IAnewsletter

The IATAC was merged with the CSIAC in October 2012. The IA Newsletter has been replaced by the CSIAC Journal of Cyber Security and Information Systems. You can view the latest issue at https://www.thecsiac.com/journal/welcome-csiac.

This free quarterly publication features timely articles from the IA community. These articles are solicited from such organizations as OSD/Joint Staff, the Combatant Commands, Services, Systems Commands, Government R&D Labs and Academia. Each issue also features regular columns from the DoD CERT and the JTF-GNO.

Print versions of the IAnewsletter are available directly from CSIAC by completing the Product Request/Technical Inquiry Form; it is unlimited distribution.

Volume 15 Number 2 Title: Social Media Malware Overview: Social Media Malware As social media platforms become more prevalent, their security threats, attacks, and malware continue to grow. Also Inside: - Subject Matter Expert - Damages from Cyber Attacks by Attack Category and Damage Type - Responsible Information Sharing I: Responsibility to Share - IEEE Symposium on Security and Privacy - The Open Web Application Security Project: Secure Web Code Development - Certification Spotlight: Offensive Security’s OSCP - CSIAC Connects Using Social Media - Business Continuity Planning, Disaster Recovery, and Government Regulation? - Air Mobility Command’s Enterprise Information Management Program - Texas A&M University - Accurately Projecting IA Costs - Ask the Expert - DoDTechipedia Happenings Volume 15 Number 1 Title: Information Assurance: Then, Now, and Moving Forward Overview: CSIAC: Helping to Tackle Cyber Challenges. Also Inside: - Army Cyber Command: Redefining IA Compliance as Part of Operationalizing Cyber - Ask the Expert - Training IA Experts of Tomorrow - Trends in Academic Cybersecurity and IA Research Since 1996 - Securing the Mobile Device…and its User - CSIAC Prepares Organizations to Tackle the Newest Battlespace— Cyberspace - Cyberlaw's Evolution Over the Past 20 Years - DoDTechipedia Happenings - Social Networking and Privacy - Software Security Tactics - USSTRATCOM Cyber and Space Symposium     Volume 14 Number 4 Title: Security Automation: Addressing Operational Problems Overview: An Introduction to Security Automation United States Cyber Command has made major strides in defending, securing and improving the operations of Defense networks. Also Inside: - CSIAC Spotlight on a University - An Introduction to Security Automation - Security Automation: Commercial Sector Perspectives and Contributions - Enabling Distributed Security in Cyberspace - SCAPVal: Validating Specification Conformance - Under Constant Attack - On Providing Risk Matrics Using Security Automation, Protocols, and Standards - Overcoming the Detail Devil through Open Technology Standards - Security Automation Research: Challenges and Future Directions - Applying and Extending SCAP to Deliver the Trusted Cloud - Security Automation from a NIST Perspective - Subject Matter Expert - Evaluating the Benefits of Network Security Systems - Ask the Expert     Volume 14 Number 3 Title: IA in Acquisition Overview: This edition features a collection of articles that examine IA Acquisition. Also Inside: - DoD Advances Supply Chain Risk Management Efforts - Bridging DoD IA Requirements and Commercial IA Solutions - Information Assurance and Acquisition - A Commercial Engagement Strategy for Authorization and Access Management in Defense and Intelligence Communities - Preparing for Incident Response Using the Zachman Framework - Acquisition History and IA Tools - Time for New Thinking?     Volume 14 Number 2 Title: International Information Assurance Overview: This edition features a collection of articles that examine IA from an international perspective. Articles focus on NATO cyber defense exercises, international cyberlaw challenges, and how to improve Joint Forces IA command and control in an international environment. Also Inside: - NATO Cyber Defense Exercises - Stuxnet Poses Interesting International Cyber Law Issues - Enhancing the Global Cyber Defense Workforce - Science Enhanced Networked Domains and Secure Social Spaces - Cyberspace Operations and the Need for an Operational Construct that Enables the Joint Force Commander - Attaining Security 2.0 and Beyond - Data Clouds for Computer Network Defense - The Move Beyond Green - Pilot-the Sustainability Community of Interest     Volume 14 Number 1 Title: Cyber Forensics in the Cloud Overview: According to research firm Gartner, cloud computing services revenue should total $68.3 billion for 2010, representing a 16.6% increase compared to 2009. The market is expected to explode to $148.8 billion in 2014. This trend toward cloud computing is creating numerous challenges for cyber forensics professionals. Also Inside: -Centralization, Decentralization, and the Impact on Information Security Programs -A Figure of Merit Model for Assured Information System Architecture Design -Upstream Intelligence Use Cases -Ask the Expert -National Defense University -Dr. Daniel Kuehl -Increase Your Awareness with Collaboration -Survivability in Cyberspace Workshop: Learning How to Fight Through -Upstream Security and Intelligence Case Studies     Volume 13 Number 4 Title: Privacy and Enhanced Information Security Overview: The Federal Information Security Management Act (FISMA) of 2002 was authored with good intentions, but has endured very poor execution. It's a generally well known fact that FISMA has had many critics over the years that accuse the law of focusing more on documentation than actual implementation of security practices within the federal space - including the Department of Defense (DoD). Also Inside: -Ask the Expert -Securing Telework and Remote Delivery of Dispersed Teams -Workplace Privacy in the Cyber Age: Really? -Delivery Options for Upstream Intelligence -The Air Force Institute of Technology - Center for Cyberspace Research -Subject Matter Expert -Upstream Intelligence in the World of Legal Compliance and Liability -DoDTechipedia Happenings -International Conference on Information Warfare and Security     Volume 13 Number 3 Title: A New Layer of Security Overview: The current world situation places new strains on our combat forces, weapon systems, and supporting infrastructure. These strains put an increasing emphasis on the science and technology community's rapid response capability to solve new issues as they arise. Also Inside: -Open Specifications: An enabler of UAV Operations -DoDTechipediaHappenings -Shall We Play a Game? A board game can be a valuable technique to explore the benefits and consequences of different choices and strategies. -US Cyber Command is Activated -Maximizing the DoD Return on Investment in Cyberspace Professionals -Subject Matter Expert -Upstream Intelligence: A New Layer of Cybersecurity -Anatomy of Upstream Intelligence -Business Models of Upstream Intelligence Management and Distribution -State-of-the-Art Report on Information and Communications Technology Supply Chain Security Risk Management -Old Dominion University -Ask the Expert     Volume 13 Number 2 Title: Cloud Computing: Silver Lining or Storm Ahead? Overview: We can argue that it is not a matter of whether cloud computing will become ubiquitous-because the economic forces are inescapable-but rather what we can do to improve our ability to provide cloud computing users with trust in the cloud services and infrastructure. Also Inside: -CSIAC Spotlight on a University -Cloud Computing for the Federal Community -DISA RACE: Certification and Accreditation for the Cloud -Look Before You Leap: Security Considerations in a Web 2.0 World -Insider Threat Center at CERT Grows Solutions from Reality-Based Research -CSIAC Spotlight on a Conference -Vulnerability Assessment Processes Within DoD -Subject Matter Expert -Eight Steps to Holistic Database Security -Public/Private Partnership Becoming a Necessity -Apples and Oranges: Operating and Defending the Global Information Grid -LPS-Public: Secure Browsing and an Alternative to CAC Middleware -Ask the Expert     Volume 13 Number 1 Title: Security Automation: A New Approach to Managing and Protecting Critical Information Overview: This strategy will automate many security and configuration management, compliance, and network defense functions and give our system administrators and network defenders a chance to succeed. Also Inside: -CSIAC Subject Matter Expert -CSIAC Spotlight on a University -The Security Content Automation Protocol -The DoD IA Policy Chart -Secure Configuration Management (SCM) -DoD Activities Underway to Mature SCAP Standards -DoDTechipedia Haappenings -Why Indestry Needs Federal Government Leadership to Gain the Benefits of Security Automation -Practicing Standards-Based Security Assessment and Management -Ask the Expert     Volume 12 Number 4 Title: Information Assurance (IA) Challenges in an International Environment Overview: International cooperation in cybersecurity is critical because we know there are no borders in cyberspace. This article discusses the IA challenges NATO faces at the international level, and it examines the need to promote the rapid sharing of information in a secure, controlled manner. Also Inside: -Information Assurance Integration into U.S. Pacific Command Exercises -DoD Certifies the Power of Partnership -CSIAC Spotlight on a University -CSIAC Subject Matter Expert -Ask the Expert -DoDTechipedia Happenings -Developing an Effective Data Breach Response Program -Global Information Grid 2.0: An Enabler of Joint/Coalition Warfighting -CyberWatch's Pipeline for the Cybersecurity Workforce -IA Conference of the Pacific -Intrusion Tolerance-Getting from Security to Survivability     Volume 12 Number 3 Title: Overcoming Cyber IA Challenges Through Better IA Policy Development and Implementation Overview: This article explores how the Assistant Secretary of Defense for Networks and Information Integration/DoD Chief Information Office (ASD(NII)/DoD CIO) successfully combined an enlightened IA Certification and Accreditation (C and A) policy and strategy, an active configuration control and management process, and Web 2.0 technology to produce a flexible IA cyber policy that has already proven itself an effective vehicle for meeting, and proactively addressing, the IA C and A challenges of DoD's increasingly complex cyber environment. Also Inside: - Achieving Information Assurance with eMASS - Subject Matter Expert - Ask the Expert - "Cyber-War" Simulation Reveals Need for Collaboration - Wanted: Engaged Information Security Professionals for Compliance and Damage Control - CSIAC Spotlight on University - Identifying and Characterizing Instant Messaging Authors for Cyber Forensics - DoDTechipedia Happenings - Anatomy of a Structured Attack     Volume 12 Number 2 Title: DoDTechipedia... A Way to Collaborate Overview: DoDTechipedia is a wiki, designed by the Department of Defense (DoD), that facilitates increased communication and collaboration among DoD scientists, engineers, program managers, acquisition professionals, and operational warfighters. Also Inside: - CSIAC Spotlight on Research - AFCYBER (P) Way Ahead - Ask the Expert - There and Back Again - Subject Matter Expert - Using Technology to Combat Data Loss--What It Can Do, What It Can't - Cyber Security and Information Assurance Metrics State-of-the-Art Report - The Evolving Domain of Cyber Warfare: An Update - CSIAC Spotlight on University - Paranoid: Global Secure File Access Control System - Information Assurance Risk Assessment (IARA) - Defense in Breadth     Volume 12 Number 1 Title: Making GIG IA Architecture Real with AFG Overview: AFG provides templates, guides, and a methodology, to make GIG IA Architecture v1.1 understandable and actionable at the acquisition program level. AFG is useful to acquisition program Informartion System Security Engineers (ISSEs), other IA professionals, and Program Managers desiring to integrate GIG IA guidance in their solutions. Also Inside: - CSIAC Spotlight on Education - Subject Matter Expert - The Insider Threat to Information Systems--An CSIAC State-of-the-Art Report - Army, Navy, Air Force, and Cyber--Is it Time for a Cyberwarfare Branch of Military? - Ask the Expert - IA Implications for Software Defined Radio, Cognitive Radio and Networks - "Enabling," Web 3.0 - A Statechart Model of the Cross Domain Implementation Process     Volume 11 Number 4 Title: Phishing Warfare Against Armed Forces Overview: The problems with phishing persist. This scourge shows no sign of abating and will likely increase into the foreseable future. Warfighters are just as likely as any other group of individuals to be victims of a phishing attack. This article suggests that phishing Warfare Against Armed Forces (WAARF) will emerge as a new vector of information warfare. Also Inside: - CSIAC Spotlight on Research - CSIAC Spotlight on Education - An Innovative Computer Forensic Technique for Recovering Deleted Files from Macintosh Computers - Ask the Expert - The EPOCHS Project - Cyber Defense Branch Takes Part in NSF Workshop in Beijing - Incorporating Flow-Based Behavioral Analysis Inside Agency Networks     Volume 11 Number 3 Title: Guarding the Cybercastle in 2020 Overview: The DoD has recently refocused its formal definition of cyber as "a global domain within the information environment consisting of the interdependent network of information technology infrastructures, including the Internet, telecommunications networks, computer systems, and embedded processors and controllers," consistent with Presidential cyber security policy. Also Inside: - CSIAC Spotlight on Faculty - Securing the Converged Enterprise, Part 2--Network Defense-in-Depth Architectural Considerations - Common Criteria Testing Continues to Improve of Security of IA Products - CSIAC Spotlight on Education - DoD EWIA/CND ESSG Technical Advisory Group (TAG) - So You Say You Want a Penetration Test...     Volume 11 Number 2 Title: Defining the GIG Core Overview: The Global Information Grid (GIG) is a large, complex undertaking that is intended to integrate virtually all information systems, services, and applications in the US Department of Defense (DoD) into one seamless, reliable, and secure network. This article discusses two architectural options for constructing the core of the GIG: striped core and black core. Also Inside: - Tomorrow Night - Electronic Voting Security - CSIAC Spotlight on Faculty - Recent Developments in Cyberlaw - CSIAC Spotlight on Education - Securing the Converged Enterprise, Part 1 - Ask the Expert     Volume 11 Number 1 Title: Network Risk Assessment Tool (NRAT) Overview: We live in an information-centric age where seemingly every aspect of our existence is inextricably dependent on the services of information systems. These systems provide integral support to financial institutions, commercial enterprises, critical infrastructure systems, medical care, public safety, and military operations. Also Inside: - Ask the Expert - Improving the Cyber Incident Damage and Mission Impact Assessment - Virtual Patching - CSIAC Spotlight on Education - CSIAC Spotlight on Faculty - NIST Publications: Guidance to Improve Information Security     Volume 10 Number 4 Title: Information Assurance for the Net-Centric Environment: Making the Mission Possible Overview: DoD defines the NCE as a joint force framework for full human and technical connectivity and interoperability?one that allows all DoD users and mission partners to share the information they need, when they need it, in a form they can understand, and act on with confidence. Also Inside: - GIG Performance Assessment Framework - ForNet: Network Forensics for Detecting Stealthy Attacks - Accurate Application-Specific Sandboxing for Win32/Intel Binaries - University of Maryland University College (UMUC) Security Studies Laboratory - CSIAC Spotlight on Research: University of Maryland - CSIAC Spotlight on Subject Matter Expert (SME): Mary Linda Polydys - Ask the Expert     Volume 10 Number 3 Title: Implementing Internet Protocol Version 6 (IPv6) on an Army Installation Overview: Implementing Internet Protocol Version 6 (IPv6) on an Army Installation - The challenge of implementing IPv6 into an Army network comes from two conditions placed upon the Department of Defense (DoD) by the US Congress: Do No Harm and IPv4 Parity. Also Inside: - Implementing Internet Protocol Version 6 (IPv6) on an Army Installation - A Qualia Framework for Awareness in Cyberspace - US-CERT: America's Cyber Watch and Warning Center - Executing the CND Data Strategy within the NetOps Community of Interest - 8th IEEE Information Assurance Workshop - A Decade of Air Force and Academic Collaboration Toward Assuring Information - CSIAC Spotlight on Research: Idaho State University - CSIAC Spotlight on Subject Matter Expert (SME): Dr. Corey Schou - Ask the Expert     Volume 10 Number 2 Title: System Engineering for the GIG: An Approach at the Enterprise Level Overview: The GIG is an ambitious undertaking that is fundamental to network-centric warfare. We have established and enterprise process to apply systems engineering discipline to the decisions that need to be made to make the GIG a reality. Also Inside: - Software Agent Technology - Enabling Mission Critical Operations Through Mature Implementation - CyberCIEGE: An Information Assurance Training and Awareness Video Game - DISA Partnership Conference - CSIAC Spotlight on Research: George Mason University - CSIAC Spotlight on Subject Matter Expert (SME): Dr. XinYuan (Frank) Wang - Ask the Expert     Volume 10 Number 1 Title: Look out! It's the fuzz Overview: Software fuzzing is a relatively new software auditing technique responsible for finding many of the bugs and security vulnerabilities found in utilities, software applications, and network protocols. To understand what fuzzing is, we need to understand how fuzzing originated. Also Inside: - An CSIAC/DACS State-of-the-Art-Report on Software Security Assurance - The Morphing of a Cyber Operations Curriculum at the Air Force Institute of Technology (AFIT) - ESSG - Ask the Expert: IANETSEC - 6th Annual Department of Defense (DoD) Cyber Crime Conference - CSIAC Spotlight on Research: Purdue University - CSIAC Spotlight on Subject Matter Expert (SME): Researchers at CERIAS     Volume 9 Number 4 Title: Phishing: Fraud for the 21st Century Overview: Phishing refers to a new form of cyber crime that is quickly gaining popularity. During the past several years, there has been a steady increase in the use of online financial services for everything from paying utility bills to conducting banking and brokerage transactions. Also Inside: - Verifying Network Intrusion Detection Alerts - Data Integrity and Proof of Service in BitTorrent-Like P2P Environments - An Overview of Voice over Internet Protocol (VoIP) - Countering DDoS Attacks with Multi-Path Overlay Networks - CSIAC Spotlight on Research: University of California, Davis (UC Davis) - CSIAC Spotlight on Subject Matter Expert (SME): Dr. Matt Bishop     Volume 9 Number 3 Title: Generating Policies for Defense in Depth Overview: In 2002, DARPA challenged the research community to design and demonstrate an unprecedented level of survivability for an existing DoD information system by combining Commercial-Off-The-Shelf (COTS) technologies with those developed by DARPA. Also Inside: - A Virtual Environment for Safe Vulnerability Assessment (VA) - Black Hat and DEFCON - Efficient Path Authentication for Border Gateway Protocol (BGP) Security - 7th Annual IEEE Information Assurance Workshop (IAW) - Significant New Developments in Cyberlaw - ESSG Corner - Digital Forensics Education at the Air Force Institute of Technology (AFIT) - CSIAC Spotlight on Research: University of New York at Stony Brook (SUNY-SB) - CSIAC Spotlight on Subject Matter Expert (SME): Dr. Tzi-cker Chiueh     Volume 9 Number 2 Title: SAMATE's Contribution to Information Assurance Overview: There is far too much software in today's information world to check manually. Even if people had the time to inspect thousands or millions of lines of code, nobody could remember all the constraints, requirements, and imperatives to make sure the software is secure. Automated tools are a must. Also Inside: - Sensitive Data Anonymization - Removing Security through Obscurity from Software Watermarking - Vulnerability Analysis of J2ME CLDC Security - A Survey of Graphical Passwords - CSIAC Spotlight on Research: Georgia State University - CSIAC Spotlight on Subject Matter Expert (SME): Dr. Ying Zhu     Volume 9 Number 1 Title: Processing Data to Construct Practical Visualizations for Network Security Overview: Processing Data to Construct Practical Visualizations for Network Security Network vulnerabilities are increasingly rampant despite advances in Intrusion Detection Systems (IDSs) and Intrusion Prevention Systems (IPSs). Even as funding and work by government, industry, and academia to counter these vulnerabilities increases, over 1,000 variants of worms and viruses have been discovered during the past six months, and the level of network traffic increases as capacity increases. Also Inside: - GIG-BE Improving the Warfighter's Information Pipeline - What is Secure Software? - CPOL: High-Performance Policy Evaluation - Creating a Network Warfare Operations Career Force - Cyber Security Dimensions of Critical Infrastructure Protection (CIP) Conference - Privileged Escalation Through Trusted E-mails - Defending Warfighter Networks - CSIAC Spotlight on Research: Johns Hopkins University - CSIAC Spotlight on Subject Matter Expert (SME): Dr. Aviel "Avi" D. Rubin     Volume 8 Number 4 Title: Impact of International Information Assurance (IA) Standardization Overview: As government, industry, and citizens in the US and abroad rapidly increase their reliance on computers, they face corresponding increases in the cost and difficulty of assuring the protection of information that their computer systems transmit, process, and store. Also Inside: - When Writing Software, Security Counts! - Viruses, Worms, and Trojan Horses Welcome Here! - CSIAC New Address, New Look, Continued Service - DOWN with Trusted Devices Network Securty Monitoring: Beyond Intrusion Detection - Air Force Enterprise Defense (AFED) - CSIAC Attended Conferences - CSIAC Spotlight on Research: Mississippi State University - CSIAC Spotlight on Subject Matter Expert (SME): Dr. Rayford Vaughn     Volume 8 Number 3 Title: Net-Centric Assured Information Sharing - Moving Security to the Edge through Dynamic Certification & Accreditation Overview: Across the US Department of Defense (DoD), the goals of net-centricity are transforming the way in which Information Assurance (IA) must be achieved to facilitate assured information sharing, accelerate decision making, improve joint warfighting, and ensure the ability to dynamically exchange system-security credentials. Power to the Edge implies greatly enhanced peer-to-peer communications. Security to the Edge assumes the need to assure a system's security status and to provide security assertions precisely where interoperability and communications must occur. DoD soon-to-be published Department of Defense Information Assurance Certification and Accreditation Process (DIACAP), combined with a suite of supporting capabilities, form an integrated program that proposes to address this emerging environment. DIACAP is generating increasing interest among its represented customers, DoD Components, and many other groups who are affiliated with developing the Global Information Grid (GIG). Also Inside: - IA/CND Enterprise-wide Solutions Steering Group or ESSG - 6th Annual IEEE Information Assurance Workshop - A Honeypot for the Exploration of Spammers' Behavior - Taxonomy Development Methodology - DoD Cyber Crime Center (DC3) - Quarterbacking Information Management - A Content Staging Overview - CSIAC Spotlight on Research: Air Force Institute of Technology (AFIT) - CSIAC Spotlight on Subject Matter Expert (SME): Dr. Rusty Baldwin     Volume 8 Number 2 Title: Common Technology Needs and Capability Gaps Across DoD's IA and CND Communities Overview: Across the US Department of Defense (DoD), a number of organizations have published strategies, plans, roadmaps, initiatives, and reference-capabilities documents, all in an effort to depict Defense-wide plans, requirements, and outstanding needs for Information Assurance (IA) technologies. These various documents can be said to generally fall into two areas: documents that characterize IA plans and requirements and documents that depict Computer Network Defense (CND) plans and requirements. Even though CND is formally acknowledged as a discipline within IA, as depicted in their strategic and planning documents, the focus and priorities of CND planners often differ significantly from those of broader IA planners. Moreover, even within the IA or CND discipline, there are often conflicts among the visions depicted in different organizations' strategic or planning documents. This multiplicity of documents, all ostensibly containing complementary if not duplicative objects but reflecting different viewpoints, led the Cyber Security and Information Systems Information Analysis Center (CSIAC) Steering Committee to question whether it was possible to analyze the full range of DoD IA and CND plans and requirements contained in those documents to (1) reveal areas of unnecessary duplication and unexpected disjuncture and (2) to identify significant omissions. A team of CSIAC IA Subject Matter Experts (SMEs) was tasked by the Steering Committee to perform an analysis of a broad, representative set of DoD IA and CND documents published by several different DoD organizations. Also inside: - Dartmouth College - The Kerf Toolkit for Intrusion Analysis - - Integrating Information Assurance into the DoD Acquisition System - Threats Posed by and to 802.11 Wireless Networks - Careless Keystrokes Can Kill - CSIAC Spotlight on Research: Dartmouth College - CSIAC Spotlight on Subject Matter Expert (SME): Dr. Sergey Bratus     Volume 8 Number 1 Title: IA Strategy: The Plan and Your Role Overview: The Global Information Grid (GIG), with its potential to empower our warfighters with accurate, secure, timely information, mandates our Information Assurance (IA) community unprecedented implementation efforts. This article discusses the first Goal of the Department of Defense's (DoD) dynamic visions - to protect information - and how the GIG has redefined our approach to managing information. Also inside: - Security and Trust - Protecting Informationn - The GIG IA Architecture - Defending Systems and Networksn - DoD's IIAPn - From Bombs to Bytes - Transforming DoD's IA Programn - An Empowered Workforce - Developing IA Training - Emerging Technologies in IA - CSIAC Spotlight on Research: Pennsylvania State University - CSIAC Spotlight on Subject Matter Expert (SME): Dr. Peng Liu     Volume 7 Number 4 Title: Total Electronic Migration System Overview: The recently launched Total Electronic Migration System (TEMS) represents a long-term approach to providing access to electronic documents. The implementation of TEMS allows DTIC's eleven IACs to store, search, retrieve, and use Scientific and Technical Information (STI) to carry out their missions. Also inside: - Social Engineering-The Mother of All Trojan Horses - An Overview and Example of the Buffer-Overflow Exploit - Commodity Absence and Data Security - CSIAC Spotlight on Research: Naval Postgraduate School (NPS) - CSIAC Spotlight on Subject Matter Expert (SME): Dr. J. Bret Michael     Volume 7 Number 3 Title: The Cyber Conflict Studies Association Overview: Founded in 2003, the Cyber Conflict Studies Association (CCSA), is a not-for-profit, national membership organization devoted to the study of issues related to conflict in the Information Age. Also inside: - Preventing Widespread Malicious Code - The Future of Network Intrusion Detection - IPv6-The Next Generation Internet Protocol - The Importance of High Quality IA Metrics - DEFCON 12 Security Conference - Evidence-based Health Care and IA     Volume 7 Number 2 Title: Ontology Development Challenges and Applications Using the DARPA Agent Markup Language (DAML) Overview: The challenges and various steps involved in developing ontologies for use by software applications will be discussed in this article, as well as how the DARPA Agent Markup Language (DAML) can be leveraged as a knowledge representation language. Also inside: - Special Reports: Agent-Based Software System, Autonomic Computing, Computer Immunology, the Semantic Web - Computer Investigation Markup Language (CIML) - DoD's Changing InformationOperations Landscape - Detecting Early Indications of a Malicious Insider - International Cyber Awareness     Volume 7 Number 1 Title: The National Institute of Standards and Technology (NIST) Computer Security Incident Handling Guide Overview: The potential impact to an organization from a single incident can be incredibly high. A formal incident response capability is invaluable in quickly identifying and mitigating incidents, reducing their impact. Also inside: - The NIST Computer Security Incident Handling Guide - Web Application Security - DoD's Changing InformationOperations Landscape - Information Assurance - Are You Prepared? - Special Report: Grid Computing     Volume 6 Number 4 Title: Information Assurance (IA) and Peer-to-Peer File Sharing Overview: While many organizations have existing policies that prohibit the use of P2P, the P2P applications have evolved to bypass security countermeasures imposed by system administrators in order for the applications to get out and share files on the Internet. Also inside: - DoD Enterprise-Wide IA/CND Solutions Steering Group - Distributed Cyber Forensics - Attack-Graph Simulation Approach to Vulnerability Management - Next-Generation Enterprise Architecture Framework - Special Report: Cognitive Computing and Machine Learning - DoD BMO Assumes New Leadership     Volume 6 Number 3 Title: A New Strategy - A New USSTRATCOM Overview: The 'strategic' in U.S. Strategic Command (USSTRATCOM) is no longer synonymous with the term 'nuclear.' Rather, the new command offers a wider range of strategic and globally oriented warfighting options - both conventional and non-conventional within a compact period of time. Also inside: - The road Ahead for Computer Network Defense Service Providers - Zen and the Art of Scanning Networks - A Tour of Scanrand 2.0 - INFOSEC Research Council - What is the INFOSEC Research Council? - SARS, Tylenol, and Malicious Code - USSTRATCOM/JTF-CNO 1st Semi-Annual JTF-CNO Computer Network Defense (CND) Community of Interest (COI) Conference - A Framework for Information Assurance     Volume 6 Number 2 Title: The Peter Kiewit Institute (PKI) Overview: Student oriented, industry driven, the Peter Kiewit Institute (PKI) merged students, faculty, business, and government to launch the international launch of the Lewis and Clark bicentennial database server and event welcome Web site. Also inside: - New International Partnership--Assisting PKI Students and Faculty With Next Generation Computer Graphics - If Seeing is Believing--Success is Evident at PKI! - Building a Parallel Password Cracking Environment--A Case Study - The Department of Defense (DoD) Information Assurance Scholarship Program (IASP) - State-of-the-Art Information Warfare (IW) Training - USPACOM Annual Information Assurance (IA) Conference - Vulnerability Assessments - NETWARCOM     Volume 6 Number 1 Title: Training and Preparing for Net-Centric Warfare Overview: Among the many efforts underway at NPS to support NCW initiatives, the faculty of the Department of Computer Science have created specialty courses and tracks in addition to redesigning some existing courses to help prepare officers for the task of acquiring high-quality software-intensive systems. Also inside: - Aggregation and Inference-Invisible Threats to Information Security - Transforming the U.S. Air Force Enterprise Network - The 1st Federal PKI Deployment Workshop-A Success Story - The DoD-Industry IA Interface-Improving the Relationship - National Security Agency-IA Training Opportunities - OMB Praises Security Assessment Tool     Volume 5 Number 4 Title: Growing Up With Guns" A Cultural Education and the Information Age Overview: During a decade of working with information operations and infrastructure protection issues, I have observed a pattern that I feel has critical implications for America's technological future. I am convinced our culture must recognize its need to supply citizens with a common framework for discourse, debate, and decisions about technology. Meeting this need is essential for our country to meet the challenges of the Information Age. Also inside: - US, UK, CAN, AUS, and NZ Computer Network Defense (CND) Technical Conference - Computer and Telecommunication Infrastructure-How People and Organizations Interrelate - IEEE 802.11 Countermeasures - Anatomy of Cyberterrorism-Is America Vulnerable? - Center of Education Excellence: Understanding the Role of Biometrics and Information Assurance Within the DoD     Volume 5 Number 3 Title: Security Benchmarks: A Gold Standard Overview: On July 17, the NSA, DISA, NIST, FBI's NIPC, GSA, SANS Institute, and the Center for Internet Security jointly announced minimum standards for securing computers using Microsoft Windows 2000 Professional. The unprecedented announcement, led by Presidential Cyber Security Advisor Richard Clarke, is an effort to stop most com-mon attacks against computer networks both inside and outside the Government. The new benchmark provides detailed configuration specifications for computers run-ning Windows 2000 Professional and that are to be connected to networks. Also inside: - The Importance of Consensus Security Benchmarks - Measuring the Value of Security Guides - Enterprise Security Enabled by CVE - Operationalizing Critical Infrastructure Protection: A Combatant Command Perspective - The South Florida Honeynet Project: Yesterday, Today, and Tomorrow - Guard Technologies: Connecting the Dots     Volume 5 Number 2 Title: Trust in Cyberspace? Overview: The concept of trust is intuitive, but there are challenges involved in defining, measuring, specifying, and computing trust. We all seem to know what trust is. If you ask a person whether he trusts another person, you are likely to get a 'yes' or 'no' answer. Ask the same person whether he trusts another person with his life, car, finances, or electronic business, and you are likely to receive quite different responses for each of these contexts of trust. Also inside: - GIG Interconnection Approval Process (GIAP) - An Overview of the Evolving Law Related to Computer Network Defense - The College Cyber Defenders - Information Security Incident Response, Part II: Creating and Incident Response Team - Space-Based Blue Force Tracking - BlackBerry Security in a Military Environment     Volume 5 Number 1 Title: Information Systems Security Incident Response Overview: Many companies today have spent time and money on their Internet sites by investing in defenses against computer security incidents. Despite the best planning, incidents do happen and defenses are overrun. When that occurs an incident response capability may be all that stands between an enterprise's computing environment and an incident that can threaten even the viability of the enterprise. Also inside: - IATF: At Five Years Old: A Wealth of Knowledge, and Still Growing! - Phoenix Challenge: Information Operations Concepts and Solutions Exploration in the 21st Century - Software Decoys for Software Counterintelligence - FIWC IO Technology Workshop - Continuity of Operations (COOP)     Volume 4 Number 4 Title: Cyber Terror: Potential for Mass Effect Overview: With the tragic events of 9-11, the ensuing anthrax spread, and the war on terrorism DoD and Government are faced with an ever increasing new threat-Cyber Terror. While terrorists' plans have traditionally involved physical attacks, DoD's increasing reliance on a highly interconnected information grid translates into a growing possibility that terrorists could elect to employ computer network attacks. As the Internet has expanded and DoD's reliance on it increased, protests and political activism have entered a new realm. Political activism on the Internet has already generated a wide range of activity, from using E-mail and Web sites to organize, to Web page defacements and denial-of-service attacks. This edition of the IAnewsletter features two articles which address this evolving threat. Also inside: - DoD IA Acquisition Initiatives - PACOM TCCC Update - Building the LE/CI COP - Biometrics & Smart Card Integration     Volume 4 Number 3 Title: CERT/CC: Tracking, Preventing & Resolving Computer Security Incidents Overview: In past editions of the IAnewsletter we have featured many of DoD's premier network security organizations including the DoD CERT, the Joint Task Force for Computer Network Operations and each Service's security incident response teams. CERT/CC is one of the many organizations strongly aligned with DoD's network security commands. For this reason, this edition of the IAnewsletter features three articles from the security professionals at CERT/CC. Additional articles include- - DIAP Reorganizes Reflecting the DoD Defense-in-Depth Strategy - Tactical Decision Exercises-Preparing the JTF-CNO for Mission Readiness - A Metric for Availability - Configuration Management Compliance Validation     Volume 4 Number 2 Title: Modeling & Simulation Overview: This issue showcases CSIAC's newest SOAR on Modeling & Simulation for IA. This report was co-authored with MSIAC. Also in this edition- - Developing ATM Intrusion Detection Systems to Support the High Performance Computing Modernization Program - International Technology Watch Partnership - Virtual Technology Exposition - Life Cycle Security and the DITSCAP - Today's Information Security Challenge - CyberWolf     Volume 4 Number 1 Title: SPACECOM Overview: This issue's feature article is from SPACECOM on "Revising the DoD INFOCON System" and specifically addresses the activities and processes upon which SPACECOM has focused. Following this is a EUCOM article summarizing Combined Endeavor 2000. From the Allied perspective, is an article on CND in a Coalition Environment. Several other information articles follow on topics such as Biometrics Technology, Information Operations in the Army Reserve and an overview of FIPS 140-2     Volume 3 Number 4 Title: USPACOM Theater Network Operations Overview: The largest to-date feature article from USPACOM former director for C4 on Theater Network Operations. Followed by a retrospective on Computer Network Defenses by Maj Gen John Campbell. Also included are articles from: - U.S. Naval Forces in Europe - JTF-CND - Law Enforcement and Counterintelligence Support to CND - IA Training at the US Army's Computer Science School - PKI Help Desk - Marine Corps CND - IO/IA Visualization Technologies SOAR released - CSIAC's newest product-the Collection Acquisitions CD-ROM-introduced     Volume 3 Number 3 Title: Warfighter Support in a Coalition Environment Overview: This issue contains an article from Joint Forces Command (JFCOM) on their Coalition Interoperability Solution, The Hexagon. Also covered is EUCOM's Information Assurance Conference. At 36 pages, this issue is our largest to date and boasts such great articles as: - JTF-CND Intelligence Support - ZENITH STAR 99-1 - Distributed Denial of Service Tools from DoD CERT - Air Force Materiel Command's Information Defense-Information Assurance - The Army Prepares for the Next Generation of Warfare - The Burning Zone-Containing Contagion in Cyberspace - Computing on the Virtual Border-.mil meets .edu - In Pursuit of the "Trustworthy" Enterprise     Volume 3 Number 2 Title: Defense in Depth Overview: The physical analogy for this strategy is the formidable layered defenses of the medieval castle. The Fall 1999 cover article discusses this strategy. This issue features a slew of great articles, such as- - Matrix Mission Planning in Information Operations - DoD Computer Security Tips for Y2K - SHERLOCK: A Third Generation Log Analysis Tool Plus a Special Section on the: - JTF-CND Component Commands - ACERT/ARFOR-CND - MARFOR-CND - Navy Computer Network Defense - Monitoring and Protecting the Global Network     Volume 3 Number 1 Title: USSOUTHCOM Overview: This feature article is on the U.S. Southern Command's Information Sharing Projects. Also in this issue is an article on the Law of Computer Network Defense. DISA'S DoD CERT covers the DoD IAVA Process. FIWC covers the Naval IO Wargame '99 and the U.S. Air Force Research Lab discusses the Automated Intrusion Detection Environment. This issue includes an article on Raytheon's SilentRunner, and highlights the updated Intrusion Detection Tools Report as well as DISA's New Infosec Training Products.     Volume 2 Number 4 Title: Coalition IA Overview: The feature article on Coalition IA is from the U.S. Army Signal Command. Also in this issue is an article on IA Red Teaming from OASD(NII). DISA's DoD CERT covers "Meeting the Melissa Virus Head On." HQCECOM covers "I2WD's Role in Securing the Digitized Force" and the U.S. Army Research Lab speaks out on "Using Operations Security Methods to Protect DoD Information." This issue includes an article on face recognition technology, JMU's Internet-based Information Security Master's Program, and highlights the latest CSIAC reports released!     Volume 2 Number 3 Title: JTF-CND Overview: This issue includes a feature article on the Joint Task Force for Computer Network Defense. Also in this issue are articles from USACOM on their IA Certification Program, U.S. Army ODISC4 on "The New Arms Race for the Information Age," NAWCAD on "Risk-Based Decision Making," Sandia National Laboratories on "The Next Generation of Security Engineering Tools," Purdue University on "Educating the Next Generation of Security Specialists," and a vulnerability assessment tool from Harris     Volume 2 Number 2 Title: N/A Overview: This issue highlights Information Assurance (IA) initiatives at various levels within the Department of Defense and the IA Vendor Community. The newsletter features "The Defense-Wide Information Assurance Program" from OASD(NII)/IA and an NIPC article entitled "protecting Our Critical Infrastructures Through Public-Private Partnership." Also included is an "Intrusion Detection System Evaluation" article from the Lincoln Laboratory at MIT, "Detecting Intrusions Cooperatively Across Multiple Domains" from the University of Idaho and Lucent Technologies, Inc. The newsletter also features a selection of Firewalls tools maintained in the IA Tools Data Base. (Available in electronic copy only)     Volume 2 Number 1 Title: N/A Overview: This issue features an article from the U.S. Strategic Command on "Incorporating IA into Global Guardian" and an article from the Navy INFOSEC Program Office on "Security Tools for Network Centric Warfare." From the R&D community comes an article from the Army Research Laboratory entitled "ARL Primes Army Information Assurance Capability." Also included is an article from AXENT Technologies, Inc. and a selection of Vulnerability Analysis tools maintained in the IA Tools Database as well as a summary of DIA's Information Warfare Course.     Volume 1 Number 3 Title: N/A Overview: This issue highlights ongoing Information Assurance initiatives within the Department of Defense. The newsletter includes a feature article by the Joint Command and Control Warfare Center (JC2WC) on "Defending Against C2W and IW Attack" and a summary article highlighting the recent Information Assurance Seminar Game hosted by the U.S. Army War College. The newsletter also features a selection of Intrusion Detection tools found in the Information Assurance Tools Database, as well as an overview of available products.     Volume 1 Number 2 Title: N/A Overview: The feature article for this issue encircles the Defense Intelligence Agency's (DIA) commitment to information operations by establishing the DIA Information Warfare Support Office. Also included is a commentary by then Director of CSIAC, Dr. John I. Algers, title "Information Assurance Evolves from Definitional Debate" that considers the rise and importance of information assurance to the warfighter.     Volume 1 Number 1 Title: N/A Overview: The Cyber Security and Information Systems Information Analysis Center's inaugural issue includes an introduction to the establishment of CSIAC and a brief description of core operations and the technical area task program. Also included is a feature article by the Joint Staff on JV2010 and the OSD initiatives by ASD/C3I.