Publications

Displaying 1 - 25 of 42

Machine Learning-Based Algorithmically Generated Domain Detection

May 1, 2022

Author(s)

Zheng Wang, Yang Guo, Douglas Montgomery

Malware like botnets typically uses domain generation algorithms (DGAs) to dynamically produce a large number of random algorithmically generated domains (AGDs) and use a few of them to communicate with the command and control servers. AGD detection

Use of Supervised Machine Learning to Detect Abuse of COVID-19 Related Domain Names

May 1, 2022

Author(s)

Zheng Wang, Douglas Montgomery

A comprehensive evaluation of supervised machine learning models for the COVID-19 related domain name detection is presented. One representative conventional machine learning implementation and nineteen state-of-the-art deep learning implementations are

BGP Secure Routing Extension (BGP-SRx): Reference Implementation and Test Tools for Emerging BGP Security Standards

September 15, 2021

Author(s)

Oliver Borchert, Kyehwan Lee, Kotikalapudi Sriram, Douglas Montgomery, Patrick Gleichmann

In this paper, we first describe the problem space. Following that, we describe the design and implementation of the NIST reference implementation for RPKI-based route origin validation (BGP-OV) and BGPsec path validation (BGP-PV) within a BGP router. The

Securing Small-Business and Home Internet of Things (IoT) Devices: Mitigating Network-Based Attacks Using Manufacturer Usage Description (MUD)

May 26, 2021

Author(s)

Murugiah Souppaya, Douglas Montgomery, Tim Polk, Mudumbai Ranganathan, Donna Dodson, William Barker, Steve Johnson, Ashwini Kadam, Craig Pratt, Darshak Thakore, Mark Walker, Eliot Lear, Brian Weis, Dean Coclin, Avesta Hojjati, Clint Wilson, Tim Jones, Adnan Baykal, Drew Cohen, Kevin Yeich, Yemi Fashima, Parisa Grayeli, Joshua Harrington, Joshua Klosterman, Blaine Mulugeta, Susan Symington, Jaideep Singh

The goal of the Internet Engineering Task Force's Manufacturer Usage Description (MUD) specification is for Internet of Things (IoT) devices to behave as intended by the manufacturers of the devices. MUD provides a standard way for manufacturers to

An Evaluation Design for Comparing Netflow Based Network Anomaly Detection Systems Using Synthetic Malicious Traffic

March 2, 2021

Author(s)

Shuvo Bardhan, Mitsuhiro Hatada, James Filliben, Douglas Montgomery, Alexander Jia

In this paper, we present an evaluation procedure for comparing multiple netflow based network anomaly detection (NF-NAD) systems based on accuracy of detection and mean time of detection. Conventionally, different variations of benign or normal traffic

NIST IPv6 Profile

November 24, 2020

Author(s)

Douglas C. Montgomery, Mark E. Carson, Timothy Winters, Michayla Newcombe, Timothy Carlin

This profile establishes a basic taxonomy of IPv6 capabilities, defined in terms of IETF specifications, resulting in specific capability labels for common network functions and usage scenarios. The profile maps each such labeled capability to one or more

NISTv6 Capabilities Table

November 24, 2020

Author(s)

Douglas C. Montgomery, Timothy Winters

The NISTv6 Capabilities Table (NCT) provides a concise tabular summary of the technical requirements of the NISTv6 profile. For ease of reference, the NCT is maintained as supplemental information to this profile and provided in a separate document.

USGv6 Capabilities Table

November 24, 2020

Author(s)

Douglas C. Montgomery, Timothy Winters

The USGv6 Capabilities Table (UCT) provides a concise tabular summary of the technical requirements of the USGv6 profile. For ease of reference, the UCT is maintained as supplemental information to this profile and provided in a separate document.

USGv6 Profile

November 24, 2020

Author(s)

Douglas C. Montgomery, Mark E. Carson, Timothy Winters, Michayla Newcombe, Timothy Carlin

USGv6 Test Methods: General Description and Validation

November 24, 2020

Author(s)

Douglas C. Montgomery, Erica Johnson, Michayla Newcombe, Timothy Winters

This document defines the scope of accreditation for the USGv6 Test program, including test method validation procedures, laboratory accreditation process and roles of the accreditor.

USGv6 Test Program Guide

November 24, 2020

Author(s)

Douglas C. Montgomery, Erica Johnson, Michayla Newcombe, Timothy Winters

This document outlines the form and function of the USGv6 Test Program. In particular, it defines the components of the test program, their implementation and use. This guide also defines the management process that will govern the future evolution of the

USGv6 Profile Supplier's Declaration of Conformity

November 23, 2020

Author(s)

Douglas Montgomery, Michayla Newcombe

The USGv6 Profile SDoC captures the results of conformance, interoperability and functional tests conducted and provides traceability back to the accredited laboratory and the methods used to test. The SDoC provides the flexibility necessary to deal with

Resilient Interdomain Traffic Exchange: BGP Security and DDos Mitigation

December 17, 2019

Author(s)

Kotikalapudi Sriram, Douglas C. Montgomery

In recent years, numerous routing control plane anomalies, such as Border Gateway Protocol (BGP) prefix hijacking and route leaks, have resulted in denial-of-service (DoS), unwanted data traffic detours, and performance degradation. Large-scale distributed

Protecting the Integrity of Internet Routing: Border Gateway Protocol (BGP) Route Origin Validation

June 28, 2019

Author(s)

William A. Haag Jr., Douglas C. Montgomery, Allen Y. Tan, William C. Barker

The Border Gateway Protocol (BGP) is the default routing protocol to route traffic among internet domains. While BGP performs adequately in identifying viable paths that reflect local routing policies and preferences to destinations, the lack of built-in

BotSifter: A SDN-based Online Bot Detection Framework in Data Centers

June 9, 2019

Author(s)

An Wang, Zili Zha, Yang Guo, Douglas Montgomery, Songqing Chen

Botnets continue to be one of the most severe security threats plaguing the Internet. Recent years have witnessed the emergence of cloud-hosted botnets along with the increasing popularity of cloud platforms, which attracted not only various applications

Soft MUD: Implementing Manufacturer Usage Descriptions on OpenFlow SDN Switches

March 24, 2019

Author(s)

Mudumbai Ranganathan, Douglas Montgomery, Omar Ilias El Mimouni

Manufacturer Usage Descriptions are generalized network Access Control Lists (ACL) that allow manufacturers to declare intended communication patterns for devices (Things). MUD-enabled Things are restricted to only communicate in the manner intended by the

A General Methodology for Deriving Network Propagation Models of Computer Worms

February 14, 2019

Author(s)

Shuvo Bardhan, Douglas C. Montgomery, James J. Filliben, Nathanael A. Heckert

Externally-launched computer worms which maliciously propagate within networks are one of the most serious and dangerous security threats facing the commercial, political, military, and research community today. With an eye to the ultimate goal of

Instrumenting Open vSwitch with Monitoring Capabalities: Designs and Challenges

March 28, 2018

Author(s)

Zili Zha, An Wang, Yang Guo, Douglas C. Montgomery, Songqing Chen

The recent advances on Software-Defined Networking (SDN) have made flexible and programmable network measurement possible. A promising trend is to conduct network traffic measurement on the widely deployed Open vSwitches (OVS) in data centers. However

vPROM: vSwitch Enhanced Programmable Measurement in SDN

October 10, 2017

Author(s)

An Wang, Yang Guo, Songqing Chen, Fang Hao, T.V. Lakshman, Douglas C. Montgomery, Kotikalapudi Sriram

Network programmability is a salient feature of Software Defined Networking (SDN), which allows users to program network applications with the perception that the underlying network is a single device. While still at an early stage of development, SDN

Design and Analysis of Optimization Algorithms to Minimize Cryptographic Processing in BGP Security Protocols

July 1, 2017

Author(s)

Vinay Sriram, Douglas Montgomery

The Internet is subject to attacks due to vulnerabilities in its routing protocols. One proposed approach to attain greater security is to cryptographically protect network reachability announcements exchanged between Border Gateway Protocol (BGP) routers

Performance Comparisons of BGP Anomaly Detection and Robustness Algorithms

March 17, 2009

Author(s)

Kotikalapudi Sriram, Douglas C. Montgomery, Oliver Borchert, Patrick Gleichmann, Okhee Kim

A Comparative Analysis of BGP Anomaly Detection and Robustness Algorithms

January 28, 2009

Author(s)

Kotikalapudi Sriram, Oliver Borchert, Patrick Gleichmann, Douglas C. Montgomery

We present an evaluation methodology for comparison of existing and proposed new algorithms for Border Gateway Protocol (BGP) anomaly detection and robustness. A variety of algorithms and alert tools have been proposed and/or prototyped recently. They

Architectural Considerations for Mapping Distribution Protocols

August 1, 2008

Author(s)

Kotikalapudi Sriram, Young-Tak Kim, Douglas C. Montgomery

In this paper, we present a discussion of some architectural ideas pertaining to the mapping distribution protocol. The efficiency of this protocol in terms of response time and the volume of traffic load it generates are important considerations. We

A Profile for IPv6 in the U.S. Government - Version 1.0

July 1, 2008

Author(s)

Douglas C. Montgomery, J. S. Nightingale, Sheila E. Frankel, Mark E. Carson

This publication seeks to assist Federal agencies in formulating plans for the acquisition of IPv6 technologies. To achieve this, we define a standards profile for IPv6 in the USG that is intended to be applicable to all future uses of IPv6 in non-

Border Gateway Protocol Security

July 17, 2007

Author(s)

D. Richard Kuhn, Kotikalapudi Sriram, Douglas Montgomery

This document introduces the Border Gateway Protocol (BGP), explains its importance to the internet, and provides a set of best practices that can help in protecting BGP. Best practices described here are intended to be implementable on nearly all

Search Publications by: Doug Montgomery (Fed)