Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Publications by: Peter Mell (Fed)

Displaying 51 - 75 of 129

On the Internet Connectivity in Africa

November 18, 2015

Author(s)

Assane Gueye, Peter Mell, Desire Banse, Faical Y. Congo

This study measures and documents growth of Internet connectivity in Africa from 2010 to 2014 with a focus on inter-country relationships. We evaluate both intra-continent connectivity as well as connectivity to other continents. An initial analysis

Minimizing Attack Graph Data Structures

November 14, 2015

Author(s)

Peter Mell, Richard Harang

An attack graph is a data structure representing how an attacker can chain together multiple attacks to expand their influence within a network (often in an attempt to reach some set of goal states). Restricting attack graph size is vital for the execution

Defensive Resource Allocations with Security Chokepoints in IPv6 Networks

July 15, 2015

Author(s)

Assane Gueye, Peter M. Mell, Richard Harang, Richard J. La

Securely configured Internet Protocol version 6 networks can be made resistant to network scanning, forcing attackers to propagate following existing benign communication paths. We exploit this attacker limitation in a defensive approach in which

Measuring Limits on the Ability of Colluding Countries to Partition the Internet

June 30, 2015

Author(s)

Peter M. Mell, Richard Harang, Assane Gueye

We show that the strength of Internet-based network interconnectivity of countries is increasing over time. We then evaluate bounds on the extent to which a group of colluding countries can disrupt this connectivity. We evaluate the degree to which a group

Evasion-Resistant Network Scan Detection

May 9, 2015

Author(s)

Richard Harang, Peter Mell

Popular network scan detection algorithms operate through evaluating external sources for unusual connection patterns and traffic rates. Research has revealed evasive tactics that enable full circumvention of existing approaches (specifically the widely

The Resilience of the Internet to Colluding Country Induced Connectivity Disruptions

March 3, 2015

Author(s)

Peter M. Mell, Richard Harang, Assane Gueye

Lightweight Packing of Log Files for Improved Compression in Mobile Tactical Networks

October 8, 2014

Author(s)

Peter M. Mell, Richard Harang

Devices in mobile tactical edge networks are often resource constrained due to their lightweight and mobile nature, and often have limited access to bandwidth. In order to maintain situational awareness in the cyber domain, security logs from these devices

Reducing the Cognitive Load on Analysts Through Hamming Distance Based Alert Aggregation

September 30, 2014

Author(s)

Peter M. Mell, Richard Harang

Previous work introduced the idea of grouping alerts at a Hamming distance of 1 to achieve alert aggregation; such aggregated meta-alerts were shown to increase alert interpret-ability. However, a mean of 84,023 daily Snort alerts were reduced to a still

Using Network Tainting to Bound the Scope of Network Ingress Attacks

July 1, 2014

Author(s)

Peter M. Mell, Richard Harang

This research describes a novel security metric, network taint, which is related to software taint analysis. We use it here to bound the possible malicious influence of a known compromised node through monitoring and evaluating network flows. The result is

Limitations to Threshold Random Walk Scan Detection and Mitigating Enhancements

October 16, 2013

Author(s)

Peter M. Mell, Richard Harang

This paper discusses limitations in one of the most widely cited single source scan detection algorithms: threshold random walk (TRW). If an attacker knows that TRW is being employed, these limitations enable full circumvention allowing undetectable high

What's Special About Cloud Security?

July 16, 2012

Author(s)

Peter M. Mell

While cloud security concerns have consistently ranked as one of the top challenges to cloud adoption, it is not clear what security issues are special with respect to cloud computing. To approach this question, we attempt to derive cloud security issues

The Common Misuse Scoring System (CMSS): Metrics for Software Feature Misuse Vulnerabilities

July 10, 2012

Author(s)

Elizabeth LeMay, Peter Mell, Karen Scarfone

The Common Misuse Scoring System (CMSS) is a set of measures of the severity of software feature misuse vulnerabilities. A software feature is a functional capability provided by software. A software feature misuse vulnerability is a vulnerability in which

The NIST Definition of Cloud Computing

September 28, 2011

Author(s)

Peter M. Mell, Timothy Grance

Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with