Cyber-DAM: An Integrated Situational Awareness System for Cyber Attack Detection, Analysis, and Mitigation
ABSTRACT: Real-time cyber situational awareness and proactive impact mitigation are critical for DoD to secure and protect their computer networks and systems from various cyber attacks. When a security incident occurs, network operators and security analysts need to know what exactly has happened in the network, why it happened, and what actions should be taken in order to quickly mitigate the attack"s impacts. In this proposal, Intelligent Automation, Inc. proposes an integrated situational awareness and impact mitigation system, called"Cyber-DAM", for effective cyber attack detection, analysis and mitigation. Essentially, a comprehensive multi-layer common operating picture is designed. Based on that, advanced analysis techniques will be developed to address the information uncertainty, dynamic and complex attack detection, and optimal impact mitigation. The developed technologies will be integrated into an agent-based distributed framework to achieve accurate, comprehensive, and near real-time cyber situational awareness and impact mitigation. BENEFIT: Essentially, the proposed Cyber-DAM is an agent-based, distributed framework for near real time network cyber situational awareness and impact mitigation. It leverages and integrates the most recent advances on attack graph, mission assurance, cyber asset mapping, network security analysis, as well as Bayesian inference and game theoretic approaches for efficient and effective cyber attack detection, risk analysis, and impact mitigation. If our approach is proven successful, the potential market size is very large. In addition, our industry partner, Raytheon Intelligence and Information Systems and Boeing can help transition these technologies. One direct product of this research will be an integrated cyber situational awareness system. We expect that this tool can support efficient situation awareness and security analysis in different attack scenarios and various network sizes. It can help end-users better view and understand what"s going on across a cyber network and predict the potential threats in near future. The developed software tool can be applied as an independent component for protection of enterprise-level networks as well as military information networks.
Small Business Information at Submission:
Director, Contracts and Proposals
Intelligent Automation, Inc.
15400 Calhoun Drive Suite 400 Rockville, MD -
Number of Employees: