Pub Date : 2011-12-19DOI: 10.1109/THS.2011.6107900
CaLynna Sorrells, Paul Potier, Lijun Qian, Xiangfang Li
In many mission-critical applications such as military operations or disaster relief efforts, wireless networks employing dynamic spectrum access enabled by cognitive radio technology gain popularity due to their high spectrum efficiency and interoperability. However, the use of cognitive radio further complicates the security problems in wireless networks and introduces additional challenges. For instance, an attacker may mimic the behavior of a licensed primary user and disrupt the communication strategy of opportunistic spectrum usage of cognitive radio nodes, known as Primary User Emulation Attacks. Another example is a smart jammer, who can scan the spectrum and jam channels selectively. A common characteristic of the attacks in both examples is that they cause anomalous spectrum usage and disrupt the dynamic spectrum access, thus we termed them Anomalous Spectrum Usage Attacks in the context of cognitive radio wireless networks. Anomalous Spectrum Usage Attacks are extremely difficult to detect. In order to address these challenges, we propose a cross-layer framework for security enhancement and attack mitigation. In addition to physical layer sensing, we also take advantage of statistical analysis of the routing information of multiple paths collected by the routing module at the network layer. Inference of congested areas due to spectrum shortage can be made by information fusion and the results from the inference module will be compared to prior knowledge of the primary users, and the suspicious spectrum shortage will be subject to selective auditing, where a manager such as a cluster head will poll more detailed data from the cognitive nodes locating near the suspicious area for further analysis. We use a spectrum-aware split multipath routing as a baseline routing for performance evaluation. The effectiveness of the proposed scheme is demonstrated by extensive simulations.
{"title":"Anomalous spectrum usage attack detection in cognitive radio wireless networks","authors":"CaLynna Sorrells, Paul Potier, Lijun Qian, Xiangfang Li","doi":"10.1109/THS.2011.6107900","DOIUrl":"https://doi.org/10.1109/THS.2011.6107900","url":null,"abstract":"In many mission-critical applications such as military operations or disaster relief efforts, wireless networks employing dynamic spectrum access enabled by cognitive radio technology gain popularity due to their high spectrum efficiency and interoperability. However, the use of cognitive radio further complicates the security problems in wireless networks and introduces additional challenges. For instance, an attacker may mimic the behavior of a licensed primary user and disrupt the communication strategy of opportunistic spectrum usage of cognitive radio nodes, known as Primary User Emulation Attacks. Another example is a smart jammer, who can scan the spectrum and jam channels selectively. A common characteristic of the attacks in both examples is that they cause anomalous spectrum usage and disrupt the dynamic spectrum access, thus we termed them Anomalous Spectrum Usage Attacks in the context of cognitive radio wireless networks. Anomalous Spectrum Usage Attacks are extremely difficult to detect. In order to address these challenges, we propose a cross-layer framework for security enhancement and attack mitigation. In addition to physical layer sensing, we also take advantage of statistical analysis of the routing information of multiple paths collected by the routing module at the network layer. Inference of congested areas due to spectrum shortage can be made by information fusion and the results from the inference module will be compared to prior knowledge of the primary users, and the suspicious spectrum shortage will be subject to selective auditing, where a manager such as a cluster head will poll more detailed data from the cognitive nodes locating near the suspicious area for further analysis. We use a spectrum-aware split multipath routing as a baseline routing for performance evaluation. The effectiveness of the proposed scheme is demonstrated by extensive simulations.","PeriodicalId":228322,"journal":{"name":"2011 IEEE International Conference on Technologies for Homeland Security (HST)","volume":"2675 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-12-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129202130","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2011-12-19DOI: 10.1109/THS.2011.6107891
L. Cuéllar, T. Cleland, D. Kubicek, T. Kelton, M. Mathis, F. Roach, R. Roberts, P. Stroud, K. Saeger, James P. Smith
The Probabilistic Effectiveness Methodology (PEM) is a simulation tool with a holistic approach to risk assessment of nuclear smuggling. PEM simulates valid representations of threat motivation, capabilities, and intent, threat transportation pathways (air, land, and sea), the performance of detector architectures, and individual detector performance associated with preventive radiological and nuclear detection. Further, it analyses from a Red/Adversary perspective, gaps, seams and vulnerabilities of the Global Nuclear Detection Architecture (GNDA). This paper presents the different PEM components and illustrates (through use of notional data) several examples of how PEM can support the decision making process for GNDA problems.
{"title":"Probabilistic Effectiveness Methodology: A holistic approach on risk assessment of nuclear smuggling","authors":"L. Cuéllar, T. Cleland, D. Kubicek, T. Kelton, M. Mathis, F. Roach, R. Roberts, P. Stroud, K. Saeger, James P. Smith","doi":"10.1109/THS.2011.6107891","DOIUrl":"https://doi.org/10.1109/THS.2011.6107891","url":null,"abstract":"The Probabilistic Effectiveness Methodology (PEM) is a simulation tool with a holistic approach to risk assessment of nuclear smuggling. PEM simulates valid representations of threat motivation, capabilities, and intent, threat transportation pathways (air, land, and sea), the performance of detector architectures, and individual detector performance associated with preventive radiological and nuclear detection. Further, it analyses from a Red/Adversary perspective, gaps, seams and vulnerabilities of the Global Nuclear Detection Architecture (GNDA). This paper presents the different PEM components and illustrates (through use of notional data) several examples of how PEM can support the decision making process for GNDA problems.","PeriodicalId":228322,"journal":{"name":"2011 IEEE International Conference on Technologies for Homeland Security (HST)","volume":"291 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-12-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121731058","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2011-12-19DOI: 10.1109/THS.2011.6107892
V. Heikkinen, I. Kassamakov, E. Haggstrom, S. Lehto, J. Kiljunen, T. Reinikainen, J. Aaltonen
Three dimensional (3D) imaging has been introduced into forensic work. Quantitative height data adds information compared to the conventional 2D-images when micro-scale evidence is studied. We show the potential of Scanning White Light Interferometry (SWLI) as a 3D imaging method for forensic studies. SWLI allows rapid, non contact measurements of millimeter-size objects with nanometer vertical resolution without sample preparation. We compared toolmarks and to examined crossing lines on metal. When studying marks made by diagonal cutters on wires and firing pin impressions on cartridges we could match cases that were hard to match with a normal forensic microscope. When studying crossing lines the confidence of the examiner was improved from 3.3 ± 1.9 / 5 to 4.2 ± 0.9 / 5 when using 3D images.
{"title":"Scanning White Light Interferometry, — A new 3D forensics tool","authors":"V. Heikkinen, I. Kassamakov, E. Haggstrom, S. Lehto, J. Kiljunen, T. Reinikainen, J. Aaltonen","doi":"10.1109/THS.2011.6107892","DOIUrl":"https://doi.org/10.1109/THS.2011.6107892","url":null,"abstract":"Three dimensional (3D) imaging has been introduced into forensic work. Quantitative height data adds information compared to the conventional 2D-images when micro-scale evidence is studied. We show the potential of Scanning White Light Interferometry (SWLI) as a 3D imaging method for forensic studies. SWLI allows rapid, non contact measurements of millimeter-size objects with nanometer vertical resolution without sample preparation. We compared toolmarks and to examined crossing lines on metal. When studying marks made by diagonal cutters on wires and firing pin impressions on cartridges we could match cases that were hard to match with a normal forensic microscope. When studying crossing lines the confidence of the examiner was improved from 3.3 ± 1.9 / 5 to 4.2 ± 0.9 / 5 when using 3D images.","PeriodicalId":228322,"journal":{"name":"2011 IEEE International Conference on Technologies for Homeland Security (HST)","volume":"433 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-12-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133227357","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2011-11-01DOI: 10.1109/THS.2011.6107893
Yingbo Song, S. Stolfo, T. Jebara
Modern network security research has demonstrated a clear necessity for open sharing of traffic datasets between organizations - a need that has so far been superseded by the challenges of removing sensitive content from the data beforehand. Network Data Anonymization is an emerging field dedicated to solving this problem, with a main focus on removal of identifiable artifacts that might pierce privacy, such as usernames and IP addresses. However, recent research has demonstrated that more subtle statistical artifacts may yield fingerprints that are just as differen-tiable as the former. This result highlights certain shortcomings in current anonymization frameworks; particularly, ignoring the behavioral idiosyncrasies of network protocols, applications, and users. Network traffic synthesis (or simulation) is a closely related complimentary approach which, while more difficult to execute accurately, has the potential for far greater flexibility. This paper leverages the statistical-idiosyncrasies of network behavior to augment anonymization and traffic-synthesis techniques through machine-learning models specifically designed to capture host-level behavior. We present the design of a system that can automatically learn models for network host behavior across time, then use these models to replicate the original behavior, to interpolate across gaps in the original traffic, and demonstrate how to generate new diverse behaviors. Further, we measure the similarity of the synthesized data to the original, providing us with a quantifiable estimate of data fidelity.
{"title":"Behavior-based network traffic synthesis","authors":"Yingbo Song, S. Stolfo, T. Jebara","doi":"10.1109/THS.2011.6107893","DOIUrl":"https://doi.org/10.1109/THS.2011.6107893","url":null,"abstract":"Modern network security research has demonstrated a clear necessity for open sharing of traffic datasets between organizations - a need that has so far been superseded by the challenges of removing sensitive content from the data beforehand. Network Data Anonymization is an emerging field dedicated to solving this problem, with a main focus on removal of identifiable artifacts that might pierce privacy, such as usernames and IP addresses. However, recent research has demonstrated that more subtle statistical artifacts may yield fingerprints that are just as differen-tiable as the former. This result highlights certain shortcomings in current anonymization frameworks; particularly, ignoring the behavioral idiosyncrasies of network protocols, applications, and users. Network traffic synthesis (or simulation) is a closely related complimentary approach which, while more difficult to execute accurately, has the potential for far greater flexibility. This paper leverages the statistical-idiosyncrasies of network behavior to augment anonymization and traffic-synthesis techniques through machine-learning models specifically designed to capture host-level behavior. We present the design of a system that can automatically learn models for network host behavior across time, then use these models to replicate the original behavior, to interpolate across gaps in the original traffic, and demonstrate how to generate new diverse behaviors. Further, we measure the similarity of the synthesized data to the original, providing us with a quantifiable estimate of data fidelity.","PeriodicalId":228322,"journal":{"name":"2011 IEEE International Conference on Technologies for Homeland Security (HST)","volume":"146 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115740909","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2011-11-01DOI: 10.1109/THS.2011.6107911
Vic Baker
The Modeling & Simulation Capability for Consequence Management prototype allows emergency planners to design and run dynamic, time aware, ArcGIS 10 based “what-if” gaming simulations depicting the impacts upon critical infrastructure and resource consumption during a large-scale mass evacuation from the National Capital Region to a host region. The capability enables emergency planners to run multiple iterations of a simulated event with different resource allocations including the ability to activate and deactivate shelters, place barriers, and enforce fuel rationing. The technical aspects of the capability rely on the ESRI ArcGIS API for Flex coupled with custom geoprocessing services housed on an ESRI ArcGIS Server. The prototype system was developed for the FEMA Regional Catastrophic Preparedness Grant Program initially focusing on the eastern panhandle of West Virginia. The simulation logic is designed for extensibility to encompass all state-wide counties, neighboring states, and geographical regions/districts.
{"title":"Modeling & Simulation Capability for Consequence Management","authors":"Vic Baker","doi":"10.1109/THS.2011.6107911","DOIUrl":"https://doi.org/10.1109/THS.2011.6107911","url":null,"abstract":"The Modeling & Simulation Capability for Consequence Management prototype allows emergency planners to design and run dynamic, time aware, ArcGIS 10 based “what-if” gaming simulations depicting the impacts upon critical infrastructure and resource consumption during a large-scale mass evacuation from the National Capital Region to a host region. The capability enables emergency planners to run multiple iterations of a simulated event with different resource allocations including the ability to activate and deactivate shelters, place barriers, and enforce fuel rationing. The technical aspects of the capability rely on the ESRI ArcGIS API for Flex coupled with custom geoprocessing services housed on an ESRI ArcGIS Server. The prototype system was developed for the FEMA Regional Catastrophic Preparedness Grant Program initially focusing on the eastern panhandle of West Virginia. The simulation logic is designed for extensibility to encompass all state-wide counties, neighboring states, and geographical regions/districts.","PeriodicalId":228322,"journal":{"name":"2011 IEEE International Conference on Technologies for Homeland Security (HST)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128986063","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2011-11-01DOI: 10.1109/THS.2011.6107854
Douglas Mook, E. Scheinman
Recent threats to aviation security have focused on the passenger screening checkpoint. To name a few, the Christmas Day 2009 bombing attempt, the UK liquid threat of 2006, the Richard Reid shoe bomb attempt 2002, and the 9/11 highjackings. A number of new technologies and processes have been implemented to meet this increasing threat at the checkpoint such as the liquid, shoes, and laptop procedures which are generally viewed as tolerable annoyances but the body imagers and enhanced pat-downs are viewed more broadly as an invasion of privacy. Yet even with all these new technologies and processes it is not clear that the system will meet the threats facing it. Even more onerous, invasive, costly, and operationally intensive processes are needed to detect the diverse threats aimed at the checkpoint. It seems inconceivable that new measures or some of the more invasive current measures should be used on every passenger. It has been generally agreed that checkpoints and possibly other security processes need to move to a risk based screening system where a measure of threat is accumulated for each passenger using the least invasive approaches first and only applying the most onerous processes to the highest risk passengers. To that end we have been bringing together the key elements of the passenger screening process to develop comprehensive Risk Based screening for the passenger screening checkpoint. This system will include screening technology, ID Authentication, Biometric verification, Background information assessment, and Behavior analysis.
{"title":"Risk based screening and explosive detection at the passenger screening checkpoint","authors":"Douglas Mook, E. Scheinman","doi":"10.1109/THS.2011.6107854","DOIUrl":"https://doi.org/10.1109/THS.2011.6107854","url":null,"abstract":"Recent threats to aviation security have focused on the passenger screening checkpoint. To name a few, the Christmas Day 2009 bombing attempt, the UK liquid threat of 2006, the Richard Reid shoe bomb attempt 2002, and the 9/11 highjackings. A number of new technologies and processes have been implemented to meet this increasing threat at the checkpoint such as the liquid, shoes, and laptop procedures which are generally viewed as tolerable annoyances but the body imagers and enhanced pat-downs are viewed more broadly as an invasion of privacy. Yet even with all these new technologies and processes it is not clear that the system will meet the threats facing it. Even more onerous, invasive, costly, and operationally intensive processes are needed to detect the diverse threats aimed at the checkpoint. It seems inconceivable that new measures or some of the more invasive current measures should be used on every passenger. It has been generally agreed that checkpoints and possibly other security processes need to move to a risk based screening system where a measure of threat is accumulated for each passenger using the least invasive approaches first and only applying the most onerous processes to the highest risk passengers. To that end we have been bringing together the key elements of the passenger screening process to develop comprehensive Risk Based screening for the passenger screening checkpoint. This system will include screening technology, ID Authentication, Biometric verification, Background information assessment, and Behavior analysis.","PeriodicalId":228322,"journal":{"name":"2011 IEEE International Conference on Technologies for Homeland Security (HST)","volume":"39 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114487090","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2011-11-01DOI: 10.1109/THS.2011.6107887
Ari A. Vidali, Jason D. Hutchens, Mitch Javidi
Government organizations at all levels are facing intense pressure to establish and measure readiness: the ability to prepare for, respond to, and recover from crises and natural disasters. Readiness as a concept is easy to grasp in principle, yet exceedingly difficult to implement due to the fragmentation of processes within the public safety sector and a fundamental failure to understand the difference between capacity and capability building to achieve Readiness. A strategy is required that will enable heterogeneous public safety communities to achieve operational agility before, during and after a crisis while optimizing their allocation of funding to arrive at a balanced readiness posture. No single individual, department, agency or organization has all of the information necessary to continuously measure readiness within its geographic boundary. Participation in standardized measurement is often stymied by disparate data storage, fragmented processes, budgets, politics, culture and resistance to change. Yet it is recognized that readiness saves lives; therefore a practical approach is required to establish a framework for effectively measuring readiness against a government's prioritized Hazard/Threat Identification and Risk Assessment. The Indiana Department of Homeland Security has made significant progress in uniting all of the major stakeholders into a cohesive public safety ecosystem. Indiana is taking an innovative approach to achieving, measuring, and optimizing readiness. We outline significant lessons learned, best practices, and feasible approaches towards achieving a sustainable state of pervasive readiness which is the concept of readiness as an integral part of the very fabric of a nation.
{"title":"Pervasive readiness: Pipedream or possible? A practical approach for measuring public saftey readiness","authors":"Ari A. Vidali, Jason D. Hutchens, Mitch Javidi","doi":"10.1109/THS.2011.6107887","DOIUrl":"https://doi.org/10.1109/THS.2011.6107887","url":null,"abstract":"Government organizations at all levels are facing intense pressure to establish and measure readiness: the ability to prepare for, respond to, and recover from crises and natural disasters. Readiness as a concept is easy to grasp in principle, yet exceedingly difficult to implement due to the fragmentation of processes within the public safety sector and a fundamental failure to understand the difference between capacity and capability building to achieve Readiness. A strategy is required that will enable heterogeneous public safety communities to achieve operational agility before, during and after a crisis while optimizing their allocation of funding to arrive at a balanced readiness posture. No single individual, department, agency or organization has all of the information necessary to continuously measure readiness within its geographic boundary. Participation in standardized measurement is often stymied by disparate data storage, fragmented processes, budgets, politics, culture and resistance to change. Yet it is recognized that readiness saves lives; therefore a practical approach is required to establish a framework for effectively measuring readiness against a government's prioritized Hazard/Threat Identification and Risk Assessment. The Indiana Department of Homeland Security has made significant progress in uniting all of the major stakeholders into a cohesive public safety ecosystem. Indiana is taking an innovative approach to achieving, measuring, and optimizing readiness. We outline significant lessons learned, best practices, and feasible approaches towards achieving a sustainable state of pervasive readiness which is the concept of readiness as an integral part of the very fabric of a nation.","PeriodicalId":228322,"journal":{"name":"2011 IEEE International Conference on Technologies for Homeland Security (HST)","volume":"38 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115954583","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2011-11-01DOI: 10.1109/THS.2011.6107862
Peter C. Hitt, Karl Zollinger
This paper describes the operational concept for HOMEbase — the Headquarters and Operations Modular Emergency base — a scalable disaster management complex transportable via land, sea or air in ISO 20-foot shipping containers. HOMEbase incorporates an integrated planning, decision-support, and resource management system with the primary objectives of enhancing continuity of operations among First Responders, Emergency Managers and civil authorities engaged in complex disaster response and recovery operations. Its secondary mission is to ensure “continuity of community” by providing semi-permanent housing for displaced populations and facilities for public health, local governance and civic functions while enabling the restoration of economic and social life of the affected community. HOMEbase initiates a paradigm shift in disaster management through a focus on private-public partnerships to leverage the combined strengths and resources of federal, state and local agencies, private enterprise, nongovernmental organizations and citizens to achieve efficient all-hazards response and recovery from disasters.
{"title":"HOMEbaseTM: An operational concept for collaborative disaster response","authors":"Peter C. Hitt, Karl Zollinger","doi":"10.1109/THS.2011.6107862","DOIUrl":"https://doi.org/10.1109/THS.2011.6107862","url":null,"abstract":"This paper describes the operational concept for HOMEbase — the Headquarters and Operations Modular Emergency base — a scalable disaster management complex transportable via land, sea or air in ISO 20-foot shipping containers. HOMEbase incorporates an integrated planning, decision-support, and resource management system with the primary objectives of enhancing continuity of operations among First Responders, Emergency Managers and civil authorities engaged in complex disaster response and recovery operations. Its secondary mission is to ensure “continuity of community” by providing semi-permanent housing for displaced populations and facilities for public health, local governance and civic functions while enabling the restoration of economic and social life of the affected community. HOMEbase initiates a paradigm shift in disaster management through a focus on private-public partnerships to leverage the combined strengths and resources of federal, state and local agencies, private enterprise, nongovernmental organizations and citizens to achieve efficient all-hazards response and recovery from disasters.","PeriodicalId":228322,"journal":{"name":"2011 IEEE International Conference on Technologies for Homeland Security (HST)","volume":"3 8","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132576010","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2011-11-01DOI: 10.1109/THS.2011.6107876
Brian M. Bowen, R. Devarajan, S. Stolfo
This paper investigates new methods to measure, quantify and evaluate the security posture of human organizations especially within large corporations and government agencies. Computer security is not just about technology and systems. It is also about the people that use those systems and how their vulnerable behaviors can lead to exploitation. We focus on measuring enterprise-level susceptibility to phishing attacks. Results of experiments conducted at Columbia University and the system used to conduct the experiments are presented that show how the system can also be effective for training users. We include a description of follow-on work that has been proposed to DHS that aims to measure and improve the security posture of government departments and agencies, as well as for comparing security postures of individual agencies against one another.
{"title":"Measuring the human factor of cyber security","authors":"Brian M. Bowen, R. Devarajan, S. Stolfo","doi":"10.1109/THS.2011.6107876","DOIUrl":"https://doi.org/10.1109/THS.2011.6107876","url":null,"abstract":"This paper investigates new methods to measure, quantify and evaluate the security posture of human organizations especially within large corporations and government agencies. Computer security is not just about technology and systems. It is also about the people that use those systems and how their vulnerable behaviors can lead to exploitation. We focus on measuring enterprise-level susceptibility to phishing attacks. Results of experiments conducted at Columbia University and the system used to conduct the experiments are presented that show how the system can also be effective for training users. We include a description of follow-on work that has been proposed to DHS that aims to measure and improve the security posture of government departments and agencies, as well as for comparing security postures of individual agencies against one another.","PeriodicalId":228322,"journal":{"name":"2011 IEEE International Conference on Technologies for Homeland Security (HST)","volume":"36 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126805951","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2011-06-22DOI: 10.1109/THS.2011.6107855
Haiyin Chen, M. Aufderheide, W. T. White, G. Roberson, L. Glascoe
As a part of a code validation study, we have compared radiographic simulations generated using the HADES code against experimental measurements of a set of common materials of known composition and density: graphite, Teflon, Delrin, magnesium, silicon, titanium, and water cylinders. HADES calculations show good agreement with radiograph measurements. Discrepancies between simulation and experimental data are analyzed. Sources of error and future model improvement are discussed.
{"title":"Validation of HADES-based simulations of radiographic experiments","authors":"Haiyin Chen, M. Aufderheide, W. T. White, G. Roberson, L. Glascoe","doi":"10.1109/THS.2011.6107855","DOIUrl":"https://doi.org/10.1109/THS.2011.6107855","url":null,"abstract":"As a part of a code validation study, we have compared radiographic simulations generated using the HADES code against experimental measurements of a set of common materials of known composition and density: graphite, Teflon, Delrin, magnesium, silicon, titanium, and water cylinders. HADES calculations show good agreement with radiograph measurements. Discrepancies between simulation and experimental data are analyzed. Sources of error and future model improvement are discussed.","PeriodicalId":228322,"journal":{"name":"2011 IEEE International Conference on Technologies for Homeland Security (HST)","volume":"69 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-06-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115061987","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: