Anomaly Detection At Multiple Scales (ADAMS)

Award Information
Agency: Department of Defense
Branch: Defense Advanced Research Projects Agency
Contract: HR0011-12-9-0004
Agency Tracking Number: D2-1132
Amount: $937,188.00
Phase: Phase II
Program: SBIR
Awards Year: 2012
Solicitation Year: 2011
Solicitation Topic Code: SB111-003
Solicitation Number: 2011.1
Small Business Information
5 Penn Plaza, 23rd Floor, New York,, NY, -
DUNS: 831158600
HUBZone Owned: N
Woman Owned: N
Socially and Economically Disadvantaged: N
Principal Investigator
 Herbert Thompson
 Chief Technology Officer
 (321) 795-4531
Business Contact
 Salvatore Stolfo
Title: President
Phone: (321) 795-4531
Research Institution
We propose to develop robust technical capabilities (resulting in commercial-quality software product) for identifying likely malicious as well as overly trusting insiders within an organization by leveraging automatically generated misinformation. Our system will work in conjunction with modern system and network monitoring technologies such as Data Leakage Prevention (DLP) systems and honeypots of various kinds (both traditional and unconventional), some of which are already in use by many enterprises for other purposes. Our approach focuses on and exploits what malicious insiders seek (illicitly acquired information), as opposed to incidental signs of misbehavior. Our approach also identifies users who make inappropriate trust decision putting organizations at risk. This provides a robust alternative and a good complement to passive-detection mechanisms. In Phase 1, we proposed to (a) investigate and design an insider detection architecture based on this notion of misinformation, and (b) demonstrate the feasibility of identifying specific types of insiders by developing a prototype for automatically generating and distributing believable misinformation based on pre-defined templates, and then tracking access and attempted misuse of it through integration with an open-source DLP system. In Phase 2, we will extend and instantiate our architecture, also expanding our system capabilities to generate documents that use information harvested from real sources. We will also develop a modular and extensible back-end system and management console.

* Information listed above is at the time of submission. *

Agency Micro-sites

SBA logo
Department of Agriculture logo
Department of Commerce logo
Department of Defense logo
Department of Education logo
Department of Energy logo
Department of Health and Human Services logo
Department of Homeland Security logo
Department of Transportation logo
Environmental Protection Agency logo
National Aeronautics and Space Administration logo
National Science Foundation logo
US Flag An Official Website of the United States Government