Showing papers on "Vulnerability (computing) published in 1998"

Information warfare and security

Abstract: I. INTRODUCTION. 1. Gulf War-Infowar. The Gulf War. Information Warfare. From Chicks to Chips. 2. A Theory of Information Warfare. Information Resources. The Value of Resources. Players. The Offense. The Defense. A Dual Role. Offensive Information Warfare. Increased Availability to Offensive Player. Decreased Availability to Defensive Player. Decreased Integrity. Other Classification Schemes. Defensive Information Warfare. Types of Defense. Information Security and Information Assurance. The CIA Model and Authorization. 3. Playgrounds to Battlegrounds. Play. Motivation. Culture. More than Child's Play. Crime. Intellectual Property Crimes. Fraud. Computer Fraud and Abuse. Fighting Crime. Individual Rights. National Security. Foreign Intelligence. War and Military Conflict. Terrorism. Netwars. Protecting National Infrastructures. II. OFFENSIVE INFORMATION WARFARE. 4. Open Sources. Open Source and Competitive Intelligence. Privacy. Snooping on People Through Open Sources. Web Browsing. Privacy Regulations. Piracy. Copyright Infringement. Trademark Infringement. Dark Sides. 5. Psyops and Perception Management. Lies and Distortions. Distortion. Fabrication. Hoaxes. Social Engineering. Denouncement. Conspiracy Theories. Defamation. Harassment. Advertising. Scams. Spam Wars. Censorship. United States Restrictions. 6. Inside the Fence. Traitors and Moles. State and Military Espionage. Economic Espionage. Corporate Espionage. Privacy Compromises. Business Relationships. Visits and Requests. Fraud and Embezzlement. Bogus Transactions. Data Diddling. Inside Sabotage. Physical Attacks. Software Attacks. Penetrating the Perimeter. Physical Break-ins and Burglaries. Search and Seizure. Dumpster Diving. Bombs. 7. Seizing the Signals. Eavesdropping on Conversations. Cellular Intercepts. Pager Intercepts. Law Enforcement Wiretaps. Foreign Intelligence Intercepts. Deciphering the Messages. Traffic Analysis. Pen Registers and Trap and Trace. Location Tracking. Telecommunications Fraud. Blue Boxes. PBX and Related Fraud. Voice Mail Fraud. Calling Card Fraud. Cloned Phones and Cellular Fraud. Computer Network Monitoring. Packet Sniffers. Keystroke Monitoring. Environment Surveillance. Cameras and Video. Satellites and Imagery. Van Eck Receptors. Miscellaneous Sensors. Shoulder Surfing. Privacy and Accountability. Sabotage. Tampering with Phone Service. Jamming. Radio Frequency Weapons. Physical Attacks. 8. Computer Break-Ins and Hacking. Accounts. Getting Access. Tools and Techniques. A Demonstration. Network Scanners. Packet Sniffers. Password Crackers. Buffer Overpows and Other Exploits. Social Engineering. Covering up Tracks. Information Theft. Gathering Trophies. More than Trophies. Tampering. Web Hacks. Domain Name Service Hacks. Takedown. Remote Shutdown. Extent. 9. Masquerade. Identity Theft. Forged Documents and Messages. E-Mail Forgeries. Forgeries in Spam. E-Mail Floods. IP Spoofing. Counterfeiting. Trojan Horses. Software Trojans. Riding the Web. E-Mail Relays. Chipping. Undercover Operations and Stings. 10. Cyberplagues. Viruses. Program Viruses. Boot Viruses. Macro Viruses. Concealment Techniques. Who Writes Viruses. Prevalence. Virus Hoaxes. Worms. III. DEFENSIVE INFORMATION WARFARE. 11. Secret Codes and Hideaways. Locks and Keys. Cryptography. Digital Ciphers. Code Breaking. Generation and Distribution of Keys. Public-Key Distribution and Diffie-Hellman. Public-Key Cryptography and RSA. Key Storage and Recovery. Applications of Encryption. The Limits of Encryption. Steganography. Anonymity. Sanitization. Trash Disposal. Shielding. 12. How to Tell a Fake. Biometrics. Passwords and Other Secrets. Integrity Checksums. Digital Signatures. Public-Key Management and Certificates. Watermarks. Call Back and Call Home. Location-based Authentication. Badges and Cards. 13. Monitors and Gatekeepers. Access Controls. Authorization Policies. Access Control Monitors. Limitations. Filters. Firewalls. Junk E-Mail Filters. Web Filters. Intrusion and Misuse Detection. Workplace Monitoring. Automated Detection. Computer Intrusion and Misuse Detection. Analogy with the Human Immune System. Detecting and Eradicating Viruses and Malicious Mobile Code. 14. In a Risky World. Vulnerability Monitoring. Finding Computer and Network Security Flaws. Monitoring Security Publications. Building It Secure. The Orange Book. The ITSEC and Common Criteria. Evaluation. Commercial Criteria. ICSA Certification. Accreditation. The Capability Maturity Model. Security Awareness and Training. Avoiding Single Points of Failure. Backups. Risk Management. Risk Assessment and Asset Valuation. Insurance. Benchmarking. Due Care and Liability. Incident Handling. Investigation and Assessment. Containment and Recovery. Improving Security. Notification. In-Kind Response. Legal and Civil Remedies. Economic and Military Response. Emergency Preparedness. Obstacles. 15. Defending the Nation. Generally Accepted System Security Principles. Protecting Critical Infrastructures. President's Commission on Critical Infrastructure Protection. Presidential Decision Directive. Encryption Policy. Code Making. Code Breaking. International Policies. U.S. Policy. Legal Challenges. Legislation. Encryption Policy in Perspective. Bibliography of Books. Endnotes. Index. 0201433036T04062001

Adaptive system and method for responding to computer network security attacks

Abstract: A dynamic network security system (20) responds to a security attack (92) on a computer network (22) having a multiplicity of computer nodes (24). The security system (20) includes a plurality of security agents (36) that concurrently detect occurrences of security events (50) on associated computer nodes (24). A processor (40) processes the security events (50) that are received from the security agents (36) to form an attack signature (94) of the attack (92). A network status display (42) displays multi-dimensional attack status information representing the attack (92) in a two dimensional image to indicate the overall nature and severity of the attack (92). The network status display (42) also includes a list of recommended actions (112) for mitigating the attack. The security system (20) is adapted to respond to a subsequent attack that has a subsequent signature most closely resembling the attack signature (94).

Software vulnerability analysis

Abstract: . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xiv

A practical approach to measuring assurance

Abstract: Assurance has been defined as "the degree of confidence that security needs are satisfied". The problem with this definition is that, unless one has a way to specify security needs in some measurable way, assurance cannot be expressed in a measurable way either. The definition leaves the practitioner with the challenge of determining what security needs are, whether or not they have been satisfied, and how to determine confidence. We define assurance as a measure of confidence in the accuracy of a risk or security measurement. A critical feature of the view of assurance presented is that it is orthogonal to the measurement of risk and security. High assurance ratings have traditionally been associated with high security and low risk. Our definition permits high assurance to be associated with low security and high risk as well. It also provides a way of deciding whether or not the assurance one has is sufficient.

Cool Ground for Aid Providers: Towards Better Security Management in Aid Agencies

Abstract: Although full statistics are lacking, there is an impression that aid personnel are increasingly at risk from random, criminal and even at times targeted violence. The argument here is that the current tendency to reduce an agency's vulnerability mainly through the use of protective procedures and devices may be necessary but is insufficient. Better practice in the management of security is an urgent need. Reducing vulnerability to attack is only one approach; deterring the threat of violence by counter-threat, or seeking increased acceptance for the agency's work and presence are two other approaches. Major skill development is required in the areas of conflict analysis and monitoring, threat assessment and incident analysis, since together these form the basis for appropriate security management. Improved analysis can then inform a conscious choice about which mixture of approaches is most appropriate in a specific context. The paper explores in some detail the factors that influence acceptance, but not the methods and basic principles in the use of counter-threat.

Operationally Oriented Vulnerability Requirements in the Ship Design Process

Abstract: For the first time in a top-level requirements document-the Land Attack Destroyer (DD 21) Operational Requirements Document (ORD)-the U.S. Navy has implemented performance requirements that relate ship vulnerability to threat weapon types and the level of mission capability remaining after a ship is hit. The Navy's Ship Operational Characteristics Study recommended an operational survivability standard of this type in 1988. It is needed to define clearly to the designer the levels of operational capability that must remain after a ship is hit, and to let decision makers know what to expect from ships they are buying. It also is needed to provide a benchmark against which the results of Live Fire Test and Evaluation (LFT&E) can be compared. This paper discusses various approaches for formulating operationally oriented vulnerability requirements (OOVRs), a way to balance OOVRs with susceptibility requirements, and how OOVRs can be implemented at the ship design level. The paper also discusses possible concerns associated with implementing OOVRs, and how they can be resolved. It recommends that OOVRs be implemented for each new U.S. Navy combatant ship acquisition program, including submarines.

Vulnerability of production systems with multi-supplier network: A case study

Abstract: Despite management capability and innovative production techniques, uncertainty and variability that affect production systems cannot be completely controlled or eliminated. Thus, it is important to evaluate the intrinsic system characteristics that are susceptible to the negative impact of unexpected or unavoidable disruptions on system performance. In this paper, we apply the concept of vulnerability to production systems in order to provide some insight into the effect of uncertainty and variability on system performance. In particular, a model of a production system with a multi-supply network that is subject to process uncertainty and product mix variability is used to analyse the effects of system vulnerability. A case study is used to demonstrate the effects of specific characteristics of a real production system that can render the system vulnerable. The approach demonstrates the difficulty of improving performance without appropriate changes in the product/process design and/or in operations mana...

Strength of Two Data Encryption Standard Implementations under Timing Attacks

Abstract: We study the vulnerability of several implementations of the Data Encryption Standard (DES) cryptosystem under a timing attack A timing attack is a method designed to break cryptographic systems that was recently proposed by Paul Kocher It exploits the engineering aspects involved in the implementation of cryptosystems and might succeed even against cryptosystems that remain impervious to sophisticated cryptanalytic techniques A timing attack is, essentially, a way of obtaining some user's private information by carefully measuring the time it takes the user to carry out cryptographic operations

Cyber-Terrorism: Modem Mayhem

Abstract: : America can no longer rely on broad oceans and a strong military to protect its homefront. The arrival of the information age has created a new menace cyber terrorism. This threat recognizes no boundaries, requires minimal resources to mount an attack, and leaves no human footprint at ground zero. This study addresses technology, identification procedures, and legal ambiguity as major issues, for countering cyber terrorism as an emerging challenge to U.S. national security. As America's reliance on computer technology increases, so does its vulnerability to cyber attacks.

Airport vulnerability assessment: an analytical approach

Abstract: The Airport Vulnerability Assessment Project (AVAP) is the direct result of congressional funding of recommendation 3.13 of the White House Commission on Aviation Safety and Security. This project takes a new approach to the assessment of U.S. commercial airports. AVAP uses automation, analytical methods and tools to evaluate vulnerability and risk, and to analyze cost/benefits in a more quantitative manner. This paper addresses both the process used to conduct this program, as well as a generalized look at the results, which have been achieved for the initial airport assessments. The process description covers the acquisition approach, the project structure, and a review of the various methodologies and tools being used by the sever performing organizations (Abacus Technology, Battelle, CTI, Lockwood Greene, Naval Facilities Engineering Service Center, SAIC, and Science & Engineering Associates). The tools described include ASSESS, SAM, RiskWatch, CASRAP, and AVAT. Included in the process is the utilization of an advisory panel made up predominantly of experts from the National Laboratories 9Sandia, Oak Ridge, Argonne and Brookhaven). The results portion addresses the findings and products resulting from the initial airport assessments. High level (unrestricted) summaries of the results are presented, along with initial trends in commonly recommended security improvements (countermeasures). Opportunities for the application of optics technology are identified.

DoD Security Needs and COTS-Based Systems

Abstract: : Integration and incorporation of COTS components into legacy and emerging systems has never been more attractive in the information industry. The COTS marketplace has become very competitive with the increased number of vendors and the increasing number of products offered. This, combined with ever increasing pressures to deliver systems sooner and cheaper, has only hastened the call to use COTS. However, it is also important to recognize that most markets are driven by that which can be sold to the largest audience, and that audience may not always share the same perspective or notional model as that of any one buyer (in this case the system integrator). Security is one such area of interest that managers and system integrators must address. Each may find themselves in dire straits trying to reconcile what the market has to offer and what the needs are of the information system. This monograph offers a heads-up to decision makers who are building information systems that have security constraints, who feel the market imperatives, and who want to make opportunistic use of what the market has to offer.

Airport vulnerability assessment-an analytical approach

Abstract: The Airport Vulnerability Assessment Project (AVAP), is the direct result of congressional funding of recommendation 3.13 of the White House Commission on Aviation Safety and Security. This project takes a new approach to the assessment of US commercial airports. AVAP uses automation analytical methods and tools to evaluate vulnerability and risk, and to analyze cost/benefits in a more quantitative manner. This paper addresses both the process used to conduct this program as well as an unclassified look at the results which have been achieved for the initial airport assessments. The process description covers the acquisition approach, the project structure, and a review of the various methodologies and tools being used by the 8 individual performing organizations (Battelle, BDM, SAIC, Lockwood Greene, CTI, Abacus Technology, Science and Engineering Associates, and the Naval Facilities Engineering Service Center). The tools described include ASSESS, SAM, RiskWatch, CASRAP and BlastFX. Included in the process is the establishment and use of an advisory panel made up predominantly of experts from the National Laboratories (Sandia, Oak Ridge Argonne and Brookhaven). The results portion addresses the findings and products resulting from the initial airport assessments.

Measuring the vulnerability of interconnection networks in embedded systems

Abstract: Studies of the fault-tolerance of graphs have tended to largely concentrate on classical graph connectivity. This measure is very basic, and conveys very little information for designers to use in selecting a suitable topology for the interconnection network in embedded systems. In this paper, we study the vulnerability of interconnection networks to the failure of individual links, using a set of four measures which, taken together, provide a much fuller characterization of the network. Moreover, while traditional studies typically limit themselves to uncorrelated link failures, our model deals with both uncorrelated and correlated failure modes. This is of practical significance, since quite often, failures in networks are correlated due to physical considerations.

Risk analysis tools for force protection and infrastructure/asset protection

Abstract: The Security Systems and Technology Center at Sandia National Laboratories has for many years been involved in the development and use of vulnerability assessment and risk analysis tools In particular, two of these tools, ASSESS and JTS, have been used extensively for Department of Energy facilities Increasingly, Sandia has been called upon to evaluate critical assets and infrastructures, support DoD force protection activities and assist in the protection of facilities from terrorist attacks using weapons of mass destruction Sandia is involved in many different activities related to security and force protection and is expanding its capabilities by developing new risk analysis tools to support a variety of users One tool, in the very early stages of development, is EnSURE, Engineered Surety Using the Risk Equation EnSURE addresses all of the risk equation and integrates the many components into a single, tool-supported process to help determine the most cost-effective ways to reduce risk This paper will briefly discuss some of these risk analysis tools within the EnSURE framework

Decision-Making with Conflicting Cartographic Information: The Case of Groundwater Vulnerability Maps

Abstract: Conflicting cartographic information can cause problems when used to support planning decisions. Creation of conflicting information is becoming more common as geographic visualization and modeling software are used to develop multiple maps that represent different views of the same data. This paper presents groundwater vulnerability mapping as an example of information conflicts of this type. Three different vulnerability models applied to the same test data produced radically different results. This information was presented to a group of local planners to examine how they would deal with the conflicts. Through this exercise it became apparent that each planner used highly individual criteria to evaluate the resuJts from the models. A continuum of strategies describes the range of responses from aspatial to spatial approaches. Jung's theory of psychological types is applied to further understand variation in responses. A venues for further research are suggested in the representation of cartographic information conflicts, the role of psychological types in decision-making with maps, and the role of group dynamics in decision-making with maps.

Intrusion Reaction: Recommendations for Obtaining Reaction Capabilities

Abstract: : The Command and Control (C2) Protect Mission-Oriented Investigation & Experimentation (MOIE) Project, sponsored by the Air Force, develops and promulgates resources to counter information warfare (IW) threats to military C2 computer networks. This report has been produced by the Intrusion Reaction task of the project. A growing threat to Air Force networks and computers is exploitative intrusion activity. One technological countermeasure to exploitative intrusion activity is intrusion reaction capability. But intrusion detection and reaction (IDR) systems in operation today do not provide a number of reaction features that might materially help the Air Force protect its networks and computers. This report recommends areas for effective Air Force investments in research, development, and investigation of reaction capabilities for defensive IDR systems. To develop its recommendations, the Intrusion Reaction task members compared the state of the art to an ideal set of capabilities. They based their ideal on their understanding of Air Force networks and current defensive information operations. In light of their review of pertinent facts and circumstances, the task members recommend that the Air Force research techniques and develop capabilities in three important areas where commercial coverage is not expected over the next several years: Analysis, Investigation, and Decision Support; Vulnerability Management; and Damage Management. They encourage vendors to enhance their products by adding capabilities in the categories of developing forensic and other data, domain adjustment, information collection, and self-adjustment. They also encourage vendors to improve their products' ability to provide alerts by developing the capability to correlate possible attacks and to discover unresolved attacks by review of logs.

Proliferation Risk Characterization Model Prototype Model - User and Programmer Guidelines

Abstract: A model for the estimation of the risk of diversion of weapons-capable materials was developed. It represents both the threat of diversion and site vulnerability as a product of a small number of variables (two to eight), each of which can take on a small number (two to four) of qualitatively defined (but quantitatively implemented) values. The values of the overall threat and vulnerability variables are then converted to threat and vulnerability categories. The threat and vulnerability categories are used to define the likelihood of diversion, also defined categorically. The evaluator supplies an estimate of the consequences of a diversion, defined categorically, but with the categories based on the IAEA Attractiveness levels. Likelihood and Consequences categories are used to define the Risk, also defined categorically. The threat, vulnerability, and consequences input provided by the evaluator contains a representation of his/her uncertainty in each variable assignment which is propagated all the way through to the calculation of the Risk categories. [Appendix G available on diskette only.]

Managing information security : achieving BS 7799

Abstract: Key controls and origins of BS 7799 how to assess your security requirements assessing risks, threats and vulnerability conducting business impact analysis planning corporate information security BS 7799 information security management BS 7799 accreditation scheme guidelines on the assessment process. (Part contents).

Managing Risk to the National Information Infrastructure

Abstract: : Now, more than ever, the survival of our information based society depends on the integrity of our National Information Infrastructure (NII). Our information systems are vulnerable to a wide spectrum of threat ranging from a dissatisfied employee to a coordinated transnational attack to gain strategic advantage. Interconnected military, government and civilian information systems throughout our critical infrastructures, with limited self- protection features, are susceptible and attractive targets. The NII suffers attack almost constantly and we must do better at dealing with the consequences of such attacks. The ends, ways and means of managing the consequences of malevolent intrusion into the NII are within the capabilities of the nation to implement. Our success at dealing with these assaults, thus preventing an adversary from gaining strategic advantage jeopardizing our way of life will hinge on taking action to resolve the technological, legal, and sociological impediments to information infrastructure protection.

2.1.1 Synthesis of an Anti‐Terrorist Air Transportation Security System

Abstract: The paper explores how a systems engineering methodology, based on a diagrammatic modeling approach which adopts a variety of viewpoints and perspectives, can be used to develop an initial understanding of the air transportation system (ATS) and an assessment of its susceptibility to terrorist threats. The ATS model is extended and refined in order to incorporate existing security systems, which can be assessed with regard to the susceptible components of the ATS. Similarly, the terrorist threat capability is modeled, providing a means by which future threats may be anticipated. Analysis of the interaction points between the systems allows the air transportation system's vulnerability to specific threats to be assessed. Since there are a large number of potential attack modes, there has to be some rationalization and down-selection in order to give focus to what are perceived to be the most serious threats. This focus leads to the identification of counter-measure concepts that can then be built into a comprehensive integrated security system. Clearly, this topic involves high levels of security restriction. It is not the intent of this paper to enter into confidential or classified topics, but rather to illustrate how a systems engineering approach can be utilized to provide a top-level introduction to the problem of countering terrorist threats to air transportation in order to synthesize a layered security system.

A comparative overview ofcryptographic voting protocols

Abstract: We shall deal with cryptosystems based on public-key cryptography and their applications to secret ballot elections. Six secret balloting schemes are discussed. These are compared with respect to criteria related to the possibility of voters to check that their votes have been correctly assigned, to the vulnerability of the protocols to electoral fraud of various sorts, and to the vulnerability of protocols to vote selling.