Space-Time Signal Processing for Detecting and Classifying Distributed Attacks in Networks

Award Information
Agency: Department of Defense
Branch: Air Force
Contract: FA9550-12-C-0023
Agency Tracking Number: F09B-T09-0167
Amount: $749,940.00
Phase: Phase II
Program: STTR
Awards Year: 2012
Solicitation Year: 2009
Solicitation Topic Code: AF09-BT09
Solicitation Number: 2009.B
Small Business Information
4850 Hahns Peak Drive, Suite 200, Loveland, CO, -
DUNS: 956324362
HUBZone Owned: N
Woman Owned: N
Socially and Economically Disadvantaged: N
Principal Investigator
 Randy Paffenroth
 Program Director
 (970) 461-2000
Business Contact
 Jeff Poore
Title: President/COO
Phone: (970) 461-2000
Research Institution
 Colorado State University
 Jennifer Strange
 Sponsored Programs
2002 Campus Delivery
Fort Collins, CO, 80523-2002
 (970) 491-2083
 Nonprofit college or university
ABSTRACT: In our work we are developing and applying a mathematical and computational framework for detecting and classifying weak, distributed patterns in sensor networks. Our work demonstrates the effectiveness of space-time inference on graphs, robust matrix completion and second order analysis in the detection and classification of distributed patterns that are not discernible at the level of individual nodes. The resulting capabilities are applicable to many types of sensor networks including pattern detection in computer networks, databases, wireless networks, mobile sensor networks, social networks, and disease outbreaks. Motivated by the importance of the problem, we are specifically interested in detecting weak patterns in computer networks related to Information Assurance. Our focus is on scenarios where the computer nodes (terminals, routers, servers, etc.) are sensors that provide measurements (of packet rates, user activity, central processing unit (CPU) usage, etc.) that, when viewed independently, cannot provide a definitive determination of the underlying pattern, but when fused with data from across the network both spatially and temporally, the relevant patterns emerge. The clear underlying suggestion is that only detectors and classifiers that use a rigorous mathematical analysis of temporal measurements at many spatially-distributed points in the network can identify network attacks. BENEFIT: In the U.S., the cybersecurity market is emerging very quickly as a large and robust market, especially as recent high-profile cases of cybersecurity breaches have alerted both the corporate sector and government agencies to the urgent need for protection from cyber attacks. Spending in the private sector is already tens of billions of dollars a year and the Federal Government alone is projected to spend 55 billion dollars over the next six years. The size of the infrastructure market (electrical, transportation, water supply, etc.)which the cybersecurity algorithms are designed to protect, is a substantial part of the U.S. GDP. Our work focuses on intrusion in computer networks and directly addresses the needs of the above large market. In addition the resulting algorithms and software will also have applicability over much broader fields. For example, pattern detection algorithms are also important in epidemiology, electrical power grids, criminal and terrorist networks, and so forth. Accordingly, the market for these algorithms is extensive.

* Information listed above is at the time of submission. *

Agency Micro-sites

SBA logo
Department of Agriculture logo
Department of Commerce logo
Department of Defense logo
Department of Education logo
Department of Energy logo
Department of Health and Human Services logo
Department of Homeland Security logo
Department of Transportation logo
Environmental Protection Agency logo
National Aeronautics and Space Administration logo
National Science Foundation logo
US Flag An Official Website of the United States Government