Space-Time Signal Processing for Detecting and Classifying Distributed Attacks in Networks

Award Information
Agency:
Department of Defense
Amount:
$749,940.00
Program:
STTR
Contract:
FA9550-12-C-0023
Solitcitation Year:
2009
Solicitation Number:
2009.B
Branch:
Air Force
Award Year:
2012
Phase:
Phase II
Agency Tracking Number:
F09B-T09-0167
Solicitation Topic Code:
AF09-BT09
Small Business Information
Numerica Corporation
4850 Hahns Peak Drive, Suite 200, Loveland, CO, -
Hubzone Owned:
N
Woman Owned:
N
Socially and Economically Disadvantaged:
N
Duns:
956324362
Principal Investigator
 Randy Paffenroth
 Program Director
 (970) 461-2000
 randy.paffenroth@numerica.us
Business Contact
 Jeff Poore
Title: President/COO
Phone: (970) 461-2000
Email: jeff.poore@numerica.us
Research Institution
 Colorado State University
 Jennifer Strange
 Sponsored Programs
2002 Campus Delivery
Fort Collins, CO, 80523-2002
 (970) 491-2083
 Nonprofit college or university
Abstract
ABSTRACT: In our work we are developing and applying a mathematical and computational framework for detecting and classifying weak, distributed patterns in sensor networks. Our work demonstrates the effectiveness of space-time inference on graphs, robust matrix completion and second order analysis in the detection and classification of distributed patterns that are not discernible at the level of individual nodes. The resulting capabilities are applicable to many types of sensor networks including pattern detection in computer networks, databases, wireless networks, mobile sensor networks, social networks, and disease outbreaks. Motivated by the importance of the problem, we are specifically interested in detecting weak patterns in computer networks related to Information Assurance. Our focus is on scenarios where the computer nodes (terminals, routers, servers, etc.) are sensors that provide measurements (of packet rates, user activity, central processing unit (CPU) usage, etc.) that, when viewed independently, cannot provide a definitive determination of the underlying pattern, but when fused with data from across the network both spatially and temporally, the relevant patterns emerge. The clear underlying suggestion is that only detectors and classifiers that use a rigorous mathematical analysis of temporal measurements at many spatially-distributed points in the network can identify network attacks. BENEFIT: In the U.S., the cybersecurity market is emerging very quickly as a large and robust market, especially as recent high-profile cases of cybersecurity breaches have alerted both the corporate sector and government agencies to the urgent need for protection from cyber attacks. Spending in the private sector is already tens of billions of dollars a year and the Federal Government alone is projected to spend 55 billion dollars over the next six years. The size of the infrastructure market (electrical, transportation, water supply, etc.)which the cybersecurity algorithms are designed to protect, is a substantial part of the U.S. GDP. Our work focuses on intrusion in computer networks and directly addresses the needs of the above large market. In addition the resulting algorithms and software will also have applicability over much broader fields. For example, pattern detection algorithms are also important in epidemiology, electrical power grids, criminal and terrorist networks, and so forth. Accordingly, the market for these algorithms is extensive.

* information listed above is at the time of submission.

Agency Micro-sites

US Flag An Official Website of the United States Government