Guest editors'introduction / Jaynarayan H. Lala and Fred B. Schneider. p.12 The monoculture risk put into context / Fred B. Schneider and Kenneth P. Birman. p.14 Randomized instruction sets and runtime environments: past research and future directions / Angelos D. Keromyt is. p.18 Segurity through diversity: Leveraging virtual machine technology / Daniel William, Wei Hu, Jack W. Davidson, Jason D. Hiser, John C. Knight, and anh Nguyen-tuong. p.26 Risk assessment of a national security infrastructure / Kjell J. Hole, André N. Klingsheim, Lars-Helge Netland Yngve Espelid, Thomas Tjostheim, and Vebjorn Moen. p.34 Prioritizing vulnerability remediation by determining attacker-targeted vulnerabilities / Michel Cukier and Susmit Panjwani. p.42 Reading (with) the enemy / Marc Donner. p.3 News briefs / Brandi Ortega. p.5 Silver bullet talks with gunnar peterson / Gary McGraw. p.7 Understanding android security / William Enck, Machigar Ongtang, and Patrick McDaniel. p.50 The nrc takes on data mining behavioral surveillance, and privacy / Susan Landau. p.58 Cyberpandemics: history, inevitability, response / Phil Laplante, Bret Michael, and Jeffrey Voas. p.63 Teaching for conceptual change in security awareness a case study in higher education / Yuen-Yan Chan and Victor K. Wei. p.68 Privacy interests in prescription data, part 1: prescriber privacy / Patricia Kosseim and Khaled El Emam. p.72 Man-in -the maddle attack to the https protocolo / Franco Callegati, Walter Cerroni, and Marco Ramilli. p.78 Directions in network-Based security monitoring / Phillip Porras. p.82 The owned price index / Daniel E. Geer Jr. and Daniel G. Conway. p.86 Architecture of privacy / Bruce Schneier. p.88