U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Information Technology

Cybersecurity

Search Publications

Search Title, Abstract, Conference, Citation, Keyword or Author
  • Published Date
Displaying 501 - 525 of 2840

Forensic Analysis of Advanced Persistent Threat Attacks in Cloud Environments

January 6, 2020
Author(s)
Changwei Liu, Anoop Singhal, Duminda Wijesekera
Due to the increasing cyber-activities and the use of diverse devices offered on cloud environments, post-attack cloud forensic investigations must deal with data in diverse formats and quantities from emerging attackable interfaces. The process of

D4I-Digital forensics framework for reviewing and investigating cyber attacks

December 26, 2019
Author(s)
Athanasios Dimitriadis, Boonserm Kulvatunyou, Nenad Ivezic, Ioannis Mavridis
Many companies have cited lack of cyber-security as the main barrier to Industrie 4.0 or digitalization. Security functions include protection, detection, response and investigation. Cyber-attack investigation is important as it can support the mitigation

Developing Cyber Resilient Systems: A Systems Security Engineering Approach

November 27, 2019
Author(s)
Ronald S. Ross, Victoria Y. Pillitteri, Richard Graubart, Deborah Bodeau, Rosalie McQuaid
This publication is used in conjunction with ISO/IEC/IEEE 15288:2015, Systems and software engineering--Systems life cycle processes, NIST Special Publication 800-160, Volume 1, Systems Security Engineering--Considerations for a Multidisciplinary Approach

Implementing a Protocol Native Managed Cryptocurrency

November 24, 2019
Author(s)
Peter M. Mell, Aurelien M. Delaitre, Frederic J. de Vaulx, Philippe J. Dessauw
Previous work presented a theoretical model based on the implicit Bitcoin specification for how an entity might issue a cryptocurrency that mimics features of fiat currencies. Novel to this work were mechanisms by which the issuing entity could manage the

Opaque Wrappers and Patching: Negative Results

November 21, 2019
Author(s)
Paul E. Black, Monika Singh
When a patch is released for buggy software, bad actors may be able to analyze the patch and create an attack on unpatched machines. A wrapper could block attacking inputs, but it, too, gives attackers critical information. An opaque wrapper hides such

Rethinking Authentication

November 11, 2019
Author(s)
Kim B. Schaffer
In today's environment, there is little doubt that companies, organizations, and governments must make significant investments in developing, implementing, and supporting authentication for their digital systems. Perhaps because of this, an organization's

Human Factors in Smart Home Technologies Workshop Summary

November 4, 2019
Author(s)
Julie Haney, Susanne M. Furman
On September 24, 2019, the National Institute of Standards and Technology (NIST) hosted a one- day workshop entitled "Human Factors in Smart Home Technologies." The workshop addressed human considerations for smart home devices, including usability, user

Security Automation for Cloud-Based IoT Platforms

October 21, 2019
Author(s)
Robert B. Bohn, Mheni Merzouki, Charif Mahmoudi, Cihan Tunc
Internet of Things (IoT) is reshaping the way Cloud Service Providers (CSP) collect data from sensors. With billions of devices deployed around the world, CSP are providing platforms dedicated to IoT that provides advanced features for those devices. This

Guide for Security-Focused Configuration Management of Information Systems

October 11, 2019
Author(s)
Arnold Johnson, Kelley L. Dempsey, Ronald S. Ross, Sarbari Gupta, Dennis Bailey
[Includes updates as of October 10, 2019] Guide for Security-Focused Configuration Management of Information Systems provides guidelines for organizations responsible for managing and administering the security of federal information systems and associated

Cybersecurity Framework Manufacturing Profile Low Impact Level Example Implementations Guide: Volume 1 - General Implementation Guidance

September 30, 2019
Author(s)
Keith A. Stouffer, Timothy Zimmerman, CheeYee Tang, Michael Pease, Jeffrey Cichonski, Neeraj Shah, Wesley Downard
This guide provides general implementation guidance (Volume 1) and example proof-of-concept solutions demonstrating how available open-source and commercial off-the-shelf (COTS) products could be implemented in manufacturing environments to satisfy the

Cybersecurity Framework Manufacturing Profile Low Impact Level Example Implementations Guide: Volume 2 - Process-based Manufacturing System Use Case

September 30, 2019
Author(s)
Keith A. Stouffer, Timothy Zimmerman, CheeYee Tang, Michael Pease, Jeffrey Cichonski, Neeraj Shah, Wesley Downard
This guide provides example proof-of-concept solutions demonstrating how available open-source and commercial off-the-shelf (COTS) products could be implemented in process-based manufacturing environments to satisfy the requirements in the Cybersecurity

Cybersecurity Framework Manufacturing Profile Low Impact Level Example Implementations Guide: Volume 3 - Discrete-based Manufacturing System Use Case

September 30, 2019
Author(s)
Keith A. Stouffer, Timothy Zimmerman, CheeYee Tang, Michael Pease, Jeffrey Cichonski, Neeraj Shah, Wesley Downard
This guide provides example proof-of-concept solutions demonstrating how available open-source and commercial off-the-shelf (COTS) products could be implemented in discrete-based manufacturing environments to satisfy the requirements in the Cybersecurity