Deploying crowd-sourced formal verification systems in a DoD network
| dc.contributor.advisor | Xie, Geoffrey G. | |
| dc.contributor.author | Dumlupinar, Mahmut Firuz | |
| dc.date | Sep-13 | |
| dc.date.accessioned | 2013-11-20T23:36:04Z | |
| dc.date.available | 2013-11-20T23:36:04Z | |
| dc.date.issued | 2013-09 | |
| dc.identifier.uri | http://hdl.handle.net/10945/37617 | |
| dc.description.abstract | Manual formal software verification is an expensive and time-consuming process. Military software is currently verified manually by highly skilled analysts. To reduce the high costs of the formal verification, DARPA started a Crowd-Sourced Formal Verification (CSFV) program that aims to include as many people as possible to participate in this verification process by embedding some of the verification logics into computer games. In this study we built a network prototype for hosting a CSFV server on a DoD network. The CSFV network prototype is designed according to the common security practices, necessary security measures against possible attacks, and the Security Technical Implementation Guides (STIGs) published by DISA to provide confidentiality, integrity and availability. Important details are presented about server operating system selections, proper usage of necessary network services, and firewall and IDS rules for efficient network security. Results from common network penetration test tools confirm that our prototype meets the necessary security requirements and can be trusted on a DoD network. | en_US |
| dc.description.uri | http://archive.org/details/deployingcrowdso1094537617 | |
| dc.publisher | Monterey, California: Naval Postgraduate School | en_US |
| dc.rights | This publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States. | en_US |
| dc.title | Deploying crowd-sourced formal verification systems in a DoD network | en_US |
| dc.type | Thesis | en_US |
| dc.contributor.secondreader | Housel, Thomas J. | |
| dc.contributor.department | Information Sciences (IS) | |
| dc.subject.author | crowd sourced formal verification | en_US |
| dc.subject.author | network security | en_US |
| dc.subject.author | cyber attacks | en_US |
| dc.subject.author | crowdsourcing | en_US |
| dc.subject.author | virtualization | en_US |
| dc.subject.author | cloud computing | en_US |
| dc.subject.author | firewalls | en_US |
| dc.subject.author | intrusion detection systems | en_US |
| dc.subject.author | network penetration test. | en_US |
| dc.description.service | Captain, Turkish Army | en_US |
| etd.thesisdegree.name | Master Of Science In Information Technology Management | en_US |
| etd.thesisdegree.level | Masters | en_US |
| etd.thesisdegree.discipline | Information Technology Management | en_US |
| etd.thesisdegree.grantor | Naval Postgraduate School | en_US |
| dc.description.distributionstatement | Approved for public release; distribution is unlimited. |
Files in this item
This item appears in the following Collection(s)
-
1. Thesis and Dissertation Collection, all items
Publicly releasable NPS Theses, Dissertations, MBA Professional Reports, Joint Applied Projects, Systems Engineering Project Reports and other NPS degree-earning written works.
Related items
Showing items related by title, author, creator and subject.
-
Verification and Validation of the Malicious Activity Simulation Tool (MAST) for Network Administrator Training and Evaluation
(Monterey, California. Naval Postgraduate School, 2012-03);The DoD currently employs red teams to conduct network infiltration and security training for network administrators and operators. Red Teams provide the most realistic and thorough training to defend against real-world ... -
XML based adaptive IPsec policy management in a trust management context
(Monterey, California. Naval Postgraduate School, 2003-12);TCP/IP provided the impetus for the growth of the Internet and the IPsec protocol now promises to add to it the desired security strength. IPsec provides users with a mechanism to enforce a range of security services for ... -
An Editor for Adaptive XML-Based Policy Management of IPSEC
(Computer Security Applications Conference (ACSAC), 2003-12-08);The IPSec protocol provides a mechanism to enforce a range of security services for both confidentiality and integrity, enabling secure transmission of information across networks. Dynamic parameterization of IPSec, via ...
