Anomaly Detection At Multiple Scales (ADAMS)

Award Information
Agency:
Department of Defense
Branch
Defense Advanced Research Projects Agency
Amount:
$937,188.00
Award Year:
2012
Program:
SBIR
Phase:
Phase II
Contract:
HR0011-12-9-0004
Award Id:
n/a
Agency Tracking Number:
D2-1132
Solicitation Year:
2011
Solicitation Topic Code:
SB111-003
Solicitation Number:
2011.1
Small Business Information
5 Penn Plaza, 23rd Floor, New York,, NY, -
Hubzone Owned:
N
Minority Owned:
N
Woman Owned:
N
Duns:
831158600
Principal Investigator:
Herbert Thompson
Chief Technology Officer
(321) 795-4531
hugh@alluresecurity.com
Business Contact:
Salvatore Stolfo
President
(321) 795-4531
sal@alluresecurity.com
Research Institution:
Stub




Abstract
We propose to develop robust technical capabilities (resulting in commercial-quality software product) for identifying likely malicious as well as overly trusting insiders within an organization by leveraging automatically generated misinformation. Our system will work in conjunction with modern system and network monitoring technologies such as Data Leakage Prevention (DLP) systems and honeypots of various kinds (both traditional and unconventional), some of which are already in use by many enterprises for other purposes. Our approach focuses on and exploits what malicious insiders seek (illicitly acquired information), as opposed to incidental signs of misbehavior. Our approach also identifies users who make inappropriate trust decision putting organizations at risk. This provides a robust alternative and a good complement to passive-detection mechanisms. In Phase 1, we proposed to (a) investigate and design an insider detection architecture based on this notion of misinformation, and (b) demonstrate the feasibility of identifying specific types of insiders by developing a prototype for automatically generating and distributing believable misinformation based on pre-defined templates, and then tracking access and attempted misuse of it through integration with an open-source DLP system. In Phase 2, we will extend and instantiate our architecture, also expanding our system capabilities to generate documents that use information harvested from real sources. We will also develop a modular and extensible back-end system and management console.

* information listed above is at the time of submission.

Agency Micro-sites


SBA logo

Department of Agriculture logo

Department of Commerce logo

Department of Defense logo

Department of Education logo

Department of Energy logo

Department of Health and Human Services logo

Department of Homeland Security logo

Department of Transportation logo

Enviromental Protection Agency logo

National Aeronautics and Space Administration logo

National Science Foundation logo
US Flag An Official Website of the United States Government