Agent-based Distributed Mission-Aware Prioritization for Coordinated Network Defense
Small Business Information
Intelligent Automation, Inc.
15400 Calhoun Drive, Suite 400, Rockville, MD, -
AbstractABSTRACT: Cyber network has become a mission-critical asset for today"s military operation. To assure the availability of large-scale networks and their resources, mission commanders need to maintain situational awareness of the current status of the network and mission assets during the operations. In this proposal, Intelligent Automation, Inc. proposes an agent-based distributed mission-aware prioritization (DMAP) approach for coordinated network defense in large-scale cyber networks. Essentially, DMAP will obtain and evaluate the available cyber assets in a network corresponding to a particular mission, and automatically determine the assets required to carry out each task. Based on the damage assessment of the detected cyber attacks and their possible impacts on the mission, DMAP will further prioritize cyber assets to achieve mission assurance. Each of these technologies will be integrated into an agent-based distributed mission-aware prioritization framework for coordinated network analysis and defense. The significant advantage of the proposed system is: 1) mixed-initiative distributed simultaneous mission planning and prioritizing, 2) reliable and highly accurate, 3) scalable to large-scale networks, and 4) supporting real-time situational awareness. BENEFIT: Essentially, the proposed DMAP is an agent-based, distributed framework for network components and cyber asset evaluation and prioritization to assure mission success in cyberspace. It leverages and integrates the most recent advances on mission assurance, cyber asset mapping, network security analysis, as well as mixed-initiative distributed simultaneous mission planning and prioritizing techniques. If our approach is proven successful, the potential market size is very large. In addition, our industry partner, Raytheon Intelligence and Information Systems can transition these technologies. One direct product of this research will be an integrated mission planning and prioritizing software tool. We expect that this tool can support efficient mission planning in different attack scenarios and various network sizes. It can evaluate, prioritize and identify the most critical cyber assets in the network corresponding to a particular mission. Such assets need to be sufficiently protected to assure mission success. The developed software tool can be applied as an independent component for protection of enterprise-level networks as well as military information networks.
* information listed above is at the time of submission.