USA flag logo/image

An Official Website of the United States Government

A lightweight infrastructure for detection and mitigation of insider threats in…

Award Information

Agency:
Department of Defense
Branch:
Missile Defense Agency
Award ID:
78112
Program Year/Program:
2006 / STTR
Agency Tracking Number:
B064-009-0096
Solicitation Year:
N/A
Solicitation Topic Code:
N/A
Solicitation Number:
N/A
Small Business Information
Scientific Systems Company, Inc
500 West Cummings Park - Ste 3000 Woburn, MA -
View profile »
Woman-Owned: No
Minority-Owned: No
HUBZone-Owned: No
 
Phase 1
Fiscal Year: 2006
Title: A lightweight infrastructure for detection and mitigation of insider threats in distributed environments
Agency / Branch: DOD / MDA
Contract: HQ0006-06-C-7524
Award Amount: $100,000.00
 

Abstract:

The insider threat remains one of the most difficult to detect -- left alone to mitigate -- threats against information systems. The overall objective of the effort (Phase I and Phase II) is to produce and prototype a Distributed Insider Threat Detection System (DITDS) for distributed environments, capable of identifying and quantifying emerging insider threats against the network, allowing for timely mitigation. Instead of relying on large centralized databases for tracking the evolution of the multi-stage attacks, we propose an interactive methodology, with sensor data being fetched from the hosts as needed in the evaluation process. Our solution includes: (1) A heterogeneous, distributed sensor suite, which, under request from the DITDS manager, gather information from multiple nodes; (2) Given the readings from the multiple sensors, continuous evaluation of the network with respect to known multi-stage attack scenarios, and continuous search for new attack scenarios; (3) mechanisms centered on mobile agents for inoculating the various components of the network against a detected attack, and (4) mechanisms for integrating behavioral information about the users into the decision making process. The College of Computing at the Georgia Institute of Technology will serve as the University partner. Lockheed Martin Information Assurance (LMIA) will serve as a subcontractor, providing data sets representative of insider attacks. These data sets will be collected using LMIA's DAIWatch(TM) system.

Principal Investigator:

Joao B. Cabrera
Principal Investigator
7819335355
cabrera@ssci.com

Business Contact:

Robert L. Simpson
Mgr of Fin/Controller
7819335355
rsimpson@ssci.com
Small Business Information at Submission:

SCIENTIFIC SYSTEMS CO., INC.
500 West Cummings Park - Ste 3000 Woburn, MA 01801

EIN/Tax ID: 043053085
DUNS: N/A
Number of Employees:
Woman-Owned: No
Minority-Owned: No
HUBZone-Owned: No
Research Institution Information:
GEORGIA INSTITUTE OF TECHNOLOGY
505 Tenth Street, NW
Atlanta, GA 30332
Contact: Sherry A. Levy
Contact Phone: (404) 385-2879
RI Type: Nonprofit college or university