USA flag logo/image

An Official Website of the United States Government

Distributed, Closed-Loop, Anonymized, Dynamic Collaborative Defense Against…

Award Information

Agency:
Department of Homeland Security
Branch:
N/A
Award ID:
95261
Program Year/Program:
2010 / SBIR
Agency Tracking Number:
1021127
Solicitation Year:
N/A
Solicitation Topic Code:
H-SB010.2-003
Solicitation Number:
N/A
Small Business Information
ThreatSTOP, Inc.
1743 BLUE WATER LANE SAN MARCOS, CA 92078-1056
View profile »
Woman-Owned: No
Minority-Owned: No
HUBZone-Owned: No
 
Phase 1
Fiscal Year: 2010
Title: Distributed, Closed-Loop, Anonymized, Dynamic Collaborative Defense Against Network Threats
Agency: DHS
Contract: D11PC20011
Award Amount: $91,492.00
 

Abstract:

This Proposal is for the investigation of the feasibility, and if feasible, the requirements, for deploying distributed intrusion and bot detection services in a bundle inside multiple networks, while sharing the resulting threat information in an anonymized way. It will involve the implementation of combined defense and sensor nodes as gateways; local correlation, log processing and reporting engines; and dissemination of detected threat sources back to a central correlation authority which then disseminates the information to all participating entities. Key items to be examined are the scalability of distributing existing databases while maintaining consistency; anonymization of threat information detected while maintaining relevancy; and the scalability of processing data from the local detector enforcers into the private threat correlation system, sending the detected threats upstream to the global system, and disseminating the correlated data to all nodes. This will provide the requirements to scale the current ThreatSTOP system so that it can be fully commercialized to protect national security assets, large enterprises, and large numbers of individual users. The benefit will be dynamic detection and blocking of network level attacks and the dynamic disabling of botnets through the interruption of their command and control channels.This Proposal is for the investigation of the feasibility, and if feasible, the requirements, for deploying distributed intrusion and bot detection services in a bundle inside multiple networks, while sharing the resulting threat information in an anonymized way. It will involve the implementation of combined defense and sensor nodes as gateways; local correlation, log processing and reporting engines; and dissemination of detected threat sources back to a central correlation authority which then disseminates the information to all participating entities. Key items to be examined are the scalability of distributing existing databases while maintaining consistency; anonymization of threat information detected while maintaining relevancy; and the scalability of processing data from the local detector enforcers into the private threat correlation system, sending the detected threats upstream to the global system, and disseminating the correlated data to all nodes. This will provide the requirements to scale the current ThreatSTOP system so that it can be fully commercialized to protect national security assets, large enterprises, and large numbers of individual users. The benefit will be dynamic detection and blocking of network level attacks and the dynamic disabling of botnets through the interruption of their command and control channels.

Principal Investigator:

Tomas L. Byrnes
7605398999
tomb@threatstop.com

Business Contact:

Tom Byrnes
7604023999
tomb@threatstop.com
Small Business Information at Submission:

ThreatSTOP, Inc.
1743 BLUE WATER LANE SAN MARCOS, CA 92078

EIN/Tax ID: 270652122
DUNS: N/A
Number of Employees:
Woman-Owned: No
Minority-Owned: No
HUBZone-Owned: No