End-to-End Network Trust

Award Information
Agency: Department of Defense
Branch: Air Force
Contract: FA8750-13-C-0180
Agency Tracking Number: F131-055-1800
Amount: $141,630.00
Phase: Phase I
Program: SBIR
Awards Year: 2013
Solitcitation Year: 2013
Solitcitation Topic Code: AF131-055
Solitcitation Number: 2013.1
Small Business Information
Process Query Systems LLC
16 Cavendish Court, LEBANON, NH, -
Duns: 184215593
Hubzone Owned: N
Woman Owned: N
Socially and Economically Disadvantaged: N
Principal Investigator
 Vicnent Berk
 CEO
 (603) 727-4477
 vberk@flowtraq.com
Business Contact
 Vincent Berk
Title: CEO
Phone: (603) 727-4477
Email: vberk@flowtraq.com
Research Institution
N/A
Abstract
ABSTRACT: Network traffic is a critical part of evaluating real-time end-to-end network trust. This project will leverage our mature commercial network traffic analysis system, FlowTraq, to design and implement a powerful new system, which we call FlowTrust, to evaluate real-time trust scores of networked computer systems based on observed network traffic. By the time a network component is identified as having suffered a breach or fault, that component will have interacted with many others in its network. Components not directly compromised by an intrusion may be secondarily compromised by sending sensitive information to a compromised host, being logged into from that host, or by acting on tainted information. Loss of trust can thereby cascade from host to host. Re-establishing end-to-end network trust therefore requires determining the timing, nature, and participants of all suspect communications, to identify and halt compromise cascades as they occur. FlowTrust builds on principles of flow analysis and epidemiology to determine the extent to which a trust breach permeates a network. It accomplishes this by categorizing network sessions according to potential to propagate negative trust, flagging risky communications as they occur, and facilitating fast identification of compromised hosts. BENEFIT: The resulting system will greatly aid in real-time evaluation of end-to-end network trust in a live system, including not only DoD networks, but those of trust-sensitive commercial organizations such as cloud storage, banks, and hospitals. It will be capable of tracking intrusions and potential breaches of data confidentiality and data integrity through multiple network hops, allowing instantaneous assessment of the scope of loss of trust. The principles developed will be applicable to analysis of a wide variety of network systems, including complex hardware, multiple-host software installs, and systems-of-systems. Although FlowTrust will be at its greatest utility as part of a comprehensive end-to-end network trust analysis system, on its own it will be commercially useful in a wide variety of network security applications. A software embodiment of this system will be offered for sale as a tool for live monitoring of intrusions and malware infections, and for sophisticated network forensics, allowing in-depth after-the-fact tracing of security breaches.

* information listed above is at the time of submission.

Agency Micro-sites

US Flag An Official Website of the United States Government