"... In PAGE 4: ...0 open source packages for robustness violations. Usefulness: Table1 (a) presents the total number of ro- bustness property violations our tool found for each of the checked packages. We found around 200 robustness vio- lations in 10 Redhat-9.... In PAGE 4: ...ations in 10 Redhat-9.0 open source packages. We have shown the API-level violation breakdown for one selected package (SysVinit-2.84-13) in Table1 (b). Of the 60 an- alyzed APIs, 19 of them gave violations with this package.... ..."

"... In PAGE 5: ...2. The results in Table4 show that obvious improvement can be achieved on SCL and SCP after adapting source-channel models for SCNE. As shown in Table 5, the improvement of SCL and SCP has significant impact on performance of LN and PN 4 http://www.... ..."

"... In PAGE 5: ...2. The results in Table4 show that obvious improvement can be achieved on SCL and SCP after adapting source-channel models for SCNE. As shown in Table 5, the improvement of SCL and SCP has significant impact on performance of LN and PN 4 http://www.... ..."

"... In PAGE 5: ...2. The results in Table4 show that obvious improvement can be achieved on SCL and SCP after adapting source-channel models for SCNE. As shown in Table 5, the improvement of SCL and SCP has significant impact on performance of LN and PN 4 http://www.... ..."

"... In PAGE 15: ...The ASHF does not deliver the security that one would expect from a present- day cryptographic algorithm. See Table1 for an overview of the attacks presented in this paper. We thus would recommend to replace the ASHF-based tokens by tokens implementing another algorithm that has undergone extensive open review and which has 128-bit internal secret.... ..."

"... In PAGE 2: ...nd allows for an easy construction of vanishing differentials (i.e. collisions) which leak information on the secret key. The most powerful attacks that we show are differential [1] adaptive chosen plaintext attacks which result in a complete secret key recovery in just a few milliseconds on a PC (See Table1 for a summary of attacks). However, it might be hard for a real-life attacker to mount the most effective of these attacks due to their adaptive chosen-plaintext nature, due to the special time-duplication format and due to initial key-dependent permutation which is applied to the input of the hash function.... In PAGE 12: ... The ASHF does not deliver the security that one would expect from a present-day cryptographic algorithm. See Table1 for an overview of the attacks presented in this paper. We thus would recommend to replace the ASHF-based tokens by tokens implementing another algorithm that has undergone extensive open review and which has 128-bit internal secret.... ..."

"... In PAGE 4: ...rivileges and poor security practices (e.g. connecting to restricted web sites, downloading restricted material, using telnet instead of ssh) are not included in Table 1 because these behaviors are site-specific and can be detected using traffic monitor- ing. Table2 shows the importance of these three attack types by considering the poten- tial damage, the most common local site-specific response, the response cost, and the effect of the response on other, future attackers, who launch an identical attack against the same victim. This table applies only to known old attacks where software patches are available to prevent exploitation of the known vulnerability.... In PAGE 4: ... Episodic DoS attacks are included in this row because they have similar characteris- tics to remote-to-local attacks. This paper focuses on detection of successful remote-to-local attacks in the first row of Table2 because these are the most damaging and have enabled recent world- wide Internet security incidents including many worms and DDoS attacks [2,3,6,7,8,12,23]. As indicated, detecting these attacks as they occur allows system administrators to react by shutting down and cleaning up the compromised systems and protecting against future attacks by installing software upgrades and patches.... In PAGE 5: ... Detecting the initial remote connection simplifies the response and lessens the damage. The next two rows in Table2 contain failed remote-to-local and failed episodic DoS attacks (often called probes) and scan or reconnaissance attacks. Both types of attacks provide an attacker with information about remote hosts and network services but do no damage to the victim.... In PAGE 5: ... It will also not block an attacker who uses public lists of IP addresses to find target machines or an attacker who falsi- fies the source IP address for probes. A non-local response not shown in Table2 is to contact the system administrator of the external scanning machine. This can be ex- Table 2.... In PAGE 6: ... Detecting probes and scans thus provides some situation awareness and protection from simple attacks from the same source, but it does not usually protect against future attacks of the same type from different sources. Continuous DoS attacks are the third category in Table2 . Distributed DoS (DDoS) attacks where the attacker first compromises many hosts using remote-to-local attacks and installs agents that simultaneously send packets to one victim have become a major concern in the past few years [6].... ..."

"... In PAGE 22: ... Table9 presents several typical Chinese open source developer communities. They are still in the quot;budding quot;stage, when users join and establish communication and cooperation patterns, not very active in terms of the number of projects and contributing developers.... ..."

"... In PAGE 9: ... Open Source Software Packages 7-3 Table 6. Law Enforcement Functional Areas Without Mature Open Source Options 7-4 Table7 . Open Source Software Implementation Advice 7-4 ... In PAGE 56: ... Law Enforcement Functional Areas Without Mature Open Source Options Application Area Open Source Software Computer Aided Dispatch (CAD) Tickets (prototype) Records Management System (RMS) CAPSIT Training Agency Personnel and Training Database Investigation Penguin Sleuth Kit NIST Fingerprint Kit Foremost 7.3 Advice from Practitioners for Using Open Source Software Table7 presents recommendations for agencies considering the use of open source software. These recommendations come from the national survey and interviewed practitioners on their lessons learned and their own experiences with open source software.... ..."