Search Results

From lessons learned to new directions.

As the Internet of Things (IoT) becomes more ingrained in our daily lives and environments, asset enumeration, characterization, and monitoring become crucial, yet challenging tasks. A vast number of gadgets in the market have a smartphone-based ...

The proliferation of Internet-of-Things (IoT) devices within homes raises many security and privacy concerns. Recent headlines highlight the lack of effective security mechanisms in IoT devices. Security threats in IoT arise not only from ...

The IoT can become ubiquitous worldwide---if the pursuit of systemic trustworthiness can overcome the potential risks.

IEEE Secure Development Conference (SecDev) is a venue for presenting ideas, research, and experience about how to develop secure systems. Please visit secdev.ieee.org for more information about the upcoming conference in September.

New and innovative cybersecurity technologies are essential to ensure that information systems and critical infrastructure are secure and resilient. These technologies must also meet the needs of IT professionals and be available via channels acceptable ...

New and innovative technologies will only make a difference if they're deployed and used. It doesn't matter how visionary a technology is unless it meets user needs and requirements and is available as a product via user-acceptable channels. One of the ...

The authors discuss the IEEE Symposium on Security and Privacy, which because of its growing popularity, is moving to a larger venue this year.

A systematic approach to digital forensic engineering acknowledges the close, intertwine relationship between digital forensics and information security. Just as their technical structures are interrelated, so, too, are issues relating to legal and ...

Most intrusion detection systems available today are using a single audit source for detection, even though attacks have distinct manifestations in different parts of the system. In this paper we investigate how to use the alerts from several audit ...

Process control systems using wireless sensor nodes are large and complex environments built to last for a long time. Cryptographic keys are typically preloaded in the wireless nodes prior to deployment and used for the rest of their lifetime. To reduce ...

Traditionally, a consumer decided how much to trust a piece of data based on its source. As digital video cameras and editors become ubiquitous, an arbitrary video object is increasingly likely to be produced using a range of operations that combine ...

In wireless sensor networks, sensor nodes are typically resource constrained and used as routers to forward packets for other nodes. Compromised sensor nodes may be able to cause network-wide denial of service by dropping or corrupting packets. This ...

eXpert-BSM is a real time forward-reasoning expert systemthat analyzes Sun Solaris audit trails. Based on manyyears of intrusion detection research, eXpert-BSM's knowledgebase detects a wide range of specific and general formsof misuse, provides ...

This paper describes a new approach to collecting real-time transaction information from a server application and forwarding the data to an intrusion detection system. While the few existing application-based intrusion detection systems tend to read log ...

Combining Internet connectivity and COTS-based systems results in increased threats from both external and internal sources. Traditionally, security design has been a matter of risk avoidance. Now more and more members of the security community realize ...

This paper presents a classification of intrusions with respect to technique as well as to result. The taxonomy is intended to be a step on the road to an established taxonomy of intrusions for use in incident reporting, statistics, warning bulletins, ...