发布求助
文献互助 智能选刊 最新文献

Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop最新文献

筛选
英文 中文
Next generation SCADA security: best practices and client puzzles 下一代SCADA安全:最佳实践和客户端难题
Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop Pub Date : 2005-06-15 DOI: 10.1109/IAW.2005.1495984
Calvert L. Bowen, T. Buennemeyer, Ryan W. Thomas
{"title":"Next generation SCADA security: best practices and client puzzles","authors":"Calvert L. Bowen, T. Buennemeyer, Ryan W. Thomas","doi":"10.1109/IAW.2005.1495984","DOIUrl":"https://doi.org/10.1109/IAW.2005.1495984","url":null,"abstract":"Supervisory control and data acquisition (SCADA) systems are found throughout the public utility industry. As part of our national critical infrastructure, SCADA systems are used to monitor, control and manage spatially separated utility sites. SCADA systems are mirroring the rapid changes occurring in the larger information technology (IT) and networking industry by becoming more flexible and at the same time more interconnected. These primitive systems are being upgraded using commercial-off-the-shelf (COTS) hardware and software, and are being migrated to standard data formats and network protocols, particularly transport control protocol (TCP) for end-to-end control. Throughout this transition, SCADA system networks must be well defended and maintain the level of service required by their customers.","PeriodicalId":252208,"journal":{"name":"Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop","volume":"23 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-06-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130498817","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 40
IA risk assessment process 内部审计风险评估程序
Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop Pub Date : 2005-06-15 DOI: 10.1109/IAW.2005.1495991
K. Montry, R. Kelley
{"title":"IA risk assessment process","authors":"K. Montry, R. Kelley","doi":"10.1109/IAW.2005.1495991","DOIUrl":"https://doi.org/10.1109/IAW.2005.1495991","url":null,"abstract":"When considering the information assurance (IA) requirement against a particular program, one must consider the actual risk that needs to be mitigated by any proposed solution. Understanding the actual risk and applying only those solutions deemed necessary will provide a best value approach to the customer. This paper defines one method to gain an understanding of IA risk by exploring the threats applicable to the system, the paths down which those threats can act and the effects of that action on the system given the environment in which the system currently exists. Considering all of those factors will allow a relative risk to be assigned for each applicable intersection.","PeriodicalId":252208,"journal":{"name":"Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop","volume":"189 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-06-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124177829","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Distribution of patches within vulnerable systems: a distributed model 易受攻击系统内补丁的分布:分布式模型
Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop Pub Date : 2005-06-15 DOI: 10.1109/IAW.2005.1496000
S. Goel, Damira Pon
{"title":"Distribution of patches within vulnerable systems: a distributed model","authors":"S. Goel, Damira Pon","doi":"10.1109/IAW.2005.1496000","DOIUrl":"https://doi.org/10.1109/IAW.2005.1496000","url":null,"abstract":"This paper proposes an architecture for automated patch distribution on the network through a peer-to-peer (P2P) architecture. The authors contend that use of P2P systems to distribute software patches on networked computers will reduce average time of patch installation after release and improve compliance with patch installation due to ease of deployment. To facilitate such a patch distribution scheme, a standardized format for specification of patches based on a new XML schema that the authors have developed, entitled, software patch specification markup language (SPSML) is also presented.","PeriodicalId":252208,"journal":{"name":"Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop","volume":"7 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-06-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125982757","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Anomaly detection based on performance data 基于性能数据的异常检测
Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop Pub Date : 2005-06-15 DOI: 10.1109/IAW.2005.1495993
S. Gokhale, Jijun Lu
{"title":"Anomaly detection based on performance data","authors":"S. Gokhale, Jijun Lu","doi":"10.1109/IAW.2005.1495993","DOIUrl":"https://doi.org/10.1109/IAW.2005.1495993","url":null,"abstract":"In this research, we demonstrate the feasibility of using application performance data for the purpose of anomaly detection. Specifically, we use the signaling performance of a voice-over-IP (VoIP) infrastructure for the purpose of illustration. We also develop an approach to use the /spl chi//sup 2/ test statistic for anomaly detection based on application performance data.","PeriodicalId":252208,"journal":{"name":"Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop","volume":"15 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-06-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132366595","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Pattern reduction and circuit design for hardware-supported network intrusion detection 硬件支持的网络入侵检测模式简化和电路设计
Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop Pub Date : 2005-06-15 DOI: 10.1109/IAW.2005.1495992
T. Ramirez, C. Lo
{"title":"Pattern reduction and circuit design for hardware-supported network intrusion detection","authors":"T. Ramirez, C. Lo","doi":"10.1109/IAW.2005.1495992","DOIUrl":"https://doi.org/10.1109/IAW.2005.1495992","url":null,"abstract":"There are many other works that attempt to speed up the NIDS Snort by improving the packet processing function. Most of the work has been focused on circuit design while attempts to reduce the rule sets have been limited. This paper shows how we are capable of reducing the amount of characters in a rule set to limit device utilization requirements. Our results show we can use 51% of the amount of logic to implement the full rule set for the NIDS Snort. Our design has also been shown to perform in a comparable manner as that of another approach that reduces rule sets for intrusion detection. It is as area efficient as the other work and the throughput is sufficient for the goal of monitoring a high-speed network. The area utilization is still within device constraints for our development platform. Also, depending upon the network's priorities, cost or performance, more devices can be used to implement faster pattern matching.","PeriodicalId":252208,"journal":{"name":"Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop","volume":"7 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-06-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128701181","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
User requirements and design of a visualization for intrusion detection analysis 用户需求和可视化入侵检测分析的设计
Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop Pub Date : 2005-06-15 DOI: 10.1109/IAW.2005.1495979
J. Goodall
{"title":"User requirements and design of a visualization for intrusion detection analysis","authors":"J. Goodall","doi":"10.1109/IAW.2005.1495979","DOIUrl":"https://doi.org/10.1109/IAW.2005.1495979","url":null,"abstract":"This paper reports on the user requirements gathering activities and design of an information visualization tool for analyzing network data for intrusion detection (ID). User-centered design methods have been widely used for many years. However, innovative visualization displays are often developed with limited consideration of user needs in the context of real-life problems. While it can be argued that this is required to generate creative new solutions, the resulting tools may not fully support actual users in their daily work. We studied ID analysts' activities in order to understand their work practices. This resulted in a simple task model of ID work and guidelines for visualization support. Noting the lack of current visualization support for the analysis ID task and grounded in the actual needs of ID analysts, we designed a visualization prototype for investigating network traffic.","PeriodicalId":252208,"journal":{"name":"Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop","volume":"28 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-06-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129644681","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 23
Enterprise network security and extensions to Galois/counter mode encryption 企业网络安全并扩展到伽罗瓦/计数器模式加密
Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop Pub Date : 2005-06-15 DOI: 10.1109/IAW.2005.1495948
C. DeCusatis
{"title":"Enterprise network security and extensions to Galois/counter mode encryption","authors":"C. DeCusatis","doi":"10.1109/IAW.2005.1495948","DOIUrl":"https://doi.org/10.1109/IAW.2005.1495948","url":null,"abstract":"The need for improved security has been widely recognized in the information technology industry. However, the increased overhead associated with most data encryption schemes has not been fully quantified for either current generation enterprise servers or future systems. In this paper, the author reported on an enterprise storage area network test bed used to evaluate the performance impact of strong data encryption on data-in-flight, over distances typically associated with a disaster recovery network. Results suggest that this impact is minimal, paving the way for the implementation of hybrid encryption/authentication techniques in future networks. One such approach, the Galois/counter mode, including a summary of recent industry standardization efforts in this area was reviewed.","PeriodicalId":252208,"journal":{"name":"Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop","volume":"91 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-06-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127369380","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Risk-based security engineering through the eyes of the adversary 通过对手的眼睛进行基于风险的安全工程
Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop Pub Date : 2005-06-15 DOI: 10.1109/IAW.2005.1495947
S. Evans, James Wallner
{"title":"Risk-based security engineering through the eyes of the adversary","authors":"S. Evans, James Wallner","doi":"10.1109/IAW.2005.1495947","DOIUrl":"https://doi.org/10.1109/IAW.2005.1495947","url":null,"abstract":"Today, security engineering for complex systems is typically done as an ad hoc process. Taking a risk-based security engineering approach replaces today's ad hoc methods with a more rigorous and disciplined approach that uses a multi-criterion decision model. This approach builds on existing techniques for integrating risk analysis with classical systems engineering. A resulting security metric can be compared with cost and performance metrics in making engineering trade-off decisions.","PeriodicalId":252208,"journal":{"name":"Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop","volume":"48 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-06-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129015303","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 36
The digital signature paradox 数字签名悖论
Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop Pub Date : 2005-06-15 DOI: 10.1109/IAW.2005.1495999
J. Stapleton, P. Doyle, S.T. Esquire
{"title":"The digital signature paradox","authors":"J. Stapleton, P. Doyle, S.T. Esquire","doi":"10.1109/IAW.2005.1495999","DOIUrl":"https://doi.org/10.1109/IAW.2005.1495999","url":null,"abstract":"Paradox is a term often associated with Hollywood's fanciful time travel; however in the real world a time paradox does in fact exists. The system clock is the immediate source of time for any computer, and is the sole source for a time stamp determining when a document was created, modified and printed; or more interestingly when a digital signature was generated. Fraud has already been perpetrated by turning back system clocks leading to the falsification of information for which individuals have been disbarred or incarcerated. The application of a digital signature would not have resolved these issues; which is why digital signatures are time-insensitive. However, an independent clock source providing a trusted time stamp would and can circumvent individuals taking such illegal liberties. This paper presents the concept that data integrity needs to be redefined within the context of a time-sensitive mechanism.","PeriodicalId":252208,"journal":{"name":"Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop","volume":"25 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-06-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125481154","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 7
Visualization techniques for intrusion behavior identification 入侵行为识别的可视化技术
Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop Pub Date : 2005-06-15 DOI: 10.1109/IAW.2005.1495938
R. Erbacher
{"title":"Visualization techniques for intrusion behavior identification","authors":"R. Erbacher","doi":"10.1109/IAW.2005.1495938","DOIUrl":"https://doi.org/10.1109/IAW.2005.1495938","url":null,"abstract":"Current intrusion detection techniques are plagued with false positives and false negatives. Ensuring that intrusions are not missed requires that administrators filter through enormous numbers of false positives. In this work, we are attempting to improve the administrators ability to analyze the available data, make far more rapid assessments as to the nature of a given event or event stream, and identify anomalous activity not normally identified as such. To this end, we are exploring the roots of the identified activity, namely the underlying behavior of the users, hosts, and networks under the administrator's auspices. We present here our work related to visualization as it applies to behavior and intrusion detection. We have found that the representations can be quite effective at conveying the needed information and resolving the relationships extremely rapidly.","PeriodicalId":252208,"journal":{"name":"Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop","volume":"114 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-06-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114289388","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信