SBIR-STTR-Success: Intelligent Automation Inc.
The Air Force has a new tool in its arsenal to combat cyberattacks.
With support from the Air Force Small Business Innovation Research/Small Business Technology Transfer Program, Maryland-based Intelligent Automation Inc. developed the Self-shielding Dynamic Network Architecture. Also known as SDNA, the technology presents a constantly changing view to potential hackers. It is meant to complement existing cyber defense techniques that tend to be expensive and ineffective.
Because of its potential, the Air Force Research Laboratory and several federal agencies have provided funding to mature SDNA so it can be used for their specific needs. Additionally, Intelligent Automation launched another business that is selling the product commercially.
The company has secured more than $5 million in Phase III work, which includes commercial sales and Department of Defense contracts. Phase III activity denotes funding from outside the Air Force SBIR/STTR Program and is a critical commercialization benchmark.
BEHIND THE TECHNOLOGY
Today’s networks are highly vulnerable. A determined attacker can find many ways to get inside, bypass protection technologies and hack the intended targets.
For example, detection systems check signatures, behaviors and artifacts of known attacks, but do not protect against unknown attacks. Firewalls are good at stopping attacks from entering the network, but offer no protection once the attacker gets past them. Other techniques modify aspects of a network to improve resilience, but do not prevent against misuse of credentials or contain an attack once it starts.
SDNA prevents an attacker from targeting, entering, or spreading through a network by adding dynamics that present a changing view of the network over space and time. The system increases the attacker’s effort, risk of detection and time required to successfully conduct an attack.
This happens in several ways.
First, an intruder is forced to spend significant resources to carefully guide attacks. Next, attempts to probe or map the network are thwarted by revealing views of the network which are sanitized, ambiguous, and time-varying, making both attack planning and detection avoidance more difficult.
Finally, the availability of services is time-varying based on user needs and credentials, limiting the connectivity of the network to only current mission-required paths. This impedes compromised devices and insider attacks.
SBIR SUPPORT WAS CRITICAL
The challenge in creating SDNA was to impose changing dynamics for an attacker while simultaneously hiding that from existing operating systems, applications, routers, switches and other components. Complete security could be achieved while making the network unusable, so the difficulty was in achieving a balance.
During the Air Force SBIR/STTR project, Intelligent Automation worked with AFRL’s Information Directorate to mature SDNA into a system that could be deployed in a major exercise. A comprehensive management system was developed that enables network administrators to easily deploy, configure, visualize and debug an SDNA network with minimal disruption to end users and using existing network infrastructure.
Intelligent Automation’s spinoff company – Cryptonite NXT – reported first year sales of approximately $1 million and added five employees during that time. Company officials expect sales to more than double in the second year, which would spur the creation of even more new jobs.