Network Sensing and Analytics for Low Bandwidth Cyber Protection Team (CPT) Deployment Scenarios

Award Information
Agency: Department of Defense
Branch: Air Force
Contract: FA8750-19-C-1008
Agency Tracking Number: F191-065-0904
Amount: $149,864.00
Phase: Phase I
Program: SBIR
Solicitation Topic Code: AF191-065
Solicitation Number: 2019.1
Timeline
Solicitation Year: 2019
Award Year: 2019
Award Start Date (Proposal Award Date): 2019-08-16
Award End Date (Contract End Date): 2020-08-16
Small Business Information
1321 Oaklawn Ave Ne, Brookhaven, GA, 30319
DUNS: 116914878
HUBZone Owned: N
Woman Owned: N
Socially and Economically Disadvantaged: N
Principal Investigator
 Adam Kauffman
 (678) 592-1011
 adam@nototech.com
Business Contact
 Eric Davidson
Phone: (404) 667-2750
Email: eric@notostech.com
Research Institution
N/A
Abstract
Many existing network intrusion detection systems (IDS) employ expensive deep packet inspection (DPI) andsophisticated pattern matching algorithms to spot evidence of known threats in the network traffic. WhileIDS are a valuable component of a defense-in-depth strategy, they often require significant compute power,tend to miss new (previously unknown) threats, run on heavy hardware, may require access to high-bandwidth external cloud-based threat analysis services, and can be energy-hungry. Clearly, these systems cannot meet the desirable properties of a modern, accurate, adaptive, and highly portable cyber-protection kit.To address the shortcomings of existing IDS, we propose to build HULCK, a novel lower-size, low-weight,low-power cyber-protection system that provides accurate network anomaly detection and threat prioritization. HULCK will consist of three main components: (i) one or more Miner devices that can be deployed at the edge and inside the mission network to observe and summarize all network traffic; (ii) an Analytics module that receives and aggregates the summarized network traffic information coming from the Miners, and that applies advanced anomaly detection and threat prioritization algorithms inspired by collective classification methods in machine learning; and (iii) an Intel module that provides threat intelligence and threat attribution capabilities.

* Information listed above is at the time of submission. *

Agency Micro-sites

SBA logo
Department of Agriculture logo
Department of Commerce logo
Department of Defense logo
Department of Education logo
Department of Energy logo
Department of Health and Human Services logo
Department of Homeland Security logo
Department of Transportation logo
Environmental Protection Agency logo
National Aeronautics and Space Administration logo
National Science Foundation logo
US Flag An Official Website of the United States Government