Honeypots : Concepts, Approaches and Challenges In 45th Annual Southeast Regional Conference. Winston-Salem, North Carolina, USA, 2007.
Honeypots: Tracking Hackers. Addison Wesley, 2002.
Quantifying the Attack Surface of a Web Application." In ISSE/Sicherheit 2010: Information Security Solutions Europe - Sicherheit, Lecture Notes in Informatics (LNI), 305-316. Vol. P-170. Bonner Köllen: Verlag, 2010. "
Reducing attack surface of a web application by open web application security project compliance." Defence science journal 62, no. 5 (2012): 324-330. "
Time-Aware Authority Ranking." Internet Mathematics 2, no. 3 (2004): 301-332. "
Google-bombing - Manipulating the PageRank Algorithm In Information Retrieval., 2013.
Pagerank Increase under Different Collusion Topologies." In Proceedings of the Workshop on Adversarial IR on the Web, 25-32., 2005. "
The Metric at the End of the Rainbow In The TIEMS USA 2017 Annual Conference Emergency Management, Homeland Security, and Computing., 2017.
Formal approach to security metrics. What does ‘more secure’ mean for you? In IEEE/ASME International Conference on Mechatronic and Embedded Systems and Applications., 2010.
An Attack Surface Metric." IEEE Transactions on Software Engineering 37, no. 3 (2011): 371-386. "
Assessing Attack Surface with Component- Based Package Dependency." In Network and System Security. Lecture Notes in Computer Science. Vol. 9408. Springer, Cham: NSS, 2015. "
A Formal Model for A System’s Attack Surface." In Moving Target Defense: Creating Asymmetric Uncertainty for Cyber Threats, 1-29., 2011. "