Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Publications

Search Publications by Matthew Scholl

Search Title, Abstract, Conference, Citation, Keyword or Author
Displaying 1 - 11 of 11

An Empirical Study on Flow-based Botnet Attacks Prediction

October 22, 2020
Author(s)
Mitsuhiro Hatada, Matthew A. Scholl
In the era of the Internet of Things, botnet threats are rising, which has prompted many studies on botnet detection and measurement. In contrast, this study aims to predict botnet attacks, such as massive spam emails and distributed denial-of-service

Security Considerations for Exchanging Files Over the Internet

August 3, 2020
Author(s)
Karen Scarfone, Matthew A. Scholl, Murugiah P. Souppaya
Every day, in order to perform their jobs, workers exchange files over the Internet through email attachments, file sharing services, and other means. To help organizations reduce potential exposure of sensitive information, NIST has released a new

Guidelines for Media Sanitization

December 17, 2014
Author(s)
Richard L. Kissel, Andrew R. Regenscheid, Matthew A. Scholl, Kevin M. Stine
Media sanitization refers to a process that renders access to target data on the media infeasible for a given level of effort. This guide will assist organizations and system owners in making practical sanitization decisions based on the categorization of

Information Security Continuous Monitoring (ISCM) for Federal Information Systems and Organizations

September 30, 2011
Author(s)
Kelley L. Dempsey, L A. Johnson, Matthew A. Scholl, Kevin M. Stine, Alicia Clay Jones, Angela Orebaugh, Nirali S. Chawla, Ronald Johnston
The purpose of this guideline is to assist organizations in the development of a continuous monitoring strategy and the implementation of a continuous monitoring program providing visibility into organizational assets, awareness of threats and

Security Architecture Design Process for Health Information Exchanges (HIEs)

September 30, 2010
Author(s)
Matthew A. Scholl, Kevin M. Stine, Kenneth Lin, Daniel Steinberg
The purpose of this publication is to provide a systematic approach to designing a technical security architecture for the exchange of health information that leverages common government and commercial practices and that demonstrates how these practices

E-mail Security: an Overview of Threats and Safeguards

April 1, 2010
Author(s)
Kevin M. Stine, Matthew A. Scholl
This publication discusses, at a high level, the ubiquitous threats facing email systems today and impresses the need to secure these systems. This article will provide high level tips and techniques for securing email systems and point to resources that

An Introductory Resource Guide for Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule

October 22, 2008
Author(s)
Matthew A. Scholl, Kevin M. Stine, Joan Hash, Pauline Bowen, L A. Johnson, Carla Dancy Smith, Daniel Steinberg
Special Publication 800-66 Rev. 1, An Introductory Resource Guide for Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule, which discusses security considerations and resources that may provide value when implementing

Security Considerations in the System Development Life Cycle

October 16, 2008
Author(s)
Richard L. Kissel, Kevin M. Stine, Matthew A. Scholl, Hart Rossman, J Fahlsing, Jessica Gulick
The purpose of this guideline is to assist agencies in building security into their IT development processes. This should result in more cost-effective, risk-appropriate security control identification, development, and testing. This guide focuses on the

Guidelines for Media Sanitization

September 1, 2006
Author(s)
Richard L. Kissel, Matthew A. Scholl, Steven Skolochenko, Xiang Li
Information systems capture, process, and store information using a wide variety of media. This information is located not only on the intended storage media but also on devices used to create, process, or transmit this information. These media may require

Computer Security Division 2005 Annual Report

February 1, 2006
Author(s)
Tanya L. Brewer, Matthew A. Scholl
This report covers the work conducted within the National Institute of Standards and Technology's Computer Security Division during the Fiscal Year 2005. It discusses all projects and programs within the Division, staff highlights, and publications. For