Reports
Reports detail methodologies and products that the Information Assurance (IA) at the National Security Agency has tested to ensure hardened security. These include event log monitoring, guidance, and mitigation information.
-
From section:
Reports
A Guide to Border Gateway Protocol (BGP) Best Practices
The dominant routing protocol on the Internet is the Border Gateway Protocol (BGP). BGP has been deployed since the commercialization of the Internet and version 4 of BGP is over a decade old. BGP works well in practice, and its simplicity and resilience enabled it to play a fundamental role within the global Internet. However, BGP inherently provides few performance...
17 September 2018 17 page(s) pdf
-
From section:
Reports
WPA3 will Enhance Wi-Fi Security
On January 8th 2018, the Wi-Fi alliance announced new enhancements to Wi-Fi Protected Access II (WPA2) security specification and a new WPA3 security specification. Enhancements to WPA2 will include improvements in authentication, encryption, and configuration requirements. WPA3 will build on the WPA2 enhancements and will offer enhanced protection for Wi-Fi networks that use password-based authentication, improved privacy on open networks,...
10 July 2018 8 page(s) pdf
-
From section:
Reports
Steps to Secure Web Browsing
Web browsers pose a unique risk to enterprise infrastructure because of their frequent
exposure to untrusted dynamic content. Configuring browser security settings is
challenging due to uncertainty of both attack mitigation effectiveness and impact on end
users. A key goal of this paper is to avoid impact to users while mitigating as many
attacks as possible. The following guidance uses...18 May 2018 3 page(s) pdf
-
From section:
Reports
Seven Steps to Effectively Defend Industrial Control Systems
Cyber intrusions into US Critical Infrastructure systems are happening with increased
frequency. For many industrial control systems (ICS), it’s not a matter of if an intrusion
will take place, but when. The capabilities of our adversaries have been demonstrated
and cyber incidents are increasing in frequency and complexity. Simply building a
network with a hardened perimeter is no longer adequate....06 April 2018 9 page(s) pdf
-
From section:
Reports
NSA/CSS Technical Cyber Threat Framework v1
This framework was designed to help NSA characterize and categorize adversary activity by using a common technical lexicon that is operating system agnostic and closely aligned with industry definitions. This common technical cyber lexicon supports sharing, product development, operational planning, and knowledge driven operations across the IC. Public dissemination of the technical cyber lexicon allows for collaboration within the whole...
08 March 2018
-
From section:
Reports
Inspection and Sanitization Guidance for Exchangeable Image Format (EXIF)
Exif is structured, tagged metadata contained within some media file formats. This data is used by digital camera manufacturers and applications that process digital images to provide additional information about media files. The metadata includes manufacturer specific information such as the make, model and lens information of the device that generated the file; image information (e.g., date/time of capture) and...
31 January 2018 37 page(s) pdf
-
From section:
Reports
Inspection and Sanitization Guidance for the Department of Defense (DOD) Electronic Biometric Transmissions Specifications (EBTS) File Format
The purpose of this document is to provide guidance for the development of sanitization and analysis software for Department of Defense (DOD) Electronic Biometric Transmission Specification (EBTS) biometric files. This document analyzes elements and objects contained within the EBTS file structure and then discusses the data hiding, data attack, and data disclosure risks. It describes how identified elements can be...
31 January 2018 81 page(s) pdf
-
From section:
Reports
Analysis of Optical Character Recognition (OCR) Techniques for Security Marking Detection
This document deconstructs the problem of automated character recognition and defines a methodology for conducting optical character recognition (OCR) on images for boundary protection devices to determine their classification. This research can be leveraged in order to make determinations on the transfer of images between security domains.
31 January 2018 38 page(s) pdf
-
From section:
Reports
Security Guidance for the Use of JavaScript Object Notation (JSON) and JSON Schema
This paper provides guidance for creating JSON schemas. Validating JSON instance documents against properly designed JSON schemas can reduce the risk of transferring unauthorized or malicious data. Note that schema validation alone is not enough to prevent transfer of unauthorized data; users must perform other content filtering such as dirty word and anti-virus checks, in conjunction with schema validation.
31 January 2018 54 page(s) pdf
-
From section:
Reports
Inspection and Sanitization Guidance for Portable Network Graphic (PNG)
The purpose of this document is to provide guidance for the development of a sanitization or analysis software tool for Portable Network Graphics (PNG) files. This document analyzes the various elements contained within the PNG images and then discusses data attack, data disclosure, and data hiding risks. It describes how these elements can then be a cause for concern from...
31 January 2018 41 page(s) pdf
Top