1 |
Hojun Lee, Seungjoo Kim, Sangjin Lee. "Evaluation Criteria for COVID-19 Contact Tracing Technology and Security Analysis," Korea Institute Of Information Security & Cryptology, Dec. 2020.
|
2 |
Carmela Troncoso. "Decentralized Privacy-Preserving Proximity Tracing," Arxiv, Apr. 2020.
|
3 |
Serge Vaudenay. "Analysis of DP3T Between Scylla and Charybdis," IACR, Apr. 2020.
|
4 |
Apple, Google, "Privacy-Preserving Contact Tracing ver 1.2 BY APPLE INC. AND GOOGLE INC," Apr. 2020.
|
5 |
Yaron Gvili. "SECURITY ANALYSIS OF THE COVID-19 CONTACT TRACING SPECIFICATIONS BY APPLE INC. AND GOOGLE INC," Arxiv, https://eprint.iacr.org/2020/428 Apr. 2020.
|
6 |
Joseph K. Liu, Man Ho Au, Tsz Hon Yuen, Cong Zuo, Jiawei Wang, Amin Sakzad, Xiapu Luo, and Li Li. "Privacy-Preserving COVID-19 Contact Tracing App: A Zero-Knowledge Proof Approach," Arxiv, Jul. 2020.
|
7 |
E. Ben-Sasson, A. Chiesa, E. Tromer, and M. Virza, "Succinct non-interactive zero knowledge for a von neumann architecture." USENIX Security Symposium, pp. 781-796. 2014.
|
8 |
WHO, "COVID 19 Public Health Emergency of International Concern," GLOPID-R, Feb. 2020.
|
9 |
UN High Commissioner, "The coronavirus outbreak is a test of our systems, values and humanity," UNHCR, Mar. 2020.
|
10 |
National Human Rights Chairman, "Corona19 Crisis, a test stand to verify human rights capabilities in our society," National Human Rights Commission, Apr. 2020.
|
11 |
Jung Yeon-je, "South korea is reporting intimate details of covid-19 cases: has it helped?," Nature, Mar. 2020.
|
12 |
Seo Hangi. "If the public announcement of the movement about Corona 19 is invading privacy? Can be corrected by appealing," yunhap news, Mar. 2020.
|
13 |
Lambert S, Ostwald T, Shostack A, Hernan, S. "Threat modeling uncover security design flaws using the stride approach," MSDN Magazine-Louisville, pp. 68-75. Nov. 2016.
|
14 |
Marco M, Tony U. "Risk Centric Threat Modeling: Process for Attack Simulation and Threat Analysis," pp. 1-696. John Wiley Sons, May. 2015.
|
15 |
James S, Carol W, Christopher A, Audrey D. "Introduction to the OCTAVE Approach," SEI, pp. 1-37. Sep. 2003.
|
16 |
"ETSI TS 102 165-1 v4.2.3 - Telecommunications and Internet converged Services and Protocols for Advanced Networking(TISPAN); Methods and protocols; Part 1: Method and proforma for Threat, Risk, Vulnerability Analysis," pp. 1-79. Mar. 2011.
|
17 |
James S, Carol W, Christopher A, Audrey D. "Systems thinking for safety and security," Proceedings of the 29th Annual Computer Security Applications Conference, pp. 1-8. Dec. 2013.
|
18 |
Joosen W, Wuyts K. "LINDDUN privacy threat modeling: a tutorial," pp. 1-38. Jul. 2015.
|
19 |
Shull F, Vemuru K, Villadsen O, Mead N. "A Hybrid Threat Modeling Method," Carnegie Mellon University - Software Engineering Institute, pp. 1-53. Mar. 2018.
|
20 |
Nist, "CVE-2020-6616," https://nvd.nist.gov/vuln/detail/ CVE-2020-6616, Aug. 2020.
|
21 |
Nist, "CVE-2020-0022," https://nvd.nist.gov/vuln/detail/ CVE-2020-0022, Feb. 2020.
|
22 |
Nist, "CVE-2020-9023," https://nvd.nist.gov/vuln/detail/ CVE-2020-9023, Feb. 2020.
|
23 |
Depoux A, Martin S, Karafillakis E, Preet R, Wilder-Smith A, Larson H. "The pandemic of social media panic travels faster than the COVID-19 outbreak," J Travel Med. May. 2020.
|
24 |
ARMIS, "Exploiting BlueBorne," https://www.armis.com/blueborne/ Blackhat, Sep. 2017.
|
25 |
Veelasha Moonsamy, Lynn Batten, "Mitigating man-in-the-middle attacks on smartphones," Australian Information Security Management Conference, Jan. 2014.
|
26 |
Slawomir Jasek, "GATTacking Bluetooth Smart Devices," Black hat USA conference, 2016.
|
27 |
Sam Bowne, "Making an SSL Auditing Proxy with a Mac and Burp," samsclass, 2015.
|
28 |
CheckPoint, "CallJam," https://blog.checkpoint.com/2016/09/08/calljam-android-malware-found-on-google-play/, Sep. 2016.
|
29 |
Grant Bugher, "CRNG Cracked," http://perimetergrid.com/wp/2008/05/17/ubuntudebian-crng-cracked-ssh-vulnerable/, May. 2008.
|
30 |
Jide S. Edu, Jose M. Such, and Guillermo Suarez-Tangil. "Smart Home Personal Assistants: A Security and Privacy Review," ACM Comput, Dec. 2020.
|
31 |
Thomas Willingham, Cody Henderson, Blair Kiel, Md Shariful Haque, and Travis Atkison. "Testing vulnerabilities in bluetooth low energy," ACMSE, Mar. 2018.
|
32 |
Bluetooth SIG. "Core Specification," https://www.bluetooth.com/specifications/bluetooth-core-specification 5.2, Dec. 2019.
|
33 |
Nist, "CVE-2020-9770," https://nvd.nist.gov/vuln/detail/ CVE-2020-9770, Apr. 2020.
|
34 |
Becker, Johannes & Li, David & Starobinski, David. "Tracking Anonymized Bluetooth Devices," Proceedings on Privacy Enhancing Technologies. Jul. 2019.
|
35 |
Or Ami, Yuval Elovici, and Danny Hendler. "Ransomware prevention using application authentication-based file access control," SAC, Apr. 2018.
|
36 |
Hyman, David A. and Kovacic, William E., "Implementing Privacy Policy: Who Should Do What?," GWU Legal Studies Research Paper, Feb. 2018.
|
37 |
A. Agarwal. "Vast methodology: Visual, agile, and simple threat modeling," Prescott Valley, 2016.
|
38 |
L. Scripcariu, F. Diaconu, P. D. Matasaru and L. Gafencu, "AES Vulnerabilities Study," ECAI, Jun. 2018.
|
39 |
Tadayoshi K, Tamara D, Batya F. Poster, "The security cards: a security threat brainstorming toolkit," University of Washington, 2013.
|
40 |
Larcom B, Eddington M, Saitta, P. "Trike v1 methodology document," pp. 1-17. Jul. 2005.
|
41 |
Bradley Potteiger, Goncalo Martins, Xenofon Koutsoukos. "Software and attack centric integrated threat modeling for quantitative risk assessment," In Proceedings of the Symposium and Bootcamp on the Science of Security, pp. 99-108. Potteiger, Apr. 2016.
|
42 |
Kristian Beckers, "Comparing Privacy Requirements Engineering Approaches," 2012 7th IEEE International Conference on Availability, Reliability and Security(ARES), pp. 574-581, Aug. 2012.
|
43 |
W. Diffie, E. Hellman, "New Directions in Cryptography," IEEE Transaction on theory, Nov. 1976.
|
44 |
Microsoft, "Microsoft threat modeling tool threats," microsoft docs. Aug. 2017.
|