A Network Sensor-Based Defense Framework for Active Network Security Situation Awareness and Impact Mitigation
Small Business Information
39 Timber Rock Rd, Gaithersburg, MD, -
AbstractABSTRACT: Networking technologies have given rise to worldwide social, business, and military networks, and commercial networks in US has been growing explosively. Cyber-attacks are increasing in frequency, impact, and complexity, which demonstrate extensive network vulnerabilities with the potential for serious damage. To defend against cyber-attacks, we propose a Network Sensor-Based Defense Framework for Active Network Security Situation Awareness and Impact Mitigation, with the aim of handling network security awareness, mitigation, and prediction. In particular, we will conduct the following research tasks: (i) develop a generic framework for integrating data from various sources, (ii) Develop information theory, image, and signal processing techniques to efficiently process alerts information and provide accurate detection decision; (iii) Develop novel techniques to carry out attack scene investigation via network forensic analysis and visualization; (iv) Develop the game theory to investigate the interaction between the attacker and defender with different strategies; and (v) implement a prototype system and validate our proposed solutions. Our work will have immediate and significant impacts on the security of U.S. Military and commercial networks. BENEFIT: The proposed approach has tremendous applications potential in many military applications. It can be applied as a functional component for the protection of enterprise-level networks as well as military information networks. During the Phase I, we will work closely with Lockheed Martin MS2, who is a primary contractor on the Aegis weapon system, the Littoral Combat Ship, and C2 lead for the DDG-1000 program. We have developed a concrete and realistic plan to transition our technology to their programs. We will leverage these relationships to identify the end customer, and work with these teams to transition our Phase II technology into their program. The DOD contact who knows the details of our work and who knows the above programs is Dr. Erik Blasch from AFRL. The market for military applications is quite large. Other potential commercial applications include civilian network, such as finance, medicine, communications, electric power, nuclear energy, internet service provider, and air traffic control. The size of this market is not small and may grow rapidly with the commercial demand in homeland security. We expect the aggregated market size will be similar to that of military applications.
* information listed above is at the time of submission.