School of Information Studies, Syracuse University, New York, USA

 !  Prof. Joon S. Park - Selected Publications

Prof. Park has published 60+ security research papers in peer-refereed journals, conference/workshop proceedings, book chapters, and technical reports.

Peer-Refereed Journal/Book Articles, Conference Proceedings, and Patents

2009

  • Joseph V. Treglia and Joon S. Park. Towards trusted intelligence information sharing. In Proceedings of ACM SIGKDD Workshop on CyberSecurity and Intelligence Informatics (CSI-KDD), the 15th Conference on Knowledge Discovery and Data Mining, Paris, France, June 28 - July 1, 2009.

  • Joon S. Park, Hsin-Yang Lu, and Chia-Jung Tsui. Anti-spam approaches: analyses and comparisons. The Open Information Systems Journal, 2009. In press.

  • Joon S. Park, Pratheep Chandramohan, Avinash T. Suresh, and Joseph Giordano. Component survivability for mission-critical distributed systems. Journal of Automatic and Trusted Computing (JoATC), 2009. In press.

  • Joon S. Park, Shaikh Yasir Ahmed, and Rohit Mahajan. Prevention of ATM Fraud Using Fingerprints and PIN. In Proceedings of the International Conference on Security and Management (SAM). The World Congress in Computer Science, Computer Engineering, and Applied Computing (WORLDCOM), Las Vegas, Nevada, July 13-16, 2009 (Acceptance rate: 26%).

  • Joon S. Park, Jaeho Yim, and Jason Hallahan. Proactive detection of insider threats against Confidentiality in Sensitive Pervasive Applications. In Proceedings of the 11th International Conference on Enterprise Information Systems (ICEIS), 6-page poster, Milan, Italy, May 6-10, 2009.

  • Joseph V. Treglia and Joon S. Park. Technical, Social & Legal Barriers to Effective Information Sharing Among Sensitive Organizations. In Proceedings of iConference, 1500-word poster. Chapel Hill, North Carolina, February 8-11, 2009.

2008

  • Youngseek Kim, Jessica Howard, Sharad Ravindranath, and Joon S. Park. Problem Analyses and Recommendations in DRM Security Policies. In Proceedings of European Conference on Intelligence and Security Informatics (EuroISI), Esbjerg, Denmark, December 3-5, 2008.
  • Joon S. Park, Gaeil An, and Avinash Suresh. Multiple-aspect malicious code detection for component survivability in distributed computing environments. In Proceedings of the 20th IASTED International Conference on Parallel and Distributed Computing and Systems (PDCS), Orlando, Florida, Novemer 16-18, 2008.
  • Joon S. Park and Jill Lando. E-commerce: The benefits, security risks, and countermeasures. In Jatinder Gupta and Sushil Sharma, editors, Handbook of Research on Information Security and Assurance. pages 7–17. IDEA Group Publishing, 2008.
  • Gaeil An and Joon S. Park. Evolution of enterprise security federation. In Jatinder Gupta and Sushil Sharma, editors, Handbook of Research on Information Security and Assurance. pages 29–41. IDEA Group Publishing, 2008.

 

2007

  • Joon S. Park and Ganesh Devarajan. Fine-grained and scalable message protection in sensitive organizations. Journal of Software, 2(6):64-75, 2007.

  • Joon S. Park, Gaeil An, and Deepak Chandra. Trusted P2P computing environments with role-based access control (RBAC). IET (The Institution of Engineering and Technology, formerly IEE) Information Security, 1(1):27-35, March 2007. (Acceptance rate: 13.2%)
  • Gaeil An and Joon S. Park. Cooperative component testing architecture in collaborating network environment. In Proceedings of the 4th International Conference on Autonomic and Trusted Computing (ATC), Lecture Notes in Computer Science (LNCS), pages 179-190,Hong Kong, China, July 11-13, 2007. Springer. (Acceptance rate: 29%)
  • Joon S. Park and Joseph Giordano. Software component survivability in information warfare. In Cyber Warfare and Cyber Terrorism, pages 403-411, Information Science Reference, 2007.
  • Hsin-Yang Lu, Chia-Jung Tsui, and Joon S. Park. Anti-spam approaches against information warfare. In Cyber Warfare and Cyber Terrorism, pages 254-261, Information Science Reference, 2007.
  • Stephen Kelly, Joon S. Park, Bullent Yener, Jerry Carpraro, Dick Wood, and Phil Zaleski. Insider threat detection using host-based agent extensions. In Proceedings of the15th FiestaCrow Technical Symposium, San Antonio, Texas, April 23-25, 2007.
  • Joon S. Park and Ganesh Devarajan. Fine-grained and scalable approaches for message integrity. In Proceedings of the 40th Hawaii International Conference on Systems Sciences (HICSS-40), pages 1–9, Big Island, Hawaii, January 3-6, 2007. IEEE Computer Society.

2006

  • Gaeil An and Joon S. Park. Packet marking-based attack response for suspicious traffics on the Web. In Helger Lipmaa, Moti Yung, and Dongdai Lin, editors, Proceedings of the Conference on Information Security and Cryptology, volume 4318 of Lecture Notes in Computer Science (LNCS), pages 182–195, Beijing, China, Nov.29 - Dec.1, 2006. Springer. (Acceptance rate: 10.2%)

  • Joon S. Park, Avinash T. Suresh, Gaeil An, and Joseph Giordano. A framework of multiple-aspect component-testing for trusted collaboration in mission-critical systems. In Proceedings of the IEEE Workshop on Trusted Collaboration (TrustCol), Atlanta, Georgia, November 17-20, 2006. IEEE Computer Society.
  • Dipen Gala, SooKyung Kim, Poh-Shi Ko, Pei-Chih Yen, and Joon S. Park. Towards secure municipal wireless network (SMWN). In Proceedings of the U.S.-Korea Conference on Science, Technology, and Entrepreneurship (UKC), pages 1–12, Teaneck, New Jersey, August 10-13, 2006.
  • Joon S. Park and Joseph Giordano. The access control requirements for countering insider threats. In Sharad Mehrotra, Hsinchun Chen Daniel D. Zeng, Bhavani Thuraisingham, and Fei-Yue Wang, editors, Proceedings of the IEEE International Conference on Intelligence and Security Informatics (ISI), volume 3975 of Lecture Notes in Computer Science (LNCS), pages 529–534, San Diego, California, May 22-24, 2006. Springer.
  • Joon S. Park, Gautam Jayaprakash, and Joseph Giordano. Component integrity check and recovery against malicious codes. In Proceedings of the 20th IEEE International Conference on Advanced Information Networking and Applications (AINA), pages 466–470, Vienna, Austria, April 18-20, 2006. IEEE Computer Society.
  • Joon S. Park and Joseph Giordano. Role-based profile analysis for scalable and accurate insider-anomaly detection. In Proceedings of the 25th IEEE International Performance Computing and Communications Conference (IPCCC), pages 463–469, Phoenix, Arizona, April 10-12, 2006. IEEE Computer Society.

2005

  • Joon S. Park and Ashutosh Deshpande. Spam detection: Increasing accuracy with a hybrid solution. Information Systems Management (ISM), 23(1):57–67, Winter 2006 Issue, 2005. (Acceptance rate: 25%)

  • Joon S. Park and Tito Sierra. Security analyses for enterprise instant messaging (EIM). Information Systems Security (ISS), 14(1):26–39, March/April 2005.
  • Joon S. Park and Harish S. Krishnan. Trusted identity and session management using secure cookies. In Sushil Jajodia and Duminda Wijesekera, editors, Proceedings of the 19th Annual IFIP WG 11.3 Working Conference on Data and Application Security (DAS), volume 3654 of Lecture Notes in Computer Science (LNCS), pages 310–324, Storrs, Connecticut, August 7-10, 2005. Springer.
  • Joon S. Park, Pratheep Chandramohan, Ganesh Devarajan, and Joseph Giordano. Trusted component sharing by runtime test and immunization for survivable distributed systems. In Ryoichi Sasaki, Sihan Qing, Eiji Okamoto, and Hiroshi Yoshiura, editors, Security and Privacy in the Age of Ubiquitous Computing, pages127–142. Springer, 2005. Proceedings of the 20th IFIP TC11 International Conference on Information Security (IFIP/SEC), Chiba, Japan, May 30-June 1, 2005. (Acceptance rate: 27%)
  • Michael Manley, Cheri McEntee, Anthony Molet, and Joon S. Park. A framework of an effective wireless security policy for sensitive organizations. In Proceedings of the 6th IEEE Information Assurance Workshop (IAW), pages 150–157, West Point, New York, June 15-17, 2005. IEEE Computer Society.
  • Michael Manley, Cheri McEntee, Anthony Molet, and Joon S. Park. A framework of an effective wireless security policy for sensitive organizations. In Paul Kantor, Gheorghe Muresan, Fred Roberts, Daniel Zeng, Frei-YueWang, Hsinchun Chen, and Ralph Merkle, editors, Proceedings of the IEEE International Conference on Intelligence and Security Informatics (ISI), volume 3495 of Lecture Notes in Computer Science (LNCS), pages 629–630, Atlanta, Georgia, May 19-20, 2005. Springer. Extended abstract.
  • Robert DelZoppo, Eric Browns, Matt Downey, Elizabeth D. Liddy, Svetlana Symonenko, Joon S. Park, Shuyuan M. Ho, Michael DEredita, and Anand Natarajan. Situational awareness for countering insider threats: A multi-disciplinary approach. In Proceedings of the 14th FiestaCrow Technical Symposium, San Antonio, Texas, April 18-20, 2005.

2004

  • Joon S. Park, Pratheep Chandramohan, and Joseph Giordano. Component-abnormality detection and immunization for survivable systems in large distributed environments. In Proceedings of the 8th IASTED (International Association of Science and Technology for Development) Conference on Software Engineering and Application (SEA), pages 102–108, MIT, Cambridge, Massachusetts, November 8-10, 2004. ACTA Press.

  • Joon S. Park, Pratheep Chandramohan, and Joseph Giordano. Survivability models and implementations in large distributed environments. In Proceedings of the 16th IASTED (International Association of Science and Technology for Development) Conference on Parallel and Distributed Computing and Systems (PDCS), pages 491–497, MIT, Cambridge, Massachusetts, November 8-10, 2004. ACTA Press.

  • Joon S. Park and Abhishek Jain. A framework for trusted wireless sensor networks. In Csilla Farkas and Pierangela Samarati, editors, Research Directions in Data and Applications Security, pages 371–384. Kluwer Academic Publishers, 2004. Proceedings of the 18th IFIP WG 11.3 Working Conference on Data and Application Security, Sitges, Spain, July 25-28, 2004.

  • Joon S. Park, Pratheep Chandramohan, Artur Zak, and Joseph Giordano. Fine-grained, scalable, and secure key management scheme for trusted military message systems. In Proceedings of the IEEE Military Communications Conference (MILCOM), pages 1652–1658, Monterey, California, October 31 - November 3, 2004. IEEE Communications Society. (Acceptance rate: 20%)

  • Robert DelZoppo, Eric Browns, Matt Downey, Elizabeth D. Liddy, Svetlana Symonenko, Joon S. Park, Shuyuan M. Ho, Michael D’Eredita, and Anand Natarajan. A multi-disciplinary approach for countering insider threats. In Proceedings of the Workshop on Secure Knowledge Management (SKM), Amherst, New York, September 23-24, 2004.

  • Joon S. Park and Shuyuan Mary Ho. Composite role-based monitoring (CRBM) for countering insider threats. In Hsinchun Chen, Reagan Moore, Daniel D. Zeng, and John Leavitt, editors, Proceedings of the Symposium on Intelligence and Security Informatics (ISI), volume 3073 of Lecture Notes in Computer Science (LNCS), pages 201–213, Tucson, Arizona, June 2004. Springer.

  • Joon S. Park, Keith P. Costello, Teresa M. Neven, and Josh A. Diosomito. A composite RBAC approach for large, complex organizations. In Proceedings of the 9th ACM Symposium on Access Control Models and Technologies (SACMAT), pages 163–172, Yorktown Heights, New York, June 2-4, 2004. ACM Press. (Acceptance rate: 27.7%)

  • Joon S. Park and Pratheep Chandramohan. Static vs. dynamic recovery models for survivable distributed systems. In Proceedings of the 37th Hawaii International Conference on Systems Sciences (HICSS-37), pages 1–9, Big Island, Hawaii, January 5-8, 2004. IEEE Computer Society.

  • Joon S. Park, David P. Valiquette, and Rahul Balanadu. Prevention and detection of Internet worms. In Proceedings of the Hawaii International Conference on Computer Sciences, Honolulu, Hawaii, January 15-18, 2004.

2003

  • Joon S. Park and Derrick Dicoi. WLAN security: Current and future. IEEE Internet Computing, 7(5):60–65, September/October 2003.
  • Joon S. Park. Towards secure collaboration on the semantic Web. ACM Computers and Society, 33(2), 2003.
  • Joon S. Park, David P. Valiquette, and Rahul Balanadu. We could have been protected from the Code Red Internet worm. In Proceedings of the 4th Australian Information Warfare and IT Security Conference, pages 243–249, Adelaide, Australia, November 20-21, 2003.
  • Joon S. Park, Amarpreet Nanda, and James Howison. Security challenges and countermeasures in wireless networks. In Proceedings of the International Conference on Computer, Communication and Control Technologies (CCCT), pages 347–352, Orlando, Florida, July 31-August 2, 2003. International Institute of Informatics and Systemics (IIIS).
  • Joon S. Park and Junseok Hwang. Role-based access control for collaborative enterprise in peer-to-peer computing environment. In Proceedings of the 8th ACM Symposium on Access Control Models and Technologies (SACMAT), pages 93–99, Como, Italy, June 2-3, 2003. ACM Press.
  • Joon S. Park and Junseok Hwang. A middleware approach for SAINT (secure, automatic, interoperable, and transparent) peer-to-peer content services. In Proceedings of the 8th IEEE Symposium on Computers and Communications, pages 1047–1052, Antalya, Turkey, June 30-July 3, 2003. IEEE Computer Society.

2002 and Before

  • Dongwan Shin, Gail-Joon Ahn, and Joon S. Park. An application of directory service markup language (DSML) for role-based access control. In Proceedings of the 26th IEEE Annual International Computer Software and Applications Conference (COMPSAC), pages 934–939, Oxford, England, August 26-29, 2002. IEEE Computer Society.
  • Joon S. Park and Judith N. Froscher. A strategy for information survivability. In Proceedings of the 4th IEEE/CMU/SEI Information Survivability Workshop (ISW), pages 1–4, Vancouver, Canada, March 18-20, 2002. CERT Coordination Center. Invited position paper.
  • Joon S. Park, Ravi Sandhu, and Gail-Joon Ahn. Role-based access control on the Web. ACM Transactions on Information and System Security (TISSEC), 4(1):37–71, 2001.
  • Joon S. Park, Bruce Montrose, and Judith N. Froscher. Tools for information security assurance arguments. In Proceedings of the 2nd DARPA (The U.S. Defense Advanced Research Projects Agency) Information Survivability Conference and Exposition (DISCEX II), pages 287–296, Anaheim, California, June 12-14, 2001. IEEE Computer Society.
  • Myong H. Kang, Joon S. Park, and Judith N. Froscher. Access control mechanisms for inter-organization workflow. In Proceedings of the 6th ACM Symposium on Access Control Models and Technologies (SACMAT), pages 66–74, Chantilly, Virginia, May 3-4, 2001. ACM Press.
  • Junseok Hwang and Joon S. Park. Agent-based secure bandwidth transaction service mechanisms using RBAC models. In Proceedings of the 9th International Conference on Telecommunication Systems (ICTS), pages 1–12, Dallas, Texas, March 15-18, 2001.
  • Joon S. Park, Gail-Joon Ahn, and Ravi Sandhu. RBAC on the Web using LDAP. In Martin S. Oliver and David L. Spooner, editors, Database and Application Security, pages 19–30. Kluwer Academic Publishers, 2001. Proceedings of the 15th IFIP WG 11.3 Working Conference on Database and Application Security, Ontario, Canada, July 15-18, 2001.
  • Joon S. Park, Myong H. Kang, and Judith N. Froscher. A secure workflow system for dynamic cooperation. In Michel Dupuy and Pierre Paradinas, editors, Trusted Information: The New Decade Challenge, pages167–182. Kluwer Academic Publishers, 2001. Proceedings of the 16th IFIP TC11 International Conference on Information Security (IFIP/SEC), Paris, France, June 11-13, 2001.
  • Joon S. Park and Ravi Sandhu. Secure cookies on the Web. IEEE Internet Computing, 4(4):36–44, July/August 2000.
  • Joon S. Park and Ravi Sandhu. Binding identities and attributes using digitally signed certificates. In Proceedings of the 16th Annual Conference on Computer Security Application (ACSAC), pages 120–127, New Orleans, Louisiana, December 11-15, 2000. IEEE Computer Society.
  • Gail-Joon Ahn, Ravi Sandhu, Myong H. Kang, and Joon S. Park. Injecting RBAC to secure a Web-based workflow system. In Proceedings of the 5th ACM Workshop on Role-Based Access Control (RBAC), pages 1–10, Berlin, Germany, July 26-28, 2000. ACM Press.
  • Joon S. Park, Ravi Sandhu, and SreeLatha Ghanta. RBAC on the Web by secure cookies. In Vijayalakshmi Atluri and John Hale, editors, Research Advances in Database and Information Systems Security, pages 49–62. Kluwer Academic Publishers, 2000. Proceedings of the 13th IFIP WG 11.3 Working Conference on Database Security, Seattle, Washington, July 26-28, 1999.
  • Joon S. Park and Ravi Sandhu. RBAC on the Web by smart certificates. In Proceedings of the 4th ACM Workshop on Role-Based Access Control (RBAC), pages 1–9, Fairfax, Virginia, October 28-29, 1999. ACM Press.
  • Joon S. Park and Ravi Sandhu. Smart certificates: Extending X.509 for secure attribute service on the Web. In Proceedings of the 22nd National Information Systems Security Conference (NISSC), pages 337–348, Crystal City, Virginia, October 18-22, 1999. U.S. Government Printing Office.
  • Joon S. Park. A secure-cookie recipe for electronic transactions. In Proceedings of the U.S.-Korea Conference (UKC) on Science, Technology, Entrepreneurship, and Leadership, UCLA, Los Angeles, California, August 12-14,1999.
  • Ravi Sandhu and Joon S. Park. Decentralized user-role assignment for Web-based Intranets. In Proceedings of the 3rd ACM Workshop on Role-Based Access Control (RBAC), pages 1–12, Fairfax, Virginia, October 22-23, 1998. ACM Press.

 

Patents

  • Ravi Sandhu and Joon S. Park. System and apparatus for storage and transfer of secure data on the Web. U.S. Patent, US 6,985,953 B1, January 2006.

  • Joon S. Park. Role-based access control to computing resources in an inter-organizational community. U.S. Patent Pending, app# #60/934,256, June 2008.

  • Joon S. Park. Active access control system and method. U.S. Patent Pending, app# 61/066,566, February 2008.

 

Selected Non-Refereed Papers and Publicity

  • Joon S. Park. Internet safety. Interview with and quoted by The Post-Standard. October 3, 2007.

  • Joon S. Park. Challenges to advanced software-survivability in mission-critical systems. Homeland Defense Week, February 2007.

  • Lee McKnight, Mark Gaynor, Junseok Hwang, Joon S. Park, Hwa Chang, Amar Gupta, Bernhard Plattner, James Howison, Praveen Aravamudham, Ozlem Uzuner, and Bor rong Chen. Grid working draft, draft-ggf-lwmcknight-wgissues-0, Informational Track, Global Grid Forum (GGF), June 2003.

  • Joon S. Park. Comments on Bush Administration’s Cyberspace Security Draft. December 2002.

  • Joon S. Park and Judith N. Froscher. A hierarchical assurance structure for survivability (HASS) of large integrated systems. NRL Technical Report, U.S. Naval Research Laboratory, Washington, D.C., 2002.

  • Joon S. Park, Andrew Moore, Bruce Montrose, Beth Strohmayer, and Judith N. Froscher. A language, a methodology, and a tool to provide information security assurance arguments. NRL technical report, U.S. Naval Research Laboratory, Washington, DC, 2002.

  • Myong H. Kang, Joon S. Park, and Judith N. Froscher. An access control strategy for enterprise applications. NRL technical report, U.S. Naval Research Laboratory, Washington, DC, 2000.

  • Myong H. Kang, Joon S. Park, and Judith N. Froscher. A strategy of security services for enterprise applications. NRL Technical Report, U.S. Naval Research Laboratory, Washington, D.C., 2000.

 

Security Events

©2003 Joon S. Park HomePublicationsActivitiesCurrent ProjectsTeaching