Active Response

Describes use of force in defense of property statutes

D. W. Barnes, "Judges and Legistlatures in 21st Century Torts: Integrating Cases and Statutes," presented at Association of American Law Schools Conference on Torts, New York, New York, 2003.

An excellent article on the application of laws to intrusion response (generally regarding physical intrusions of homes/businesses)

S. D. Mitchell and E. A. Banker, "Private Intrusion Response," Harvard Journal of Law and Technology, vol. 11, pp. 700-7

International law perspectives of information warfare

J. Barkham, "Information Warfare and International Law on the Use of Force," New York University Journal of International Law and Politics, vol. 34, pp. 57-113, 2001.

The first fully international treaty on cybercrime - the US is a signatory

Charter of the United Nations

Porras and Neumann's EMERALD IDS

P. A. Porras and P. G. Neumann, "EMERALD: Event Monitoring Enabling Responses to Anomalous Live Disturbances," presented at 20th National Information Systems Security Conference, 1997.

Crosbie and Spafford's tech report

M. Crosbie and G. Spafford, "Active Defense of a Computer System Using Autonomous Agents," Purdue University, West Lafayette, IN, Technical Report 95-008, February 1995.

Using sleepy watermark tracing (SWT) to trace the detected intrusion that utilizing stepping stone to disguise its origin in real-time

X. Wang, D. S. Reeves, and S. F. Wu, "Tracing Based Active Intrusion Response," Journal of Information Warfare, vol. 1, 2001.

A method to dynamically alter the exposure of a host to contain an intrusion when it occurs

A. Gehani and G. Kedem, "RheoStat: Real-time Risk Management," presented at 7th International Symposium, RAID 2004, Sophia Antipolis, France, 2004.

Robert Axelrod uses game theory and decision theory to analyze risk in information systems

R. Axelrod, "Risk in Networked Information Systems," Office of the Assistant Secretary of Defense for Networks and Information Integration, 2003.