Netcentric Operations Defense Environment (NODE)
Agency / Branch:
DOD / MDA
Current approaches to security are flawed because they 1) are highly dependent on characterizing known exploits making them vulnerable to new attack variants, 2) use hub-and-spoke centralized architectures that are not scalable and makes them vulnerable to availability attacks, 3) have single points of failure making them vulnerable to confidentiality, integrity, and availability attacks, 4) focus on perimeter defense, so they are vulnerable to insider threats including compromised hosts, and 5) produce results that overwhelm analysts with low level event data, high false positives, and no guidance on attack variants. Knowledge based Systems, Inc. (KBSI) proposes the Netcentric Operations Defense Environment (NODE). NODE is a new paradigm in computer network defense (CND) that detects network intrusions without 1) signatures cataloged prior to event detection, 2) heuristic rules, and 3) profiles of "normal" system behavior by applying data mining and machine learning technologies originally developed for understanding the function of the human genome. NODE achieves scalability, total coverage, redundancy, and fault tolerance in detecting intrusions by executing distributed data mining and machine learning algorithms over the network hosts (the computing fabric) in order to identify and characterize behavior patterns in the communication among hosts.
Small Business Information at Submission:
Senior Research Scientist
Business Operations Manager
KNOWLEDGE BASED SYSTEMS, INC.
1408 University Drive East College Station, TX 77840
Number of Employees: