CyberSecurity Monitoring Tools and Projects: A Compendium of Commercial and Government Tools and Government Research Projects

Lapadula, Leonard J.

CyberSecurity Monitoring Tools and Projects: A Compendium of Commercial and Government Tools and Government Research Projects

Active / Technical Report | Accession Number: ADA465101 |

Open PDF

Abstract:

This document is a compendium of CyberSecurity Monitoring CSMn automated tools and research projects. In the first appendix to this document, users will find an explanation of what the author means by CyberSecurity Monitoring. In the second appendix, users will find a description of the attributes used to describe the tools and projects. In the descriptions of tools and projects, the author has used the unverified claims of the vendors and projects, paraphrasing what they have written to ensure a uniform style of presentation. In some cases, some other source of information was used these cases are noted individually. The third appendix focuses on projects being conducted at the Air Force Research Laboratory, Rome, NY. These projects encompass intrusion detection, damage assessment and recovery, forensic analysis, analysis and decision support, and intrusion detection support tools. A compendium of this type cannot cover all CSMn tools and projects -- there are too many of them and the population changes rapidly. For the commercial off-the-shelf COTS products, the author started the compendium in the latter half of 1998, and published the first version of it in March 1999 under the title Compendium of Anomaly Detection and Reaction Tools and Projects. On May 17, 2000, he issued a revision of that work, which included more products and projects as well as new types of automated tools. In this Aug 2000 version of the compendium, the author has avoided the use of the word anomaly and has narrowed the subject matter from cybersecurity management to cybersecurity monitoring. This revision includes all the government off-the-shelf GOTS products for which information could be obtained 4. All the research and development projects are ones that are funded, directly or indirectly, by the U.S. government. The compendium is organized into three sections 1 Commercial Off-the-Shelf Products, 2 Government Off-the-Shelf Products, and 3 Research and Development.

Author(s):

Lapadula, Leonard J.

Author Organization(s):

MITRE CORP BEDFORD MA CENTER FOR INTEGRATED INTELLIGENCE SYSTEMS

Descriptive Note:

Compendium

Supplementary Note:

The original document contains color images.

Pagination:

0128

Security Markings

DOCUMENT & CONTEXTUAL SUMMARY

Distribution:

Approved For Public Release

Distribution Statement:

Approved For Public Release; Distribution Is Unlimited.

RECORD

Collection: TR

Identifying Numbers

Report Number(s):

MP-00B0000018R3

Contract/Grant Number(s):

F19628-99-C-0001

Monitor Series:

USAF

Subject Terms

Joint Capability Areas:

JCA_6_Net Centric; JCA_5_Command and Control; JCA_7.1.2_Prevent Non-kinetic Attack; JCA_7.1_Prevent; JCA_7_Protection; JCA_6.1.3_Switching and Routing; JCA_6.1.1_Wired Transmission; JCA_6.1_Information Transport; JCA_5.3_Planning; JCA_6.4.1_Secure Information Exchange; JCA_6.4.2_Protect Data and Networks; JCA_6.4_Information Assurance; JCA_8_Building Partnerships; JCA_8.2_Shape; JCA_8.2.4_Leverage Capacities and Capabilities of Security Establishments; JCA_3_Force Application; JCA_3.2_Engagement; JCA_3.2.2_Non-Kinetic Means; JCA_5.3.1_Analyze Problem; JCA_5.3.2_Apply Situational Understanding; JCA_5.4_Decide

Modernization Areas:

Cyber

Communities of Interest:

Cyber

Descriptor(s):

*COMPUTER PROGRAMS, *UNITED STATES GOVERNMENT, *MONITORING, *COMPUTER NETWORKS, *VENDORS, *INTRUSION DETECTION(COMPUTERS), *OFF THE SHELF EQUIPMENT, AIR FORCE, RISK ANALYSIS, SCIENTIFIC RESEARCH, INFORMATION ASSURANCE, RISK MANAGEMENT, DUAL USE TECHNOLOGY, DECISION SUPPORT SYSTEMS, NETWORK ANALYSIS(MANAGEMENT), DAMAGE ASSESSMENT, STATE OF THE ART, CORPORATIONS, INFORMATION SYSTEMS

Field(s)/Group(s):

Information Science, Computer Systems Management and Standards, Logistics, Military Facilities and Supplies

Keyword(s):

*CYBERSECURITY MONITORING, *COMMERCIAL PRODUCTS, *GOVERNMENT PRODUCTS, INTRUSION DETECTION AND REACTION, VULNERABILITY SCANNING, POLICY COMPLIANCE SCANNING, NETWORK MONITORING, HOST MONITORING, SYSTEM MONITORING, INTRUSION RESPONSE, NETWORK SCANNING, COMMERCIAL VENDORS, RESEARCH AND DEVELOPMENT, AIR FORCE RESEARCH LABORATORY

Report Date:

2000 Aug 01

Creation Date:

2007 Apr 25