Take a sneak peek at the new NIST.gov and let us know what you think!
(Please note: some content may not be complete on the beta site.).

View the beta site
NIST logo

Publications Portal

You searched on: Author: peter mell Sorted by: title

Displaying records 1 to 10 of 41 records.
Resort by: Date / Title

1. A Complete Guide to the Common Vulnerability Scoring System Version 2.0
Published: 7/30/2007
Authors: Peter M Mell, Karen Ann Scarfone, Sasha Romanosky
Abstract: The Common Vulnerability Scoring System (CVSS) provides an open framework for communicating the characteristics and impacts of IT vulnerabilities. CVSS consists of three groups: Base, Temporal and Environmental. Each group produces a numeric score ra ...

2. A Denial-of-Service Resistant Intrusion Detection Architecture
Published: 10/1/2000
Authors: Peter M Mell, D G. Marks, Mark McLarnon
Abstract: As the capabilities of intrusion detection systems (IDS) advance, attackers may attempt to disable an organization's IDS before attempting to penetrate more valuable targets. As IDSs evolve into distributed systems withinterdependent components, they ...

3. Acquiring and Deploying Intrusion Detection Systems
Series: ITL Bulletin
Published: 11/16/1999
Author: Peter M Mell
Abstract: This ITL Bulletin provides basic information about intrusion detection systems (IDSs) to help organizations avoid common pitfalls in acquiring, deploying, and maintaining IDSs.

4. An Analysis of CVSS Version 2 Vulnerability Scoring
Published: 10/14/2009
Authors: Karen Ann Scarfone, Peter M Mell
Abstract: The Common Vulnerability Scoring System (CVSS) is a specification that is used to measure the relative severity of software vulnerabilities. CVSS version 2, which was finalized in June 2007, was designed to address several deficiencies discovered dur ...

5. An Overview of Issues in Testing Intrusion Detection Systems
Series: NIST Interagency/Internal Report (NISTIR)
Report Number: 7007
Published: 7/11/2003
Authors: Peter M Mell, R Lippmann, Chung Tong Hu, J Haines, M Zissman
Abstract: While intrusion detection systems are becoming ubiquitous defenses in today's networks, currently we have no comprehensive and scientifically rigorous methodology to test the effectiveness of these systems. This paper explores the types of performa ...

6. Applying Mobile Agents to Intrusion Detection and Response
Series: NIST Interagency/Internal Report (NISTIR)
Report Number: 6416
Published: 10/1/1999
Authors: Wayne Jansen, Athanasios T Karygiannis, D G. Marks, Peter M Mell
Abstract: Effective intrusion detection capability is an elusive goal, not solved easily or with a single mechanism. However, mobile agents go a long way toward realizing the ideal behavior desired in an Intrusion Detection System (IDS). This report is an init ...

7. CVSS-SIG Version 2 History
Published: 7/30/2007
Authors: Peter M Mell, Karen Ann Scarfone, Gavin Reid
Abstract: This document attempts to interpret the history and rationale behind changes made in the Common Vulnerability Scoring System (CVSS) from version 1 to version 2 (referred to as CVSS v1 and v2 in this document.) This document contains multiple appendic ...

8. Common Vulnerability Scoring System
Published: 12/29/2006
Authors: Peter M Mell, Karen Kent Scarfone, Sasha Romanosky
Abstract: Organizations struggle to assess the relative importance of software vulnerabilities across disparate hardware and software platforms. They must prioritize vulnerabilities and remediate those that pose the greatest risk. However, most software vendor ...

9. Computer Attacks: What They Are and How to Defend Against Them
Series: ITL Bulletin
Published: 5/26/1999
Author: Peter M Mell
Abstract: Although a host of technologies exists to detect and prevent attacks against computers, a human must coordinate responding to a successful network penetration. At the same time, the majority of systems administrators are not prepared to handle a soph ...

10. Creating a Patch and Vulnerability Management Program
Series: Special Publication (NIST SP)
Report Number: 800-40 Ver 2.0
Published: 11/16/2005
Authors: Peter M Mell, Tiffany Bergeron, Dave Henning
Abstract: [Superseded by SP 800-40 Rev. 3 (July 2013): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=913929] This document provides guidance on creating a security patch and vulnerability management program and testing the effectiveness of that ...

Search NIST-wide:

(Search abstract and keywords)

Last Name:
First Name:

Special Publications:

Looking for a NIST Special Publication (NIST SP Series)? Place the series number and dash in the report number field (Example: 800-) and begin your search.

  • SP 250-XX: Calibration Services
  • SP 260-XX: Standard Reference Materials
  • SP 300-XX: Precision Measurement and Calibration
  • SP 400-XX: Semiconductor Measurement Technology
  • SP 480-XX: Law Enforcement Technology
  • SP 500-XX: Computer Systems Technology
  • SP 700-XX: Industrial Measurement Series
  • SP 800-XX: Computer Security Series
  • SP 823-XX: Integrated Services Digital Network Series