www.elsevier.com/locate/cose

CONTENTS

Model checking authorization requirements in business processesA. Armando and S. E. Ponta 1

A comprehensive and efficacious architecture for detecting phishing webpagesR. Gowtham and I. Krishnamurthi 23

Security and compliance challenges in complex IT outsourcing arrangements: A multi-stakeholder perspectiveD. Bachlechner, S. Thalmann and R. Maier 38

Towards a distributed secure in-vehicle communication architecture for modern vehiclesC. Patsakis, K. Dellios and M. Bouroche 60

Extended DMTP: A new protocol for improved graylist categorizationJ. Yang, H.‑t. Liu, Z.‑p. Zhang and J. Dong 75

An advanced persistent threat in 3G networks: Attacking the home network from roaming networksC. Xenakis and C. Ntantogian 84

A framework for generating realistic traffic for Distributed Denial-of-Service attacks and Flash EventsS. Bhatia, D. Schmidt, G. Mohay and A. Tickle 95

Framework and principles for active cyber defenseD. E. Denning 108

Available online at www.sciencedirect.com

ScienceDirect

Volume 40, February 2014