http://intelreport.mandiant.com/Mandiant_APT1_Report.pdf

http://www.sciencedirect.com/science/article/pii/S0167404813001661/pdfft?md5=68fecd71b93cc108c015cac1ddb0d430&pid=1-s2.0-S0167404813001661-main.pdf

http://www.dtic.mil/dtic/tr/fulltext/u2/a517635.pdf

http://oai.dtic.mil/oai/oai?verb=getRecord&metadataPrefix=html&identifier=ADA590672

http://www.insaonline.org/i/d/a/Resources/Cyber_Intelligence.aspx

http://www.insaonline.org/i/d/a/Resources/OCI_wp.aspx

http://www.insaonline.org/CMDownload.aspx?ContentKey=71a12684-6c6a-4b05-8df8-a5d864ac8c17&ContentItemKey=197cb61d-267c-4f23-9d6b-2e182bf7892e

https://www.mwrinfosecurity.com/system/assets/909/original/Threat_Intelligence_Whitepaper.pdf

http://digitalcommons.liberty.edu/si/vol1/iss3/2

http://energy.gov/sites/prod/files/oeprod/DocumentsandMedia/OpSec_Recommended_Practice.pdf

http://www.lockheedmartin.com/content/dam/lockheed/data/corporate/documents/LWhite-Paper-Intel-Driven-Defense.pdf

https://attack.mitre.org/wiki/Main_Page

https://attack.mitre.org/wiki/File:9_tactics.png

http://stix.mitre.org/

http://taxii.mitre.org/

http://www.mitre.org/sites/default/files/pdf/cyber_defense_playbook.pdf

http://www.dtic.mil/docs/citations/ADA586960#_blank%23Diamond%20Model%20of%20Intrusion%20Analysis%20Technical%20Report%20ADA586960

http://intellit.muskingum.edu/alpha_folder/H_folder/Heuer_on_NosenkoV1.pdf

http://cdn.preterhuman.net/texts/government_information/intelligence_and_espionage/Spy.Wars.pdf

https://attack.mitre.org/wiki/Legitimate_Credentials

http://www.all.net/dtk/

http://www.projecthoneypot.org

http://dionaea.carnivore.it/

http://www.verizonenterprise.com/DBIR/

http://goo.gl/5lwZup

http://goo.gl/yr55Cp

http://labrea.sourceforge.net/labrea-info.html

http://www.symantec.com/connect/articles/honeytokens-other-honeypot

http://goo.gl/Typwi4

http://www.danford.net/boyd/essence.htm

http://goo.gl/r9ctmG

http://goo.gl/e5IOj1

http://owasptop10.googlecode.com/files/OWASP Top 10 - 2013.pdf

http://www.nytimes.com/2014/02/25/world/middleeast/obama-worried-about-effects-of-waging-cyberwar-in-syria.html

http://www.fiercegovernmentit.com/story/new-dod-program-office-create-cyber-equivalent-joint-munitions-effectivenes/2015-10-14

http://www.iseclab.org/projects/ttanalyze/

http://www8.hp.com/us/en/software-solutions/siem-security-information-event management/

http://www.splunk.com/

http://www.flowtraq.com/

http://www.snort.com/

http://www.mcafee.com/us/

http://www.tripwire.com/

http://openmalware.org

http://virusshare.com

http://lists.clean-mx.com/pipermail/viruswatch/

http://www.cuckoosandbox.org/

http://msdn.microsoft.com/en-us/library/

http://www.bloomberg.com/bw/articles/2014-02-21/neiman-marcus-hackers-set-off-60-000-alerts-while-bagging-credit-card-data

http://faculty.nps.edu/ncrowe/mildec.htm

http://en.wikipedia.org/wiki/Sleight_of_hand

http://www.youtube.com/watch?v=oXGr76CfoCs

https://github.com/simsong/tcpflow

https://media.defcon.org/

http://nmap.org/misc/defeat-nmap-osdetect.html

http://www.whitehouse.gov/

http://www.tenable.com/blog/enhanced-operating-system-identification-with-nessus

http://www.sans.org/security-resources/idfaq/amap.php

http://lcamtuf.coredump.cx/p0f3/

http://httpd.apache.org

http://clang.llvm.org

http://lwn.net/Articles/495304

http://criu.org

http://clang.llvm.org/docs/DataFlowSanitizer.html

https://code.google.com/p/protobuf

https://developers.google.com/speed/articles/web-metrics

http://www.lighttpd.net

http://linuxcontainers.org

http://news.netcraft.com/archives/2014/02/07

http://nginx.org

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6271

http://www.ohloh.net/p/apache

http://www.akamai.com

http://www.virtela.net/platforms/virtualized-overlay-networking/

http://www.aryaka.com/

http://research.microsoft.com/en-us/um/redmond/projects/z3/

http://yices.csl.sri.com/

http://www.planet-lab.org

http://dev.maxmind.com/geoip/legacy/geolite/

http://en.wikipedia.org/wiki/Geographical_distance

http://www.cs.bu.edu/brite/

http://blog.cloudflare.com/technical-details-behind-a-400gbps-ntp-amplification-ddos-attack

https://www.torproject.org/

https://www.torproject.org/about/overview.html.en

http://rapsinews.com/news/20150417/273569361.html

http://dx.doi.org/10.1109/JISIC.2014.18

http://doi.acm.org/10.1145/2508859.2516674

https://blog.torproject.org/blog/tor-security-advisory-old-tor-browser-bundles-vulnerable

http://dx.doi.org/10.1109/ISI.2015.7165944

http://dx.doi.org/10.1016/S1353-4858(14)70042-X

http://www.fsf.org/news/2010-free-software-awards-announced

https://download.i2p2.de/media/i2pcon/2015/slides/I2PCon-2015-zzz-GrowingTheNetwork.pdf

https://geti2p.net/en/docs/how/tech-intro

https://geti2p.net/en/docs/how/threat-model

https://geti2p.net/en/

http://www.torproject.org/docs/faq.html.en

https://blog.torproject.org/blog/tor-security-advisory-relay-early-traffic-confirmation-attack

https://xmpp.org/xmpp-software/servers/

http://www.blackhat.com/presentations/bh-usa-07/Perry/Presentation/bh-usa-07-perry.pdf

http://hal.inria.fr/inria-00632259/PDF/TMA2012-LNCS.pdf, 2011

http://dx.doi.org/10.1007/978-3-319-32699-3_1

http://mitre.org

http://doi.ieeecomputersociety.org/10.1109/MC.2015.104F.J.Stech

http://blogs.mcafee.com/mcafee-labs/analyzing-the-target-point-of-sale-malware/andFahmidaY.Rashid

http://www.securityweek.com/how-cybercriminals-attacked-target-analysis2JimSciutto

http://www.cnn.com/2015/07/09/politics/ofce-of-personnel-management-data-breach-20-million/JasonDevaney

http://www.newsmax.com/Newsfront/cyberattacks-Homeland-Security-Tom-Carper-OMB/2015/03/04/id/628279/3Advancedpersistentthreats

https://en.wikipedia.org/wiki/Advanced_persistent_threatAusefulsimpleintroductionandoverviewisSymantec,�AdvancedPersistentThreats:ASymantecPerspective�PreparingtheRightDefensefortheNewThreatLandscape,�nodate.http://www.symantec.com/content/en/us/enterprise/white_papers/b-advanced_persistent_threats_WP_21215957.en-us.pdfAdetaileddescriptionofanAPTisMandiant

http://www.mandiant.com

http://intelreport.mandiant.com/Mandiant_APT1_Report.pdf4TheU.S.DepartmentofDefense

http://www.sciencedirect.com/science/article/pii/S0167404813001661/pdfft?md5=68fecd71b93cc108c015cac1ddb0d430&pid=1-s2.0-S0167404813001661-main.pdfInboththeDOD�sandDenning�sdenitions,actionsaredefensive.ThusACDisNOTthesameashackingback,offensivecyberoperations,orpreemption.However,ACDoptionsareactiveandcaninvolveactionsoutsideofone�sownnetworkorenterprise,forexample,collectinginformationonattackersandsharingtheinformationwithotherdefenders.5�Tactics,techniques,andprocedures

http://www.dtic.mil/dtic/tr/fulltext/u2/a517635.pdf6JeffreyRulequotesitscreator,JohnR.Boyd,describingtheOODAloop:�orientationshapesobservation,shapesdecision,shapesaction,andinturnisshapedbythefeedbackandotherphenomenacomingintooursensingorobservingwindow.:::theentire�loop�

http://oai.dtic.mil/oai/oai?verb=getRecord&metadataPrex=html&identier=ADA590672RuleandotherexponentsoftheOODAloopconceptseetheutilityofD&DtoisolatetheadversaryinsidetheirownOODAloopandthusseparatetheadversaryfromreality.OsingaseesBoyd�sOODAtheoryasafrmingtheuseofdeceptionagainsttheadversary�sOODAloop:�Employavarietyofmeasuresthatinterweavemenace,uncertaintyandmistrustwithtanglesofambiguity,deceptionandnoveltyasthebasistoseveranadversary�smoraltiesanddisorientortwisthismentalimagesandthusmask,distortandmagnifyourpresenceandactivities.�FransP.B.Osinga

http://doi.ieeecomputersociety.org/10.1109/MC.2015.104andKristinE.HeckmanandFrankJ.Stech

http://www.insaonline.org/i/d/a/Resources/Cyber_

http://www.insaonline.org/i/d/a/Resources/OCI_wp.aspx;CyberIntelligenceTaskForce

http://www.insaonline.org/CMDownload.aspx?ContentKey=71a12684-6c6a-4b05-8df8-a5d864ac8c17&ContentItemKey=197cb61d-267c-4f23-9d6b-2e182bf7892e;DavidChis-monandMartynRuks

http://Evaluating.mwrin-fosecurity.com

http://CPNI.gov.uk

http://www.mwrinfosecurity.com/system/assets/909/original/Threat_Intelligence_Whitepaper.pdf8Theconceptof�cyberoperationssecurity

http://digitalcommons.liberty.edu/si/vol1/iss3/2SeealsoMarkFabro,VincentMaio

http://energy.gov/sites/prod/les/oeprod/DocumentsandMedia/OpSec_Recommended_Practice.pdf

http://Evaluating.mwrinfosecurity.com

http://www.mwrinfosecurity.com/system/assets/909/original/Threat_Intelligence_Whitepaper.pdf

https://attack.mitre.org/wiki/Main_PagefordetailsontheATT&CKmodelandframework.

https://attack.mitre.org/wiki/File:9_tactics.pngincludestheTTPsadversariesusetomakedecisions,expandaccess,andexecutetheirobjectives.ATT&CKdescribesanadversary�sstepsatahighenoughleveltobeappliedwidelyacrossdifferentplatforms,whilemaintainingenoughdetailstobetechnicallyapplicabletocyberdefensesandresearch.TheninetacticcategoriesforATT&CK

http://stix.mitre.org

http://taxii.mitre.org

http://www.mitre.org/sites/default/les/pdf/cyber_defense_playbook.pdf17SergioCaltagirone,AndrewPendergast,andChristopherBetz,�DiamondModelofIntrusionAnalysis,�CenterforCyberThreatIntelligenceandThreatResearch,Hanover,MD,TechnicalReportADA586960,05July2013.

http://intellit.muskingum.edu/alpha_folder/H_folder/Heuer_on_NosenkoV1.pdfHowever,�blowing�anactualmolewithadoubleplayisatypicalofwhatCIAcounterintelligenceagent,TennentBagley,called�HidingaMole,KGB-Style.�HequotesKGBcolonelVictorCherkashinasadmittingtheKGBdangled�AlexanderZhomov,anSCD[SecondChiefDirectorate]ofcer,�inan�elaboratedouble-agentoperationinMoscowinthelate1980stoprotect[notexpose]Ames[theKGB�smoleintheCIA].�TennentH.Bagley

https://attack.mitre.org/wiki/Legitimate_Credentialscapabilities,andthesetofmitigationsdenedfortheLegitimateCredentialsATT&CKTTP

http://ksu.edu.sa

http://purdue.edu

http://www.all.net/dtk/.2http://www.projecthoneypot.org.

http://3www.honeynet.org

http://dionaea.carnivore.it/.

http://geerte-hofstede.com

http://services.TheworkofMurphyetal.in

http://www.verizonenterprise.com/DBIR/.2.J.J.Yuill,DefensiveComputer-SecurityDeceptionOperations:Processes,PrinciplesandTechniques.PhDDissertation,NorthCarolinaStateUniversity,2006.3.B.Cheswick,�AnEveningwithBerferdinWhichaCrackerisLured,Endured,andStudied,�inProceedingsofWinterUSENIXConference,

http://goo.gl/5lwZup,2011.6.L.Spitzner,Honeypots:TrackingHackers.Addison-WesleyReading,2003.7.G.H.KimandE.H.Spafford,�ExperienceswithTripwire:UsingIntegrityCheckersforIntrusionDetection,�tech.rep.,DepartmentofComputer,PurdueUniversity,WestLafayette,IN,1994.8.D.Dagon,X.Qin,G.Gu,W.Lee,J.Grizzard,J.Levine,andH.Owen,�Honeystat:LocalWormDetectionUsingHoneypots,�inRecentAdvancesinIntrusionDetection,pp.39�58,Springer,2004.9.C.Fiedler,�SecureYourDatabasebyBuildingHoneyPotArchitectureUsingaSQLDatabaseFirewall.�http://goo.gl/yr55Cp.10.C.Mulliner,S.Liebergeld,andM.Lange,�Poster:Honeydroid-CreatingaSmartphoneHoneypot,�inIEEESymposiumonSecurityandPrivacy,2011.11.M.W�hlisch,A.Vorbach,C.Keil,J.Sch�nfelder,T.C.Schmidt,andJ.H.Schiller,�Design,Implementation,andOperationofaMobileHoneypot,�tech.rep.,CornellUniversityLibrary,2013.12.C.Seifert,I.Welch,andP.Komisarczuk,�Honeyc:TheLowInteractionClientHoneypot,�Proceedingsofthe2007NZCSRCS,2007.13.K.G.Anagnostakis,S.Sidiroglou,P.Akritidis,K.Xinidis,E.Markatos,andA.D.Keromytis,�DetectingTargetedAttacksUsingShadowHoneypots,�inProceedingsofthe14thUSENIXSecuritySymposium,2005.14.D.Moore,V.Paxson,S.Savage,C.Shannon,S.Staniford,andN.Weaver,�InsidetheSlammerWorm,�IEEESecurity&Privacy,vol.1,no.4,pp.33�39,2003.15.T.Liston,�LaBrea:�Sticky�HoneypotandIDS.�http://labrea.sourceforge.net/labrea-info.html,2009.

http://www.all.net/dtk/,1998.17.N.Rowe,E.J.Custy,andB.T.Duong,�DefendingCyberspacewithFakeHoneypots,�JournalofComputers,vol.2,no.2,pp.25�36,2007.18.T.HolzandF.Raynal,�DetectingHoneypotsandOtherSuspiciousEnvironments,�inInformationAssuranceWorkshop,pp.29�36,IEEE,2005.19.C.KreibichandJ.Crowcroft,�Honeycomb:CreatingIntrusionDetectionSignaturesUsingHoneypots,�ACMSIGCOMMComputerCommunicationReview,vol.34,no.1,pp.51�56,2004.20.D.Moore,C.Shannon,D.J.Brown,G.M.Voelker,andS.Savage,�InferringInternetDenial-of-ServiceActivity,�ACMTransactionsonComputerSystems

http://www.symantec.com/connect/articles/honeytokens-other-honeypot,2003.22.J.J.Yuill,M.Zappe,D.Denning,andF.Feer,�Honeyles:DeceptiveFilesforIntrusionDetection,�inInformationAssuranceWorkshop,pp.116�122,IEEE,2004.23.M.Bercovitch,M.Renford,L.Hasson,A.Shabtai,L.Rokach,andY.Elovici,�HoneyGen:AnAutomatedHoneytokensGenerator,�inIEEEInternationalConferenceonIntelligenceandSecurityInformatics

http://goo.gl/Typwi4,Mar.2013.28.R.V.Jones,ReectionsonIntelligence.London:WilliamHeinemannLtd,1989.29.M.H.Almeshekah,UsingDeceptiontoEnhanceSecurity:ATaxonomy,ModelandNovelUses.PhDthesis,PurdueUniversity,2015.30.M.Harkins,�ANewSecurityArchitecturetoImproveBusinessAgility,�inManagingRiskandInformationSecurity,pp.87�102,Springer,2013.31.J.Boyd,�TheEssenceofWinningandLosing.�http://www.danford.net/boyd/essence.htm,1995.32.E.M.Hutchins,M.J.Cloppert,andR.M.Amin,�Intelligence-DrivenComputerNetworkDefenseInformedbyAnalysisofAdversaryCampaignsandIntrusionKillChains,�LeadingIssuesinInformationWarfare&SecurityResearch,vol.1,p.80,2011.33.K.J.Higgins,�HowLockheedMartin�s�KillChain�StoppedSecurIDAttack.�http://goo.gl/r9ctmG,2013.34.F.Petitcolas,�LaCryptographieMilitaire.�http://goo.gl/e5IOj1.35.K.D.MitnickandW.L.Simon,TheArtofDeception:ControllingtheHumanElementofSecurity.Wiley,2003.36.P.Vogt,F.Nentwich,N.Jovanovic,E.Kirda,C.Kruegel,andG.Vigna,�Cross-SiteScriptingPreventionwithDynamicDataTaintingandStaticAnalysis,�inThe2007NetworkandDistributedSystemSecuritySymposium

http://owasptop10.googlecode.com/les/OWASPTop10-2013.pdf,2013.

http://dartmouth.edu

http://gmail.com

http://reinterestedin.Table1showsalistofthesemeasurements.Fulldescriptionsof1suchaswww.4shared.com

http://isalsomeasuredwhereinaclientPCisusedtoperformvariousbenignactivitiessuchasstartupawebbrowsertolookatarticlesonCNN.comandshoponAmazon.com

http://www.nytimes.com/2014/02/25/world/middleeast/obama-worried-about-effects-of-waging-cyberwar-in-syria.html,Feb2014.Accessed:2015-11-11.6.USDepartmentofDefense.TheDepartmentofDefenseCyberStrategy,2015.7.MarkAGallagherandMichaelHorta.CyberJointMunitionsEffectivenessManual

http://ercegovernmentit.com/story/new-dod-program-ofce-create-cyber-equivalent-joint-munitions-effectivenes/2015-10-14,Oct2015.Accessed:2015-11-20.10.http://www.iseclab.org/projects/ttanalyze/.TTAnalyze:Atoolforanalyzingmalware,2015.11.ClemensKolbitsch,PaoloMilaniComparetti,ChristopherKruegel,EnginKirda,Xiao-yongZhou,andXiaoFengWang.Effectiveandefcientmalwaredetectionattheendhost.InUSENIXsecuritysymposium,pages351�366,2009.12.DanielBilaretal.Statisticalstructures:Fingerprintingmalwareforclassicationandanalysis.ProceedingsofBlackHatFederal2006,2006.

http://www8.hp.com/us/en/software-solutions/siem-security-information-eventmanagement/.HPArcSightESM,2015.16.http://www.splunk.com/.SplunkOperationalIntelligencePlatform,2015.17.http://www.owtraq.com/.FlowTraqNetworkSecurity,Monitoring,Analysis,andForensics,2015.18.http://www.snort.com/.SnortIntrusionPreventionSystem,2015.19.http://www.mcafee.com/us/.McAfeeIntelSecuritySuite,2015.20.http://www.tripwire.com/.TripwireAdvancedCyberThreatDetection,2015.21.HPEnterpriseSecurity.HPArcSightESM:poweredbyCORR-Engine,September2012.22.SandeepYadav,AshwathKumarKrishnaReddy,a.L.NarasimhaReddy,andSupranamayaRanjan.Detectingalgorithmicallygeneratedmaliciousdomainnames.Proceedingsofthe10thannualconferenceonInternetmeasurement-IMC�10,page48,2010.23.OpenMalware.http://openmalware.org,2014.24.VirusShare.http://virusshare.com,2014.25.TheVirusWatchArchives.http://lists.clean-mx.com/pipermail/viruswatch/,2014.26.CuckooSandbox.http://www.cuckoosandbox.org/,2014.27.MicrosoftDeveloperNetwork.http://msdn.microsoft.com/en-us/library/,2014.28.NicolePerlroth.IntelligenceStart-UpGoesBehindEnemyLinestoGetAheadofHackers.www.nytimes.com/2015/09/14/technology/intelligence-start-up-goes-behind-enemy-lines-to-get-ahead-of-hackers.html,Sep2015.Accessed:2015-11-11.29.BenElgin,DuneLawrence,andMichaelRiley.NeimanMarcusHackersSetOff60,000AlertsWhileBaggingCreditCardData.http://www.bloomberg.com/bw/articles/2014-02-21/neiman-marcus-hackers-set-off-60-000-alerts-while-bagging-credit-card-data,Feb2014.Accessed:2015-11-11.30.ElizabethRDeLong,DavidMDeLong,andDanielLClarke-Pearson.Comparingtheareasundertwoormorecorrelatedreceiveroperatingcharacteristiccurves:anonparametricapproach.Biometrics,pages837�845,1988.31.MichaelOBall.Computationalcomplexityofnetworkreliabilityanalysis:Anoverview.Reliability,IEEETransactionson,35

http://i-a-i.com

http://us.af.mil

http://reactivevs.pro

http://faculty.nps.edu/ncrowe/mildec.htm7.NISTPub800.53,Rev.4SC26-SC308.CERIASTechReport2015�11�UsingDeceptiontoEnhanceSecurity:ATaxonomy,Model,andNovelUses�,byMohammedH.Almeshekah,CenterforEducationandResearchInformationAssuranceandSecurity,PerdueUniversity9.JointPublication3-12

http://z.l.lu

http://ieee.org

http://sentar.com

http://en.wikipedia.org/wiki/Sleight_of_hand.2Foranfunexplanationofsleightofhandtechniques,seethevideobyillusionistsPennandTellerathttp://www.youtube.com/watch?v=oXGr76CfoCs.

http://asu.edu

http://trailofbits.com

https://github.com/simsong/tcpow.

https://media.defcon.org

http://gmu.edu

http://unina.it

http://update.cc/;update.cd//10:forallp2evaldo11:p:addVertex.V/;p:addDirectedEdge.V;Vn;�.V;Vn/;cost.V;Vn//;//AddanedgefromVtoVn12:endfor13:endfor14:returnpathList5.3.2AlgorithmTopKBudgetAlgorithmTopKBudget

http://sort.data

http://push.new

http://nmap.org/misc/defeat-nmap-osdetect.html,January2003.8.V.Casola,A.DeBenedictis,andM.Albanese.Amovingtargetdefenseapproachforprotectingresource-constraineddistributeddevices.InProceedingsofthe14thInternationalConferenceonInformationReuseandIntegration

http://www.whitehouse.gov/,December2011.14.R.Gula.EnhancedoperatingsystemidenticationwithNessus.http://www.tenable.com/blog/enhanced-operating-system-identication-with-nessus,February2009.15.J.H.Jafarian,E.Al-Shaer,andQ.Duan.OpenFlowrandomhostmutation:Transparentmovingtargetdefenseusingsoftwaredenednetworking.InProceedingsofthe1stWorkshoponHotTopicsinSoftwareDenedNetworks

http://www.sans.org/security-resources/idfaq/amap.php,March2014.20.G.ShuandD.Lee.Networkprotocolsystemngerprinting-aformalapproach.InProceedingsofthe25thIEEEInternationalConferenceonComputerCommunications

http://lcamtuf.coredump.cx/p0f3/,January2012.

http://utdallas.edu

http://lwn.net/Articles/495304,2012.11.CRIU.Checkpoint/RestoreInUserspace.http://criu.org,2014.12.DALTON,M.,KANNAN,H.,ANDKOZYRAKIS,C.Taintingisnotpointless.ACM/SIGOPSOperatingSystemsReview

http://clang.llvm.org/docs/DataFlowSanitizer.html.14.DUELL,J.ThedesignandimplementationofBerkeleyLab�sLinuxcheckpoint/restart.Tech.Rep.LBNL-54941,U.CaliforniaatBerkeley,2002.15.GEROFI,B.,FUJITA,H.,ANDISHIKAWA,Y.Anefcientprocesslivemigrationmechanismforloadbalanceddistributedvirtualenvironments.InProceedingsoftheIEEEInternationalConferenceonClusterComputing

http://code.google.com/p/protobuf,2014.17.GOOGLE.Webmetrics.https://developers.google.com/speed/articles/web-metrics,2014.18.JUELS,A.Abodyguardoflies:theuseofhoneyobjectsininformationsecurity.InProceedingsofthe19thACMSymposiumonAccessControlModelsandTechnologies

http://news.netcraft.com/archives/2014/02/07,2014.27.NGINX.Nginxserverproject.http://nginx.org,2014.28.NIST.TheShellshockBashVulnerability.https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6271,Sep.2014.29.OHLOH.ApacheHTTPserverstatistics.http://www.ohloh.net/p/apache,2014.30.PAI,V.S.,DRUSCHEL,P.,ANDZWAENEPOEL,W.Flash:Anefcientandportablewebserver.InProceedingsoftheUSENIXAnnualTechnicalConference

http://uncc.edu

http://www.virtela.net/platforms/virtualized-overlay-networking/.12.�Aryaka,�http://www.aryaka.com/.13.L.D.MouraandN.Bjorner,SatisabilityModuloTheories:IntroductionandApplications.CACM,2011.14.�Z3theormprover,�http://research.microsoft.com/en-us/um/redmond/projects/z3/.15.�Yices:Ansmtsolver,�http://yices.csl.sri.com/.16.�Planetlab,�http://www.planet-lab.org.17.S.Lo,M.Ammar,E.Zegura,andM.Fayed,�VirtualNetworkMigrationonRealInfrastruc-ture:APlanetLabCaseStudy,�inProceedingsofthe12thInternationalIFIPTC6ConferenceonNetworking,2014.18.T.Anderson,T.Roscoe,andDavidWetherall,�Preventinginternetdenial-of-servicewithcapabilities.�inProceedingsofHotnets-II,November2003.19.A.Yaar,A.Perrig,andD.Song,�Anendhostcapabilitymechanismtomitigateddosoodingattacks.�inProceedingsoftheIEEESymposiumonSecurityandPrivacy,,May2004.20.X.Yang,D.Wetherall,andT.Anderson,�Anendhostcapabilitymechanismtomitigateddosoodingattacks.�inProc.ACMSIGCOMM,,August2005.21.J.IoannidisandS.M.Bellovin,�Implementingpushback:Router-baseddefenseagainstddosattacks.�inInProc.NetworkandDistributedSystemSecuritySymposium

http://dev.maxmind.com/geoip/legacy/geolite/.36.�Geographicaldistance.�http://en.wikipedia.org/wiki/Geographical_distance.37.F.Gillani,E.Al-Shaer,S.Lo,Q.Duan,M.Ammar,andE.Zegura,�Agilevirtualizedinfrastructuretoproactivelydefendagainstcyberattacks.�inInfocom.IEEE,2015.38.�Britetopologygenerator,�http://www.cs.bu.edu/brite/.39.�Technicaldetailsbehinda400gbpsntpamplicationddosattack.�http://blog.cloudare.com/technical-details-behind-a-400gbps-ntp-amplication-ddos-attack.

https://www.torproject.org

http://HackingYandexemail2000rublesHackingmail.ru

http://list.ru

http://bk.ru

http://inbox.ru2000rublesHackinggmail.com

http://dx.doi.org/10.1109/JISIC.2014.183.Acar,G.,Juarez,M.,Nikiforakis,N.,Diaz,C.,G�rses,S.,Piessens,F.,Preneel,B.:Fpdetective:Dustingthewebforngerprinters.In:Proceedingsofthe2013ACMSIGSACConferenceonComputerandCommunicationsSecurity,CCS�13,pp.1129�1140.ACM,NewYork,NY,USA

http://doi.acm.org/10.1145/2508859.25166744.Arma:Torsecurityadvisory:Oldtorbrowserbundlesvulnerable.TheTorProject

https://blog.torproject.org/blog/tor-security-advisory-old-tor-browser-bundles-vulnerable5.Bargh,J.A.,McKenna,K.Y.A.:Theinternetandsociallife.pp.573�590

http://dx.doi.org/10.1109/ISI.2015.71659447.Boellstorff,T.:ComingofAgeinSecondLife:AnAnthropologistExplorestheVirtuallyHuman.PrincetonUniversityPress,Princeton,NJ,USA

http://dx.doi.org/10.1016/S1353-4858

http://.URLwww.ncjrs.gov

http://.URLwww.nbcnews.com/news/world/skilled-cheap-russian-hackers-power-american-cybercrime-n2237135.Postill,J.,Pink,S.:Socialmediaethnographie:Thedigitalresearcherinamessyweb.MediaInternationalAustralia

http://URLtheconversation.com/doxxing-swatting-and-the-new-trends-in-online-harassment-4023437.Rausch,M.,Good,N.,Hoofnagle,C.J.:Searchingforindicatorsofdevicengerprintinginthejavascriptcodeofpopularwebsites

http://URLwww.mcafee.com/mx/resources/reports/rp-economic-impact-cybercrime.pdf44.Tanenbaum,A.S.,Wetherall,D.J.:ComputerNetworks,5thedn.PrenticeHallPress,UpperSaddleRiver,NJ,USA

http://unipd.it

http://di.uniroma1.it

http://www.fsf.org/news/2010-free-software-awards-announced.2.Growingthenetwork,spreadingtheword.https://download.i2p2.de/media/i2pcon/2015/slides/I2PCon-2015-zzz-GrowingTheNetwork.pdf.3.I2pdocumentation.https://geti2p.net/en/docs/how/tech-intro.4.I2pthreatmodel.https://geti2p.net/en/docs/how/threat-model.5.Theinvisibleinternetproject

https://geti2p.net/en/.6.OfcialTorFAQ.http://www.torproject.org/docs/faq.html.en.7.Torsecurityadvisory.https://blog.torproject.org/blog/tor-security-advisory-relay-early-trafc-conrmation-attack.8.Xmppstandard.https://xmpp.org/xmpp-software/servers/.9.C.A.Ardagna,M.Conti,M.Leone,andJ.Stefa.Ananonymousend-to-endcommunicationprotocolformobilecloudenvironments.ServicesComputing,IEEETransactionson,7

http://www.blackhat.com/presentations/bh-usa-07/Perry/Presentation/bh-usa-07-perry.pdf.

http://hal.inria.fr/inria-00632259/PDF/TMA2012-LNCS.pdf,2011.45.ChristoWilson,BryceBoe,AlessandraSala,KrishnaP.N.Puttaswamy,andBenY.Zhao.Userinteractionsinsocialnetworksandtheirimplications.InProceedingsofthe4thACMEuropeanConferenceonComputerSystems,EuroSys�09,pages205�218,2009.46.BassamZantoutandRamziHaraty.I2pdatacommunicationsystem.InProceedingsofTheTenthInternationalConferenceonNetworks,ICN2011.47.YeZhu,XinwenFu,BryanGraham,RiccardoBettati,andWeiZhao.Onowcorrelationattacksandcountermeasuresinmixnetworks.InProceedingsofthe4thInternationalConferenceonPrivacyEnhancingTechnologies,PET�04,pages207�225,2005.

http://dx.doi.org/10.1007/978-3-319-32699-3_1�SpringerInternationalPublishingSwitzerland2016S.Jajodiaetal.