Analysis of the United States Computer Emergency Readiness Team's (U.S. CERT) EINSTEIN III Intrusion Detection System, and Its Impact on Privacy
Abstract
To secure information technology and telecommunications systems, the U.S Department of Homeland Security created the United States Computer Emergency Readiness Team (U.S. CERT) to provide 24-hour early warning and detection for the federal government's Internet infrastructure. A leading program in this effort, EINSTEIN, was developed by U.S. CERT in partnership with the National Security Agency (NSA) and private industry. EINSTEIN is an intrusion detection program that monitors network traffic and searches for signatures of known malicious code. Now in its third generation, EINSTEIN now generates alerts that have the possibility of including Personal Identifying Information, monitors live traffic on networks in real-time, and also has the ability to counter the intrusion as it takes place. By reviewing current privacy policy and past privacy case studies, in addition to careful analysis of federal court cases and statutes, this thesis establishes the fundamental and constitutional right to privacy. Through secondary research, this thesis identifies elements and exemptions of current communications legislation that can be used in the development of a comprehensive cyberspace monitoring policy. The result is a recommendation that a new Einstein III Privacy Impact Assessment, as well as a new legal opinion document, be drafted to balance the trade-off between privacy rights and the objectives of securing cyberspace, and that establishes a proper legal foundation for the implementation of the controversial technology.
Document Details
- Document Type
- Technical Report
- Publication Date
- Mar 01, 2013
- Accession Number
- ADA579871
Entities
People
- William L. Oree
Organizations
- Naval Postgraduate School