Andy Ozment » Publications

Refereed Publications

Andy Ozment. “Improving Vulnerability Discovery Models: Problems with Definitions and Assumptions.” In the proceedings of the Third Workshop on Quality of Protection (QoP’07). October 29, 2007: Alexandria, VA, USA. [pdf]

Stuart E. Schechter, Rachna Dhamija, Andy Ozment, and Ian Fischer. “The Emperor’s New Security Indicators: An Evaluation of Website Authentication and the Effect of Role Playing on Usability Studies.” In the proceedings of the 2007 IEEE Symposium on Security and Privacy. May 20-23, 2007: Oakland, CA, USA. [pdf]

Andy Ozment and Stuart E. Schechter. “Milk or Wine: Does Software Security Improve with Age?” In the proceedings of the Fifteenth Usenix Security Symposium. July 31 - August 4, 2006: Vancouver, BC, Canada. [pdf] [html]

Andy Ozment and Stuart E. Schechter. “Bootstrapping the Adoption of Internet Security Protocols.” In the proceedings of the Fifth Workshop on the Economics of Information Security Security. June 26-28, 2006: Cambridge, UK. [pdf]

Andy Ozment, Stuart E. Schechter, and Rachna Dhamija. “Web Sites Should Not Need to Rely On Users to Secure Communications.” In the proceedings of the W3C Workshop on Transparency and Usability of Web Authentication. March 15-16, 2006: New York, NY, USA. [pdf]

Andy Ozment. “Software Security Growth Modeling: Examining Vulnerabilities with Reliability Growth Models.” In Quality of Protection: Security Measurements and Metrics. Dieter Gollman, Fabio Massacci, and Artsiom Yautsiukhin, eds. ISBN: 978-0-387-29016-4. Springer: 2006. [pdf] [Workshop]

Andy Ozment. “The Likelihood of Vulnerability Rediscovery and the Social Utility of Vulnerability Hunting.” In the proceedings of the Fourth Workshop on the Economics of Information Security (WEIS). June 2-3, 2005: Cambridge, MA, USA. [pdf]

Andy Ozment. “Bug Auctions: Vulnerability Markets Reconsidered.” In the proceedings of the Third Workshop on the Economics of Information Security (WEIS). May 13-14, 2004: Minneapolis, MN, USA. [pdf] [pdf slides]

Rupert Gatti, Stephen Lewis, Andy Ozment, Thierry Rayna, and Andrei Serjantov. “Sufficiently Secure Peer-to-Peer Networks.” In the proceedings of the Third Workshop on the Economics of Information Security (WEIS). May 13-14, 2004: Minneapolis, MN, USA. [pdf] [pdf slides]

Seymour E. Goodman, Pamela Hassebroek, Davis King, and Andy Ozment. “International Coordination to Increase the Security of Critical Network Infrastructures.” Journal of Information Warfare. ISSN: 1445-3312. 2:2:72-87. 2003.

Andy Ozment, Alison Smith, and Wendy Newstetter. “Causes for Cheating: Unclear Expectations in the Classroom.” In the proceedings of the 2000 ASEE Annual Conference and Exposition. June 2000: St Louis, MO, USA. [pdf]

Book Chapters

Ross Anderson, Tyler Moore, Shishir Nagaraja, and Andy Ozment. “Incentives and Information Security in Networks.” In Algorithmic Game Theory. Edited by Noam Nisan, Tim Roughgarden, Eva Tardos, and Vijay Vazirani. Cambridge University Press. To be published in 2007.