Enterprise Data Protection Against Exfiltration
ABSTRACT: Investigate the use of advanced network protocol processing, algorithms and software to monitor and reconstruct network packets for the purpose of data loss prevention (DLP). Such computer network traffic may be in use by an insider threat communicating sensitive information over a covert channel using network steganography or inadvertently using overt network protocols. The main objective of this proposal is the development of a network protocol processing software infrastructure to ingest and extract protocol streams in real time to provide data loss sensing on an intranet enclave. This would involve the development of advanced algorithms acting on the data in transit to detect unauthorized transmission of data and possible network steganography. Such algorithms would be explored in a flexible development environment and hosted in a larger system as sensors for online network monitoring. BENEFIT: This technology is applicable to other federal agencies including the law enforcement and intelligence communities as well as private sector users interested in securing intellectual property or detection of other clandestine use of agency or company communications. It is anticipated that developments arising from the proposed SBIR R & D will provide a basis for applications which can be packaged for sale to government, private, or commercial users, providing such users with a tool for detecting and countering covert communications in network steganography for exploitation and for security purposes such as data loss prevention. Such application products could provide users with advanced modes of intruder detection in situations where applications based on signature based algorithms will be ineffective.
Small Business Information at Submission:
Allied Associates International, Inc.
6801 Kennedy Road Suite 302 Warrenton, VA -
Number of Employees: