Pub Date : 2010-12-03DOI: 10.1109/THS.2010.5654959
K. Saeger, L. Cuéllar
Nuclear weapons proliferation is an existing and growing worldwide problem. To help with devising strategies and supporting decisions to interdict the transport of nuclear material, we developed the Pathway Analysis, Threat Response and Interdiction Options Tool (PATRIOT) that provides an analytical approach for evaluating the probability that an adversary smuggling radioactive or special nuclear material will be detected during transit. We incorporate a global, multi-modal transportation network, explicit representation of designed and serendipitous detection opportunities, and multiple threat devices, material types, and shielding levels. This paper presents the general structure of PATRIOT, and focuses on the theoretical framework used to model the reliabilities of all network components that are used to predict the most likely pathways to the target.
{"title":"Modeling most likely pathways for smuggling radioactive and special nuclear materials on a worldwide multimodal transportation network","authors":"K. Saeger, L. Cuéllar","doi":"10.1109/THS.2010.5654959","DOIUrl":"https://doi.org/10.1109/THS.2010.5654959","url":null,"abstract":"Nuclear weapons proliferation is an existing and growing worldwide problem. To help with devising strategies and supporting decisions to interdict the transport of nuclear material, we developed the Pathway Analysis, Threat Response and Interdiction Options Tool (PATRIOT) that provides an analytical approach for evaluating the probability that an adversary smuggling radioactive or special nuclear material will be detected during transit. We incorporate a global, multi-modal transportation network, explicit representation of designed and serendipitous detection opportunities, and multiple threat devices, material types, and shielding levels. This paper presents the general structure of PATRIOT, and focuses on the theoretical framework used to model the reliabilities of all network components that are used to predict the most likely pathways to the target.","PeriodicalId":106557,"journal":{"name":"2010 IEEE International Conference on Technologies for Homeland Security (HST)","volume":"43 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-12-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132022586","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2010-12-03DOI: 10.1109/THS.2010.5655025
R. Narayanaswami, Avinash Gandhe, A. Tyurina, R. Mehra
In this paper we examine novel signal processing algorithms that utilize wavelet statistics, spectral statistics and power spectral density in addition to cadence and kurtosis for robust discrimination of humans and animals in an Unattended Ground Sensor (UGS) field. The wavelet statistics are based on the average, variance and energy of the third scale residue. The spectral statistics are based on amplitude and shape features. A learning classifier approach is used for discrimination. Training data consists of scripted events with humans walking/running along known paths; as well as riders on horses and moving vehicles on a two node sensor network. Natural events are recorded when animals, such as cows, coyotes, rabbits and kangaroo rats are in the vicinity of the sensor nodes. Each node has a three axis accelerometer and a three axis geophone and one node has a low frequency geophone in addition. In our work we use the C4.5 classifier which is a tree-based classifier and is capable of modeling complex decision surfaces while simultaneously limiting the complexity of the trees through pruning schemes. The classifier is tested on test data and the performance results are very promising — results indicate that UGS-only systems are indeed feasible for border security. The development of a successful signal processing solution to better discriminate between humans and animals would be very valuable to the Department of Homeland Security and our paper will summarize these new results.
{"title":"Sensor fusion and feature-based human/animal classification for Unattended Ground Sensors","authors":"R. Narayanaswami, Avinash Gandhe, A. Tyurina, R. Mehra","doi":"10.1109/THS.2010.5655025","DOIUrl":"https://doi.org/10.1109/THS.2010.5655025","url":null,"abstract":"In this paper we examine novel signal processing algorithms that utilize wavelet statistics, spectral statistics and power spectral density in addition to cadence and kurtosis for robust discrimination of humans and animals in an Unattended Ground Sensor (UGS) field. The wavelet statistics are based on the average, variance and energy of the third scale residue. The spectral statistics are based on amplitude and shape features. A learning classifier approach is used for discrimination. Training data consists of scripted events with humans walking/running along known paths; as well as riders on horses and moving vehicles on a two node sensor network. Natural events are recorded when animals, such as cows, coyotes, rabbits and kangaroo rats are in the vicinity of the sensor nodes. Each node has a three axis accelerometer and a three axis geophone and one node has a low frequency geophone in addition. In our work we use the C4.5 classifier which is a tree-based classifier and is capable of modeling complex decision surfaces while simultaneously limiting the complexity of the trees through pruning schemes. The classifier is tested on test data and the performance results are very promising — results indicate that UGS-only systems are indeed feasible for border security. The development of a successful signal processing solution to better discriminate between humans and animals would be very valuable to the Department of Homeland Security and our paper will summarize these new results.","PeriodicalId":106557,"journal":{"name":"2010 IEEE International Conference on Technologies for Homeland Security (HST)","volume":"86 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-12-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123249549","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2010-12-03DOI: 10.1109/THS.2010.5655057
A. Malik, Ross Maciejewski, Timothy F. Collins, D. Ebert
We present VALET, a Visual Analytics Law Enforcement Toolkit for analyzing spatiotemporal law enforcement data. VALET provides users with a suite of analytical tools coupled with an interactive visual interface for data exploration and analysis. This system includes linked views and interactive displays that spatiotemporally model criminal, traffic and civil (CTC) incidents and allows officials to observe patterns and quickly identify regions with higher probabilities of activity. Our toolkit provides analysts with the ability to visualize different types of data sets (census data, daily weather reports, zoning tracts, prominent calendar dates, etc.) that provide an insight into correlations among CTC incidents and spatial demographics. In the spatial domain, we have implemented a kernel density estimation mapping technique that creates a color map of spatially distributed CTC events that allows analysts to quickly find and identify areas with unusually large activity levels. In the temporal domain, reports can be aggregated by day, week, month or year, allowing the analysts to visualize the CTC activities spatially over a period of time. Furthermore, we have incorporated temporal prediction algorithms to forecast future CTC incident levels within a 95% confidence interval. Such predictions aid law enforcement officials in understanding how hotspots may grow in the future in order to judiciously allocate resources and take preventive measures. Our system has been developed using actual law enforcement data and is currently being evaluated and refined by a consortium of law enforcement agencies.
{"title":"Visual Analytics Law Enforcement Toolkit","authors":"A. Malik, Ross Maciejewski, Timothy F. Collins, D. Ebert","doi":"10.1109/THS.2010.5655057","DOIUrl":"https://doi.org/10.1109/THS.2010.5655057","url":null,"abstract":"We present VALET, a Visual Analytics Law Enforcement Toolkit for analyzing spatiotemporal law enforcement data. VALET provides users with a suite of analytical tools coupled with an interactive visual interface for data exploration and analysis. This system includes linked views and interactive displays that spatiotemporally model criminal, traffic and civil (CTC) incidents and allows officials to observe patterns and quickly identify regions with higher probabilities of activity. Our toolkit provides analysts with the ability to visualize different types of data sets (census data, daily weather reports, zoning tracts, prominent calendar dates, etc.) that provide an insight into correlations among CTC incidents and spatial demographics. In the spatial domain, we have implemented a kernel density estimation mapping technique that creates a color map of spatially distributed CTC events that allows analysts to quickly find and identify areas with unusually large activity levels. In the temporal domain, reports can be aggregated by day, week, month or year, allowing the analysts to visualize the CTC activities spatially over a period of time. Furthermore, we have incorporated temporal prediction algorithms to forecast future CTC incident levels within a 95% confidence interval. Such predictions aid law enforcement officials in understanding how hotspots may grow in the future in order to judiciously allocate resources and take preventive measures. Our system has been developed using actual law enforcement data and is currently being evaluated and refined by a consortium of law enforcement agencies.","PeriodicalId":106557,"journal":{"name":"2010 IEEE International Conference on Technologies for Homeland Security (HST)","volume":"11 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-12-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121307970","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2010-12-03DOI: 10.1109/THS.2010.5655034
P. Pratap, Jarrod M. Kallberg, Lauren A. Thomas
Monitoring long lengths of remote borders with ground surveillance methods, presents many challenges. This paper will discuss three in particular that must be addressed in order to build an effective remote ground surveillance system. The three issues are: (1) providing reliable and efficient power, (2) providing adequate and timely maintenance to minimize downtime, and (3) networking systems for effective data transmission. A well planned remote ground surveillance system that overcomes each of these three challenges will provide a cost-effective solution requiring minimal support infrastructure solution to meet border monitoring and protection needs.
{"title":"Challenges of remote border monitoring","authors":"P. Pratap, Jarrod M. Kallberg, Lauren A. Thomas","doi":"10.1109/THS.2010.5655034","DOIUrl":"https://doi.org/10.1109/THS.2010.5655034","url":null,"abstract":"Monitoring long lengths of remote borders with ground surveillance methods, presents many challenges. This paper will discuss three in particular that must be addressed in order to build an effective remote ground surveillance system. The three issues are: (1) providing reliable and efficient power, (2) providing adequate and timely maintenance to minimize downtime, and (3) networking systems for effective data transmission. A well planned remote ground surveillance system that overcomes each of these three challenges will provide a cost-effective solution requiring minimal support infrastructure solution to meet border monitoring and protection needs.","PeriodicalId":106557,"journal":{"name":"2010 IEEE International Conference on Technologies for Homeland Security (HST)","volume":"16 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-12-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125236446","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2010-12-03DOI: 10.1109/THS.2010.5655063
D. McGarry, C. Y. Chen
Traditionally, during a disaster response, primary reliance is on voice over radio communication along with pen and paper notes for situational awareness. This paper explores our research regarding emergency data interoperability, seeks to connect decision makers, operators/responders, and additional stakeholders through the development and application of standardized data messaging formats. In addition, we have investigated ways to route and expose emergency message data in ways that are complimentary to the current business processes of emergency response. This paper will discuss the use and implementation of data interoperability standards in this system, focused primarily on the use of a single top-level loose coupler used for dynamic routing and exposure of operational level Emergency Services / First Responder. Our IC.NET prototype implements payloads that include data specific to Emergency Medical Services such as incident representation, unit tasking, and triage, treatment, and transport tracking of emergency patients.
{"title":"IC.NET — Incident Command “Net”: A system using EDXL-DE for intelligent message routing","authors":"D. McGarry, C. Y. Chen","doi":"10.1109/THS.2010.5655063","DOIUrl":"https://doi.org/10.1109/THS.2010.5655063","url":null,"abstract":"Traditionally, during a disaster response, primary reliance is on voice over radio communication along with pen and paper notes for situational awareness. This paper explores our research regarding emergency data interoperability, seeks to connect decision makers, operators/responders, and additional stakeholders through the development and application of standardized data messaging formats. In addition, we have investigated ways to route and expose emergency message data in ways that are complimentary to the current business processes of emergency response. This paper will discuss the use and implementation of data interoperability standards in this system, focused primarily on the use of a single top-level loose coupler used for dynamic routing and exposure of operational level Emergency Services / First Responder. Our IC.NET prototype implements payloads that include data specific to Emergency Medical Services such as incident representation, unit tasking, and triage, treatment, and transport tracking of emergency patients.","PeriodicalId":106557,"journal":{"name":"2010 IEEE International Conference on Technologies for Homeland Security (HST)","volume":"44 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-12-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122419200","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2010-12-03DOI: 10.1109/THS.2010.5655090
Samuel A. Merrell, A. Moore, James F. Stevens
Undertaking a comprehensive cybersecurity risk assessment of the networks and systems of a single infrastructure, or even a single organization of moderate size, requires significant resources. Efforts to simplify the assessment instrument usually obscure the ultimate goal of the assessment and the motivations for the assessment questions. This can make it difficult for assessors to justify the questions and can undermine the credibility of the assessment in the eyes of the organizations assessed. This paper describes the use of assurance cases to help address these problems. Viewing an assessment approach in terms of an assurance case clarifies the underlying motivation for the assessment and supports more rigorous analysis. The paper also shows how the assurance case method has been used to guide the development of an assessment approach called the Cyber Resilience Review (CRR), developed for the U.S. Department of Homeland Security.
{"title":"Goal-based assessment for the cybersecurity of critical infrastructure","authors":"Samuel A. Merrell, A. Moore, James F. Stevens","doi":"10.1109/THS.2010.5655090","DOIUrl":"https://doi.org/10.1109/THS.2010.5655090","url":null,"abstract":"Undertaking a comprehensive cybersecurity risk assessment of the networks and systems of a single infrastructure, or even a single organization of moderate size, requires significant resources. Efforts to simplify the assessment instrument usually obscure the ultimate goal of the assessment and the motivations for the assessment questions. This can make it difficult for assessors to justify the questions and can undermine the credibility of the assessment in the eyes of the organizations assessed. This paper describes the use of assurance cases to help address these problems. Viewing an assessment approach in terms of an assurance case clarifies the underlying motivation for the assessment and supports more rigorous analysis. The paper also shows how the assurance case method has been used to guide the development of an assessment approach called the Cyber Resilience Review (CRR), developed for the U.S. Department of Homeland Security.","PeriodicalId":106557,"journal":{"name":"2010 IEEE International Conference on Technologies for Homeland Security (HST)","volume":"125 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-12-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114643565","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2010-12-03DOI: 10.1109/THS.2010.5654958
M. King, B. Harris, Maurice Toolin, Regina M. DuBord, Victor J. Skowronski, Martin Lusoto, R. Estep, S. Brennan, B. R. Cosofret, K. Shokhirev
Protection of large and complex urban areas from radiological threats may be improved by employing a network of distributed radiation detectors. Among the many considerations involved in designing such a system are detector type, concept of operations, methods to collect and extract meaningful information from multiple data sources, and cost. We have developed a realistic simulation environment as an efficient method for accurately evaluating a variety of sensor queuing/routing schemes, distributed system architectures, and data fusion algorithms. This tool enables us to assesses and demonstrate overall system performance as a function of key operational and cost parameters. Early results show that a network of 8 fixed path and 5 random path NaI sensors achieves a Pd ∼ 90% within 10 minutes against a 1 mCi Cs137 source released to 1500 possible random locations within the ∼1.3 km × 1 km area centered around Philadelphia City Hall.
采用分布式辐射探测器网络可以改善对大型和复杂城市地区免受辐射威胁的保护。设计这样一个系统所涉及的许多考虑因素包括探测器类型、操作概念、从多个数据源收集和提取有意义信息的方法以及成本。我们已经开发了一个逼真的仿真环境,作为准确评估各种传感器排队/路由方案,分布式系统架构和数据融合算法的有效方法。该工具使我们能够评估和演示作为关键操作和成本参数的功能的整体系统性能。早期的结果表明,一个由8个固定路径和5个随机路径NaI传感器组成的网络,在1 mCi Cs137源释放到以费城市政厅为中心的1.3 km × 1 km区域内的1500个可能的随机位置上,在10分钟内实现Pd ~ 90%。
{"title":"An urban environment simulation framework for evaluating novel distributed radiation detection architectures","authors":"M. King, B. Harris, Maurice Toolin, Regina M. DuBord, Victor J. Skowronski, Martin Lusoto, R. Estep, S. Brennan, B. R. Cosofret, K. Shokhirev","doi":"10.1109/THS.2010.5654958","DOIUrl":"https://doi.org/10.1109/THS.2010.5654958","url":null,"abstract":"Protection of large and complex urban areas from radiological threats may be improved by employing a network of distributed radiation detectors. Among the many considerations involved in designing such a system are detector type, concept of operations, methods to collect and extract meaningful information from multiple data sources, and cost. We have developed a realistic simulation environment as an efficient method for accurately evaluating a variety of sensor queuing/routing schemes, distributed system architectures, and data fusion algorithms. This tool enables us to assesses and demonstrate overall system performance as a function of key operational and cost parameters. Early results show that a network of 8 fixed path and 5 random path NaI sensors achieves a Pd ∼ 90% within 10 minutes against a 1 mCi Cs137 source released to 1500 possible random locations within the ∼1.3 km × 1 km area centered around Philadelphia City Hall.","PeriodicalId":106557,"journal":{"name":"2010 IEEE International Conference on Technologies for Homeland Security (HST)","volume":"3 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-12-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117256105","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2010-12-03DOI: 10.1109/THS.2010.5655066
A. Vidan, G. Hogan
Emergency responders fighting blazes and flooding, law enforcement securing sites and crowds, and medical teams treating victims are typical scenarios during rapidly-evolving, catastrophic events. The larger the disaster, the more complicated becomes the situation as thousands of responders from hundreds of organizations participate in the response and relief efforts. Organizing, coordinating and commanding these efforts remains a significant technical challenge, as it requires timely collection and distribution of information under harsh environments. With guidance from operational partners in California's emergency response community, we have designed, implemented and demonstrated a prototype integrated sensing and command and control system that enables shared situational awareness and collaboration during response operations. The system architecture is based on net-centric and service-oriented paradigms, and combines sensors, communications, and visualization and collaboration technologies, with all components being linked in (near) real-time. The utility of this prototype system was evaluated through a field exercise that tested the technical performance of the system and assessed the impact of new technologies on current concept of operations. In this paper, we describe the design analysis, system architecture, core enabling technologies, and the field evaluations.
{"title":"Integrated sensing and command and control system for disaster response","authors":"A. Vidan, G. Hogan","doi":"10.1109/THS.2010.5655066","DOIUrl":"https://doi.org/10.1109/THS.2010.5655066","url":null,"abstract":"Emergency responders fighting blazes and flooding, law enforcement securing sites and crowds, and medical teams treating victims are typical scenarios during rapidly-evolving, catastrophic events. The larger the disaster, the more complicated becomes the situation as thousands of responders from hundreds of organizations participate in the response and relief efforts. Organizing, coordinating and commanding these efforts remains a significant technical challenge, as it requires timely collection and distribution of information under harsh environments. With guidance from operational partners in California's emergency response community, we have designed, implemented and demonstrated a prototype integrated sensing and command and control system that enables shared situational awareness and collaboration during response operations. The system architecture is based on net-centric and service-oriented paradigms, and combines sensors, communications, and visualization and collaboration technologies, with all components being linked in (near) real-time. The utility of this prototype system was evaluated through a field exercise that tested the technical performance of the system and assessed the impact of new technologies on current concept of operations. In this paper, we describe the design analysis, system architecture, core enabling technologies, and the field evaluations.","PeriodicalId":106557,"journal":{"name":"2010 IEEE International Conference on Technologies for Homeland Security (HST)","volume":"70 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-12-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115791942","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2010-12-03DOI: 10.1109/THS.2010.5654967
Hamed Okhravi, Stanley Bak, Samuel T. King
Covert channel attacks pose a threat to the security of critical infrastructure and key resources (CIKR). To design defenses and countermeasures against this threat, we must understand all classes of covert channel attacks along with their properties. Network-based covert channels have been studied in great detail in previous work, although several other classes of covert channels (hardware-based and operating system-based) are largely unexplored. One of our contributions is investigating these classes by designing, implementing, and experimentally evaluating several specific covert channel attacks. We implement and evaluate hardware-based and operating system-based attacks and show significant differences in their properties and mechanisms. We also present channel capacity differences among the various attacks, which span three orders of magnitude. Furthermore, we present the concept of hybrid covert channel attacks which use two or more communication categories to transport data. Hybrid covert channels can be qualitatively harder to detect and counter than traditional covert channels. Finally, we summarize the lessons learned through covert channel attack design and implementation, which have important implications for critical asset protection and risk analysis. The study also facilitates the development of countermeasures to protect CIKR systems against covert channel attacks.
{"title":"Design, implementation and evaluation of covert channel attacks","authors":"Hamed Okhravi, Stanley Bak, Samuel T. King","doi":"10.1109/THS.2010.5654967","DOIUrl":"https://doi.org/10.1109/THS.2010.5654967","url":null,"abstract":"Covert channel attacks pose a threat to the security of critical infrastructure and key resources (CIKR). To design defenses and countermeasures against this threat, we must understand all classes of covert channel attacks along with their properties. Network-based covert channels have been studied in great detail in previous work, although several other classes of covert channels (hardware-based and operating system-based) are largely unexplored. One of our contributions is investigating these classes by designing, implementing, and experimentally evaluating several specific covert channel attacks. We implement and evaluate hardware-based and operating system-based attacks and show significant differences in their properties and mechanisms. We also present channel capacity differences among the various attacks, which span three orders of magnitude. Furthermore, we present the concept of hybrid covert channel attacks which use two or more communication categories to transport data. Hybrid covert channels can be qualitatively harder to detect and counter than traditional covert channels. Finally, we summarize the lessons learned through covert channel attack design and implementation, which have important implications for critical asset protection and risk analysis. The study also facilitates the development of countermeasures to protect CIKR systems against covert channel attacks.","PeriodicalId":106557,"journal":{"name":"2010 IEEE International Conference on Technologies for Homeland Security (HST)","volume":"60 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-12-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124943183","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2010-12-03DOI: 10.1109/THS.2010.5655108
J. Mirkovic, Terry V. Benzel, Ted Faber, R. Braden, J. Wroclawski, S. Schwab
Since 2004, the DETER Cybersecurity Testbed Project has worked to create the necessary infrastructure — facilities, tools, and processes-to provide a national resource for experimentation in cyber security. The next generation of DETER envisions several conceptual advances in testbed design and experimental research methodology, targeting improved experimental validity, enhanced usability, and increased size, complexity, and diversity of experiments. This paper outlines the DETER project's status and current R&D directions.
{"title":"The DETER project: Advancing the science of cyber security experimentation and test","authors":"J. Mirkovic, Terry V. Benzel, Ted Faber, R. Braden, J. Wroclawski, S. Schwab","doi":"10.1109/THS.2010.5655108","DOIUrl":"https://doi.org/10.1109/THS.2010.5655108","url":null,"abstract":"Since 2004, the DETER Cybersecurity Testbed Project has worked to create the necessary infrastructure — facilities, tools, and processes-to provide a national resource for experimentation in cyber security. The next generation of DETER envisions several conceptual advances in testbed design and experimental research methodology, targeting improved experimental validity, enhanced usability, and increased size, complexity, and diversity of experiments. This paper outlines the DETER project's status and current R&D directions.","PeriodicalId":106557,"journal":{"name":"2010 IEEE International Conference on Technologies for Homeland Security (HST)","volume":"13 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-12-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123019911","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: