Cyber-DAM: An Integrated Situational Awareness System for Cyber Attack Detection, Analysis, and Mitigation

Award Information
Agency: Department of Defense
Branch: Air Force
Contract: FA9453-12-M-0019
Agency Tracking Number: F112-053-2216
Amount: $150,000.00
Phase: Phase I
Program: SBIR
Awards Year: 2012
Solitcitation Year: 2011
Solitcitation Topic Code: AF112-053
Solitcitation Number: 2011.2
Small Business Information
Intelligent Automation, Inc.
MD, Suite 400, Rockville, MD, 20855-2737
Duns: 161911532
Hubzone Owned: N
Woman Owned: Y
Socially and Economically Disadvantaged: N
Principal Investigator
 Yi Cheng
 Research Scientist
 (301) 294-5215
 ycheng@i-a-i.com
Business Contact
 Mark James
Title: Director, Contracts and Proposals
Phone: (301) 294-5221
Email: mjames@i-a-i.com
Research Institution
 Stub
Abstract
ABSTRACT: Real-time cyber situational awareness and proactive impact mitigation are critical for DoD to secure and protect their computer networks and systems from various cyber attacks. When a security incident occurs, network operators and security analysts need to know what exactly has happened in the network, why it happened, and what actions should be taken in order to quickly mitigate the attack"s impacts. In this proposal, Intelligent Automation, Inc. proposes an integrated situational awareness and impact mitigation system, called"Cyber-DAM", for effective cyber attack detection, analysis and mitigation. Essentially, a comprehensive multi-layer common operating picture is designed. Based on that, advanced analysis techniques will be developed to address the information uncertainty, dynamic and complex attack detection, and optimal impact mitigation. The developed technologies will be integrated into an agent-based distributed framework to achieve accurate, comprehensive, and near real-time cyber situational awareness and impact mitigation. BENEFIT: Essentially, the proposed Cyber-DAM is an agent-based, distributed framework for near real time network cyber situational awareness and impact mitigation. It leverages and integrates the most recent advances on attack graph, mission assurance, cyber asset mapping, network security analysis, as well as Bayesian inference and game theoretic approaches for efficient and effective cyber attack detection, risk analysis, and impact mitigation. If our approach is proven successful, the potential market size is very large. In addition, our industry partner, Raytheon Intelligence and Information Systems and Boeing can help transition these technologies. One direct product of this research will be an integrated cyber situational awareness system. We expect that this tool can support efficient situation awareness and security analysis in different attack scenarios and various network sizes. It can help end-users better view and understand what"s going on across a cyber network and predict the potential threats in near future. The developed software tool can be applied as an independent component for protection of enterprise-level networks as well as military information networks.

* information listed above is at the time of submission.

Agency Micro-sites

US Flag An Official Website of the United States Government