Department of Defense Sponsored Information Security Research

* After September 11th, the Department of Defense (DoD) undertooka massive and classified research project to develop new securitymethods using technology in order to protect secret informationfrom terrorist attacks* Written in language accessible to a general technical reader,this book examines the best methods for testing the vulnerabilitiesof networks and software that have been proven and tested duringthe past five years* An intriguing introductory section explains why traditionalsecurity techniques are no longer adequate and which new methodswill meet particular corporate and industry network needs* Discusses software that automatically applies securitytechnologies when it recognizes suspicious activities, as opposedto people having to trigger the deployment of those same securitytechnologies

Foreword.Acknowledgements.Introduction (Steven King).Chapter 1. Architecting Information Infrastructures forSecurity (Cliff Wang).1.1 Architectures for Secure and Robust DistributedInfrastructures.1.2 A complex Adaptive System Approach to QoS Assurance andStateful Resource Management for Dependable InformationInfrastructure.1.3 Anomaly and Misuse Detection in Network TrafficStreams-Checking and Machine Learning Approaches.1.4 Distributed Systems Security via Logical Framework.1.5 Distributed Immune Systems for Wireless Networks InformationAssurance.1.6 Hi-DRA High-Speed, Wide-Area Network Detection, Response,and Analysis.Chapter 2. At the Edges of the Critical InformationInfrastructure (David Hislop, Todd Combs).2.1 Enabling Dynamic Security Management of Networked Systemsvia Device-Embedded Security.2.2 Software Model Checking for Embedded Systems.2.3 Advanced tool Integration for Embedded System Assurance.2.4 Verification Tools for Embedded Systems.Chapter 3. Software Engineering for Assurance (RalphWachter, Gary Toth).3.1 Static Analysis to Enhance toe Power of Model Checking forConcurrent Software.3.2 Protecting COTS from the Inside.3.3 RAPIDware: Component-Based Development of Adaptive andDependable Middleware.3.4 Generating Efficient Trust Management Software fromPolicies.3.5 Modeling and Simulation Environment for Critical InformationProtection.Chapter 4. Malicious Mobile Code (Ralph Wachter, GaryToth).4.1 Language-Based Security for Malicious Mobile Code.4.2 Model-Carrying Code: A New Approach to Mobile-CodeSecurity.4.3 Neutralizing Malicious Mobile Code.Chapter 5. Dependable Critical Information Infrastructure forCommand and Control (Robert Herklotz, Chris Arney).5.1 Trustworthy Infrastructure, Mechanisms, and Experimentationfor Diffuse Computing.5.2 Adaptable Situation-Aware Secure Services-Based Systems.5.3 Detecting Deception in the Military Infosphere: Improvingand Integrating Human Detection Capabilities with AutomatedTools.5.4 Vulnerability Assessment Tools for Complex InformationNetworks.