Skip to main content



Find us on

facebook youtube flickr twitter itunes u logo

Upcoming Events

 ISTS logo

Securing the e-Campus 2017 - Exact time and dates TBD

Recent Talks

Dan Wallach

STAR-Vote: A Secure, Transparent, Auditable and Reliable Voting System

Professor Dan Wallach
Rice University
Thursday April 27, 2017
Carson L01, 5:00 PM

Ben Miller Dragos

Pandora's Power Grid - What Can State Attacks Do and What Would be the Impact?

Ben Miller
Chief Threat Officer, Dragos, Inc.
Tuesday May 2, 2017
Kemeny 007, 4:30 PM
Brendan Nyhan




Factual Echo Chambers? Fact-checking and Fake News in Election 2016.

Professor Brendan Nyhan
Dartmouth College
Thursday May 4, 2017
Rocky 001, 5:00 PM

Dickie George


Espionage and Intelligence

Professor Dickie George
Johns Hopkins University
Thursday May 11, 2017
Rocky 001, 5:00 PM

Dan Wallach

A Nation Under Attack: Advanced Cyber-Attacks in Ukraine

Ukrainian Cybersecurity Researchers
Thursday April 6, 2017
Oopik Auditorium 5:30 PM

RIOTS logo 

Professor Sean Smith, Director of the ISTS and Bill Nisen, Associate Director, spoke at the

School House residential cluster on the Internet of Risky Things  - February 21, 2017, 5:30 PM

Craig Smith




You Don't Own Your Car
Craig Smith
Tuesday May 10, 2016 
Carson L02 @4:15

David Safford


Hardware Based Security for GE's Industrial Control Systems
David Safford
GE Global Research
Tuesday May 17, 2016
Carson L02 @4:15



"It's Fine," They Said. "Just Ship It," They Said.
Dan Tentler
The Phobos Group
Tuesday April 12, 2016 
Carson L02 @4:15

Harold Thimbleby




The Best Way to Improve Healthcare is to Improve Computers
Harold Thimbleby
Swansea University
April 23, 2015

Craig Shue




Managing User-Level Compromises in Enterprise Network
Craig Shue
Worcester Polytechnic Institute
March 31, 2015



Oct news 2015


ISTS Information Pamphlet



Institute for Security, Technology, and Society
Dartmouth College
6211 Sudikoff Laboratory
Hanover, NH 03755 USA

COTS Evaluation and Certification Effort

Project Summary

IRIA CertifiedOne important goal of IRIA’s research efforts is to reduce the number of cyber-attacks and related electronic crimes that happen in the first place, thus reducing both the damage to infrastructure elements and the investigative burden on law enforcement personnel. Vulnerability scanners, intrusion-detection systems, and firewalls can help achieve this goal. Although IRIA does not develop commercial versions of such products in-house, it has undertaken an evaluation and certification effort to identify and encourage the use of the best products. Initially, IRIA is focusing on vulnerability scanners, and certifying those scanners that successfully detect the vulnerabilities from the recently updated SANS Top 20 list.

In early 2003, SANS coordinated a detailed enhancement to its Top 20 list. The enhancement included specifications for verification of detection for each vulnerability on the SANS/FBI Top 20 List. These specifications are essentially the same verification details that the IRIA evaluation / certification project was to provide for the Top 20 List. Therefore, IRIA chose not to duplicate this effort and the work on the project was stopped. The modest amount of time that would have been devoted to the project was used to develop enhancements to the Security in the News article-collection and entry tools.

  • Project Lead: Marion Bates