Cyber-DAM: An Integrated Situational Awareness System for Cyber Attack Detection, Analysis, and Mitigation

Award Information
Agency:
Department of Defense
Branch
n/a
Amount:
$150,000.00
Award Year:
2012
Program:
SBIR
Phase:
Phase I
Contract:
FA9453-12-M-0019
Award Id:
n/a
Agency Tracking Number:
F112-053-2216
Solicitation Year:
2011
Solicitation Topic Code:
AF112-053
Solicitation Number:
2011.2
Small Business Information
MD, Suite 400, Rockville, MD, 20855-2737
Hubzone Owned:
N
Minority Owned:
N
Woman Owned:
Y
Duns:
161911532
Principal Investigator:
Yi Cheng
Research Scientist
(301) 294-5215
ycheng@i-a-i.com
Business Contact:
Mark James
Director, Contracts and Proposals
(301) 294-5221
mjames@i-a-i.com
Research Institution:
Stub




Abstract
ABSTRACT: Real-time cyber situational awareness and proactive impact mitigation are critical for DoD to secure and protect their computer networks and systems from various cyber attacks. When a security incident occurs, network operators and security analysts need to know what exactly has happened in the network, why it happened, and what actions should be taken in order to quickly mitigate the attack"s impacts. In this proposal, Intelligent Automation, Inc. proposes an integrated situational awareness and impact mitigation system, called"Cyber-DAM", for effective cyber attack detection, analysis and mitigation. Essentially, a comprehensive multi-layer common operating picture is designed. Based on that, advanced analysis techniques will be developed to address the information uncertainty, dynamic and complex attack detection, and optimal impact mitigation. The developed technologies will be integrated into an agent-based distributed framework to achieve accurate, comprehensive, and near real-time cyber situational awareness and impact mitigation. BENEFIT: Essentially, the proposed Cyber-DAM is an agent-based, distributed framework for near real time network cyber situational awareness and impact mitigation. It leverages and integrates the most recent advances on attack graph, mission assurance, cyber asset mapping, network security analysis, as well as Bayesian inference and game theoretic approaches for efficient and effective cyber attack detection, risk analysis, and impact mitigation. If our approach is proven successful, the potential market size is very large. In addition, our industry partner, Raytheon Intelligence and Information Systems and Boeing can help transition these technologies. One direct product of this research will be an integrated cyber situational awareness system. We expect that this tool can support efficient situation awareness and security analysis in different attack scenarios and various network sizes. It can help end-users better view and understand what"s going on across a cyber network and predict the potential threats in near future. The developed software tool can be applied as an independent component for protection of enterprise-level networks as well as military information networks.

* information listed above is at the time of submission.

Agency Micro-sites


SBA logo

Department of Agriculture logo

Department of Commerce logo

Department of Defense logo

Department of Education logo

Department of Energy logo

Department of Health and Human Services logo

Department of Homeland Security logo

Department of Transportation logo

Enviromental Protection Agency logo

National Aeronautics and Space Administration logo

National Science Foundation logo
US Flag An Official Website of the United States Government