Search Publications

NIST Authors in Bold

Displaying 101 - 125 of 1422

Getting Started with Cybersecurity Risk Management: Ransomware (Portuguese Translation)

May 5, 2022

Author(s)

Bill Fisher, Murugiah Souppaya, Karen Scarfone, William Barker

Getting Started with Cybersecurity Risk Management: Ransomware (Spanish Translation)

May 5, 2022

Author(s)

Bill Fisher, Murugiah Souppaya, Karen Scarfone, William Barker

Hardware-Enabled Security: Enabling a Layered Approach to Platform Security for Cloud and Edge Computing Use Cases

May 4, 2022

Author(s)

Murugiah Souppaya, Michael Bartock, Karen Scarfone, Ryan Savino, Tim Knoll, Uttam Shetty, Mourad Cherfaoui, Raghu Yeluri, Don Banks, Akash Malhotra, Michael Jordan, Dimitrios Pendarakis, Peter Romness

In today's cloud data centers and edge computing, attack surfaces have shifted and, in some cases, significantly increased. At the same time, hacking has become industrialized, and most security control implementations are not coherent or consistent. The

Machine Learning-Based Algorithmically Generated Domain Detection

May 1, 2022

Author(s)

Zheng Wang, Yang Guo, Douglas Montgomery

Malware like botnets typically uses domain generation algorithms (DGAs) to dynamically produce a large number of random algorithmically generated domains (AGDs) and use a few of them to communicate with the command and control servers. AGD detection

Use of Supervised Machine Learning to Detect Abuse of COVID-19 Related Domain Names

May 1, 2022

Author(s)

Zheng Wang, Douglas Montgomery

A comprehensive evaluation of supervised machine learning models for the COVID-19 related domain name detection is presented. One representative conventional machine learning implementation and nineteen state-of-the-art deep learning implementations are

Ransomware Risk Management: A Cybersecurity Framework Profile (Spanish Translation)

April 18, 2022

Author(s)

Bill Fisher, Murugiah Souppaya, Karen Scarfone, William Barker

Ransomware Risk Management: A Cybersecurity Profile (Portuguese Translation)

April 18, 2022

Author(s)

Bill Fisher, Murugiah Souppaya, Karen Scarfone, William Barker

Guide to Enterprise Patch Management Planning: Preventive Maintenance for Technology

April 6, 2022

Author(s)

Murugiah Souppaya, Karen Scarfone

Enterprise patch management is the process of identifying, prioritizing, acquiring, installing, and verifying the installation of patches, updates, and upgrades throughout an organization. Patching is more important than ever because of the increasing

Improving Enterprise Patching for General IT Systems: Utilizing Existing Tools and Performing Processes in Better Ways

April 6, 2022

Author(s)

Murugiah Souppaya, Alper Kerman, Karen Scarfone, Kevin Stine, Brian E. Johnson, Chris Peloquin, Vanessa Ruffin, Tyler Diamond, Mark Simos, Sean Sweeney

Despite widespread recognition that patching is effective and attackers regularly exploit unpatched software, many organizations do not adequately patch. There are myriad reasons why, not the least of which are that it's resource-intensive and that the act

Basic Cybersecurity Recommendations for HVAC Systems- Passwords

April 1, 2022

Author(s)

Michael Galler

Cybersecurity has been a topic of increasing importance for several years. While fully securing a large and complex system can be very complicated, there are some basic precautions that can easily be applied to any system, and some basic precautions that

Framework for Improving Critical Infrastructure Cybersecurity, Version 1.1 (Ukrainian Translation)

March 30, 2022

Author(s)

Kevin Stine

Getting Started with the NIST Cybersecurity Framework: A Quick Start Guide (Portuguese Translation)

March 17, 2022

Author(s)

Amy Mahn, Stephen Quinn, Daniel Topper, Jeffrey Marron

Getting Started with the NIST Cybersecurity Framework: A Quick Start Guide (Spanish Translation)

March 17, 2022

Author(s)

Amy Mahn, Jeffrey Marron, Stephen Quinn, Daniel Topper

Assessing Enhanced Security Requirements for Controlled Unclassified Information

March 15, 2022

Author(s)

Ronald S. Ross, Victoria Yan Pillitteri, Kelley L. Dempsey

The protection of Controlled Unclassified Information (CUI) in nonfederal systems and organizations is important to federal agencies and can directly impact the ability of the Federal Government to successfully carry out its assigned missions and business

Framework for Improving Critical Infrastructure Cybersecurity, Version 1.0 (Polish translation)

February 23, 2022

Author(s)

Kevin Stine, Matthew Barrett

(This is a direct translation of Version 1.0 of the Cybersecurity Framework produced by the Government Centre for Security (Poland).)

Framework for Improving Critical Infrastructure Cybersecurity, Version 1.1 (Arabic translation)

February 23, 2022

Author(s)

Kevin Stine, Matthew Barrett

Translated by Ali A. AlHasan, PMP, CISSP,CISA, CGEIT, CRISC, CISM and Ali AlHajj. Reviewed by Schreiber Translations, INC (STI). Not an official U.S. Government translation.

Framework for Improving Critical Infrastructure Cybersecurity, Version 1.1 (Bulgarian translation)

February 23, 2022

Author(s)

Kevin Stine, Matthew Barrett

Translated by Professor Vladimir Dimitrov, University of Sofia, Bulgaria. Reviewed by Global Language Translation and Consulting (GLTac). Not an official U.S. Government translation.

Framework for Improving Critical Infrastructure Cybersecurity, Version 1.1 (French Translation)

February 23, 2022

Author(s)

Kevin Stine

French translation of the Framework for Improving Critical Infrastructure Cybersecurity (Cybersecurity Framework) Version 1.1

Framework for Improving Critical Infrastructure Cybersecurity, Version 1.1 (Indonesian Translation)

February 23, 2022

Author(s)

Kevin Stine

Indonesian translation of the Framework for Improving Critical Infrastructure Cybersecurity (Cybersecurity Framework) Version 1.1

Framework for Improving Critical Infrastructure Cybersecurity, Version 1.1 (Spanish translation)

February 23, 2022

Author(s)

Kevin Stine, Matthew Barrett

This Spanish language Cybersecurity Framework Version 1.1 was translated under government contract.

Getting Started with Cybersecurity Risk Management Ransomware

February 23, 2022

Author(s)

Bill Fisher, William Barker, Karen Scarfone

Quick start guide for NISTIR 8374.

Ransomware Risk Management: A Cybersecurity Framework Profile

February 23, 2022

Author(s)

Bill Fisher, Murugiah Souppaya, William Barker, Karen Scarfone

Ransomware is a type of malicious attack where attackers encrypt an organization's data and demand payment to restore access. In some instances, attackers may also steal an organization's information and demand an additional payment in return for not

Securing Telehealth Remote Patient Monitoring Ecosystem

February 22, 2022

Author(s)

Jennifer Cawthra, Nakia R. Grayson, Ronald Pulivarti, Bronwyn J. Hodges, Jason Kuruvilla, Kevin Littlefield, Julie Snyder, Sue Shuqiu Wang, Ryan Williams, Kangmin Zheng

Increasingly, healthcare delivery organizations (HDOs) are relying on telehealth and remote patient monitoring (RPM) capabilities to treat patients at home. RPM is convenient and cost-effective, and its adoption rate has increased. However, without

Prioritizing Cybersecurity Risk for Enterprise Risk Management

February 10, 2022

Author(s)

Stephen Quinn, Matthew Barrett, Greg Witte, Robert Gardner, Nahla Ivy

This document is the second in a series that supplements NIST Interagency/Internal Report (NISTIR) 8286, Integrating Cybersecurity and Enterprise Risk Management (ERM). This series provides additional detail regarding the enterprise application of

Making Semantic Structures Explicit: Developing and Evaluating Tools and Techniques to Support Understanding of Large Cybersecurity Corpora

February 4, 2022

Author(s)

Ira Monarch, Jacob Collard, Sangjin Shin, Eswaran Subrahmanian, Talapady N. Bhat, Ram D. Sriram

This report describes the adaptation, composition and use of natural language processing, machine learning and other computational tools to help make implicit informational structures in very large technical corpora explicit. The tools applied to the

Advanced communications
-Open Radio Access Network (Open-RAN)
-Quantum communications
-Spectrum sharing
-Wireless (RF)
Bioscience
-Bioinformatics
-Biomanufacturing
-Biomaterials
-Cell biology
-Engineering / synthetic biology
-Genomics
-Glycomics
-Metabolomics
-Microbial measurements
-Proteomics
Buildings and Construction
-Building codes and standards
-Building control systems
-Building damage and repair
-Building economics
-Building materials
-Energy efficiency
-Heating, ventilation and air conditioning equipment
-Indoor air quality
-Structural engineering
-Thermal comfort
Chemistry
-Analytical chemistry
-Chemical engineering and processing
-Chemical thermodynamics and chemical properties
-Molecular characterization
-Theoretical chemistry and modeling
-Thermochemical properties
Electronics
-Electromagnetics
-Flexible electronics
-Magnetoelectronics
-Optoelectronics
-Organic electronics
-Semiconductors
-Sensors
-Superconducting electronics
Energy
-Alternative energy
-Conventional energy
-Electric power / smart grid
-Fuels
Environment
-Air / water / soil quality
-Climate
-Environmental health
-Greenhouse gas measurements
-Marine science
-Sustainability
Fire
-Emergency building evacuation
-Fire detection
-Fire dynamics and science
-Fire fighting
-Fire modeling
-Fire risk reduction
-Materials flammability
-Structural fire resistance
-Wildland urban interface fire
Forensic Science
-Digital evidence
-Drugs and toxicology
-Firearms and toolmarks
-Forensic biometrics
-Forensic genetics
-Trace evidence
Health
-Biopharmaceuticals
-Clinical diagnostics
-Dentistry
-Food and nutrition
-Medical imaging
-Precision medicine
-Regenerative medicine and advanced therapy
Information technology
-Artificial intelligence
--AI measurement and evaluation
--Applied AI
--Fundamental AI
--Hardware for AI
--Machine learning
--Trustworthy and responsible AI
-Biometrics
-Cloud computing and virtualization
-Complex systems
-Computational science
-Conformance testing
-Cyber-physical systems
--Smart cities
-Cybersecurity
--Cryptography
--Cybersecurity education and workforce development
--Cybersecurity measurement
--Identity and access management
--Privacy engineering
--Risk management
--Securing emerging technologies
--Trustworthy networks
--Trustworthy platforms
-Data and informatics
--Human language technology
--Information retrieval
--Natural language processing
-Federal information processing standards (FIPS)
-Health IT
-Internet of Things (IoT)
-Interoperability testing
-Location based services
-Mobile
-Networking
--Mobile and wireless networking
--Network management and monitoring
--Network modeling and analysis
--Network security and robustness
--Network test and measurement
--Next generation networks
--Protocol design and standardization
--Software defined and virtual networks
-Privacy
-Software research
--Software testing
-Usability and human factors
--Accessibility
-Video analytics
-Virtual / augmented reality
-Visualization research
-Voting systems
Infrastructure
Manufacturing
-Additive manufacturing
-Factory communications
-Factory operations planning and control
-Interoperability in manufacturing
-Machining
-Manufacturing economics
-Manufacturing systems design and analysis
-Monitoring, diagnostics and prognostics
-Process improvement
-Process measurement and control
-Product data
-Quality assurance
-Robotics in manufacturing
--Agility and adaptability
--Collaborative robots
--Dexterous grasping
--Manipulation
--Mobility and industrial autonomous vehicles
--Navigation / actuation / control
--Sensing and perception
-Supply chain
-Sustainable manufacturing
-Systems engineering
-Systems integration
-Technology commercialization
Materials
-Ceramics
-Composites
-Concrete / cement
-Materials characterization
--Composition and structure
--Mechanical properties
--Thermal properties
-Metals
-Modeling and computational material science
-Polymers
-Superconductors
Mathematics and statistics
-Experiment design
-Image and signal processing
-Modeling and simulation research
-Numerical methods and software
-Statistical analysis
-Uncertainty quantification
Metrology
-Amount of substance
-Dimensional metrology
-Electrical / electromagnetic metrology
-Flow metrology and rheology
-Force metrology
-Humidity metrology
-Ionizing radiation metrology
-Mass metrology
-Metric
-Optical / photometry / laser metrology
-Pressure and vacuum metrology
-Thermometry metrology
-Time and frequency metrology
-Weights and measures
Nanotechnology
-Nanobiotechnology
-Nanochemistry
-Nanoelectronics
-Nanofabrication / manufacturing
--Lithography
--Self-assembly
-Nanofluidics
-Nanomagnetics
-Nanomaterials
-Nanomechanics
-Nanometrology
-Nanophotonics
-Nanophysics
-Nanoplasmonics
Neutron research
Performance excellence
-Assessment tools and services
-Baldrige award
-Baldrige examiners
-Baldrige Framework and Criteria
-Best practices
-Leadership development
Physics
-Atomic / molecular / quantum
-Biological physics
-Condensed matter
-Electron physics
-Magnetics
-Nuclear physics
-Optical physics and communications
-Quantum information science
-Radiation
-Spectroscopy
-Thermodynamics
-Time and frequency
Public safety
-Chemical / Biological / Radiological / Nuclear / Explosives (CBRNE)
-First responder preparedness
-Law enforcement
-Public safety communications research
-Response robots
Resilience
-Community resilience
-Disaster and failure studies
-Earthquake risk reduction
-Resilience economics
-Resilient materials
-Windstorm impact reduction
Standards
-Accreditation
-Calibration services
-Conformity assessment
-Documentary standards
-Frameworks
-Reference data
-Reference instruments
-Reference materials
-Standards education
Transportation
-Aerospace
-Automotive