USA flag logo/image

An Official Website of the United States Government

Mobile Platforms to Support Network Forensics

Award Information

Department of Defense
Air Force
Award ID:
Program Year/Program:
2001 / SBIR
Agency Tracking Number:
Solicitation Year:
Solicitation Topic Code:
Solicitation Number:
Small Business Information
33 Thornwood Drive, Suite 500 Ithaca, NY -
View profile »
Woman-Owned: No
Minority-Owned: No
HUBZone-Owned: No
Phase 1
Fiscal Year: 2001
Title: Mobile Platforms to Support Network Forensics
Agency / Branch: DOD / USAF
Contract: F30602-01-C-0098
Award Amount: $98,814.00


In a large computer network, a sophisticated, coordinated attack can have a devastating impact. To thwart the effectiveness of such an attack, investigators and administrators must be able to quickly understand what resources were affected and how theywere affected. Complicating this task is the fact that few large facilities, either commercial or military, have sufficient expert personnel to physically examine each network segment that was attacked, as often these networks will be hundreds, if notthousands, of miles apart. We propose to create mobile forensic platforms (MFPs) as a tool to aid the investigators with the forensic task. MFPs are computers that can be quickly deployed on any network to perform remote forensic investigation with veryhigh assurance security. The MFPs will contain a number of extensible forensic tools to allow an investigator to quickly and securely examine network resources remotely.The anticipated benefit is the ability to quickly respond to coordinated computerattacks. Because of the limited number of expert personnel that can perform network forensics in any organization, mobile platforms for forensics will provide an edge in defending against such attacks by giving investigators direct, low-level access tomany geographically diverse networks. This increases the effectiveness of the experts by allowing them to conduct investigations without requiring them to travel to the sites, which in turn creates a stronger defense against coordinated attacks. Themobile platforms provide remote access without further risk to the security of the installation (and in some cases, allow them to conduct an investigation even when internal network connectivity is unavailable). There is a direct path forcommercialization, since commercial organizations must face the same threat of coordinated attacks with limited personnel and will benefit from this technology.

Principal Investigator:

Frank Adelstein
Principal Scientist

Business Contact:

Richard Smith
Small Business Information at Submission:

33 Thornwood Drive, Suite 500 Ithaca, NY 14850

EIN/Tax ID: 161549760
Number of Employees:
Woman-Owned: No
Minority-Owned: No
HUBZone-Owned: No