U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Publications

Search Publications by

Doug Montgomery (Fed)

Search Title, Abstract, Conference, Citation, Keyword or Author
Displaying 1 - 25 of 39

Securing Small-Business and Home Internet of Things (IoT) Devices: Mitigating Network-Based Attacks Using Manufacturer Usage Description (MUD)

May 26, 2021
Author(s)
Murugiah Souppaya, Douglas Montgomery, William Polk, Mudumbai Ranganathan, Donna Dodson, William Barker, Steve Johnson, Ashwini Kadam, Craig Pratt, Darshak Thakore, Mark Walker, Eliot Lear, Brian Weis, Dean Coclin, Avesta Hojjati, Clint Wilson, Tim Jones, Adnan Baykal, Drew Cohen, Kevin Yeich, Yemi Fashima, Parisa Grayeli, Joshua Harrington, Joshua Klosterman, Blaine Mulugeta, Susan Symington, Jaideep Singh
The goal of the Internet Engineering Task Force's Manufacturer Usage Description (MUD) specification is for Internet of Things (IoT) devices to behave as intended by the manufacturers of the devices. MUD provides a standard way for manufacturers to

NIST IPv6 Profile

November 24, 2020
Author(s)
Douglas C. Montgomery, Mark E. Carson, Timothy Winters, Michayla Newcombe, Timothy Carlin
This profile establishes a basic taxonomy of IPv6 capabilities, defined in terms of IETF specifications, resulting in specific capability labels for common network functions and usage scenarios. The profile maps each such labeled capability to one or more

NISTv6 Capabilities Table

November 24, 2020
Author(s)
Douglas C. Montgomery, Timothy Winters
The NISTv6 Capabilities Table (NCT) provides a concise tabular summary of the technical requirements of the NISTv6 profile. For ease of reference, the NCT is maintained as supplemental information to this profile and provided in a separate document.

USGv6 Capabilities Table

November 24, 2020
Author(s)
Douglas C. Montgomery, Timothy Winters
The USGv6 Capabilities Table (UCT) provides a concise tabular summary of the technical requirements of the USGv6 profile. For ease of reference, the UCT is maintained as supplemental information to this profile and provided in a separate document.

USGv6 Profile

November 24, 2020
Author(s)
Douglas C. Montgomery, Mark E. Carson, Timothy Winters, Michayla Newcombe, Timothy Carlin
This profile establishes a basic taxonomy of IPv6 capabilities, defined in terms of IETF specifications, resulting in specific capability labels for common network functions and usage scenarios. The profile maps each such labeled capability to one or more

USGv6 Profile Supplier's Declaration of Conformity

November 24, 2020
Author(s)
Douglas C. Montgomery, Michayla Newcombe
The USGv6 Profile SDoC captures the results of conformance, interoperability and functional tests conducted and provides traceability back to the accredited laboratory and the methods used to test. The SDoC provides the flexibility necessary to deal with

USGv6 Test Methods: General Description and Validation

November 24, 2020
Author(s)
Douglas C. Montgomery, Erica Johnson, Michayla Newcombe, Timothy Winters
This document defines the scope of accreditation for the USGv6 Test program, including test method validation procedures, laboratory accreditation process and roles of the accreditor.

USGv6 Test Program Guide

November 24, 2020
Author(s)
Douglas C. Montgomery, Erica Johnson, Michayla Newcombe, Timothy Winters
This document outlines the form and function of the USGv6 Test Program. In particular, it defines the components of the test program, their implementation and use. This guide also defines the management process that will govern the future evolution of the

Resilient Interdomain Traffic Exchange: BGP Security and DDos Mitigation

December 17, 2019
Author(s)
Kotikalapudi Sriram, Douglas C. Montgomery
In recent years, numerous routing control plane anomalies, such as Border Gateway Protocol (BGP) prefix hijacking and route leaks, have resulted in denial-of-service (DoS), unwanted data traffic detours, and performance degradation. Large-scale distributed

BotSifter: A SDN-based Online Bot Detection Framework in Data Centers

June 10, 2019
Author(s)
An Wang, Zili Zha, Yang Guo, Douglas Montgomery, Songqing Chen
Botnets continue to be one of the most severe security threats plaguing the Internet. Recent years have witnessed the emergence of cloud-hosted botnets along with the increasing popularity of cloud platforms, which attracted not only various applications

A General Methodology for Deriving Network Propagation Models of Computer Worms

February 14, 2019
Author(s)
Shuvo Bardhan, Douglas C. Montgomery, James J. Filliben, Nathanael A. Heckert
Externally-launched computer worms which maliciously propagate within networks are one of the most serious and dangerous security threats facing the commercial, political, military, and research community today. With an eye to the ultimate goal of

Instrumenting Open vSwitch with Monitoring Capabalities: Designs and Challenges

March 28, 2018
Author(s)
Zili Zha, An Wang, Yang Guo, Douglas C. Montgomery, Songqing Chen
The recent advances on Software-Defined Networking (SDN) have made flexible and programmable network measurement possible. A promising trend is to conduct network traffic measurement on the widely deployed Open vSwitches (OVS) in data centers. However

vPROM: vSwitch Enhanced Programmable Measurement in SDN

October 10, 2017
Author(s)
An Wang, Yang Guo, Songqing Chen, Fang Hao, T.V. Lakshman, Douglas C. Montgomery, Kotikalapudi Sriram
Network programmability is a salient feature of Software Defined Networking (SDN), which allows users to program network applications with the perception that the underlying network is a single device. While still at an early stage of development, SDN

A Comparative Analysis of BGP Anomaly Detection and Robustness Algorithms

January 28, 2009
Author(s)
Kotikalapudi Sriram, Oliver Borchert, Patrick Gleichmann, Douglas C. Montgomery
We present an evaluation methodology for comparison of existing and proposed new algorithms for Border Gateway Protocol (BGP) anomaly detection and robustness. A variety of algorithms and alert tools have been proposed and/or prototyped recently. They

Architectural Considerations for Mapping Distribution Protocols

August 1, 2008
Author(s)
Kotikalapudi Sriram, Young-Tak Kim, Douglas C. Montgomery
In this paper, we present a discussion of some architectural ideas pertaining to the mapping distribution protocol. The efficiency of this protocol in terms of response time and the volume of traffic load it generates are important considerations. We

A Profile for IPv6 in the U.S. Government - Version 1.0

July 1, 2008
Author(s)
Douglas C. Montgomery, J. S. Nightingale, Sheila E. Frankel, Mark E. Carson
This publication seeks to assist Federal agencies in formulating plans for the acquisition of IPv6 technologies. To achieve this, we define a standards profile for IPv6 in the USG that is intended to be applicable to all future uses of IPv6 in non-

Border Gateway Protocol Security

July 17, 2007
Author(s)
D. Richard Kuhn, Kotikalapudi Sriram, Douglas Montgomery
This document introduces the Border Gateway Protocol (BGP), explains its importance to the internet, and provides a set of best practices that can help in protecting BGP. Best practices described here are intended to be implementable on nearly all

Programmable Active Services for SIP

October 1, 2006
Author(s)
Jean Deruelle, Mudumbai Ranganathan, Douglas C. Montgomery
We have implemented a quantum key distribution (QKD) system with polarization encoding at 850 nm over 1 km of optical fiber. The high-speed management of the bit-stream, generation of random numbers and processing of the sifting algorithm are all handled

Study of BGP Peering Session Attacks and Their Impacts on Routing Performance

October 1, 2006
Author(s)
Kotikalapudi Sriram, Douglas C. Montgomery, Oliver Borchert, Okhee Kim, David R. Kuhn
We present a detailed study of the potential impact of BGP peering session attacks and the resulting exploitation of Route Flap Damping (RFD) that cause network-wide routing disruptions. We consider canonical grid as well as down-sampled realistic