Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Information Technology

Cybersecurity

Search Publications

Search Title, Abstract, Conference, Citation, Keyword or Author

Title

Author

NIST Pub Series

Report Number

Published Date

Min

Max

Displaying 301 - 325 of 2840

Neural Networks Based Domain Name Generation

September 1, 2021

Author(s)

Zheng Wang, Yang Guo

Domain generation algorithm (DGA) is commonly used to dynamically produce a large number of random domain names and select a small subset for actual use. DGA provides a method to make DNS mapping elusive and thereby make countermeasures ineffective. Modern

IoT Non-Technical Supporting Capability Core Baseline

August 25, 2021

Author(s)

Michael Fagan, Katerina N. Megas, Jeffrey Marron, Kevin Gerard Brady, Barbara Bell Cuthill, Rebecca Herold

Non-technical supporting capabilities are actions a manufacturer or third-party organization performs in support of the cybersecurity of an IoT device. This publication defines an Internet of Things (IoT) device manufacturers' non-technical supporting

Mobile Application Single Sign-On: Improving Authentication for Public Safety FirstResponders

August 25, 2021

Author(s)

Bill Fisher, Paul A. Grassi

On-demand access to public safety data is critical to ensuring that public safety and first responders (PSFRs) can protect life and property during an emergency. This public safety information, often needing to be accessed via mobile or portable devices

Approaches for Federal Agencies to Use the Cybersecurity Framework

August 17, 2021

Author(s)

Jeffrey Marron, Victoria Yan Pillitteri, Jon M. Boyens, Stephen Quinn, Gregory Witte

The document highlights examples for implementing the Framework for Improving Critical Infrastructure Cybersecurity (known as the Cybersecurity Framework) in a manner that complements the use of other NIST security and privacy risk management standards

'Passwords Keep Me Safe' - Understanding What Children Think about Passwords

August 11, 2021

Author(s)

Mary Theofanos, Yee-Yin Choong

Children use technology from a very young age, and often have to authenticate. The goal of this study is to explore children's practices, perceptions, and knowledge regarding passwords. Given the limited work to date and that the world's cyber posture and

Review of the Advanced Encryption Standard

July 23, 2021

Author(s)

Nicky Mouha, Morris Dworkin

The field of cryptography continues to advance at a very rapid pace, leading to new insights that may impact the security properties of cryptographic algorithms. The Crypto Publication Review Board ("the Board") has been established to identify

Managing the Security of Information Exchanges

July 20, 2021

Author(s)

Kelley L. Dempsey, Victoria Yan Pillitteri, Andrew Regenscheid

An organization often has mission and business-based needs to exchange (share) information with one or more other internal or external organizations via various information exchange channels. However, it is recognized that the information being exchanged

Status Report on the Second Round of the NIST Lightweight Cryptography Standardization Process

July 20, 2021

Author(s)

Meltem Sonmez Turan, Kerry McKay, Donghoon Chang, Cagdas Calik, Lawrence E. Bassham, Jinkeon Kang, John M. Kelsey

The National Institute of Standards and Technology (NIST) is in the process of selecting one or more authenticated encryption and hashing schemes suitable for constrained environments through a public, competition-like process. In February 2019, 57

Deep Learning for Detecting Network Attacks: An End to End approach

July 19, 2021

Author(s)

Qingtian Zou, Anoop Singhal, Xiaoyan Sun, Peng Liu

Network attack is still a major security concern for organizations worldwide. Recently, researchers have started to apply neural networks to detect network attacks by leveraging network traÿc data. However, public network data sets have major drawbacks

Contextualized Filtering for Shared Cyber Threat Information

July 18, 2021

Author(s)

Athanasios Dimitriadis, Christos Prassas, Jose L. Flores, Boonserm Kulvatunyou, Nenad Ivezic, Dimitris Gritzalis, Ioannis Mavridis

Cyber threat information sharing is an imperative process towards achieving collaborative security, but it poses several challenges. One crucial challenge is the plethora of shared threat information. Therefore, there is a need to advance filtering of such

Scaling the Phish: Advancing the NIST Phish Scale

July 3, 2021

Author(s)

Fernando Barrientos, Jody Jacobs, Shanee Dawkins

Organizations use phishing training exercises to help employees defend against the phishing threats that get through automatic email filters, reducing potential compromise of information security for both the individual and their organization. These

NVLAP Cryptographic and Security Testing

June 30, 2021

Author(s)

Bradley Moore, Beverly Trapnell, James F. Fox, Carolyn French

NIST Handbook 150-17 presents the technical requirements and guidance for the accreditation of laboratories under the National Voluntary Laboratory Accreditation Program (NVLAP) Cryptographic and Security Testing (CST) program. It is intended for

A Decade of Reoccurring Software Weaknesses

June 24, 2021

Author(s)

Assane Gueye, Carlos Galhardo, Irena Bojanova, Peter Mell

The Common Weakness Enumeration (CWE) community publishes an aggregate metric to calculate the 'Most Dangerous Software Errors.' However, the used equation highly biases frequency and almost ignores exploitability and impact. We provide a metric to