"Toward a Safer and More Secure Cyberspace" ed. by Seymour E. Goodman and Herbert S. Lin

This book examines these Internet security vulnerabilities and offers a strategy for future research aimed at countering cyber attacks. It also explores the nature of online threats and some of the reasons why past research for improving cybersecurity has had less impact than anticipated, and considers the human resource base needed to advance the cybersecurity research agenda. This book will be an invaluable resource for Internet security professionals, information technologists, policy makers, data stewards, e-commerce providers, consumer protection advocates, and others interested in digital security and safety.

Given the growing importance of cyberspace to nearly all aspects of national life, a secure cyberspace is vitally important to the nation, but cyberspace is far from secure today. The United States faces the real risk that adversaries will exploit vulnerabilities in the nation s critical information systems, thereby causing considerable suffering and damage. Online e-commerce business, government agency files, and identity records are all potential security targets.

Contents
Executive Summary
Part I SETTING THE STAGE
1 Introduction
1.1 The Report in Brief
1.2 Background of the Study
2 What Is At Stake ?
2.1 Interconnected Information Technology Everywhere, All the Time
2.2 The Nature of Cybersecurity Vulnerabilities
2.3 Systems and Networks at Risk
2.3.1 Attacks on the Internet
2.3.2 Attacks on Embedded/Real-Time Computing and Control Systems
2.3.3 Attacks on Dedicated Computing Facilities
2.4 Potential Consequences of Exploits
2.5 The Magnitude of the Threat Against Today’s Technologies
2.6 An Ominous Future
2.6.1 The Evolution of the Threat
2.6.2 The Broad Range of Capabilities and Goals of Cyberattackers
3 Improving the Nation ’s Cybersecurity Posture
3.1 The Cybersecurity Bill of Rights
3.1.1 Introduction to the Cybersecurity Bill of Rights
3.1.2 The Provisions of the Cybersecurity Bill of Rights
3.1.3 Concluding Comment
3.2 Realizing the Vision
3.3 The Necessity of Research
3.4 Principles to Shape the Research Agenda
3.4.1 Principle 1: Conduct cybersecurity research as though its application will be important
3.4.2 Principle 2: Hedge against uncertainty in the nature of the future threat
3.4.3 Principle 3: Ensure programmatic continuity in the research agenda
3.4.4 Principle 4: Respect the need for breadth in the research agenda
3.4.5 Principle 5: Disseminate new knowledge and artifacts
PART II AN ILLUSTRATIVE RESEARCH AGENDA
4 Category 1—Blocking and Limiting the Impact of Compromise
4.1 Secure Design, Development, and Testing
4.1.1 Research to Support Design
4.1.2 Research to Support Development
4.1.3 Research to Support Testing and Evaluation
4.2 Graceful Degradation and Recovery
4.2.1 Containment
4.2.2 Recovery
4.3 Software and Systems Assurance
5 CATEGORY 2—ENABLING ACCOUNTABILITY
5.1 Attribution
5.2 Misuse and Anomaly Detection Systems
5.3 Digital Rights Management
6 CATEGORY 3—PROMOTING DEPLOYMENT
6.1 Usable Security
6.2 Exploitation of Previous Work
6.3 Cybersecurity Metrics
6.4 The Economics of Cybersecurity
6.4.1 Conflicting Interests and Incentives Among the Actors in Cybersecurity
6.4.2 Risk Assessment in Cybersecurity
6.4.3 The Nature and Extent of Market Failure (If Any) in Cybersecurity
6.4.4 Changing Business Cases and Altering the Market Calculus
6.5 Security Policies
7 Category 4—Deterring Would -be Attackers and Penalizing Attackers
7.1 Legal Issues Related to Cybersecurity
7.2 Honeypots
7.3 Forensics
8 Category 5—Illustrative Crosscutting Problem -Focused Research Areas
8.1 Security for Legacy Systems
8.2 The Role of Secrecy in Cyberdefense
8.3 Insider Threats
8.4 Security in Nontraditional Computing Environments and in the Context of Use
8.4.1 Health Information Technology
8.4.2 The Electric Power Grid
8.4.3 Web Services
8.4.4 Pervasive and Embedded Systems
8.5 Secure Network Architectures
8.6 Attack Characterization
8.7 Coping with Denial-of-Service Attacks
8.7.1 The Nature of Denial-of-Service Attacks
8.7.2 Responding to Distributed Denial-of-Service Attacks
8.7.3 Research Challenges
8.8 Dealing with Spam
9 CATEGORY 6—SPECULATIVE RESEARCH
9.1 A Cyberattack Research Activity
9.2 Biological Approaches to Security
9.3 Using Attack Techniques for Defensive Purposes
9.4 Cyber-Retaliation
PART III CONCLUSION
10 Looking to the Future
10.1 Why Has Little Action Occurred?
10.2 Priorities for Action
10.2.1 Item 1: Create a sense of urgency about the cybersecurity problem commensurate with the risks
10.2.2 Item 2: Commensurate with a rapidly growing cybersecurity threat, support a robust and sustained research agenda at levels which ensure that a large fraction of good ideas for cybersecurity research can be explored
10.2.3 Item 3: Establish a mechanism for continuing follow-up on a research agenda
10.2.4 Item 4: Support infrastructure for cybersecurity research
10.2.5 Item 5: Sustain and grow the human resource base
10.3 Concluding Comments
APPENDIXES
A Committee and Staff Biographies
B Cybersecurity reports and policy : the recent past
B.1 Introduction
B.2 Cybersecurity Policy Activity Since 2001
B.3 Identifying Exposures, Best Practices, and Procedures
B.4 Public-Private Collaboration, Coordination, and Cooperation
B.4.1 Information Sharing and Analysis Centers
B.4.2 Alliances and Partnerships
B.4.3 Private-Sector Support for Cybersecurity Research in Academia
B.5 Notable Recent Efforts at Identifying a Research Agenda
B.6 The Current Federal Research and Development Landscape
B.6.1 The Nature of Supported Activity in Cybersecurity
B.6.2 Interagency Cooperation and Coordination
B.6.3 Research Focus Areas
B.6.4 Agency Specifics
C CONTRIBUTORS TO THE STUDY