Anoop Singhal

Security Test, Validation and Measurement Group
anoop.singhal@nist.gov
(301) 975-4432

Education

  • Ph.D. in Computer Science, The Ohio State University, Columbus
  • MS in Computer Science, The Ohio State University, Columbus
  • B.Tech. in Electrical Engineering, Indian Institute of Technology, Delhi, India

Projects:

Measuring Security Risk in Enterprise Networks

Publications:

  • S. Zhang, X. Ou, A. Singhal, J. Homer "An Empirical Study of a Vulnerability Aggregation Method". The 2011 World Congress in Computer Science, Special Track on Security and Mission Assurance, Las Vegas, July 2011.
  • Wang, Singhal, Jajodia, Noel, "k-Zero Day Safety: Measuring the Security Risk of Networks against Unknown Attacks", European Symposium on Research in Computer Security (ESORICS) September 2010.
  • A. Singhal and D. Wijesekara, "Ontologies for Modeling Enterprise Level Security Metrics", 6th Annual Cyber Security and Information Intelligence Research Workshop, Oakridge National Labs, Oarkridge, April 21-23 2010.
  • A. Singhal and S. Xou, "Techniques for Enterprise Network Security Metrics", Proceedings of 2009 Cyber Security and Information Intelligence Research Workshop, Oakridge National Labs, Oarkridge, April 2009.
  • Frigault, Wang, Singhal, Jajodia, "Measuring Network Security Using Dynamic Bayesian Networks", ACM Workshop on Quality of Protection, October 2008.
  • L. Wang, A. Singhal and S. Jajodia, "An Attack Graph Based Probabilistic Security Metrics", In Proceedings of 22nd IFIP WG 11.3 Working Conference on Data and Application Security (DBSEC 2008), London, UK, July 2008.
  • "Forensic Web Services", Fourth Annual IFIP WG 11.9 International Conference on Digital Forensics, Kyoto, Japan, January 27-30 2008.
  • "Towards Measuring Network Security Using Attack Graphs", In Proceedings of 2007 ACM Workshop on Quality of Protection, October 29th 2007.
  • "Measuring the Overall Security of Network Configurations Using Attack Graphs". DBSec 2007: 98-112. Lingyu Wang, Anoop Singhal, Sushil Jajodia.
  • "Web Services Security: Challenges and Techniques". POLICY 2007: 282.
  • "Data Warehousing and Data Mining Techniques for Intrusion Detection Systems", Journal of Distributed and Parallel Databases, Volume 20, Number 2, pp. 149-166, September 2006.
  • "Interactive Analysis of Attack Graphs with Relational Queries", Proceedings of the 20th Annual IFIP WG 11.3 Working Conference on Data and Applications Security, pages 119-132, SAP Labs, Sophia Antipolis, France, July 31-August 2, 2006
  • "Semantic Aware Data Protection in Web Services", Proceedings of IEEE Workshop on Web Services Security held in Berkeley, CA, May 2006.
  • "Data Modeling and Data Warehousing Techniques to Improve IDS", Work in Progress Paper presented at the 21st Annual Computer Security Applications Conference (ACSAC), December, 2005.
  • "A Data Model and Architecture for Critical Infrastructure Protection", Conference on R&D Partnerships in Homeland Security, Boston, April 2005.
  • "Data Mining for Intrusion Detection" (with Prof. S. Jajodia) A chapter in "Handbook of Data Mining", Kluwer Publishers December 2004.
  • "Design of a Data Warehouse System for Network/Web Services", Proceedings of ACM Conference on Information and Knowledge Management (CIKM) November 2004.

Interests:

  • Network Security
  • Intrusion Detection
  • Data Mining
  • Web Services Security

Selected Publications

Guide to Secure Web Services

August 29, 2007
Author(s):
Anoop Singhal, Theodore Winograd, Karen A. Scarfone
The advance of Web services technologies promises to have far-reaching effects on the Internet and enterprise networks. Web services based on the eXtensible...