Journal Articles

  1. Arunesh Mishra, Suman Banerjee, and William Arbaugh, ``Weighted Coloring based Channel Assignment for WLANs,'' To appear in Mobile Computing and Communications Review , 2005.

  1. Min-ho Shin, Justin Ma, Arunesh Mishra and William Arbaugh, ``Wireless Network Security and Interworking,'' To appear in the Proceedings of the IEEE , 2005.

  1. Arunesh Mishra, Nick L. Petroni, and William A. Arbaugh, ``Security Issues in IEEE 802.11 Wireless Local-Area Networks: A Survey,'' Wireless Communications and Mobile Computing Journal , vol. 4, no. 8, pp. 821-833, 2004.

  1. Arunesh Mishra, Min Ho Shin, Nick L. Petroni Jr., T. Charles Clancy, and William A. Arbaugh, ``Proactive Key Distribution Using Neighbor Graphs,'' IEEE Wireless Communications , vol. 11, February 2004.

  1. R. Housley and W. A. Arbaugh, ``WLAN Problems and Solutions,'' Communications of the ACM , vol. 46, pp. 31 - 34, May 2003.

  1. A. Mishra, M. ho Shin, and W. A. Arbaugh, `` An Analysis of the Layer 2 Handoff costs in Wireless Local Area Networks ,'' ACM Computer Communications Review , vol. 33, no. 2, pp. 93 - 102, 2003.

  1. Nick L. Petroni Jr. and William A. Arbaugh, ``The Dangers of Mitigating Security Design Flaws: A Wireless Case Study,'' IEEE Security and Privacy Magazine , vol. 1, pp. 28 - 36, January/February 2003.

  1. W. A. Arbaugh, N. Shankar, J. Wang, and K. Zhang, ``Your 802.11 network has no clothes,'' IEEE Wireless Communications Magazine , vol. 9, pp. 44 - 51, December 2002.

  1. D. S. Alexander, P. B. Menage, A. D. Keromytis, W. A. Arbaugh, K. G. Anagnostakis, and J. M. Smith, `` The Price of Safety in an Active Network ,'' Journal of Communications and Networks (JCN), special issue on programmable switches and routers , vol. 3, pp. 4 - 18, March 2001.

  1. W. A. Arbaugh, W. L. Fithen, and J. McHugh, `` Windows of Vulnerability: A Case Study Analysis ,'' IEEE Computer , vol. 33, pp. 52-59, December 2000.

  1. D. S. Alexander, W. A. Arbaugh, A. D. Keromytis, and J. M. Smith, `` Secure Quality of Handling (SQoSH) ,'' IEEE Communications Magazine , vol. 38, no. 4, pp. 106-112, 1999.

  1. D. S. Alexander, W. A. Arbaugh, A. D. Keromytis, and J. M. Smith, `` Safety and Security of Programmable Network Infrastructures ,'' IEEE Communications Magazine , vol. 36, no. 10, pp. 84-92, 1998.

  1. W. A. Arbaugh, J. R. Davin, D. J. Farber, and J. M. Smith, ``Security for Virtual Private Intranets,'' IEEE Computer , pp. 48-55, September 1998.

  1. D. S. Alexander, W. A. Arbaugh, M. Hicks, P. Kakkar, A. D. Keromytis, J. T. Moore, C. A. Gunter, S. M. Nettles, and J. M. Smith, `` The SwitchWare Active Network Architecture ,'' IEEE Network Magazine , vol. 12, no. 3, pp. 29-36, 1998.

  1. D. S. Alexander, W. A. Arbaugh, A. D. Keromytis, and J. M. Smith, `` A Secure Active Network Environment: Realization in Switchware ,'' IEEE Network Magazine , vol. 12, no. 3, pp. 37-45, 1998.


  1. A Secure Bootstrap Process. US Patent #6,185,678. William A. Arbaugh, David J. Farber, Jonathan M. Smith, and Angelos Keromytis.

Conference Publications

  1. Z. Yu, C.-Y. Seng, T. Jiang, X. Wu, and W. Arbaugh, ``Robust routing in malicious environment for ad hoc networks.,'' in The First Information Security Practice and Experience Conference , pp. 36-47, Apr. 2005.

  1. Y. Yuan and W. A. Arbaugh, ``A Secure Service Discovery Protocol for MANET,'' in International Symposium on Personal, Indoor and Mobile Radio Communications , pp. 502 - 506, 2003.

  1. High-Performance MAC for High-Capacity Wireless LANs , IEEE, 2004.

  1. Y. Yuan, D. Gu, W. Arbaugh, and J. Zhang, ``Achieving packet-level quality of service through scheduling in multirate WLANs,'' in IEEE Vehicular Technology Conference (VTC), VTC Fall 2004 , Sept. 2004.

  1. Nick L. Petroni Jr., Tim Fraser, Jesus Molina, and William A. Arbaugh, ``Copilot- A Coprocessor-based Kernel Runtime Integrity Monitor,'' in Proceedings of the 11th USENIX Security Symposium , pp. 179-194, August 2004.

  1. Min-ho Shin, Arunesh Mishra, and William A. Arbaugh, ``An Efficient Handoff Scheme in IEEE 802.11 using Neighbor Graphs,'' in Proceedings of the Second International Conference on Mobile Systems, Applications, and Services , 2004.

  1. Arunesh Mishra, Min-ho Shin, and William A. Arbaugh, ``Context Caching using Neighbor Graphs for Fast Handoffs in a Wireless Network,'' in Proceedings of the 23rd Conference on Computer Communications (INFOCOM) , March 2004.

  1. Rakesh Bobba, Laurent Eschenauer, Virgil Gligor, and William Arbaugh, ``Bootstrapping Security Associations for Routing in Mobile ad-hoc Networks,'' in Global Telecommunications Conference (GLOBECOM), 2003 , vol. 3, pp. 1511 - 1515, IEEE.

  1. A. Khalili, J. Katz, and W. A. Arbaugh, ``Toward Secure Key Distribution in Truly Ad-Hoc Networks,'' in IEEE Workshop on Security and Assurance in Ad-Hoc Networks in conjunction with the 2003 International Symposium on Applications and the Internet , pp. 342-346, IEEE Computer Society, January 2003.

  1. J. Molina and W. A. Arbaugh, `` Using Independent Auditors as Intrusion Detection Systems ,'' in Proceedings of the Fourth International Conference on Information and Communications Security (S. Qing, F. Bao, and J. Zhou, eds.), vol. 2513 of LNCS , pp. 291 - 302, 2002.

  1. W. A. Arbaugh, `` Active Systems Management: The Evolution of Firewalls ,'' in Invited paper to the Third International Workshop on Information Security Applications , pp. 19-30, August 2002.

  1. W. A. Arbaugh, N. Shankar, and J. Wang, `` Your 802.11 Network has no Clothes ,'' in Proceedings of the First IEEE International Conference on Wireless LANs and Home Networks , pp. 131 - 144, December 2001.

  1. N. Itoi, W. A. Arbaugh, S. Pollack, and D. M. Reeves, `` Personal Secure Booting ,'' in Proceedings of the Sixth Australian Conference on Information Security and Privacy , pp. 130 - 144, July 2001.

  1. H. Browne, W. A. Arbaugh, J. McHugh, and W. L. Fithen, `` A Trend Analysis of Exploitations ,'' in Proceedings of the 2001 IEEE Symposium on Security and Privacy , pp. 214 - 229, May 2001.

  1. W. A. Arbaugh, A. D. Keromytis, and J. M. Smith, `` DHCP++: Applying an efficient implementation method for fail-stop cryptographic protocols ,'' in Proceedings of Global Internet (GlobeCom) '98 , November 1998.

  1. W. A. Arbaugh, A. D. Keromytis, D. J. Farber, and J. M. Smith, `` Automated Recovery in a Secure Bootstrap Process ,'' in Proceedings of Network and Distributed System Security Symposium , pp. 155-167, Internet Society, March 1998.

  1. W. A. Arbaugh, D. J. Farber, and J. M. Smith, `` A Secure and Reliable Bootstrap Architecture ,'' in Proceedings 1997 IEEE Symposium on Security and Privacy , pp. 65-71, May 1997.

Other Publications

  1. T. C. Clancy and W. Arbaugh, ``Eap password authenticated exchange,'' May 2004.

  1. T. C. Clancy, N. Petroni, and W. Arbaugh, ``Technique for method-specific fast eap rekeying,'' February 2004.

  1. W. A. Arbaugh, ``The Real Risk of Digital Voting,'' IEEE Computer , vol. 37, pp. 124 - 125, December 2004.

  1. W. A. Arbaugh, ``A Patch in Nine Saves Time,'' IEEE Computer , vol. 37, pp. 82 - 83, June 2004.

  1. W. A. Arbaugh, ``Firewalls: An Outdated Defense,'' IEEE Computer , vol. 36, pp. 112 - 113, June 2003.

  1. W. A. Arbaugh, ``Wireless Security is Different,'' IEEE Computer , vol. 36, pp. 99 - 101, August 2003.

  1. N. Shankar and W. A. Arbaugh, ``On Trust for Ubiquitous Computing,'' in Invited paper in Workshop on Security for Ubiquitous Computing, UBICOMP , October 2002.

  1. Z. Yu, T. Jiang, X. Wu, and W. A. Arbaugh, ``Risk Based Probablistic Routing for Ad Hoc Networks.'' Peer reviewed poster session at Wireless Security Workshop in conjunction with Mobicom, September 2002.

  1. W. A. Arbaugh, ``Improving the TCPA,'' IEEE Computer , vol. 35, pp. 77 - 79, August 2002.

  1. W. A. Arbaugh, ``Security: Technical, Social, and Legal Challenges,'' IEEE Computer , vol. 35, pp. 109 - 111, February 2002.

  1. A. Mishra and W. A. Arbaugh, `` An Initial Security Analysis of the IEEE 802.1X Standard ,'' Tech. Rep. CS-TR-4328, University of Maryland, College Park, February 2002.

  1. W. A. Arbaugh and L. van Doorn, ``Special Issue on Embedded Systems Security,'' IEEE Computer , pp. 11 - 13, October 2001.

  1. L. van Doorn, G. Ballintijn, and W. A. Arbaugh, `` Design and Implementation of Signed Executables for Linux ,'' Tech. Rep. CS-TR-4259, University of Maryland, College Park, June 2001.

  1. N. Shankar, W. A. Arbaugh, and K. Zhang, `` A Transparent Key Management Scheme for Wireless LANs Using DHCP ,'' Tech. Rep. HPL-2001-227, HP Laboratories, 2001.

  1. R. Droms and W. Arbaugh, `` Authentication for DHCP Messages .'' RFC 3118, June 2001.

  1. W. A. Arbaugh, Chaining Layered Integrity Checks .
    PhD thesis, University of Pennsylvania, 1999.

Talks and Presentations

  1. Wireless Local Area Network Security

    -SANS Network Security, To be given October 2001.

    -COMDEX Fall, Las Vegas, To be given November 2001.

    -IBM T.J. Watson Research, June 2001.

    -Mitretek, June 2001.


  2. An Inductive Chosen Plaintext Attack Against WEP/WEP2, IEEE 802.11 TGi Working Group, Orlando, May 2001.

  3. Bootstrap related Security Issues, San Diego Supercomputer Center, University of California, San Diego, February 1999.

  4. Computer Security Issues:

    - The President's Commission on Criticalnfrastructure Protection, January 1997.

    - Director of Central Intelligence Designate), Anthony Lake, January 1997.

    - Secretary of Defense, William J. Perry, November 1996. - Chairman of the Joints Chiefs of Staff, General John Shalikashvili, June 1996.

    - Deputy Director of Central Intelligence, George J. Tenet, May 1996.

    - Senator Daniel Patrick Moynihan, April 1996.

    - Senator Barbara A. Mikulski, April 1996.


  5. A Secure and Reliable Bootstrap Architecture:

    - The Platform Architecture Laboratory, Intel Corporation, June 1997.

    - Microsoft Reseearch, July 1997.

 ACM mandated notice: The documents contained in theseirectories are included by the contributing authors as a means to insure timely dissemination of scholarly and technical work on a non-commercial basis. Copyright and all rights therein are maintained by the authors or by other copyright holders, not withstanding that they have offered their works here electronically. It is understood that all persons copying this information will adhere to the terms and constraints invoked by each author's copyright. These works may not be reposted without the explicit permission of the copyright holder.