tailieunhanh - Quantitative Network Security Analysis

In 2001, two federal privacy laws came into effect requiring virtually all businesses to protect the financial and medical information of employees and customers. There is a mistaken belief that these new privacy laws only affect financial and medical firms, but these privacy laws actually cover the privacy of financial and health information. Any company with 401K retirement plan information and medical information on their employees must comply with these new privacy laws. The Gramm-Leach-Bliley Act was signed into . law onNovember 12, 1999 by President Clinton (Public Law 106-102). The act is designed to modernize financial services laws, implement customer protections and privacy policies,. | National Science Foundation Trusted Computing TC Solicitation NsF-01-160 Quantitative Network Security Analysis David Moore Geoffrey M. Voelker and Stefan Savage CAIDA SDSC and CSE Department University of California San Diego 9500 Gilman Drive MS 0505 La Jolla CA 92092-0505 Tel 858 534-5160 Fax 858 534-5117 dmoore@ voelker savage @ Submitted Dec 4 2002 Contents 1 Results from Prior NSF Grants 1 2 Introduction 1 3 Inferring Internet Denial-of-Service Activity 2 Background. 2 Backscatter analysis using a network telescope . 3 Results . 3 Summary . 5 4 Tracking the Code-Red worm 5 Methodology. 6 Host infection rate. 6 Host Classification. 6 Repair rate. 7 Summary. 7 5 Internet Quarantine Containing Self-Propagating Code 8 Modeling Worms. 8 Modeling Containment Systems . 9 Worm containment in the Internet . 9 Network Model . 9 Deployment Scenarios . 10 Code-Red Case Study . 10 Generalized Worm Containment . 11 Summary . 12 i 6 Research Plan 12 Milestones. 13 Management . 13 7 Conclusion 14 ii Quantitative Network Security Analysis Project Summary The field of system security research has long been dominated by individual qualitative results - either demonstrations of individual system vulnerabilities or expositions on the protection provided by individual security measures . firewalls virus detectors IDS systems etc . These contributions though clearly valuable are difficult to evaluate without a complementary quantitative context describing the prevalence and impact of various attacks vulnerabilities and responses. The need for empirical data of this type is critical both for guiding future security research and to provide a well-reasoned basis for developing operational best practices. At the same time there are tremendous challenges in collecting and analyzing network information at sufficient scale that these findings are globally meaningful. In previous