U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Publications

NIST Authors in Bold

Displaying 101 - 125 of 4378

Labeling Software Security Vulnerabilities - Poster

November 7, 2023
Author(s)
Irena Bojanova, John Guerrerio
Motivation: Crucial need for systematic comprehensive labeling of the more than 228 000 publicly disclosed cybersecurity CVE vulnerabilities to enable advances in modern AI cybersecurity research. Objective: Utilize the Bugs Framework (BF) formalism for BF

Security Analysis of Trust on the Controller in the Matter Protocol

October 27, 2023
Author(s)
Kumar Shashwat, Francis Hahn, Xinming Ou, Anoop Singhal
Matter is an open-source connectivity standard for the purpose of allowing smart home IoT devices from different vendors to interoperate with one another. A controller in a Matter system commissions new devices into the Matter fabric. The device needs to

Guide to Operational Technology (OT) Security

September 28, 2023
Author(s)
Keith A. Stouffer, Michael Pease, CheeYee Tang, Timothy Zimmerman, Victoria Yan Pillitteri, Suzanne Lightman, Adam Hahn, Stephanie Saravia, Aslam Sherule, Michael Thompson
This document provides guidance on how to secure operational technology (OT) while addressing their unique performance, reliability, and safety requirements. OT encompasses a broad range of programmable systems and devices that interact with the physical

Mobile Device Security: Bring Your Own Device (BYOD)

September 28, 2023
Author(s)
Gema Howell, Katie Boeckl, Nakia R. Grayson, Naomi Lefkovitz, Jason Ajmo, R. Eugene Craft, Milissa McGinnis, Kenneth Sandlin, Oksana Slivina, Julie Snyder, Paul Ward
Many organizations provide employees the flexibility to use their personal mobile devices to perform work-related activities. An ineffectively secured personal mobile device could expose an organization or employee to data loss or a privacy compromise

3rd High-Performance Computing Security Workshop: Joint NIST-NSF Workshop Report

September 26, 2023
Author(s)
Yang Guo, Jeremy Licata, Victoria Yan Pillitteri, Sanjay (Jay) Rekhi, Robert Beverly, Xin Yuan, Gary Key, Rickey Gregg, Stephen Bowman, Catherine Hinton, Albert Reuther, Ryan Adamson, Aron Warren, Purushotham Bangalore, Erik Deumens, Csilla Farkas
High-performance computing (HPC) is a vital computational infrastructure for processing large data volumes, performing complex simulations, and conducting advanced machine learning model training. As such, HPC is a critical component of scientific

De-Identifying Government Datasets: Techniques and Governance

September 14, 2023
Author(s)
Simson L. Garfinkel, Joseph Near, Aref Dajani, Phyllis Singer, Barbara Guttman
De-identification is a general term for any process of removing the association between a set of identifying data and the data subject. This document describes the use of deidentification with the goal of preventing or limiting disclosure risks to

Understanding Stablecoin Technology and Related Security Considerations

September 5, 2023
Author(s)
Peter Mell, Dylan Yaga
Stablecoins are cryptocurrencies whose price is pegged to that of another asset (typically one with low price volatility). The market for stablecoins has grown tremendously – up to almost $200 billion USD in 2022. These coins are being used extensively in

National Institute of Standards and Technology Environmental Scan 2023: Societal and Technology Landscape to Inform Science and Technology Research

August 23, 2023
Author(s)
Ashley Boggs-Russell, Kerrianne Buchanan, David W. Griffith, Heather Evans, Dimitrios Meritis, Lisa Ng, Anna Sberegaeva, Michelle Stephens
The 2023 National Institute of Standards and Technology Environmental Scan provides an analysis of key external factors that could impact NIST and the fulfillment of its mission in coming years. The analyses were conducted through three separate lenses

An Infrastructure for Curating, Querying, and Augmenting Document Data: COVID-19 Case Study

August 8, 2023
Author(s)
Eswaran Subrahmanian, Guillaume Sousa Amaral, Talapady N. Bhat, Mary C. Brady, Kevin G. Brady, Jacob Collard, Sarra Chouder, Philippe Dessauw, Alden A. Dima, John T. Elliott, Walid Keyrouz, Nicolas Lelouche, Benjamin Long, Rachael Sexton, Ram D. Sriram
With the advent of the COVID-19 pandemic, there was the hope that data science approaches could help discover means for understanding, mitigating, and treating the disease. This manifested itself in the creation of the COVID-19 Open Research Dataset (CORD

How to Scale a Phish: An Investigation into the Use of the NIST Phish Scale

August 7, 2023
Author(s)
Shanee Dawkins, Jody Jacobs
Organizations around the world are using the NIST Phish Scale (NPS) in their phishing awareness training programs. As a new metric for measuring human phish-ing detection difficulty of phishing emails, the use of the NPS by phishing training implementers

Peering into the Phish Bowl: An Analysis of Real-World Phishing Cues

August 7, 2023
Author(s)
Lorenzo Neil, Shanee Dawkins, Jody Jacobs, Julia Sharp
Organizations use simulated phishing awareness train-ing exercises to help users identify, detect, and defend against the ever-changing phishing threat landscape. Realistic phishing emails are used to test users' ability to spot a phish from visible cues
Displaying 101 - 125 of 4378