Department of Defense Sponsored Information Security Research: New Methods for Protecting Against Cyber Threats [Kietas viršelis]

Foreword		ix
Acknowledgments		x
Introduction		xi
Steven King
Architecting Information Infrastructures for Security		1	(190)
Cliff Wang
Architectures for Secure and Robust Distributed Infrastructures
Overview of the ASRDI (Architectures for Secure and Robust Distributed Infrastructures) Project		3	(32)
Sanjay Lall
Carolyn Beck
Stephen Boyd
John Doyle
Geir Dullerud
Chris Hadjicostis
Muriel Medard
Balaji Prabhakar
Rayadurgam Srikant
George Verghese
Approximate Fairness through Differential Dropping		35	(18)
Rang Pan
Lee Breslau
Balaji Prabhakar
Scott Shenker
A Complex Adaptive System Approach to QoS Assurance and Stateful Resource Management for Dependable Information Infrastructure
Quality of Service Assurance for Dependable Information Infrastructures		53	(27)
Nong Ye
Ying-Cheng Lai
Toni Farley
Onset of Traffic Congestion in Complex Networks		80	(8)
Liang Zhao
Ying-Cheng Lai
Kwangho Park
Nong Ye
Anomaly and Misuse Detection in Network Traffic Streams---Checking and Machine Learning Approaches
Anomaly and Misuse Detection in Network Traffic Streams---Checking and Machine Learning Approaches		88	(12)
Sampath Kannan
Insup Lee
Wenke Lee
Oleg Sokolsky
Diana Spears
William Spears
An Ensemble of Anomaly Classifiers for Identifying Cyber Attacks		100	(8)
Carlos Kelly
Diana Spears
Christer Karlsson
Peter Polyakov
Distributed Systems Security via Logical Frameworks
Distributed System Security via Logical Frameworks		108	(8)
Lujo Bauer
Frank Pfenning
Michael K. Reiter
Device-Enabled Authorization in the Grey System		116	(15)
Lujo Bauer
Scott Garriss
Jonathan M. McCune
Michael K. Reiter
Jason Rouse
Peter Rutenbar
Distributed Immune Systems for Wireless Networks Information Assurance
Distributed Immune Systems for Wireless Networks Information Assurance		131	(28)
John S. Baras
A Key Management Scheme for Distributed Sensor Networks		159	(9)
Laurent Eschenauer
Virgil D. Gligor
Hi-DRA High-Speed, Wide-Area Network Detection, Response, and Analysis
Summary of the Hi-DRA Project A System for High-Speed, Wide-Area Network Detection, Response, and Analysis		168	(13)
Richard A. Kemmerer
Giovanni Vigna
Antonio Carzaniga
Alexander L. Wolf
Stateful Intrusion Detection for High-Speed Networks		181	(10)
Christopher Kruegel
Fredrik Valeur
Giovanni Vigna
Richard Kemmerer
At the Edges of the Critical Information Infrastructure		191	(156)
David Hislop
Todd Combs
Enabling Dynamic Security Management of Networked Systems via Device-Embedded Security
Better Security via Smarter Devices		193	(6)
Gregory R. Ganger
Dawn Song
Chenxi Wang
Storage-Based Intrusion Detection: Watching Storage Activity for Suspicious Behavior		199	(13)
Adam G. Pennington
John D. Strunk
John Linwood Griffin
Craig A.N. Soules
Garth R. Goodson
Gregory R. Ganger
Software Model Checking for Embedded Systems
Customizable Model Checking for Embedded Software		212	(16)
Xianghua Deng
John Hatcliff
Matthew Hoosier
Robby
Matthew B. Dwyer
Exploiting Object Escape and Locking Information in Partial-Order Reductions for Concurrent Object-Oriented Programs		228	(42)
Matthew B. Dwyer
John Hatcliff
Robby
Venkatesh Prasad Ranganath
Advanced Tool Integration for Embedded System Assurance
Overview of the HASTEN (High Assurance Systems Tools and Environments) Project		270	(27)
Insup Lee
Rajeev Alur
Bob Cook
Carl Gunter
Elsa Gunter
Sampath Kannan
Kang Shin
Oleg Sokolsky
Hierarchical Modeling and Analysis of Embedded Systems		297	(18)
Rajeev Alur
Thao Dang
Joel Esposito
Yerang Hur
Franjo Ivancic
Vijay Kumar
Insup Lee
Pradyumna Mishra
George J. Pappas
Oleg Sokolsky
Verification Tools for Embedded Systems
Formal Verification for High Confidence Embedded Systems		315	(21)
Edmund Clarke
David Garlan
Bruce H. Krogh
Reid Simmons
Jeannette Wing
Bridging the Gap between Systems Design and Space Systems Software		336	(11)
David Garlan
William K. Reinholtz
Bradley Schmerl
Nicholas D. Sherman
Tony Tseng
Software Engineering for Assurance		347	(128)
Ralph Wachter
Gary Toth
Static Analysis to Enhance the Power of Model Checking for Concurrent Software
Static Analysis to Enhance the Power of Model Checking for Concurrent Software		349	(12)
Edmund Clarke
Daniel Kroening
Thomas Reps
Abstraction Refinement via Inductive Learning		361	(14)
Alexey Loginov
Thomas Reps
Mooly Sagiv
Protecting COTS from the Inside
Analysis of COTS for Security Vulnerability Remediation		375	(6)
Gogul Balakrishnan
Mihai Christodorescu
Vinod Ganapathy
Jonathan T. Giffin
Shai Rubin
Hao Wang
Somesh Jha
Barton P. Miller
Thomas Reps
Formalizing Sensitivity in Static Analysis for Intrusion Detection		381	(15)
Henry Hanping Feng
Jonathon T. Giffin
Yong Huang
Somesh Jha
Wenke Lee
Barton P. Miller
RAPIDware: Component-Based Development of Adaptive and Dependable Middleware
RAPIDware: Component-Based Development of Adaptive and Dependable Middleware		396	(11)
Philip K. McKinley
R.E. Kurt Stirewalt
Betty H.C. Cheng
Laura K. Dillon
Sandeep Kulkarni
Composing Adaptive Software		407	(9)
Philip K. McKinley
Seyed Masoud Sadjadi
Eric P. Kasten
Betty H. C. Cheng
Generating Efficient Trust Management Software from Policies
Generating Efficient Security Software from Policies		416	(9)
Scott D. Stoller
Yanhong A. Liu
Role-Based Access Control: A Corrected and Simplified Specification		425	(15)
Yanhong A. Liu
Scott D. Stoller
Modeling and Simulation Environment for Critical Information Protection
Analysis, Modeling, and Simulation for Networked Systems		440	(26)
Mostafa Bassiouni
Vicki M. Bier
Pascale Carayon
Jagdish Chandra
Ratan K. Guha
Sara B. Kraemer
Stephen M. Robinson
Daniel G. Schwartz
Sara Stoecklin
Protection of Simple Series and Parallel Systems with Components of Different Values		466	(9)
Vicki M. Bier
Aniruddha Nagaraj
Vinod Abhichandani
Malicious Mobile Code		475	(82)
Ralph Wachter
Gary Toth
Language-Based Security for Malicious Mobile Code
Language-Based Security for Malicious Mobile Code		477	(18)
Fred B. Schneider
Dexter Kozen
Greg Morrisett
Andrew C. Myers
Malicious Code Detection for Open Firmware		495	(10)
Frank Adelstein
Matt Stillerman
Dexter Kozen
Model-Carrying Code: A New Approach to Mobile-Code Security
Safe Execution of Mobile and Untrusted Code: The Model-Carrying Code Project		505	(14)
R. Sekar
C.R. Ramakrishnan
I. V. Ramakrishnan
Scott Smolka
Samik Basu
Sandeep Bhatkar
Abhishek Chaturvedi
Daniel Du Varney
Zhenkai Liang
Yow-Jian Lin
Dipti Saha
Weiqing Sun
Prem Uppuluri
V.N. Venkatakrishnan
Wei Xu
Mohan Channa
Yogesh Chauhan
Kumar Krishna
Shruthi Krishna
Vishwas Nagaraja
Divya Padmanabhan
Model-Carrying Code: A Practical Approach for Safe Execution of Untrusted Applications		519	(14)
R. Sekar
V.N. Venkatakrishnan
Samik Basu
Sandeep Bhatkar
Daniel C. Du Varney
Neutralizing Malicious Mobile Code
Behavioral Detection of Malicious Code		533	(12)
William Allen
Richard Ford
Jens Gregor
Gerald Marin
Mike Thomason
James Whittaker
Gatekeeper II: New Approaches to Generic Virus Prevention		545	(12)
Richard Ford
Matt Wagner
Jason Michalske
Dependable Critical Information Infrastructure for Command and Control		557	(118)
Robert Herklotz
Chris Arney
Trustworthy Infrastructure, Mechanisms, and Experimentation for Diffuse Computing
Software Quality and Infrastructure Protection for Diffuse Computing		559	(8)
J. Feigenbaum
J.Y. Halpern
P.D. Lincoln
J.C. Mitchell
A. Scedrov
J.M. Smith
P. Syverson
Games and the Impossibility of Realizable Ideal Functionality		567	(18)
Anupam Datta
Ante Derek
John C. Mitchell
Ajith Ramanathan
Andre Scedrov
Adaptable Situation-Aware Secure Services-Based Systems
Adaptable Situation-Aware Secure Service-Based (AS3) Systems		585	(12)
S.S. You
H. Davulcu
S. Mukhopadhyay
D. Huang
Y. Yao
H. Gong
Automated Agent Synthesis for Situation Awareness in Service-Based Systems		597	(9)
S.S. Yau
H. Gong
D. Huang
W. Gao
L. Zhu
Detecting Deception in the Military Infosphere: Improving and Integrating Human Detection Capabilities with Automated Tools
Detecting Deception in the Military Infosphere: Improving and Integrating Detection Capabilities with Automated Tools		606	(22)
Judee K. Burgoon
Jay F. Nunamaker Jr.
Joey F. George
Mark Adkins
John Kruse
David Biros
Detecting Concealment of Intent in Transportation Screening: A Proof-of-Concept		628	(17)
Judee K. Burgoon
Douglas P. Twitchell
Matthew L. Jensen
Mark Adkins
John Kruse
Amit Deokar
Shan Lu
Dimitris N. Metaxas
Jay F. Nunamaker Jr.
Robert E. Younger
Vulnerability Assessment Tools for Complex Information Networks
Applications of Feedback Control in Information Network Security		645	(30)
David L. Pepyne
Weibo Gong
Yu-Chi Ho
Christos G. Cassandras
Wenke Lee
Avrom Pfeffer
Hong Liu
Anomaly Detection Using Call Stack Information		675
Henry Hanping Feng
Oleg M. Kolesnikov
Prahlad Fogla
Wenke Lee
Weibo Gong

In 2001, the Director of Defense research and Engineering in the Office of the Secretary of Defense initiated an $80 million, five-year research program at U.S. universities in critical infrastructure protection and high confidence adaptable software. Managed by the Department of Defense science offices, these projects produced the results summarized here.