Botnet Detection and Mitigation

Award Information
Agency: Department of Homeland Security
Branch: N/A
Contract: D07PC72589 (formerly NBCHC070124)
Agency Tracking Number: 0612016
Amount: $750,000.00
Phase: Phase II
Program: SBIR
Awards Year: 2007
Solitcitation Year: 2006
Solitcitation Topic Code: H-SB06.1-008
Solitcitation Number: N/A
Small Business Information
Sonalysts, Inc.
215 Parkway North, Waterford, CT, 06385-1209
Duns: 077317766
Hubzone Owned: N
Woman Owned: N
Socially and Economically Disadvantaged: N
Principal Investigator
 Owen McCusker
 Principal Investigator
 (860) 326-3741
 mccusker@sonalysts.com
Business Contact
 Jane Goldsmith
Title: Proposals Manager
Phone: (860) 442-4355
Email: goldjane@sonalysts.com
Research Institution
 University of Connecticut
 Dr. Aggelos Kiayias
 University of Connecticut
Storrs, CT, 6269 -2155
 (860) 486-3719
 Nonprofit college or university
Abstract

This Phase II effort will develop a functional prototype of DMnet, a distributed botnet detection and mitigation system. Our Team will develop and integrate state-of-the-art research in ontology, data fusion, data mining, and data warehousing into DMnet nodes. These nodes will be distributed throughout a network and will work together in a trusted grid to provide increased cyber awareness for botnet detection and mitigation. This system will be sensor-neutral facilitating the integration of current and emerging sensor technology. The prototype will incorporate multiple algorithms for classification and correlation, a unique ontology, and an innovative user interface. We will create a threat management mechanism to evaluate collected events, provide for mitigation, and will develop recommended operating policies and procedures for DMnet users. Commercial Application. Current network prevention, intrusion detection, and prevention applications tend to be single scope rather than integrated. DMnet represents a convergence technology that will integrate security operations into a single system to minimize losses from the distributed threat of botnets. This technology is immediately applicable to federal Government cyber security efforts, large network operations, ISPs, and security management solution providers.

* information listed above is at the time of submission.

Agency Micro-sites

US Flag An Official Website of the United States Government