Space-Time Signal Processing for Detecting and Classifying Distributed Attacks in Networks

Award Information
Department of Defense
Air Force
Award Year:
Phase II
Agency Tracking Number:
Solicitation Year:
Solicitation Topic Code:
Solicitation Number:
Small Business Information
Numerica Corporation
4850 Hahns Peak Drive, Suite 200, Loveland, CO, -
Hubzone Owned:
Socially and Economically Disadvantaged:
Woman Owned:
Principal Investigator:
Randy Paffenroth
Program Director
(970) 461-2000
Business Contact:
Jeff Poore
(970) 461-2000
Research Institution:
Colorado State University
Jennifer Strange
Sponsored Programs
2002 Campus Delivery
Fort Collins, CO, 80523-2002
(970) 491-2083
Nonprofit college or university
ABSTRACT: In our work we are developing and applying a mathematical and computational framework for detecting and classifying weak, distributed patterns in sensor networks. Our work demonstrates the effectiveness of space-time inference on graphs, robust matrix completion and second order analysis in the detection and classification of distributed patterns that are not discernible at the level of individual nodes. The resulting capabilities are applicable to many types of sensor networks including pattern detection in computer networks, databases, wireless networks, mobile sensor networks, social networks, and disease outbreaks. Motivated by the importance of the problem, we are specifically interested in detecting weak patterns in computer networks related to Information Assurance. Our focus is on scenarios where the computer nodes (terminals, routers, servers, etc.) are sensors that provide measurements (of packet rates, user activity, central processing unit (CPU) usage, etc.) that, when viewed independently, cannot provide a definitive determination of the underlying pattern, but when fused with data from across the network both spatially and temporally, the relevant patterns emerge. The clear underlying suggestion is that only detectors and classifiers that use a rigorous mathematical analysis of temporal measurements at many spatially-distributed points in the network can identify network attacks. BENEFIT: In the U.S., the cybersecurity market is emerging very quickly as a large and robust market, especially as recent high-profile cases of cybersecurity breaches have alerted both the corporate sector and government agencies to the urgent need for protection from cyber attacks. Spending in the private sector is already tens of billions of dollars a year and the Federal Government alone is projected to spend 55 billion dollars over the next six years. The size of the infrastructure market (electrical, transportation, water supply, etc.)which the cybersecurity algorithms are designed to protect, is a substantial part of the U.S. GDP. Our work focuses on intrusion in computer networks and directly addresses the needs of the above large market. In addition the resulting algorithms and software will also have applicability over much broader fields. For example, pattern detection algorithms are also important in epidemiology, electrical power grids, criminal and terrorist networks, and so forth. Accordingly, the market for these algorithms is extensive.

* information listed above is at the time of submission.

Agency Micro-sites

US Flag An Official Website of the United States Government