You are here

(4) Machine Learning based Cyber Threat Investigation and Risk Assessment

Award Information
Agency: Department of Defense
Branch: Navy
Contract: N68335-20-F-0096
Agency Tracking Number: N193-A01-0407
Amount: $150,000.00
Phase: Phase I
Program: SBIR
Solicitation Topic Code: N193-A01
Solicitation Number: 19.3
Timeline
Solicitation Year: 2019
Award Year: 2020
Award Start Date (Proposal Award Date): 2019-11-21
Award End Date (Contract End Date): 2020-04-20
Small Business Information
15400 Calhoun Drive Suite 190
Rockville, MD 20855
United States
DUNS: 161911532
HUBZone Owned: No
Woman Owned: Yes
Socially and Economically Disadvantaged: No
Principal Investigator
 Hui Zeng
 Associate Director
 (301) 294-4258
 hzeng@i-a-i.com
Business Contact
 Mark James
Phone: (301) 294-5200
Email: mjames@i-a-i.com
Research Institution
N/A
Abstract

To apply Navy’s CYBERSAFE concept to a near real-time environment, traditional cyber defense tools are not sufficient to achieve reasonable performance or catch all the security related anomalies. Moreover, dynamic and evolving cyber threats are well beyond the abilities of human analyst and defenders. Furthermore, although the cybersecurity knowledge data are available, there is no mechanism to automatically map them to the Navy platforms and correlate these data quantitatively to enhance cyber situational awareness and risk decision. To address the above issues, Machine learning (ML) is promising to act as a force multiplier to effectively detect the stealthy and sophisticated attacks, zero-day attacks, and conduct risk assessment in near real-time. Towards this goal, Intelligent Automation, Inc. (IAI) proposes to develop CyTIRA, a ML-based Cyber Threat Investigation and Risk Assessment system. CyTIRA automatically collects, converts and fuses available cyber threat information to build and maintain a cybersecurity knowledge base using up-to-date specification, and protocols. CyTIRA also provides an online processing pipeline for the data collected form protected networks/systems. Using the cybersecurity knowledge base and the detected anomalies/behavior, CyTIRA will conduct risk assessment, such as threat detection and classification, vulnerability identification, and further risk analysis.

* Information listed above is at the time of submission. *

US Flag An Official Website of the United States Government