Small Business Information
33 Thornwood Drive, Suite 500, Ithaca, NY, -
AbstractBotnets and other large-scale malicious behaviors present a pervasive and evolving threat to cyber security. Stealth botnets and distributed, stealthy cyber attacks present a particular challenge to cyber defense because their malicious behavior is difficult to detect. State-of-the-art and next-generation cyber security algorithms will be capable of detecting and preventing stealthy and distributed cyber attacks. Effectively using these algorithms requires a network security infrastructure capable of collecting network traffic information for a large number of networks over long periods of time, making decisions based on accumulated network traffic information, and implementing new policies on network security hardware. ATC-NY will develop BotMesh, a network sensor infrastructure and framework for cyber security algorithms. The BotMesh architecture manages the collection and storage of filtered network traffic information from a large, distributed collection of network sensors, the application of computationally-intensive algorithms to collected data, visualization and decision-making based on the results of these algorithms, and the alteration of network security policies in response to identified threats. With BotMesh, a future algorithm to detect a type of stealthy botnet attack can be rapidly implemented and deployed on an existing network of sensors, quickly detecting, identifying, and defending against hostile stealth botnets and similar threats.
* information listed above is at the time of submission.