/01/11/target-data-breach-much-bigger-than-first-thought-now-more-than-100m-records/},
}
@misc{Zetter2014targethack,
  author={Zetter, Kim},
  title={Target Got Hacked Hard in 2005. Here’s Why They Let It Happen Again},
  month={1},
  year={2014},
  URL={http://www.wired.com/threatlevel/2014/01/target-hack/},
}
@article{dn2010choklad,
  author={TT},
  title={Folk byter lösenord mot choklad},
  journal={Dagens Nyheter},
  date={2010-01-19},
  month={1},
  year={2010},
}
@misc{Sophos2011usbmal,
  author={Ducklin, Paul},
  title={Lost USB keys have 66\% chance of malware},
  month={12},
  year={2011},
  URL={http://nakedsecurity.sophos.com/2011/12/07/lost-usb-keys-have-66-percent-chance-of-malware},
}


% TUTORIALS %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

@misc{Eckersley2010apo,
  author={Eckersley, Peter},
  title={A Primer on Information Theory and Privacy},
  year={2010},
  month={1},
  URL={https://www.eff.org/deeplinks/2010/01/primer-information-theory-and-privacy},
}
@inproceedings{Eckersley2010hui,
  author={Eckersley, Peter},
  title={How Unique Is Your Browser?},
  booktitle={Privacy Enhancing Technologies},
  pages={1--18},
  year={2010},
  organization={Springer},
  URL={https://panopticlick.eff.org/browser-uniqueness.pdf},
}
@misc{Peck2012btc,
  title={Bitcoin: The Cryptoanarchists' Answer to Cash},
  author={Peck, Morgen E.},
  year={2012},
  month={6},
  howpublished={IEEE Spectrum},
  URL={http://spectrum.ieee.org/computing/software/bitcoin-the-cryptoanarchists-answer-to-cash/0},
}

@misc{Kaminsky2013lct,
  author={Kaminsky, Dan},
  title={Let's Cut Through the {Bitcoin} Hype: A Hacker--Entrepreneur's Take},
  year={2013},
  month={5},
  howpublished={Wired},
  URL={http://www.wired.com/opinion/2013/05/lets-cut-through-the-bitcoin-hype/},
}

@misc{Kamkar2010him,
  author={Kamkar, Samy},
  title={How {I} Met Your Girlfriend},
  year={2010},
  note={F{\"o}rel{\"a}sning, DefCon18. URL:
    del 1 -- \url{http://www.youtube.com/watch?v=fEmO7wQKCMw},
    del 2 -- \url{http://www.youtube.com/watch?v=2ctRfWnisSk},
    del 3 -- \url{http://www.youtube.com/watch?v=vJtmZZGcR54}.},
}

% RESEARCH PAPERS %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

@article{Shannon1948amt,
  author={Shannon, C. E.},
  title={A Mathematical Theory of Communication},
  journal={The Bell System Technical Journal},
  volume={27},
  pages={379--423, 623--656},
  month={7-8},
  year={1948},
}
@unpublished{Ueltschi2013se,
  author={Ueltschi, Daniel},
  title={Chapter 6: Shannon entropy},
  URL={http://www.ueltschi.org/teaching/chapShannon.pdf},
}

@article{Pan2007igw,
  author={Pan, B. and
    Hembrooke, H. and
    Joachims, T. and
    Lorigo, L. and
    Gay, G. and
    Granka, L.},
  title={In {Google} we trust: Users' decisions on rank, position, and 
    relevance},
  journal={Journal of Computer-Mediated Communication},
  volume={12},
  number={3},
  URL={http://jcmc.indiana.edu/vol12/issue3/pan.html},
}
@techreport{Epstein2013dar,
  author={Epstein, Robert and
    Robertson, Ronald E.},
  title={Democracy at risk: Manipulating search rankings can shift voting 
    preferences substatially without voter awareness},
  institution={American Institute for Behavioural Research and Technology},
  year={2013},
  URL={http://aibrt.org/downloads/EPSTEIN_and_Robertson_2013-Democracy_at_Risk-APS-summary-5-13.pdf},
}

@unpublished{Nakamoto2008bap,
  author={Nakamoto, Satoshi},
  title={Bitcoin: A Peer-to-peer Electronic Cash System},
  year={2008},
  URL={http://bitcoin.org/bitcoin.pdf},
}
@incollection{Barber2012btb,
  title={Bitter to Better--How to Make Bitcoin a Better Currency},
  author={Barber, Simon and Boyen, Xavier and Shi, Elaine and Uzun, Ersin},
  booktitle={Financial Cryptography and Data Security},
  pages={399--414},
  year={2012},
  publisher={Springer}
}
@misc{LucksMD5,
  author={Daum, Magnus and Lucks, Stefan},
  title={Hash Collisions (The Poisoned Mesage Attack): ''The Story of {Alice} 
    and her Boss''},
  note={Hämtat 10 oktober 2012},
  URL={http://th.informatik.uni-mannheim.de/people/lucks/HashCollisions/},
}

@phdthesis{Bonneau2012ghs,
  author={Bonneau, Joseph},
  title={Guessing human-chosen secrets},
  year={2012},
  month={5},
  school={University of Cambridge},
  URL={http://www.cl.cam.ac.uk/~jcb82/doc/2012-jbonneau-phd_thesis.pdf},
}
@inproceedings{Bonneau2012sog,
  author={Bonneau, Joseph},
  title={The science of guessing:
    analyzing an anonymized corpus of 70 million passwords},
  booktitle={{IEEE Symposium on Security and Privacy}},
  year={2012},
  URL={http://www.cl.cam.ac.uk/~jcb82/doc/B12-IEEESP-analyzing_70M_anonymized_passwords.pdf},
}
@inproceedings{Bonneau2012lpo,
  author={Bonneau, Joseph and Shutova, Ekaterina},
  title={Linguistic properties of multi-word passwords},
  booktitle={{USEC}},
  year={2012},
  URL={http://www.cl.cam.ac.uk/~jcb82/doc/BS12-USEC-passphrase_linguistics.pdf},
}
@techreport{Kuo2006hso,
  author={Kuo, Cynthia and Romanosky, Sasha and Cranor, Lorrie Faith},
  title={{Human Selection of Mnemonic Phrase-based Passwords}},
  institution={Institute of Software Research},
  number={36},
  year={2006},
  URL={http://repository.cmu.edu/isr/36/},
}
@inproceedings{Juels2012sha,
  author={Juels, Ari and Yen, Ting-Fang},
  title={{Sherlock Holmes and The Case of the Advanced Persistent Threat}},
  booktitle={{LEET}},
  year={2012},
  URL={https://www.rsa.com/rsalabs/staff/bios/ajuels/publications/SherlockHolmes.pdf},
}
@inproceedings{Komanduri2011opa,
  author={Komanduri, Saranga and
    Shay, Richard and
    Kelley, Patrick Gage and
    Mazurek, Michelle L. and
    Bauer, Lujo and
    Christin Nicolas and
    Cranor, Lorrie Faith and
    Egelman, Serge},
  title={Of passwords and people:
    Measuring the effect of password-composition policies},
  booktitle={CHI},
  year={2011},
  URL={http://cups.cs.cmu.edu/rshay/pubs/passwords_and_people2011.pdf},
}
@inproceedings{Komanduri2014can,
  title={Can long passwords be secure and usable?},
  author={Shay, Richard and
    Komanduri, Saranga and
    Durity, Adam L and
    Huh, Phillip Seyoung and
    Mazurek, Michelle L and
    Segreti, Sean M and
    Ur, Blase and
    Bauer, Lujo and
    Christin, Nicolas and
    Cranor, Lorrie Faith},
  booktitle={Proceedings of the 32nd annual ACM conference on Human factors in 
    computing systems},
  pages={2927--2936},
  year={2014},
  organization={ACM},
  URL={http://lorrie.cranor.org/pubs/longpass-chi2014.pdf},
}
@inproceedings{Anderson2012mtc,
  author={Anderson, Ross and
    Barton, Chris and
    Böhme, Rainer and
    Clayton, Richard and
    van Eeten, Michel J.G. and
    Levi, Michael and
    Moore, Tyler and
    Savage, Stefan},
  title={Measuring the Cost of Cybercrime},
  booktitle={WEIS},
  year={2012},
  URL={http://weis2012.econinfosec.org/papers/Anderson_WEIS2012.pdf},
}
@inproceedings{Anderson2008ise,
  author={Anderson, Ross and
    Moore, Tyler},
  title={Information security economics - and beyond},
  booktitle={CRYPTO'07 Proceedings of the 27th annual international cryptology 
    conference on Advances in cryptology},
  pages={68--91},
  year={2007},
}
@inproceedings{Anderson2012sah,
  author={Kim, Hyoungshick and
    Tang, John and
    Anderson, Ross},
  title={Social Authentication: Harder than it looks},
  booktitle={Financial Cryptography},
  year={2012},
  URL={http://www.cl.cam.ac.uk/~rja14/Papers/socialauthentication.pdf},
}
@article{Anderson2012hcs,
  author={Murdoch, Steven J. and
    Bond, Mike and
    Anderson, Ross},
  title={How Certification Systems Fail: Lessons from the Ware Report},
  journal={IEEE Security \& Privacy},
  volume={10},
  number={6},
  pages={40--44},
  month={11-12},
  year={2012},
  URL={http://www.cl.cam.ac.uk/~rja14/Papers/ieeesp12warereport.pdf},
}
@article{Anderson2012cpi,
  author={Kim, Hyoungshick and
    Tang, John and
    Anderson, Ross and
    Mascolo, Cecilia},
  title={Centrality prediction in dynamic human contact networks},
  journal={Computer Networks},
  volume={56},
  number={3},
  month={2},
  year={2012},
  pages={983--996},
  URL={http://www.cl.cam.ac.uk/~rja14/Papers/computernets12.pdf},
}
@inproceedings{Braz2006sau,
  author={Braz, Christina and
    Robert, Jean-Marc},
  title={Security and Usability: The Case of the User Authentication Methods},
  booktitle={HCI},
  year={2006},
  URL={http://brazc.uqam.ca/paperIHM06.pdf},
}
@inproceedings{Braz2010duy,
  author={Braz, Christina and
    Porrier, Pierre and
    Seffah, Ahmed},
  title={Designing Usable, Yet Secure User Authentication Service: The 
    Cognitive Dimension},
  booktitle={e-Review of Tourism Research},
  year={2010},
  URL={http://ertr.tamu.edu/files/2013/02/22-p110f.pdf},
}
@inproceedings{Cranor2012sus,
  author={Ur, Blase and
    Leon, Pedro Giovanni and
    Cranor, Lorrie Faith and
    Shay, Richard and
    Wang, Yang},
  title={Smart, Useful, Scary, Creepy: Perceptions of Online Behavioral 
    Advertising},
  booktitle={Symposium On Usable Privacy and Security},
  month={7},
  year={2012},
  URL={http://cups.cs.cmu.edu/soups/2012/proceedings/a4_Ur},
}
@inproceedings{Felt2012apu,
  author={Porter Felt, Adrienne and
    Ha, Elizabeth and
    Egelman, Serge and
    Haney, Ariel and
    Chin, Erika and
    Wagner, David},
  title={Android Permissions: User Attention, Comprehension, and Behavior},
  booktitle={Symposium On Usable Privacy and Security},
  month={7},
  year={2012},
  URL={http://www.cs.berkeley.edu/~afelt/felt-androidpermissions-soups.pdf},
}
@article{Dwork2011aff,
  author={Dwork, Cynthia},
  title={A Firm Foundation for Private Data Analysis},
  journal={Communications of the ACM},
  volume={54},
  number={1},
  month={6},
  year={2011},
  URL={https://research.microsoft.com/apps/pubs/?id=116123},
}
@inproceedings{Dingledine2004tts,
  author={Dingledine, Roger and
    Mathewson, Nick and
    Syverson, Paul},
  title={Tor: The Second-Generation Onion Router},
  booktitle={Proceedings of the 13th USENIX Security Symposium},
  year={2004},
  month={8},
  pages={303--320},
  URL={http://static.usenix.org/event/sec04/tech/dingledine.html},
}
@inproceedings{Dingledine2006alc,
  author={Dingledine, Roger and
    Mathewson, Nick},
  title={Anonymity Loves Company: Usability and the Network Effect},
  booktitle={Workshop on the Economics of Information Security},
  year={2006},
  URL={http://weis2006.econinfosec.org/docs/41.pdf},
}

@techreport{Syverson2001tlo,
  author={Syverson, Paul and
    Cervesato, Iliano},
  title={The Logic of Authentication Protocols},
  institution={Carnegie Mellon University},
  type={Computer Science Department},
  number={37},
  year={2001},
  URL={http://repository.cmu.edu/compsci/37},
}
@article{BAN90alo,
  author={Burrows, Michael and
    Abadi, Martin and
    Needham, Roger},
  title={A logic of authentication},
  journal={ACM Transactions on Computer Systems (TOCS)},
  volume={8},
  number={1},
  month={2},
  year={1990},
  URL={https://dl.acm.org/citation.cfm?id=77649},
}

@inproceedings{aes,
  title={The block cipher Rijndael},
  author={Daemen, Joan and Rijmen, Vincent},
  booktitle={Smart Card Research and Applications},
  pages={277--284},
  year={2000},
  organization={Springer},
}

@techreport{blockmodes,
  author={Dworkin, Morris},
  title={Recommendation for Block Cipher Modes of Operation: Methods and 
    Techniques},
  type={Special Publication},
  number={800-38A},
  institution={National Institute of Standards and Technology},
  year={2001},
  URL={http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf},
}

@techreport{shs,
  title={Secure Hash Standard (SHS)},
  type={Federal Information Processing Standards Publication},
  number={180-4},
  institution={National Institute of Standards and Technology},
  year={2012},
  month={3},
  URL={http://csrc.nist.gov/publications/fips/fips180-4/fips-180-4.pdf},
}

@inproceedings{bcrypt,
  author={Niels Provos and David Mazières},
  title={A Future-Adaptable Password Scheme},
  booktitle={Proceedings of the FREENIX Track: 1999 USENIX Annual Technical 
    Conference},
  year={1999},
  URL={https://www.usenix.org/conference/1999-usenix-annual-technical-conference/future-adaptable-password-scheme},
}

@inproceedings{anonpass,
  author={Lee, M.Z. and
    Dunn, A.M. and
    Waters, B. and
    Witchel, E. and
    Katz, J.},
  title={Anon-Pass: Practical Anonymous Subscriptions},
  booktitle={Security and Privacy (SP), 2013 IEEE Symposium on},
  year={2013},
  month={May},
  pages={319-333},
  doi={10.1109/SP.2013.29},
  ISSN={1081-6011},
  URL={http://dx.doi.org/10.1109/SP.2013.29},
}

@incollection{acoustic,
  author={Genkin, Daniel and Shamir, Adi and Tromer, Eran},
  title={RSA Key Extraction via Low-Bandwidth Acoustic Cryptanalysis},
  editor={Garay, JuanA. and Gennaro, Rosario},
  booktitle={Advances in Cryptology – CRYPTO 2014},
  series={Lecture Notes in Computer Science},
  volume={8616},
  pages={444-461},
  year={2014},
  isbn={978-3-662-44370-5},
  doi={10.1007/978-3-662-44371-2_25},
  url={http://dx.doi.org/10.1007/978-3-662-44371-2_25},
  publisher={Springer Berlin Heidelberg},
}

% OWN MATERIAL %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

@unpublished{Bosk2013gl,
  author={Bosk, Daniel},
  title={Grundl{\"a}ggande l{\"o}senordsanalys},
  year={2013},
  URL={http://ver.miun.se/courses/security/compendii/pwdanalysis.pdf},
}
@unpublished{Bosk2013itn,
  author={Bosk, Daniel},
  title={Introduktion till några klassiska chiffer},
  year={2013},
  URL={http://ver.miun.se/courses/security/compendii/krypto.pdf},
}
@misc{SAOL,
  author={{Svenska Akademin}},
  title={{SAOL} p{\aa} n{\"a}tet},
  note={Hämtad den 24 februari 2012},
  URL={http://www.svenskaakademien.se/svenska_spraket/svenska_akademiens_ordlista/saol_pa_natet},
}

% MSB %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

@manual{Apache,
  title={{Documentation: Apache HTTP Server}},
  organization={{The Apache Software Foundation}},
  year={2012},
  URL={https://httpd.apache.org/docs/},
}

@misc{CERT-SE,
  author={{Myndigheten för samhällsskydd och beredskap}},
  title={{CERT-SE}},
  URL={https://www.cert.se},
}

@misc{MSBFS2009:10,
  origanization={Myndigheten för samhällsskydd och beredskap},
  title={Myndigheten för samhällsskydd och beredskaps föreskrifter om statliga 
    myndigheters informationssäkerhet},
  note={MSBFS 2009:10},
  URL={https://www.msb.se/externdata/rs/94a3d208-2ac4-48a1-84f2-208268f5767e.pdf},
}
@misc{MSB2013m,
  organization={Myndigheten för samhällsskydd och beredskap},
  title={Metodstöd},
  year={2010},
  URL={http://www.informationssakerhet.se/Ramverket/},
  note={Hämtad den 9 januari 2013},
}
@misc{MSB2011itm,
  author={Andersson, Helena and
    Andersson, Jan-Olof and
    Björck, Fredrik and
    Eriksson, Martin and
    Eriksson, Rebecca and
    Lundberg, Robert and
    Patrickson, Michael and
    Starkerud, Kristina},
  title={Introduktion till metodstödet},
  year={2011},
  month={12},
  URL={http://www.informationssakerhet.se},
}
@misc{MSB2011sle,
  author={Andersson, Helena and
    Andersson, Jan-Olof and
    Björck, Fredrik and
    Eriksson, Martin and
    Eriksson, Rebecca and
    Lundberg, Robert and
    Patrickson, Michael and
    Starkerud, Kristina},
  title={Säkra ledningens engagemang},
  year={2011},
  month={12},
  URL={http://www.informationssakerhet.se},
}
@misc{MSB2011p,
  author={Andersson, Helena and
    Andersson, Jan-Olof and
    Björck, Fredrik and
    Eriksson, Martin and
    Eriksson, Rebecca and
    Lundberg, Robert and
    Patrickson, Michael and
    Starkerud, Kristina},
  title={Projektplanering},
  year={2011},
  month={12},
  URL={http://www.informationssakerhet.se},
}
@misc{MSB2011v,
  author={Andersson, Helena and
    Andersson, Jan-Olof and
    Björck, Fredrik and
    Eriksson, Martin and
    Eriksson, Rebecca and
    Lundberg, Robert and
    Patrickson, Michael and
    Starkerud, Kristina},
  title={Verksamhetsanalys},
  year={2011},
  month={12},
  URL={http://www.informationssakerhet.se},
}
@misc{MSB2011r,
  author={Andersson, Helena and
    Andersson, Jan-Olof and
    Björck, Fredrik and
    Eriksson, Martin and
    Eriksson, Rebecca and
    Lundberg, Robert and
    Patrickson, Michael and
    Starkerud, Kristina},
  title={Riskanalys},
  year={2011},
  month={12},
  URL={http://www.informationssakerhet.se},
}
@misc{MSB2011gap,
  author={Andersson, Helena and
    Andersson, Jan-Olof and
    Björck, Fredrik and
    Eriksson, Martin and
    Eriksson, Rebecca and
    Lundberg, Robert and
    Patrickson, Michael and
    Starkerud, Kristina},
  title={Gapanalys},
  year={2011},
  month={12},
  URL={http://www.informationssakerhet.se},
}
@misc{MSB2011gb,
  author={Andersson, Helena and
    Andersson, Jan-Olof and
    Björck, Fredrik and
    Eriksson, Martin and
    Eriksson, Rebecca and
    Lundberg, Robert and
    Patrickson, Michael and
    Starkerud, Kristina},
  title={Gapanalys -- Checklistan},
  year={2011},
  month={12},
  URL={http://www.informationssakerhet.se},
}
@misc{MSB2011vs,
  author={Andersson, Helena and
    Andersson, Jan-Olof and
    Björck, Fredrik and
    Eriksson, Martin and
    Eriksson, Rebecca and
    Lundberg, Robert and
    Patrickson, Michael and
    Starkerud, Kristina},
  title={Välja säkerhetsåtgärder},
  year={2011},
  month={12},
  URL={http://www.informationssakerhet.se},
}
@misc{MSB2011us,
  author={Andersson, Helena and
    Andersson, Jan-Olof and
    Björck, Fredrik and
    Eriksson, Martin and
    Eriksson, Rebecca and
    Lundberg, Robert and
    Patrickson, Michael and
    Starkerud, Kristina},
  title={Utforma säkerhetsprocesser},
  year={2011},
  month={12},
  URL={http://www.informationssakerhet.se},
}
@misc{MSB2011upo,
  author={Andersson, Helena and
    Andersson, Jan-Olof and
    Björck, Fredrik and
    Eriksson, Martin and
    Eriksson, Rebecca and
    Lundberg, Robert and
    Patrickson, Michael and
    Starkerud, Kristina},
  title={Utforma policy och styrdokument},
  year={2011},
  month={12},
  URL={http://www.informationssakerhet.se},
}

@misc{MSB2011pg,
  author={Andersson, Helena and
    Andersson, Jan-Olof and
    Björck, Fredrik and
    Eriksson, Martin and
    Eriksson, Rebecca and
    Lundberg, Robert and
    Patrickson, Michael and
    Starkerud, Kristina},
  title={Planera genomförande},
  year={2011},
  month={12},
  URL={http://www.informationssakerhet.se},
}
@misc{MSB2011koa,
  author={Andersson, Helena and
    Andersson, Jan-Olof and
    Björck, Fredrik and
    Eriksson, Martin and
    Eriksson, Rebecca and
    Lundberg, Robert and
    Patrickson, Michael and
    Starkerud, Kristina},
  title={Konstruera och anskaffa},
  year={2011},
  month={12},
  URL={http://www.informationssakerhet.se},
}
@misc{MSB2011i,
  author={Andersson, Helena and
    Andersson, Jan-Olof and
    Björck, Fredrik and
    Eriksson, Martin and
    Eriksson, Rebecca and
    Lundberg, Robert and
    Patrickson, Michael and
    Starkerud, Kristina},
  title={Införa},
  year={2011},
  month={12},
  URL={http://www.informationssakerhet.se},
}
@misc{MSB2011o,
  author={Andersson, Helena and
    Andersson, Jan-Olof and
    Björck, Fredrik and
    Eriksson, Martin and
    Eriksson, Rebecca and
    Lundberg, Robert and
    Patrickson, Michael and
    Starkerud, Kristina},
  title={Övervaka},
  year={2011},
  month={12},
  URL={http://www.informationssakerhet.se},
}
@misc{MSB2011g,
  author={Andersson, Helena and
    Andersson, Jan-Olof and
    Björck, Fredrik and
    Eriksson, Martin and
    Eriksson, Rebecca and
    Lundberg, Robert and
    Patrickson, Michael and
    Starkerud, Kristina},
  title={Granska},
  year={2011},
  month={12},
  URL={http://www.informationssakerhet.se},
}
@misc{MSB2011lg,
  author={Andersson, Helena and
    Andersson, Jan-Olof and
    Björck, Fredrik and
    Eriksson, Martin and
    Eriksson, Rebecca and
    Lundberg, Robert and
    Patrickson, Michael and
    Starkerud, Kristina},
  title={Ledningens genomgång},
  year={2011},
  month={12},
  URL={http://www.informationssakerhet.se},
}
@unpublished{MSB2011ulo,
  author={Andersson, Helena and
    Andersson, Jan-Olof and
    Björck, Fredrik and
    Eriksson, Martin and
    Eriksson, Rebecca and
    Lundberg, Robert and
    Patrickson, Michael and
    Starkerud, Kristina},
  title={Utveckla {LIS} och skyddet},
  year={2011},
  month={12},
  URL={http://www.informationssakerhet.se},
}
@unpublished{MSB2011kf,
  author={Andersson, Helena and
    Andersson, Jan-Olof and
    Björck, Fredrik and
    Eriksson, Martin and
    Eriksson, Rebecca and
    Lundberg, Robert and
    Patrickson, Michael and
    Starkerud, Kristina},
  title={Kommunicera förbättringar},
  year={2011},
  month={12},
  URL={http://www.informationssakerhet.se},
}
@unpublished{MSB2011fa,
  author={Andersson, Helena and
    Andersson, Jan-Olof and
    Björck, Fredrik and
    Eriksson, Martin and
    Eriksson, Rebecca and
    Lundberg, Robert and
    Patrickson, Michael and
    Starkerud, Kristina},
  title={Fortsatt arbete},
  year={2011},
  month={12},
  URL={http://www.informationssakerhet.se},
}

% MANUALS %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

@misc{snort,
  author={{The Snort Project}},
  title={SNORT Users Manual},
  year={2013},
  month={5},
  URL={http://s3.amazonaws.com/snort-org/www/assets/166/snort_manual.pdf},
}
@misc{gpgdoc,
  author={Werner Koch},
  title={Using the GNU Privacy Guard},
  year={2012},
  month={3},
  URL={http://www.gnupg.org/documentation/manuals/gnupg.pdf},
}
@misc{gpg4windoc,
  author={{The Gpg4win Initiative}},
  title={The Gpg4win Compendium},
  year={2010},
  month={8},
  URL={http://wald.intevation.org/frs/download.php/775/gpg4win-compendium-en-3.0.0-beta1.pdf},
}

@misc{openpuffdoc,
  author={Eng.~Cosimo Oliboni},
  title={OpenPuff v4.00 Steganography \& and Watermarking},
  year={2012},
  month={7},
  URL={http://embeddedsw.net/doc/OpenPuff_Help_EN.pdf},
}

% UNSORTED %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

@unpublished{Bosk2013itk,
  author={Bosk, Daniel},
  title={En introduktion till kryptografi},
  year={2013},
  URL={http://ver.miun.se/courses/security/compendii/introcrypt.pdf},
}

@unpublished{kthtalteori,
  author={Enblom, Andreas and
    Sola, Alan},
  title={Talteori},
  year={2008},
  note={KTH:s matematiska cirkel 2008--2009, Kungliga Tekniska högskolan},
  URL={http://www.math.kth.se/cirkel/2008/kompendium.pdf},
}
@unpublished{kthsannolikhet,
  author={Arnlind, Joakim and Enblom, Andreas},
  title={Sannolikhetsteori},
  year={2007},
  note={KTH:s matematiska cirkel 2007--2008, Kungliga Tekniska högskolan},
  URL={http://www.math.kth.se/cirkel/2007/kompendium07.pdf},
}
@misc{NISTdef,
  author = {{Peter Mell and Tim Grance}},
  title = {{The NIST Definition of Cloud Computing}},
  note = {{NIST Special Publication 800-145}},
  year = {2011}
}
@misc{NISTref,
  author = {{Fang Liu, Jin Tong, Jian Mao, Robert Bohn, John Messina, Lee
    Badger and Dawn Leaf}},
  title = {{NIST Cloud Computing Reference Architecture}},
  note = {{NIST Special Publication 500-292}},
  year = {2011}
}
@misc{CSAtnn,
  author = {{Top Threats Working Group, Cloud Security Alliance}},
  title = {{The Notorious Nine: Cloud Computing Threats in 2013}},
  URL = {http://www.cloudsecurityalliance.org/topthreats/},
  year = 2013
}
@misc{comodo,
  title={{Phony SSL Certificates issued for Google, Yahoo, Skype, Others}},
  author={Paul Roberts},
  publisher={Threat Post},
  month={3},
  year={2011},
  URL={http://threatpost.com/phony-ssl-certificates-issued-google-yahoo-skype-others-032311},
}

@misc{owasp2013,
  shorthand={OWASP13},
  author={The Open Web Application Security Project},
  title={{OWASP} Top 10 - 2013},
  subtitle={The Ten Most Critical Web Application Security Risks},
  year={2013},
  month={6},
  URL={http://owasptop10.googlecode.com/files/OWASP%20Top%2010%20-%202013.pdf},
}
@misc{owasp2005guide,
  editor={Adrian Weismann and
    Mark Curphey and
    Andrew van der Stock and
    Ray Stirbei},
  title={A Guide to Building Secure Web Applications and Web Services},
  publisher={The Open Web Application Security Project},
  year={2005},
  URL={http://prdownloads.sourceforge.net/owasp/OWASPGuide2.0.1.pdf?download},
}
@misc{owasp2008testing,
  editor={Matteo Meucci and
    Eoin Keary and
    Daniel Cuthbert},
  title={OWASP Testing Guide},
  publisher={The Open Web Application Security Project},
  year={2008},
  edition={3.0},
  URL={http://www.owasp.org/images/5/56/OWASP_Testing_Guide_v3.pdf},
}
@misc{owasp2013asvs,
  shorthand={ASVS13},
  editor={Kazerooni, Sahba and
    Cuthbert, Daniel and
    van der Stock, Andrew and
    Raja, Krishna},
  title={OWASP Application Security Verification Standard 2013},
  publisher={The Open Web Application Security Project},
  year={2013},
  edition={2.0 beta},
  URL={http://sourceforge.net/projects/owasp/files/ASVS/OWASP%20ASVS%202013%20Beta%20_v1.0.pdf/download},
}
@misc{owasp2014asvs,
  shorthand={ASVS14},
  editor={Kazerooni, Sahba and
    Cuthbert, Daniel and
    van der Stock, Andrew and
    Raja, Krishna},
  title={OWASP Application Security Verification Standard 2014},
  publisher={The Open Web Application Security Project},
  year={2014},
  edition={2},
  URL={https://www.owasp.org/images/5/58/OWASP_ASVS_Version_2.pdf},
}
@article{Singel2011feh,
  author={Singel, Ryan},
  title={Facebook Enables {HTTPS} So You Can Share Without Being Hijacked},
  journal={Wired},
  year={2011},
  month={1},
  URL={http://www.wired.com/threatlevel/2011/01/facebook-https/},
}

@article{leyden2011psnhack,
  author={Leyden, John},
  title={Security watchers unpick PlayStation hack},
  journal={The Register},
  year={2011},
  month={5},
  URL={http://www.theregister.co.uk/2011/05/13/veracode_playstation_hack_analysis/},
}
@article{thomson2013ubisoftbreach,
  author={Thomson, Iain},
  title={Ubisoft admits major hacking breach, advises password change},
  journal={The Register},
  year={2013},
  month={7},
  URL={http://www.theregister.co.uk/2013/07/02/ubisoft_data_breach/},
}
@misc{Brading2012tlw,
  author={Brading, Anna},
  title={Twitter + location = WeKnowYourHouse},
  publisher={Sophos},
  year={2012},
  month={8},
  URL={http://nakedsecurity.sophos.com/2012/08/15/twitter-location-weknowyourhouse/},
}
@misc{brading2012yahoovoices,
  author={Brading, Anna},
  title={Yahoo Voices hacked, nearly half a million emails and passwords 
    stolen},
  publisher={Sophos},
  year={2012},
  month={7},
  URL={http://nakedsecurity.sophos.com/2012/07/12/yahoo-voices-hacked/},
}
@article{goodin2012yahoovoices,
  author={Goodin, Dan},
  title={Hackers expose 453,000 credentials allegedly taken from Yahoo 
    service},
  journal={Ars Technica},
  year={2012},
  month={7},
  URL={http://arstechnica.com/security/2012/07/yahoo-service-hacked/},
}
@article{gustin2010gawker,
  author={Gustin, Sam},
  title={Gawker Media Websites Hacked, Staff and User Passwords Leaked},
  journal={Wired},
  year={2010},
  month={12},
  URL={http://www.wired.com/threatlevel/2010/12/gawker-hacked/},
}
@misc{Zetter2011citibank,
  author={Zetter, Kim},
  title={Citi Credit Card Hack Bigger Than Originally Disclosed},
  publisher={Wired},
  year={2011},
  month={6},
  URL={http://www.wired.com/threatlevel/2011/06/citibank-hacked/},
}
@misc{Oates2011citibank,
  author={Oates, John},
  title={Citibank hack lifted 200,000 names, emails, acct numbers},
  publisher={The Register},
  year={2011},
  month={6},
  URL={http://www.theregister.co.uk/2011/06/09/citibank_hack_attack/},
}
@misc{Goodin2011citibank,
  author={Goodin, Dan},
  title={Citigroup hack exploited easy-to-detect web flaw},
  publisher={The Register},
  year={2011},
  month={6},
  URL={http://www.theregister.co.uk/2011/06/14/citigroup_website_hack_simple/},
}
@misc{hackme,
  title={Hack.me: Web application security project},
  organization={eLearnSecurity},
  month={7},
  year={2013},
  URL={https://hack.me},
}
@techreport{enisa2012privacyconsiderations,
  author={Claude Castelluccia and
    Arvind Narayanan},
  title={Privacy considerations of online behavioural tracking},
  institution={European Network and Information Security Agency},
  year={2012},
  URL={http://www.enisa.europa.eu/activities/identity-and-trust/library/deliverables/privacy-considerations-of-online-behavioural-tracking},
}
@techreport{enisa2008web20security,
  editor={Hogben, Giles},
  author={Suresh Chari and
    Andy Cirillo and
    Simon Grehan and
    Michael Hart and
    Rob Johnson and
    Ajit Jaokar and
    Cordente, Jesús Jiménez and
    Robert Pajak and
    Corin Pitcher and
    Robert Rachwald and
    Zulfikar Ramzan and
    Thomas Roessler and
    Paul Thompson and
    Daniele Vitali and
    Andreas Wiegenstein},
  title={Web 2.0 Security and Privacy},
  institution={European Network and Information Security Agency},
  year={2008},
  URL={http://www.enisa.europa.eu/activities/identity-and-trust/library/past-work-areas/web2sec/report},
}
@techreport{enisa2011cookies,
  author={Rodica Tirtea and
    Claude Castelluccia and
    Demosthenes Ikonomou},
  title={Bittersweet cookies. Some security and privacy considerations},
  institution={European Network and Information Security Agency},
  year={2011},
  URL={http://www.enisa.europa.eu/activities/identity-and-trust/library/pp/cookies},
}
@book{Stallings2010nse,
  author={Stallings, William},
  title={Network security essentials : applications and standards},
  publisher={Prentice Hall},
  address={Upper Saddle River, N. J.},
  year={2010},
  edition={4. ed.},
  ISBN={0-13-706792-5 (pbk.)},
  keywords={IT-s{\"a}kerhet Datan{\"a}t Datakommunikation Kryptering},
}
@book{Stallings2013nse,
  author={Stallings, William},
  title={Network security essentials : applications and standards},
  publisher={Pearson Education},
  year={2013},
  edition={5},
  ISBN={978-0-273-79336-6},
  keywords={IT-s{\"a}kerhet Datan{\"a}t Datakommunikation Kryptering},
  note={International Edition}
}
@book{Stallings2011can,
  author={Stallings, William},
  title={Cryptography and network security : principles and practice},
  publisher={Prentice Hall},
  address={Upper Saddle River},
  year={2011},
  edition={5. ed., International ed.},
  ISBN={0-13-705632-X (pbk)},
  keywords={Kryptering Kryptologi IT-s{\"a}kerhet Dataskydd},
}
@book{Stallings2013can,
  author={Stallings, William},
  title={Cryptography and network security : principles and practice},
  publisher={Pearson Education},
  year={2013},
  edition={6},
  ISBN={978-0-273-79335-9},
  keywords={Kryptering Kryptologi IT-s{\"a}kerhet Dataskydd},
}

@misc{Lucks2005hc,
  title={Hash Collisions (The Poisoned Message Attack)},
  author={Lucks, Stefan and
    Daum, Magnus},
  year={2005},
  URL={http://th.informatik.uni-mannheim.de/people/lucks/HashCollisions/},
}

@misc{xkcd906,
  author={xkcd},
  title={Adertising Discovery},
  URL={https://xkcd.com/906/},
}
@misc{xkcd936,
  author={xkcd},
  title={Password Strength},
  URL={https://xkcd.com/936/},
}
@misc{xkcd792,
  author={xkcd},
  title={Password Reuse},
  URL={https://xkcd.com/792/},
}
@misc{xkcd538,
  author={xkcd},
  title={Security},
  URL={https://xkcd.com/538/},
}
@manual{GSMA2012pdg,
  title={Privacy Design Guidelines for Mobile Application Development},
  organization={GSM Association},
  year={2012},
  month={2},
  URL={http://www.gsma.com/publicpolicy/privacy-design-guidelines-for-mobile-application-development},
}
@techreport{enisa2010sis,
  author={Hogben, Giles and Dekker, Marnix},
  title={Smartphones: Information security risks, opportunities and 
    recommendations for users},
  institution={European Network and Information Security Agency},
  year={2010},
  month={12},
  URL={http://www.enisa.europa.eu/activities/identity-and-trust/risks-and-data-breaches/smartphones-information-security-risks-opportunities-and-recommendations-for-users},
}
@manual{enisa2011ssd,
  author={Bansal, Vinay and
    Henein, Nader and
    Hogben, Giles and
    Nohl, Karsten and
    Mannino, Jack and
    Papathanasiou, Christian and
    Rueping, Stefan and
    Woods Beau},
  title={Smartphone Secure Development Guidelines for App Developers},
  organization={European Network and Information Security Agency},
  year={2011},
  month={11},
  URL={http://www.enisa.europa.eu/activities/Resilience-and-CIIP/critical-applications/smartphone-security-1/smartphone-secure-development-guidelines},
}
@techreport{enisa2011asa,
  editor={Hogben, Giles and Dekker, Marnix},
  author={De Ryck, Philippe and
    Desmet, Lieven and
    Philippaerts, Pieter and
    Piessens, Frank
  },
  title={A Security Analysis of Next Generation Web Standards},
  institution={Katholieke Universiteit Leuven},
  year={2011},
  month={7},
  URL={http://www.enisa.europa.eu/activities/Resilience-and-CIIP/critical-applications/web-security/a-security-analysis-of-next-generation-web-standards},
}
@techreport{enisa2012pco,
  author={Castelluccia, Claude and Narayanan, Arvind},
  title={Privacy considerations of online behavioural tracking},
  institution={European Network and Information Security Agency},
  year={2012},
  month={11},
  URL={http://www.enisa.europa.eu/activities/identity-and-trust/library/deliverables/privacy-considerations-of-online-behavioural-tracking},
}
@manual{owasp2010ott,
  title={{OWASP} Top 10 -- 2010: The Ten Most Critical Web Application Security 
    Risks},
  organization={The Open Web Application Security Project},
  year={2010},
  URL={http://owasptop10.googlecode.com/files/OWASP%20Top%2010%20-%202010.pdf},
}

@techreport{nist2007ids,
  author={Karen Scarfone and Peter Mell},
  title={Guide to Intrusion Detection and
    Prevention Systems (IDPS)},
  institution={National Institute of Standards and Technology (NIST)},
  month={2},
  year={2007},
  type={NIST Special Publication},
  number={800-94},
  URL={http://csrc.nist.gov/publications/nistpubs/800-94/SP800-94.pdf},
}

@misc{ossec,
  author={{Trend Micro}},
  title={OSSEC: Open Source SECurity},
  URL={http://www.ossec.net/},
}
@inbook{ossec2,
  author={Hay, Andrew and
    Cid, Daniel and
    Bray, Rory},
  title={Installation},
  chapter={2},
  booktitle={{OSSEC} {HIDS}: Host-Based Intrusion Detection Guide},
  publisher={Syngress Publishing, Inc.},
  year={2008},
  URL={http://ossec.net/ossec-docs/OSSEC-book-ch2.pdf},
}
@inbook{ossec3,
  author={Hay, Andrew and
    Cid, Daniel and
    Bray, Rory},
  title={OSSEC HIDS Configuration},
  chapter={3},
  booktitle={{OSSEC} {HIDS}: Host-Based Intrusion Detection Guide},
  publisher={Syngress Publishing, Inc.},
  year={2008},
  URL={http://ossec.net/ossec-docs/OSSEC-book-ch3.pdf},
}
@inbook{ossec4,
  author={Hay, Andrew and
    Cid, Daniel and
    Bray, Rory},
  title={Working with Rules},
  chapter={4},
  booktitle={{OSSEC} {HIDS}: Host-Based Intrusion Detection Guide},
  publisher={Syngress Publishing, Inc.},
  year={2008},
  URL={http://ossec.net/ossec-docs/OSSEC-book-ch4.pdf},
}

@book{Gollmann2011cs,
  author={Gollmann, Dieter},
  title={Computer Security},
  publisher={Wiley},
  address={Chichester, West Sussex, U.K.},
  year={2011},
  edition={3},
  ISBN={9780470741153 (pbk.)},
  keywords={IT-s{\"a}kerhet},
}

@article{thompson1984reflections,
  title={Reflections on trusting trust},
  author={Thompson, Ken},
  journal={Communications of the ACM},
  volume={27},
  number={8},
  pages={761--763},
  year={1984},
  publisher={ACM},
  URL={http://dl.acm.org/citation.cfm?id=358210},
}

@book{Biggs2002dm,
  author={Biggs, Norman},
  title={Discrete mathematics},
  publisher={Oxford Univ. Press},
  address={Oxford},
  year={2002},
  edition={2. ed.},
  ISBN={0-19-850717-8 (hft.)},
  keywords={Diskret matematik Datavetenskap -- matematik},
}

@book{Knuth1997tao2,
  author={Knuth, Donald Ervin},
  title={The Art of Computer Programming.},
  volume={2, Seminumerical algorithms},
  publisher={Addison-Wesley},
  address={Reading, Mass.},
  year={1997},
  edition={3},
  ISBN={0-201-89684-2},
} 

@book{Stinson2006cta,
  author={Stinson, Douglas R.},
  title={Cryptography : theory and practice},
  publisher={Chapman {\&} Hall/CRC},
  address={Boca Raton},
  year={2006},
  edition={3},
  ISBN={1-58488-508-4 (Hardcover)},
  keywords={Kryptering},
}

@misc{effsurveil,
  author={{Electronic Frontier Foundation}},
  title={Mass Surveillance Technologies},
  URL={https://www.eff.org/issues/mass-surveillance-technologies},
  note={Accessed 4 April 2014},
}

@misc{acmcode,
  author={{Association for Computing Machinery}},
  title={Code of Ethics: {ACM} Code of Ethics and Professional Conduct},
  URL={https://www.acm.org/about/code-of-ethics},
  note={Accessed on 4 April 2014},
}
@misc{acmsecode,
  author={{Association for Computing Machinery}},
  title={Software Engineering Code of Ethics and Professional Practice},
  URL={https://www.acm.org/about/se-code},
  note={Accessed on 4 April 2014},
}
@misc{ieeecode,
  author={Institute of Electrical and Electronics Engineers},
  title={{IEEE} Code of Ethics},
  URL={http://www.ieee.org/about/corporate/governance/p7-8.html},
  note={Accessed on 4 April 2014},
}

@article{garber2014roundup,
  author={Garber, Lee},
  title={Security, Privacy, Policy, and Dependability Roundup},
  journal={IEEE Security {\&} Privacy},
  volume={12},
  number={1},
  ISSN={1540-7993},
  year={2014},
  pages={9-10},
  doi={http://dx.doi.org/10.1109/MSP.2014.13},
  publisher={IEEE Computer Society},
  address={Los Alamitos, CA, USA},
}

@article{landau2013snowden,
  author={Landau, Susan},
  title={Making Sense from {Snowden}: What's Significant in the {NSA} 
    Surveillance Revelations},
  journal={IEEE Security {\&} Privacy},
  volume={11},
  number={4},
  ISSN={1540-7993},
  pages={54--63},
  year={2013},
  publisher={IEEE Computer Society},
  address={Los Alamitos, CA, USA},
  doi={http://dx.doi.org/10.1109/MSP.2013.90},
}
@article{landau2014highlights,
  title={Highlights from Making Sense of {Snowden}, Part II: What's Significant 
    in the NSA Revelations},
  author={Landau, Susan},
  journal={IEEE Security {\&} Privacy},
  volume={12},
  number={1},
  ISSN={1540-7993},
  pages={62--64},
  year={2014},
  publisher={IEEE Computer Society},
  address={Los Alamitos, CA, USA},
  doi={http://dx.doi.org/10.1109/MSP.2013.161},
}

@article{nsatao,
  author={Schnier, Bruce},
  title={More about the {NSA}'s {Tailored Access Operations Unit}},
  journal={Schnier on Security},
  month={12},
  year={2013},
  URL={https://www.schneier.com/blog/archives/2013/12/more_about_the.html},
}

@misc{WinUEFIboot,
  author={Microsoft},
  title={Secure Boot Overview},
  month={2},
  year={2014},
  URL={http://technet.microsoft.com/en-us/library/hh824987.aspx},
}

@misc{assembly,
  author={Bryant, Randal E.~and O'Hallaron, David R.},
  title={x86-64 Machine-Level Programming},
  month={9},
  year={2005},
  URL={https://www.cs.cmu.edu/~fp/courses/15213-s07/misc/asm64-handout.pdf},
}

@article{stacksmash,
  title={Smashing the stack for fun and profit},
  author={{Aleph One}},
  journal={Phrack magazine},
  volume={7},
  number={49},
  pages={14--16},
  year={1996},
  URL={http://www-inst.eecs.berkeley.edu/~cs161/fa08/papers/stack_smashing.pdf},
}

@misc{twilighthack,
  author={Wiibrew},
  title={Twilight Hack},
  note={Accessed 9 April 2014},
  URL={http://www.wiibrew.org/wiki/Twilight_Hack},
}

@misc{heartbleed,
  author={{OpenSSL}},
  title={OpenSSL Security Advisory: {TLS} heartbeat read overrun 
    (CVE-2014-0160)},
  date={2014-04-07},
  URL={https://www.openssl.org/news/secadv_20140407.txt},
}

@article{passwdbug,
  author={Shaun McAdams},
  title={Local Privilege Escalation in Solaris 8 and
    Solaris 9 via Buffer Overflow in passwd(1)},
  month={2},
  year={2005},
  journal={SANS Institute Reading Room},
  URL={https://www.sans.org/reading-room/whitepapers/solaris/local-privilege-escalation-solaris-8-solaris-9-buffer-overflow-passwd1-1600},
}

@book{hansen1973operating,
  title={Operating system principles},
  author={Hansen, Per Brinch},
  year={1973},
  publisher={Prentice-Hall, Inc.}
}

@book{vacca2012computer,
  title={Computer and information security handbook},
  author={Vacca, John R},
  year={2012},
  publisher={Newnes}
}

@article{schneier1999secure,
  title={Secure audit logs to support computer forensics},
  author={Schneier, Bruce and Kelsey, John},
  journal={ACM Transactions on Information and System Security (TISSEC)},
  volume={2},
  number={2},
  pages={159--176},
  year={1999},
  publisher={ACM}
}
@inproceedings{schneier1998cryptographic,
  title={Cryptographic support for secure logs on untrusted machines},
  author={Schneier, Bruce and Kelsey, John},
  booktitle={USENIX Security Symposium},
  volume={98},
  pages={53--62},
  year={1998}
}
@techreport{genkin2013rsa,
  title={RSA Key Extraction via Low-Bandwidth Acoustic Cryptanalysis},
  author={Genkin, Daniel and Shamir, Adi and Tromer, Eran},
  year={2013},
  institution={Cryptology ePrint Archive, Report 2013/857, 2013.},
  URL={http://eprint.iacr.org/2013/857},
}

@incollection{kuhn2005security,
  title={Security limits for compromising emanations},
  author={Kuhn, Markus G},
  booktitle={Cryptographic Hardware and Embedded Systems--CHES 2005},
  pages={265--279},
  year={2005},
  publisher={Springer}
}
@inproceedings{kuhn2005electromagnetic,
  title={Electromagnetic eavesdropping risks of flat-panel displays},
  author={Kuhn, Markus G},
  booktitle={Privacy Enhancing Technologies},
  pages={88--107},
  year={2005},
  organization={Springer}
}

@inproceedings{song2001timing,
  title={Timing Analysis of Keystrokes and Timing Attacks on SSH.},
  author={Song, Dawn Xiaodong and Wagner, David and Tian, Xuqing},
  booktitle={USENIX Security Symposium},
  volume={2001},
  year={2001}
}

@techreport{enisa2006risk,
  author={{Technical Department of ENISA, Section Risk Management}},
  title={Risk Management: Implementation principles and Inventories for Risk 
    Management/Risk Assessment methods and tools},
  institution={European Union Agency for Network and Information Security 
    (ENISA)},
  month={6},
  year={2006},
  URL={http://www.enisa.europa.eu/activities/risk-management/current-risk/risk-management-inventory/files/deliverables/risk-management-principles-and-inventories-for-risk-management-risk-assessment-methods-and-tools},
}

@article{ieeespectrum2014usb,
  author={Schneider, David},
  title={USB Flash Drives Are More Dangerous Than You Think},
  journal={IEEE Spectrum},
  month={8},
  year={2014},
  URL={http://spectrum.ieee.org/tech-talk/computing/embedded-systems/usb-flash-drives-are-more-dangerous-than-you-think},
}

% CITATION AND REFERENCES %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

@misc{IEEEcitation,
  author={Graffox, D},
  title={IEEE Citation Reference},
  year={2009},
  month={9},
  URL={http://www.ieee.org/documents/ieeecitationref.pdf},
}
@misc{PurdueCitation,
  author={Joshua M. Paiz and
    Elizabeth Angeli and
    Jodi Wagner and
    Elena Lawrick and
    Kristen 
    Moore and
    Michael Anderson and
    Lars Soderlund and
    Allen Brizee and
    Russell Keck},
  title={In-Text Citations: The Basics},
  year={2013},
  month={11},
  day={23},
  URL={https://owl.english.purdue.edu/owl/owlprint/560/},
}

@misc{MiUn2012rft,
  author={Mittuniversitetet},
  title={Rapportmall för tekniska rapporter},
  year={2012},
  URL={http://ver.miun.se/latex/miunthes/thesis/thesis.pdf},
}

% STEGANOGRAPHY %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

@article{johnson1998exploring,
  title={Exploring steganography: Seeing the unseen},
  author={Johnson, Neil F and Jajodia, Sushil},
  journal={Computer},
  volume={31},
  number={2},
  pages={26--34},
  year={1998},
  publisher={IEEE},
  URL={http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=4655281},
}

@article{anderson1998limits,
  title={On the limits of steganography},
  author={Anderson, Ross J and Petitcolas, Fabien AP},
  journal={Selected Areas in Communications, IEEE Journal on},
  volume={16},
  number={4},
  pages={474--481},
  year={1998},
  publisher={IEEE},
  URL={http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=668971},
}

@article{provos2003hide,
  title={Hide and seek: An introduction to steganography},
  author={Provos, Niels and Honeyman, Peter},
  journal={Security \& Privacy, IEEE},
  volume={1},
  number={3},
  pages={32--44},
  year={2003},
  publisher={IEEE},
  URL={http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=1203220},
}

@manual{outguess,
  author={Niels Provos},
  title={outguess - universal steganographic tool},
  URL={http://manpages.ubuntu.com/manpages/utopic/man1/outguess.1.html},
}

@article{rsa,
  title={A method for obtaining digital signatures and public-key 
    cryptosystems},
  author={Rivest, Ronald L and Shamir, Adi and Adleman, Len},
  journal={Communications of the ACM},
  volume={21},
  number={2},
  pages={120--126},
  year={1978},
  publisher={ACM},
  URL={https://dl.acm.org/citation.cfm?id=359342},
}