Novel Detection Mechanisms for Advanced Persistent Threats
Department of Defense (DoD) operations are supported by a global network of computers, sensors, and equipment that is continually at risk of being breached by adversaries. Despite heavy investments in security and cyber defense, the ubiquity and interconnectedness of DoD equipment leave open the possibility of intrusion through a myriad of means including advanced persistent threats (APTs). Such threats take many forms, such as Trojans, worms, spear-phishing, and viruses, all of which could prove detrimental to the war-fighter if not discovered. Unfortunately, the''base rate fallacy'places fundamental limits on the performance of detection algorithms in the cyber-defense context. Are there any directions left in which to tackle this important problem? We would claim the answer to that question is a resounding''yes', and modern techniques in sensor fusion, multiple hypothesis testing, and compressed sensing lead to algorithms with quite advantageous properties. These methods have all paid large dividends in other problem domains, such as medical studies and mathematical finance, but have not yet seen their full bloom in cyber-defense problems, a deficit we hope to remedy herein. In particular, a judicious choice of sensors and sensor fusion methodologies provide promising paths for improving the state of the art.
Small Business Information at Submission:
4850 Hahns Peak Drive Suite 200 Loveland, CO -
Number of Employees: