|
Research and Publications |
The research projects and papers collected here are examples of XPost's expertise. You may access them free of charge:
|
Trust Informatics
Gives companies an "early warning system" for reputation risk. By analyzing publicly available security data, XPost's Trust Informatics portal helps organizations understand how their security stacks up against competitors and industry baselines.
http://www.trustinform.com (open in new window)
WhoHosts.us
Shows companies who they are sharing the cloud with. Reveals neighboring web sites to yours, and incorporates data from the Trust Informatics portal to provide a network-specific "reputation score".
http://whohosts.us (open in new window)
DNS Flood Detector
Detects abusive usage levels on high traffic nameservers and enables quick response in halting the use of one's nameserver to facilitate spam.
Download Source Code (.tgz)
IP Flood Detector
Extends DNS Flood Detector to detect any TCP, UDP and ICMP high packet-rate attack.
Download Source Code (.tgz)
Let's Talk about Risk
A person's perception of risk depends on his or her professional background, gender, age
and environment. As a result, IT security practitioners often experience difficulty
communicating security threats to executive management. The author examines several
factors responsible for varying perceptions of risk, including recent findings in the fields
of social psychology, neuroscience and behavioral economics. As a workaround, the
author proposes the use of framing techniques to tailor security messages to a
management audience.
Download Paper (.pdf)
Security Metrics: Building Business Unit Scorecards
The ability to measure the specific contribution of business
unit behavior to overall organizational risk is increasingly important to
today’s security leaders. This paper explores two methods of producing
business unit security metric scorecards, examining metric selection,
data acquisition, and challenges inherent to each approach.
Download Paper (.pdf)
Exploring Anonymous Networking: MIT's Tor Project
Scientists at Massachusetts Institute of Technology have developed a free open source
anonymity protocol (Tor) based on a technology called “onion routing”. This paper evaluates the Tor Onion Routing
software from the perspective of a private citizen seeking anonymous Internet access, and describes potential security weaknesses that may arise from improper use of the software.
Download Paper (.pdf)
|
|
