发布求助
文献互助 智能选刊 最新文献

2009 Cybersecurity Applications & Technology Conference for Homeland Security最新文献

筛选
英文 中文
Global Internet Monitoring Using Passive DNS 使用被动DNS进行全球互联网监控
2009 Cybersecurity Applications & Technology Conference for Homeland Security Pub Date : 2009-03-03 DOI: 10.1109/CATCH.2009.48
D. Dagon, Wenke Lee
{"title":"Global Internet Monitoring Using Passive DNS","authors":"D. Dagon, Wenke Lee","doi":"10.1109/CATCH.2009.48","DOIUrl":"https://doi.org/10.1109/CATCH.2009.48","url":null,"abstract":"Security information exchange (SIE) is an information exchange system that lets analysts look at data in real time. Still in its early phase, the system already collects an enormous volume of data.","PeriodicalId":130933,"journal":{"name":"2009 Cybersecurity Applications & Technology Conference for Homeland Security","volume":"56 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-03-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124268947","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 9
Phisherman: A Phishing Data Repository Phisherman:一个网络钓鱼数据库
2009 Cybersecurity Applications & Technology Conference for Homeland Security Pub Date : 2009-03-03 DOI: 10.1109/CATCH.2009.24
G. Tally
{"title":"Phisherman: A Phishing Data Repository","authors":"G. Tally","doi":"10.1109/CATCH.2009.24","DOIUrl":"https://doi.org/10.1109/CATCH.2009.24","url":null,"abstract":"Phishing is a wide spread and rapidly evolving form of electronic identity theft that attempts to gather personally identifying information from unwitting victims, often through social engineering. The “classic” phishing attack starts with a “lure” (unsolicited e-mail) that directs recipients to a fraudulent Web site that appears to be that of a well-known company, government agency, or other organization. Phishing data is collected by numerous organizations, resulting in many disjoint collections of varying quality and content. The goal of the Phisherman project is to create a single information resource available that provides ready access to on-going and historical phishing attacks for first-responders, brand owners, researchers, and law enforcement. The challenges include rapid automated validation to cope with the increasing scale of the attacks, and privacy protection, particularly when attacks are targeted at specific individuals.","PeriodicalId":130933,"journal":{"name":"2009 Cybersecurity Applications & Technology Conference for Homeland Security","volume":"8 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-03-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131124342","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 8
DNSSEC in Practice: Using DNSSEC-Tools to Deploy DNSSEC 实践中的DNSSEC:使用DNSSEC工具部署DNSSEC
2009 Cybersecurity Applications & Technology Conference for Homeland Security Pub Date : 2009-03-03 DOI: 10.1109/CATCH.2009.21
S. Krishnaswamy, W. Hardaker, R. Mundy
{"title":"DNSSEC in Practice: Using DNSSEC-Tools to Deploy DNSSEC","authors":"S. Krishnaswamy, W. Hardaker, R. Mundy","doi":"10.1109/CATCH.2009.21","DOIUrl":"https://doi.org/10.1109/CATCH.2009.21","url":null,"abstract":"The Domain Name System (DNS) is one of the core infrastructure components of the Internet. DNS data is also trivial to spoof. The security extensions to DNS (DNSSEC) provide a mechanism for users to verify the origin authenticity and integrity of DNS data based on cryptographic signatures. DNSSEC as a technology has steadily matured over the past several years and a number of tools and services that facilitate performing DNSSEC-related operations have emerged during this period. This paper gives an overview of using existing tools and utilities from the DNSSEC-Tools 1 suite to build environments that support DNSSEC along the complete path from the authoritative name server where domain data resides to the end-application that uses DNS data.","PeriodicalId":130933,"journal":{"name":"2009 Cybersecurity Applications & Technology Conference for Homeland Security","volume":"213 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-03-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132340557","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 13
Advances in Topological Vulnerability Analysis 拓扑脆弱性分析研究进展
2009 Cybersecurity Applications & Technology Conference for Homeland Security Pub Date : 2009-03-03 DOI: 10.1109/CATCH.2009.19
S. Noel, Matthew C. Elder, S. Jajodia, Pramod Kalapa, S. O'Hare, K. Prole
{"title":"Advances in Topological Vulnerability Analysis","authors":"S. Noel, Matthew C. Elder, S. Jajodia, Pramod Kalapa, S. O'Hare, K. Prole","doi":"10.1109/CATCH.2009.19","DOIUrl":"https://doi.org/10.1109/CATCH.2009.19","url":null,"abstract":"Currently, network administrators must rely on labor-intensive processes for tracking network configurations and vulnerabilities, which requires a great deal of expertise and is error prone. The organization of networks and the inter dependencies of vulnerabilities are so complex as to make traditional vulnerability analysis inadequate. We describe a Topological Vulnerability Analysis (TVA) approach that analyzes vulnerability dependencies and shows all possible attack paths into a network. From models of the network vulnerabilities and potential attacker exploits, we discover attack paths (organized as graphs) that convey the impact of individual and combined vulnerabilities on overall security. We provide sophisticated attack graph visualizations, with high-level overviews and detail drill down. Decision support capabilities let analysts make optimal tradeoffs between safety and availability, and show how to best apply limited security resources. We employ efficient algorithms that scale well to larger networks.","PeriodicalId":130933,"journal":{"name":"2009 Cybersecurity Applications & Technology Conference for Homeland Security","volume":"207 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-03-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123065196","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 79
Real-Time Detection of Fast Flux Service Networks 快速通量服务网络的实时检测
2009 Cybersecurity Applications & Technology Conference for Homeland Security Pub Date : 2009-03-03 DOI: 10.1109/CATCH.2009.44
A. Caglayan, M. Toothaker, Dan Drapeau, Dustin Burke, Gerry Eaton
{"title":"Real-Time Detection of Fast Flux Service Networks","authors":"A. Caglayan, M. Toothaker, Dan Drapeau, Dustin Burke, Gerry Eaton","doi":"10.1109/CATCH.2009.44","DOIUrl":"https://doi.org/10.1109/CATCH.2009.44","url":null,"abstract":"Here we present the first empirical study of detecting and classifying fast flux service networks (FFSNs) in real time. FFSNs exploit a network of compromised machines (zombies) for illegal activities such as spam, phishing and malware delivery using DNS record manipulation techniques. Previous studies have focused on actively monitoring these activities over a large window (days, months) to detect such FFSNs and measure their footprint. In this paper, we present a Fast Flux Monitor (FFM) that can detect and classify a FFSN in the order of minutes using both active and passive DNS monitoring, which complements long term surveillance of FFSNs.","PeriodicalId":130933,"journal":{"name":"2009 Cybersecurity Applications & Technology Conference for Homeland Security","volume":"131 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-03-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130440818","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 68
Information Leakage through the Domain Name System 通过域名系统的信息泄露
2009 Cybersecurity Applications & Technology Conference for Homeland Security Pub Date : 2009-03-03 DOI: 10.1109/CATCH.2009.10
S. Rose, R. Chandramouli, A. Nakassis
{"title":"Information Leakage through the Domain Name System","authors":"S. Rose, R. Chandramouli, A. Nakassis","doi":"10.1109/CATCH.2009.10","DOIUrl":"https://doi.org/10.1109/CATCH.2009.10","url":null,"abstract":"The Domain Name System (DNS) is the global lookup service for network resources. It is often the first step in an Internet transaction as well as a network attack since it provides the route map for reaching any resource (e.g., hosts) in any organization irrespective of its geographical and network location. An attacker can query an organization’s DNS as reconnaissance before attacking hosts on a particular network. To minimize the chances of these attacks succeeding, the administrator of an organization’s DNS (called the zone administrator), has various counter measures options in the form of content control, configuration, protocols, operational and infrastructure protection methods. In this paper, we analyze these and discuss the ireffectiveness and limitations.","PeriodicalId":130933,"journal":{"name":"2009 Cybersecurity Applications & Technology Conference for Homeland Security","volume":"328 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-03-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129830547","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 9
Pattern Recognition without Tradeoffs: Scalable Accuracy with No Impact on Speed 没有权衡的模式识别:不影响速度的可扩展精度
2009 Cybersecurity Applications & Technology Conference for Homeland Security Pub Date : 2009-03-03 DOI: 10.1109/CATCH.2009.31
Richard K. Dove
{"title":"Pattern Recognition without Tradeoffs: Scalable Accuracy with No Impact on Speed","authors":"Richard K. Dove","doi":"10.1109/CATCH.2009.31","DOIUrl":"https://doi.org/10.1109/CATCH.2009.31","url":null,"abstract":"Automated recognition of patterns in data is constrained by tradeoffs among speed, cost, and accuracy. A new reconfigurable VLSI processor architecture decouples the speed/accuracy tradeoff, and renders the cost/accuracy tradeoff negligible, enabling new performance and new applications. The architecture features massively-parallel, dynamically configurable finite-state-machines which simultaneously process the same data stream. Low cost VLSI fabrication, unbounded scalability, and high speed constant-rate throughput independent of pattern number and complexity breaks current trade space constraints. This paper introduces features of the processor architecture responsible for the decoupling, and shows how current tradeoff structure is altered.","PeriodicalId":130933,"journal":{"name":"2009 Cybersecurity Applications & Technology Conference for Homeland Security","volume":"10 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-03-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125337544","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 6
Virtual Private Groups for Protecting Critical Infrastructure Networks 用于保护关键基础设施网络的虚拟专用组
2009 Cybersecurity Applications & Technology Conference for Homeland Security Pub Date : 2009-03-03 DOI: 10.1109/CATCH.2009.14
R. O'Brien, Charles N. Payne Jr.
{"title":"Virtual Private Groups for Protecting Critical Infrastructure Networks","authors":"R. O'Brien, Charles N. Payne Jr.","doi":"10.1109/CATCH.2009.14","DOIUrl":"https://doi.org/10.1109/CATCH.2009.14","url":null,"abstract":"In an era when critical infrastructure networks are increasingly less isolated and more accessible from open networks, including the Internet, the air-gap security that these critical networks once enjoyed no longer exists. Malicious individuals can exploit this network connectivity, in conjunction with security weaknesses in widely used, homogeneous, COTS (commercial off-the-shelf) products, to penetrate deep within an organization's critical networks. Such an attack on SCADA (Supervisory Control And Data Acquisition) and Process Control networks could have devastating consequences. This paper describes an approach, Virtual Private Groups (VPGs), for creating and managing a virtual air-gap between these networks and the environments in which they may operate. After a brief description of the security issues that confront these networks, we describe our approach for addressing them. Many of the ideas presented here are the result of work done while implementing a version of VPGs directed towards critical infrastructure networks. In the process of doing that work we made a number of advances in managing policy for VPG and related mechanisms.","PeriodicalId":130933,"journal":{"name":"2009 Cybersecurity Applications & Technology Conference for Homeland Security","volume":"20 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-03-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123495222","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
A Comparative Analysis of BGP Anomaly Detection and Robustness Algorithms BGP异常检测与鲁棒性算法的比较分析
2009 Cybersecurity Applications & Technology Conference for Homeland Security Pub Date : 2009-03-03 DOI: 10.1109/CATCH.2009.20
K. Sriram, O. Borchert, Okhee Kim, P. Gleichmann, D. Montgomery
{"title":"A Comparative Analysis of BGP Anomaly Detection and Robustness Algorithms","authors":"K. Sriram, O. Borchert, Okhee Kim, P. Gleichmann, D. Montgomery","doi":"10.1109/CATCH.2009.20","DOIUrl":"https://doi.org/10.1109/CATCH.2009.20","url":null,"abstract":"We present an evaluation methodology for comparison of existing and proposed new algorithms for Border Gateway Protocol (BGP) anomaly detection and robustness. A variety of algorithms and alert tools have been proposed and/or prototyped recently. They differ in the anomaly situations which they attempt to alert or mitigate, and also in the type(s) of data they use. Some are based on registry data from Regional Internet Registries (RIRs) and Internet Routing Registries (IRRs) - an example is the Nemecis tool. Others such as the Prefix Hijack Alert System (PHAS) and the Pretty Good BGP (PGBGP) are driven by BGP trace data. The trace data is obtained from Reseaux Internet Protocol Europeens - Routing Information Service (RIPE-RIS), Routeviews, or a BGP speaker where the algorithm operates. We propose a new algorithm that combines the use of both registry and trace data, and also makes some key improvements over existing algorithms. We have built an evaluation platform called TERRAIN (Testing and Evaluation of Routing Robustness in Assurable Inter-domain Networking) on which these algorithms can be tested and empirically compared based on real and/or synthetic anomalies in BGP messages. We will present a variety of results providing interesting insights into the comparative utility and performance of the various BGP robustness algorithms.","PeriodicalId":130933,"journal":{"name":"2009 Cybersecurity Applications & Technology Conference for Homeland Security","volume":"63 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-03-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124666149","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 23
Cybersecurity Technology Transition: A Practical Approach 网络安全技术转型:一种实用方法
2009 Cybersecurity Applications & Technology Conference for Homeland Security Pub Date : 2009-03-03 DOI: 10.1109/CATCH.2009.32
Salvatore C. Paladino, Jason E. Fingerman
{"title":"Cybersecurity Technology Transition: A Practical Approach","authors":"Salvatore C. Paladino, Jason E. Fingerman","doi":"10.1109/CATCH.2009.32","DOIUrl":"https://doi.org/10.1109/CATCH.2009.32","url":null,"abstract":"ITT’s CyberScience Laboratory (CSL) has become an effective technology transition agent for the Department of Homeland Security’s Science & Technology (DHS S&T) Directorate as well as other government agencies. By acquiring, evaluating, and transferring cybersecurity technologies to those tasked with protecting critical infrastructure, the CSL has been able to provide operational feedback to technology developers, expose end-users to cutting edge tools, and better match future investments from technology sponsors with cybersecurity requirements. Discussed in this paper are best practices for technology transition as well as considerations for future activity in the field.","PeriodicalId":130933,"journal":{"name":"2009 Cybersecurity Applications & Technology Conference for Homeland Security","volume":"169 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-03-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127202502","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信