USA flag logo/image

An Official Website of the United States Government

Mobile Platforms to Support Network Forensics

Award Information

Agency:
Department of Defense
Branch:
Air Force
Award ID:
52376
Program Year/Program:
2001 / SBIR
Agency Tracking Number:
011IF-0882
Solicitation Year:
N/A
Solicitation Topic Code:
N/A
Solicitation Number:
N/A
Small Business Information
ATC - NY
33 Thornwood Drive, Suite 500 Ithaca, NY 14850-
View profile »
Woman-Owned: No
Minority-Owned: No
HUBZone-Owned: No
 
Phase 1
Fiscal Year: 2001
Title: Mobile Platforms to Support Network Forensics
Agency / Branch: DOD / USAF
Contract: F30602-01-C-0098
Award Amount: $98,814.00
 

Abstract:

In a large computer network, a sophisticated, coordinated attack can have a devastating impact. To thwart the effectiveness of such an attack, investigators and administrators must be able to quickly understand what resources were affected and how theywere affected. Complicating this task is the fact that few large facilities, either commercial or military, have sufficient expert personnel to physically examine each network segment that was attacked, as often these networks will be hundreds, if notthousands, of miles apart. We propose to create mobile forensic platforms (MFPs) as a tool to aid the investigators with the forensic task. MFPs are computers that can be quickly deployed on any network to perform remote forensic investigation with veryhigh assurance security. The MFPs will contain a number of extensible forensic tools to allow an investigator to quickly and securely examine network resources remotely.The anticipated benefit is the ability to quickly respond to coordinated computerattacks. Because of the limited number of expert personnel that can perform network forensics in any organization, mobile platforms for forensics will provide an edge in defending against such attacks by giving investigators direct, low-level access tomany geographically diverse networks. This increases the effectiveness of the experts by allowing them to conduct investigations without requiring them to travel to the sites, which in turn creates a stronger defense against coordinated attacks. Themobile platforms provide remote access without further risk to the security of the installation (and in some cases, allow them to conduct an investigation even when internal network connectivity is unavailable). There is a direct path forcommercialization, since commercial organizations must face the same threat of coordinated attacks with limited personnel and will benefit from this technology.

Principal Investigator:

Frank Adelstein
Principal Scientist
6072571975
fadelstein@oracorp.com

Business Contact:

Richard Smith
Controller
6072571975
rick@oracorp.com
Small Business Information at Submission:

ODYSSEY RESEARCH ASSOC., INC.
33 Thornwood Drive, Suite 500 Ithaca, NY 14850

EIN/Tax ID: 161549760
DUNS: N/A
Number of Employees:
Woman-Owned: No
Minority-Owned: No
HUBZone-Owned: No