Network intrusion detection systems are themselves becoming targets of attackers. Alert flood attacks may be used to conceal malicious activity by hiding it among a deluge of false alerts sent by the attacker. Although these types of attacks are very hard to stop completely, our aim is to present techniques that improve alert throughput and capacity to such an extent that the resources required to successfully mount the attack become prohibitive. The key idea presented is to combine a token bucket filter with a realtime correlation algorithm. The proposed algorithm throttles alert output from the IDS when an attack is detected. The attack graph used in the correlation algorithm is used to make sure that alerts crucial to forming strategies are not discarded by throttling.

Strategic Alert Throttling for Intrusion Detection Systems

The warriors of the future: software developers, one with spiked hair, another who looks too young to vote. They are working on the largest software program in Defense Department history, a project that the military says dwarfs Microsoft's Windows. The project is the heart of Future Combat Systems, the Army's most expensive weapons program.

"There's nothing like it, ever," said Loren B. Thompson, a defense consultant at the Lexington Institute, a public policy think tank. "Nobody has ever before attempted to integrate a software system as remotely complicated as FCS is going to be. It is many times more complicated than any other defense program."

"Magic under the hood" is what Boeing engineer Paul D. Schoen, one of the project leaders, calls the software. Others in the military call it Windows on steroids. John Williams, a chisel-jawed sergeant stationed at the Boeing plant who has served in both wars with Iraq, isn't interested in what it's called.

Military experts question the ability of the code to withstand an onslaught of attacks -- from hackers, worms and Trojan horses -- that could leave soldiers vulnerable.

The Complex Crux Of Wireless Warfare

Two metaphors have been used successfully in designing for and thinking about the Web: the Web as a physical space, and websites as extensions of the body. The synthesis of these is what we could call Web 2.0. But now we have to contend with the importance of experience, in addition to utility, and the increasing demands on the attention of our users. A third metaphor may be reached by regarding users as trajectories, flowing through our websites. By considering the Web in motion, an approach which uses a ‘motivations flowchart’ is demonstrated, where the states of a user are used to derive features regardless of the interaction medium. And an interaction pattern is demonstrated: Snap is syndicated interactions, bringing choices users have to make away from websites and together on their desktop. Finally some challenges for the Web in 2008 are posed: other devices; groups; the future—how does Web design itself become open to amateur creativity, and what new tools should be built?

Movement (Schulze & Webb)

Hillary Clinton and Barack Obama have two different approaches to fixing the economy, and the country. It's less about what to do than how to do it.

The Democrats' Choice: Manager or Visionary

Architecture matters a lot, and in subtle ways.

Risking Communications Security: Potential Hazards of the Protect America Act

We assess that nations, including Russia and China, have the technical capabilities to target and disrupt elements of the US information infrastructure and for intelligence collection. Nation states and criminals target our government and private sector information networks to gain competitive advantage in the commercial sector. Terrorist groups—including al-Qa’ida, HAMAS, and Hizballah—have expressed the desire to use cyber means to target the United States. Criminal elements continue to show growing sophistication in technical capability and targeting, and today operate a pervasive, mature on-line service economy in illicit cyber capabilities and services available to anyone willing to pay.

Each of these actors has different levels of skill and different intentions; therefore, we must develop flexible capabilities to counter each. It is no longer sufficient for the US Government to discover cyber intrusions in its networks, clean up the damage, and take legal or political steps to deter further intrusions. We must take proactive measures to detect and prevent intrusions from whatever source, as they happen, and before they can do significant damage.

At the President’s direction, an interagency group reviewed the cyber threat to the US and identified options regarding how best to integrate US Government defensive cyber capabilities; how best to optimize, coordinate and de-conflict cyber activities; and how to better employ cyber resources to maximize performance. This tasking was fulfilled with the January 2008 issuance of NSPD-54/HSPD-23, which directs a comprehensive national cybersecurity initiative. These actions will help to deter hostile action in cyber space by making it harder to penetrate our networks.

DNI McConnell on 'The Cyber Threat'

A new Alice Munro story!

Free Radicals: Fiction: The New Yorker

Mike McConnell:

Against this backdrop, I will focus my statement on the following issues:

* The continuing global terrorist threat, but also the setbacks the violent extremist networks are experiencing;
* The significant gains in Iraqi security since this time last year and the developing political and economic improvements;
* The continuing challenges facing us in Afghanistan and in Pakistan, where many of our most important interests intersect;
* The persistent threat of WMD-related proliferation:

o Despite halting progress towards denuclearization, North Korea continues to maintain nuclear weapons;
o Despite the halt through at least mid-2007 to Iran’s nuclear weapons design and covert uranium conversion and enrichment-related work, Iran continues to pursue fissile material and nuclear-capable missile delivery systems.

* The vulnerabilities of the US information infrastructure to increasing cyber attacks by foreign governments, nonstate actors and criminal elements;
* The growing foreign interest in counterspace programs that could threaten critical US military and intelligence capabilities;
* Issues of political stability and of national and regional conflict in Europe, the Horn of Africa, the Middle East, and Eurasia;
* Growing humanitarian concerns stemming from the rise in food and energy prices for poorer states;
* Concerns about the financial capabilities of Russia, China, and OPEC countries and the potential use of their market access to exert financial leverage to achieve political ends.

Annual Threat Assessment of the Director of National Intelligence for the Senate Select Committee on Intelligence

If Bolton surprised you last time ...

Today, Director of National Intelligence Michael McConnell testifies before the Senate Intelligence Committee (and Thursday on the House side) to give the intelligence community's annual global threat analysis. These hearings are always significant, but the stakes are especially high now because of the recent National Intelligence Estimate on Iran.

Criticism of the NIE's politicized, policy-oriented "key judgments" has spanned the political spectrum and caused considerable turmoil in Congress. Few seriously doubt that the NIE gravely damaged the Bush administration's diplomatic strategy. With the intelligence community's credibility and impartiality on the line, Mr. McConnell has an excellent opportunity to correct the NIE's manifold flaws, and repair some of the damage done to international efforts to stop Iran from obtaining deliverable nuclear weapons.

There are (at least) three things he should do ...

Our Politicized Intelligence Services

Seymour Hersh:

What did Israel bomb in Syria?

Annals of National Security: A Strike in the Dark