Organization: Center for Information Systems Security Studies and Research (CISR)
orgunit.page.dateEstablished
orgunit.page.dateDissolved
City
Country
Description
Integrated education and research in intelligent systems (artificial intelligence, machine learning, and data science) to ensure the U.S. Navy and Marine Corps are prepared to fight and win in the 21st century.
Type
Website of the organization
ID
Publication Search Results
Now showing 1 - 10 of 173
Publication The Trusted Computing Exemplar Project(IEEE, 2004-06-00) Irvine, Cynthia E.; Levin, Timothy E.; Nguyen, Thuy D.; Dinolt, G. W.; Center for Information Systems Security Studies and Research (CISR)We describe the Trusted Computing Exemplar project, which is producing an openly distributed worked example of how high assurance trusted computing components can be built. The TCX project encompasses four related activities: Creation of a prototype framework for rapid high assurance system development; Development of a reference-implementation trusted computing component; Evaluation of the component for high assurance; and Open dissemination of results related to the first three activities. The project's open development methodology will provide widespread availability of key high assurance enabling technologies and ensure transfer of knowledge and capabilities for trusted computing to the next generation of developers, evaluators and educators.Publication Teaching Security Engineering Principles(Proceedings of the World Conference on Information Security Education, 2001-04-00) Irvine, Cynthia E.; Levin, Timothy E.; Center for Information Systems Security Studies and Research (CISR)The design and construction of secure systems cannot be entirely captured in textbooks or class notes, but must be taught as an art which is learned through apprenticeship and practice. This paper describes a course in Secure Systems that uses the Flaw Hypothesis Methodology for penetration testing as a vehicle for motivating and teaching students fundamental principles of security engineering.Publication Empirical Study Of Drive-By-Download Spyware(International Common Criteria Conference, 2006-00-00) Barwinski, Mark; Irvine, Cynthia E.; Levin, Tim E.; Center for Information Systems Security Studies and Research (CISR); Computer Science (CS)The ability of spyware to circumvent common security practices, surreptitiously exporting confidential information to remote parties and illicitly consuming system resources, is a rising security concern in government, corporate, and home computing environments. While it is the common perception that spyware infection is the result of high risk Internet surfing behavior, our research shows main-stream web sites listed in popular search engines contribute to spyware infection irrespective of patch levels and despite �safe� Internet surfing practices. Experiments conducted in July of 2005 revealed the presence of spyware in several main-stream Internet sectors as evidenced in the considerable infection of both patched and unpatched Windows XP test beds. Although the experiment emulated conservative web surfing practices by not interacting with web page links, images, or banner advertisements, pyware infection of Internet Explorer based test beds occurred swiftly through cross-domain scripting and ActiveX exploits. As many as 71 different spyware programs were identified among 6 Internet sectors. Real estate and online ed web sites infected the test beds with, as many as 14 different spyware programs and one bank-related web site appeared to be the source of a resource consuming dialing program.Empirical analysis suggests that spyware infection via drive-by-download attacks has thus far been unabated by security patches or even prudent web surfing behavior. At least for the moment, it appears the choice of web browser applications is the single most effective measure in preventing spyware infection via drive-by-downloadsPublication An Approach for Cross-Domain Intrusion Detection(International Conference on Information Warfare and Security (ICIW 2012), 2012-03-12) Nguyen, Thuy; Gondree, Mark; Khosalim, J.; Shifflett D.; Levin, T.; Irvine, C.; Center for Information Systems Security Studies and Research (CISR); Department of Electrical and Computer Engineering.Network-based monitoring and intrusion detection has grown into an essential component of enterprise security management. Monitoring potentially malicious activities across a set of networks classified at different security levels, however, presents subtle and complicated challenges. Analysis of intrusion alerts collected on an individual network only reveals malicious attempts to compromise that particular network, not the overall attack patterns across the enterprise. Development of a comprehensive perspective for intrusion analysis of all networks in a multilevel secure (MLS) environment requires care to ensure that the enforcement of information flow control policies is preserved. We describe an approach to cross-domain network-based intrusion detection. Leveraging the Monterey Security Architecture (MYSEA) high-assurance MLS federated computing framework, we developed an MLS policy-constrained network-based CD-IDS prototype using untrusted single-level components and multilevel (trusted) components, supported by open source software (i.e., BASE, snort, PostgreSQL and pgpool-II). Our prototype enables an analyst to view and manipulate network trace data collected from multiple networks, while enforcing mandatory access control policies to constrain the analyst to only those resources her session level dominates.Publication Performance Impact of Connectivity Restrictions and Increased Vulnerability Presence on Automated Attack Graph Generation(International Conference on Warfare and Security (ICIW) Naval Postgraduate School , Monterey, California, USA 8-9 March 2007 pp.33-46, 2007-03-00) Cullum, James; Irvine, Cynthia E.; Levin, Tim; Center for Information Systems Security Studies and Research (CISR)The current generation of network vulnerability detection software uses databases of known vulnerabilities and scans target networks for these weaknesses. The results can be voluminous and difficult to assess. Thus, the success of this technology has created a need for software to aid in network vulnerability analysis. Although research has shown the effectiveness of automated attack graph generation tools in displaying potential attack paths in a network, research involving the performance of these tools has been limited. The performance impact of connectivity restrictions and the number of vulnerabilities present on a network for these tools is not well understood. Using empirical testing, we have collected quantitative data using CAULDRON, an attack graph generation tool developed at George Mason University, on a collection of simulated networks defined to modulate connectivity at certain points in our networks and represent the number of vulnerabilities present per node. By defining our model to include sets of nodes, which allow connectivity from all nodes to all vulnerable nodes in the set; the number of nodes present in each set, the number of connections between sets; and the number of vulnerabilities per node as our variables, we are able to observe the performance impact on CAULDRON of both connectivity restrictions and the increased presence of vulnerabilities in our networks. The effect of these variables on processing time and memory usage is presented and can be used as a metric to assess the scalability of this tool within various customer environments.Publication Scheduling Resources in Multi-User Heterogeneous Computing Environments with SmartNet(1998) Freund, Richard F.; Gherrity, Michael; Ambrosius, Stephen; Campbell, Mark; Halderman, Mike; Hensgen, Debra Z.; Keith, Elaine; Kidd, Taylor; Kussow, Matt; Lima, John D.; Mirabile, Francesca; Moore, Lantz; Rust, Brad; Siegel, H.J.; Center for Information Systems Security Studies and Research (CISR)It is increasingly common for computer users to have access to several computers on a network, and hence tobe able to execute many of their tasks on any of several computers. The choice of which computers execute which tasks is commonly determined by users based on a knowledge of computer speeds for each task and the current load on each computer. A number of task scheduling systems have been developed that balance the load of the computers on the network, but such systems tend to minimize the idle time of the computers rather than minimize the idle time of the users. This paper focusesonthebene ts that can be achieved when the scheduling system considers both the computer availabilities and the performance of each task on each computer. The SmartNet resource scheduling system is described and compared to two di erent resource allocation strategies: load balancing and user directed assignment. Results are presented where theoperation of hundreds of di erent networks of computers running thousands of di erent mixes of tasks are simulated in a batch environment. These results indicate that, for the computer environmentsPublication Public Key Infrastructure (archived)(2011-03) Naval Postgraduate School (U.S.); Center for Information Systems Studies Security and Research (CISR); Center for Information Systems Security Studies and Research (CISR)CISR helps services design and implement Public Key Infrastructure solutions. Currently CISR members are investigating avenues to high assurance PKIs.Publication MYSEA Testbed(2005-06-00) Nguyen, Thuy D.; Levin, Timothy E.; Irvine, Cynthia E.; Center for Information Systems Security Studies and Research (CISR); Computer Science (CS); Office of Naval Research and the National Reconnaissance OfficeThe technical vision of the emerging net-centric Global Information Grid (GIG) encompasses support for high assurance authentication and multilevel security (MLS) as well as flexible, dynamic security policies. The GIG is intended to address the inefficient exchange of information in current military and intelligence operations that utilize a variety of specialized (so-called "stove-piped") systems. In this context, secure information access problems are exacerbated by the need to share information from networks at different classifications (e.g., Unclassified, Secret, and Top Secret) and within multinational coalitions in episodic, ad hoc situations. These challenges provide the impetus for the creation of the Monterey Security Architecture (MYSEA) Testbed. The purpose of this Testbed is to support research in high assurance multilevel security (MLS) [1, 2] and dynamic security, two areas that are critical to the realization of the GIG's assured information sharing vision.Publication Expressing an information security policy within a security simulation game(Naval Postgraduate School (U.S), 2004-07) Irvine, Cynthia E.; Thompson, Michael F.; Center for Information Systems Security Studies and Research (CISR); Computer Science (CS)The Center for the Information Systems Studies and Research (CISR) at the Naval Postgraduate School has established a broad program in computer and network security education. The program, founded on a core in traditional computer science, is extended by a progression of specialized courses and a broad set of information assurance research projects. A CISR objective has been improvement of information assurance education and training for the U.S. military and government. Pursuant to that objective, CISR is developing a computer simulation game, CyberCIEGE, to teach computer security principles. CyberCIEGE players construct computer networks and make choices affecting the ability of these networks and the game�s virtual users to protect valuable assets from attack by both vandals and well motivated professionals [1]. CyberCIEGE includes a language for expressing different security related scenarios. A central part of this language is an ability to express a variety of different information security policies.Publication CyberCIEGE (brochure)(2013) Naval Postgraduate School (U.S.); Center for Information Systems Studies Security and Research (CISR); Center for Information Systems Security Studies and Research (CISR)CyberCIEGE is a commercial-grade PC-based 3D video game where players construct a networked computing system and defend it against a variety of attacks.