NIST logo

Publications Portal

You searched on: Author: peter mell Sorted by: date

Displaying records 1 to 10 of 36 records.
Resort by: Date / Title

1. Evasion-Resistant Network Scan Detection
Published: 5/9/2015
Authors: Richard Harang, Peter M Mell
Abstract: Popular network scan detection algorithms operate through evaluating external sources for unusual connection patterns and traffic rates. Research has revealed evasive tactics that enable full circumvention of existing approaches (specifically the wid ...

2. The Resilience of the Internet to Colluding Country Induced Connectivity Disruptions
Published: 3/3/2015
Authors: Peter M Mell, Richard Harang, Assane Gueye
Abstract: We show that the strength of Internet-based network interconnectivity of countries is increasing over time. We then evaluate bounds on the extent to which a group of colluding countries can disrupt this connectivity. We evaluate the degree to which a ...

3. Lightweight Packing of Log Files for Improved Compression in Mobile Tactical Networks
Published: 10/8/2014
Authors: Peter M Mell, Richard Harang
Abstract: Devices in mobile tactical edge networks are often resource constrained due to their lightweight and mobile nature, and often have limited access to bandwidth. In order to maintain situational awareness in the cyber domain, security logs from these d ...

4. Reducing the Cognitive Load on Analysts Through Hamming Distance Based Alert Aggregation
Published: 9/30/2014
Authors: Peter M Mell, Richard Harang
Abstract: Previous work introduced the idea of grouping alerts at a Hamming distance of 1 to achieve alert aggregation; such aggregated meta-alerts were shown to increase alert interpret-ability. However, a mean of 84,023 daily Snort alerts were reduced to a s ...

5. Using Network Tainting to Bound the Scope of Network Ingress Attacks
Published: 7/1/2014
Authors: Peter M Mell, Richard Harang
Abstract: This research describes a novel security metric, network taint, which is related to software taint analysis. We use it here to bound the possible malicious influence of a known compromised node through monitoring and evaluating network flows. The res ...

6. Limitations to Threshold Random Walk Scan Detection and Mitigating Enhancements
Published: 10/16/2013
Authors: Peter M Mell, Richard Harang
Abstract: This paper discusses limitations in one of the most widely cited single source scan detection algorithms: threshold random walk (TRW). If an attacker knows that TRW is being employed, these limitations enable full circumvention allowing undetectable ...

7. What's Special About Cloud Security?
Published: 7/16/2012
Author: Peter M Mell
Abstract: While cloud security concerns have consistently ranked as one of the top challenges to cloud adoption, it is not clear what security issues are special with respect to cloud computing. To approach this question, we attempt to derive cloud security is ...

8. The Common Misuse Scoring System (CMSS): Metrics for Software Feature Misuse Vulnerabilities
Series: NIST Interagency/Internal Report (NISTIR)
Report Number: 7864
Published: 7/10/2012
Authors: Elizabeth LeMay, Karen Ann Scarfone, Peter M Mell
Abstract: The Common Misuse Scoring System (CMSS) is a set of measures of the severity of software feature misuse vulnerabilities. A software feature is a functional capability provided by software. A software feature misuse vulnerability is a vulnerability in ...

9. The NIST Definition of Cloud Computing
Series: Special Publication (NIST SP)
Report Number: 800-145
Published: 9/28/2011
Authors: Peter M Mell, Timothy Grance
Abstract: Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released ...

10. The Common Configuration Scoring System (CCSS): Metrics for Software Security Configuration Vulnerabilities
Series: NIST Interagency/Internal Report (NISTIR)
Report Number: 7502
Published: 12/27/2010
Authors: Peter M Mell, Karen Scarfone
Abstract: The Common Configuration Scoring System (CCSS) is a set of measures of the severity of software security configuration issues. CCSS is derived from the Common Vulnerability Scoring System (CVSS), which was developed to measure the severity of vulnera ...

Search NIST-wide:

(Search abstract and keywords)

Last Name:
First Name:

Special Publications:

Looking for a NIST Special Publication (NIST SP Series)? Place the series number and dash in the report number field (Example: 800-) and begin your search.

  • SP 250-XX: Calibration Services
  • SP 260-XX: Standard Reference Materials
  • SP 300-XX: Precision Measurement and Calibration
  • SP 400-XX: Semiconductor Measurement Technology
  • SP 480-XX: Law Enforcement Technology
  • SP 500-XX: Computer Systems Technology
  • SP 700-XX: Industrial Measurement Series
  • SP 800-XX: Computer Security Series
  • SP 823-XX: Integrated Services Digital Network Series