Web-enabling an early warning and tracking system for network vulnerabilities
Abstract
The Information Assurance Vulnerability Alert (IAVA) process was established to provide an early warning and tracking capability for protecting Department of Defense (DoD) networks against identified system vulnerabilities. The Navy initially used record message traffic for the information distribution required by the process. This approach was heavily administrative and prone to significant delays in an already time critical process. Additionally, it lacked support for automated data validation, resulting in unreliable vulnerability tracking information. As a result, the process was ineffective, and Navy networks remained highly susceptible to exploitation, even for welldocumented system vulnerabilities. For this thesis, web-enabling technology is used to build and deploy an early warning and tracking system for Navy network vulnerabilities. The research sponsor, the Navy Component Task Force for Computer Network Defense (NCTF-CND), has named it the Online Compliance Reporting System (OCRS). It is now being used by all Navy commands and has proven efficient and highly effective in defending Navy networks against known vulnerability exploitations. As a result, the system has gained significant interest from other organizations and the research sponsor is now planning to fund maintenance and future enhancements by the Space and Naval Warfare Systems Center in Charleston, South Carolina.
Rights
This publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States.Collections
Related items
Showing items related by title, author, creator and subject.
-
Architecting the safety assessment of large-scale systems integration
Yin, Tong Choon. (Monterey, CaliforniaNaval Postgraduate School, 2009-12);This research identifies the information/data required to perform a safety assessment for large-scale systems integration. From these required safety-related information/data, and the utilization of system engineering ... -
Robustness of control laws implemented in visual based target tracking system
Lee, Han Chuan. (Monterey, California. Naval Postgraduate School, 2009-12);The previously developed guidance law implemented onboard the Small Unmanned Aerial Vehicle (SUAV) relies exclusively on the information from the image processing software and allows the performance of coordinated SUAV ... -
Unmanned Tactical Autonomous Control and Collaboration threat and vulnerability assessment
Batson, Louis T., V; Wimmer, Donald R., Jr. (Monterey, California: Naval Postgraduate School, 2015-06);Information systems designed and developed without considering security and potential threats create avoidable risks to the United States and the Department of Defense (DOD). Unmanned Tactical Autonomous Control and ...