Active Software Defense to Reduce Threat Capability Effectiveness

The protection of cyber assets is a critical need for the U.S. military. The theft of sensitive software and data threatens our technological and information superiority, putting lives and valuable assets at unnecessary risk. Attacks occur too quickly for human intervention and current automated defenses are designed to thwart only known means of attack. Active software defenses are required that can recognize a broad spectrum of threats and respond intelligently. To address this need, 21st Century Technologies proposes Cyber Security using Qualitative Learner of Action and Perception (Cy-QLAP), a software system that develops an understanding of the protected cyber assets using machine learning methods inspired by early mental development in humans. Past automated cyber defense systems have been plagued by availability issues, where disruptions to normal activity cannot be tolerated because system administrators are unable to analyze and correct the system"s behavior. Cy-QLAP solves this problem by learning human-understandable models that enable meaningful user interaction and feedback, allowing the benefits of quick action while maintaining the confidence of system administrators that availability problems can be managed. Our solution has the potential to significantly reduce the overall cost of protecting computer networks, and minimize the number of successful attacks on networks.