You are here

TheSieve

Award Information
Agency: Department of Commerce
Branch: National Institute of Standards and Technology
Contract: 70NANB18H184
Agency Tracking Number: 053-03-02 (FY18)
Amount: $81,740.49
Phase: Phase I
Program: SBIR
Solicitation Topic Code: N/A
Solicitation Number: 2018-NIST-SBIR-01
Timeline
Solicitation Year: 2018
Award Year: 2018
Award Start Date (Proposal Award Date): 2018-07-30
Award End Date (Contract End Date): 2019-01-31
Small Business Information
621 E. Pratt Street, Ste 610, Baltimore, MD, 21202
DUNS: 831438374
HUBZone Owned: N
Woman Owned: N
Socially and Economically Disadvantaged: N
Principal Investigator
 Mark McLarnon
 (410) 779-6700
 mmclarnon@cyberpointllc.com
Business Contact
 Mark McLarnon
Phone: (410) 779-6700
Email: mmclarnon@cyberpointllc.com
Research Institution
N/A
Abstract
We propose to create an advanced forensic analysis tool called TheSieve. This tool will use machine learning techniques that can classify files as malicious or benign as well as suggesting files for closer inspection. Built upon custom enhancements to the National Software Reference Library (NSRL), TheSieve will allow forensic investigators to spend theirvaluable time examining the most significant files. An important application of data repositories, like those in the NSRL, is a system that associates NSRL hash values with additional information derived through static and dynamic analysis. Phase I will yield a prototype web service and application delivered with integrations into at least one forensic analysis software package. TheSieve will be used in a controlled case study to determine if searching and provided suggestions can reduce the amount of time spent identifying files. Time permitting, the prototype will improve file suggestions using machine learning. We do not believe that TheSieve can replace endpoint detection and response products (EDR), instead it will augment them by applying Big Data analysis techniques. Finally, we will develop a process by which TheSieve database can be improved with an analyst feedback loop to enhance previously seen queries.

* Information listed above is at the time of submission. *

US Flag An Official Website of the United States Government