Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Download
Standard view
Full view
of .
Look up keyword
Like this
1Activity
0 of .
Results for:
No results containing your search query
P. 1
2010 Cert Research Report

2010 Cert Research Report

Ratings: (0)|Views: 117|Likes:
The CERT Program enables U.S. government agencies responsible for cyber security, U.S. military agencies, and industry to protect, detect, and respond to attacks, accidents, and failures on networked systems.

This report highlights CERT accomplishments and activities in successfully executing our research strategy.
The CERT Program enables U.S. government agencies responsible for cyber security, U.S. military agencies, and industry to protect, detect, and respond to attacks, accidents, and failures on networked systems.

This report highlights CERT accomplishments and activities in successfully executing our research strategy.

More info:

Published by: Software Engineering Institute Publications on Nov 01, 2011
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less

11/01/2011

pdf

text

original

 
The CERT
®
Program’sresearch mission is to leverageour operational experienceand access to state-o-the-artresearch to ll gaps or ourcustomers, collaborate withthe cyber security researchcommunity, and providelonger-range perspectiveson cyber-security research,technology, and policy.
 
1
CERT Research Vision ....................................................2Executive Summary .....................................................3
2010 Research Report Abstracts 4
CERT in the News .......................................................7Special Project: Recommending Cyber Security Research Topics .................9Critical Code ............................................................11Insider Threat ..........................................................14
Insider Threat Vulnerability Assessment Measurement 17Modeling and Analysis o Insider Fraud 19Insider Threat Lab 21Insider Threat in the Financial Services Sector 22
 
Preventing the Federal Government rom Being the Victim o Identity Thet 24
Secure Coding .........................................................25
Secure Coding Initiative 28
Sotware Security Assurance .............................................34
Building Assured Systems Framework (BASF) 37Supply Chain Assurance 39Measuring Sotware Security Assurance 42Security Requirements Engineering 45Using Trusted Hardware as a Foundation or Cyber Security 47Analysis oCatastrophic Failures 50Complexity Modeling and Analysis 52
Science oCyber Security ................................................54Digital Intelligence and Investigation Directorate ............................56Malicious Code Research and Development .................................58
Malware Family Analysis: Correlating Static Featuresand Dynamic Characteristics on Large-Scale Projects 61Beyond Section Hashing 64Large-Scale Analysis oMalicious PDF Documents 67
Incident Response ......................................................69
An Incident Management Body o Knowledge 71
Network Situational Awareness ...........................................73
Assessing the Benefts and Eectiveness o Network Sensors 76How Fast Do Computers Move? 79Closed Networks: The Next Generation orSecure Network Design 81Finding the Botnets You Dont Know About 82
Resilience Modeling and Analysis .........................................83
Measuring Operational Resilience: Moving romUncertainty to Justifed Confdence 86Enhanced Methods or Cyber Exercise89Understanding Inrastructure Resilience Posture 90The Smart Grid Maturity Model Updated 91Evolving Incident Management to Incident Resilience 93
Workorce Development .................................................94
Sotware Assurance Curriculum Project 96
Researcher Activities ....................................................98
Table o Contents

You're Reading a Free Preview

Download
scribd
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->