You are here

Advanced Indications and Warnings (I & W) via Threat Feed Aggregation

Description:

OBJECTIVE: Develop an indications and warnings threat feed aggregation with weighted scoring to provide DoD with (near) real-time information on adversaries, to include forewarning of enemy actions or intentions DESCRIPTION: Indications and Warnings (I & W) are intelligence based activities that are intended to detect and report on time-sensitive intelligence information of foreign developments that could involve a threat to the United States military, political or economical interests. Computer Network Defense Service Providers (CNDSPs) throughout the DoD are required to facilitate situational awareness of adversary cyber actions and intentions, but the capability is minimal. Situational awareness is imperative to providing effective computer network defense and securing the DoD Global Information Grid (GIG). PHASE I: Design an aggregated feed of known threats associated with ASN, CIDR blocks, and inheritance based on association and communication internal and external to the DoD GIG. PHASE II: Implement the design from phase I and define an algorithm to weigh individual threats based on source, volume, and association. The capability should provide DoD with situational awareness of cyber threats and adversary behavior, in order to target cyber defense operations. PHASE III DUAL USE APPLICATIONS - Military: Establish correlation of threat information to internal data, such as flow records, systems logs, firewall logs, etc., but information on threats found internally may not be released external to the DoD. The system may be setup as a"shadow"server in order to replicate threat data for correlation and trending based on internal data, while also ensuring the data stays internal to DoD. - Commercial: Operational systems may be located anywhere from a cloud-based login (external to the customer) or internal appliance which correlated threat information to internal customer data, such as flow records, system logs, firewalls logs, etc.
US Flag An Official Website of the United States Government