NOTICE: Due to a lapse in annual appropriations, most of this website is not being updated. Learn more.

Form submissions will still be accepted but will not receive responses at this time. Sections of this site for programs using non-appropriated funds (such as NVLAP) or those that are excepted from the shutdown (such as CHIPS and NVD) will continue to be updated.

U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Information Technology

Search Publications

Search Title, Abstract, Conference, Citation, Keyword or Author
  • Published Date
Displaying 251 - 275 of 2282

Coalition and Threshold Hash-Based Signatures

February 25, 2022
Author(s)
John M. Kelsey, Stefan Lucks
We show how to construct a threshold version of stateful hash-based signature schemes like those defined in XMSS (defined in RFC8391) and LMS (defined in RFC8554). Our techniques assume a trusted dealer and secure point-to-point communications; are

Smart Cities and Communities: A Key Performance Indicators Framework

February 24, 2022
Author(s)
Martin Serrano, Edward Griffor, David A. Wollman, Michael Dunaway, Martin Burns, Sokwoo Rhee, Chris Greer
This publication presents research findings and scientific work that advance the development and progression of smart city and community measurement methodology. The term 'smart,' as used in the phrase 'smart cities,' is defined here as the efficient use

Ransomware Risk Management: A Cybersecurity Framework Profile

February 23, 2022
Author(s)
Bill Fisher, Murugiah Souppaya, William Barker, Karen Scarfone
Ransomware is a type of malicious attack where attackers encrypt an organization's data and demand payment to restore access. In some instances, attackers may also steal an organization's information and demand an additional payment in return for not

Making Semantic Structures Explicit: Developing and Evaluating Tools and Techniques to Support Understanding of Large Cybersecurity Corpora

February 4, 2022
Author(s)
Ira Monarch, Jacob Collard, Sangjin Shin, Eswaran Subrahmanian, Talapady N. Bhat, Ram D. Sriram
This report describes the adaptation, composition and use of natural language processing, machine learning and other computational tools to help make implicit informational structures in very large technical corpora explicit. The tools applied to the

Recommended Criteria for Cybersecurity Labeling of Consumer Software

February 4, 2022
Author(s)
Michael Ogata, Amy Phelps, Julie Haney
Executive Order (EO) 14028, "Improving the Nation's Cybersecurity," tasks the National Institute of Standards and Technology (NIST), in coordination with the Federal Trade Commission (FTC) and other agencies, to initiate pilot programs for cybersecurity

Personal Identity Verification (PIV) of Federal Employees and Contractors

January 24, 2022
Author(s)
National Institute of Standards and Technology (NIST), Hildegard Ferraiolo, Andrew Regenscheid, Salvatore Francomacaro, David Cooper, Ketan Mehta, Annie W. Sokol, David Temoshok, Gregory Fiumara, Justin Richer, James L. Fenton, Johnathan Gloster, nabil anwer
FIPS 201 establishes a standard for a Personal Identity Verification (PIV) system (Standard) that meets the control and security objectives of Homeland Security Presidential Directive-12 (HSPD-12). It is based on secure and reliable forms of identity

Advantage of Machine Learning over Maximum Likelihood in Limited-Angle Low-Photon X-Ray Tomography

January 20, 2022
Author(s)
Zhen Guo, Jungki Song, George Barbastathis, Michael Glinsky, Courtenay Vaughan, Kurt Larson, Bradley Alpert, Zachary H. Levine
Limited-angle X-ray tomography reconstruction is an ill-posed inverse problem in general. Especially when the projection angles are limited and the measurements are taken in a photon-limited condition, reconstructions from classical algorithms such as

Guide to Bluetooth Security

January 19, 2022
Author(s)
John Padgette, John Bahr, Mayank Batra, Rhonda Smithbey, Lily Chen, Karen Scarfone
Bluetooth wireless technology is an open standard for short-range radio frequency communication used primarily to establish wireless personal area networks (WPANs), and has been integrated into many types of business and consumer devices. This publication

Identifying Tactics of Advanced Persistent Threats with Limited Attack Traces

December 16, 2021
Author(s)
Khandakar Ashrafi Akbar, Yigong Wang, Md Islam, Anoop Singhal, Latifur Khan, Bhavani Thuraisingham1
The cyberworld being threatened by continuous imposters needs the development of intelligent methods for identifying threats while keeping in mind all the constraints that can be encountered. Advanced persistent threats (APT) have become an emerging issue

Input/Output Check Bugs Taxonomy: Injection Errors in Spotlight

November 17, 2021
Author(s)
Irena Bojanova, Carlos Eduardo Cardoso Galhardo, Sara Moshtari
In this work, we present an orthogonal classification of input/output check bugs, allowing precise structured descriptions of related software vulnerabilities. We utilize the Bugs Framework (BF) approach to define two language-independent classes that

Identifying and Estimating Cybersecurity Risk for Enterprise Risk Management

November 12, 2021
Author(s)
Kevin Stine, Stephen Quinn, Nahla Ivy, Matthew Barrett, Greg Witte, Larry Feldman, Robert Gardner
This document supplements NIST Interagency or Internal Report 8286, Integrating Cybersecurity and Enterprise Risk Management (ERM), by providing additional detail regarding risk guidance, identification, and analysis. This report offers examples and

Security Auditing of Internet of Things Devices in a Smart Home

October 15, 2021
Author(s)
Suryadipta Mazumdar, Daniel Bostos, Anoop Singhal
Attacks on the Internet of Things are increasing. Unfortunately, transparency and accountability that are paramount to securing Internet of Things devices are either missing or implemented in a questionable manner. Security auditing is a promising solution

Calculating Voxel-Polyhedron Intersections for Meshing Images

October 9, 2021
Author(s)
Stephen A. Langer, Andrew Reid
Finite element meshes constructed from 3D images are useful in materials science and medical applications when it is necessary to model the actual geometry of a sample, rather than an idealized approximation of it. Constructing the mesh involves computing

Metamorphic Testing for Hybrid Simulation Validation

October 5, 2021
Author(s)
Mohammed Farhan, Caroline Krejci, Megan Olsen, M S Raunak
Proper validation of a simulation model is essential to have confidence on its accuracy and credibility. However, many of the most effective approaches for simulation validation require access to data that may not always be available. Metamorphic Testing

2020 Cybersecurity and Privacy Annual Report

September 28, 2021
Author(s)
Patrick D. O'Reilly, Kristina Rigopoulos, Larry Feldman, Greg Witte
During Fiscal Year 2020 (FY 2020), from October 1, 2019 through September 30, 2020, the NIST Information Technology Laboratory (ITL) Cybersecurity and Privacy Program successfully responded to numerous challenges and opportunities in security and privacy
Was this page helpful?