A Network Sensor-Based Defense Framework for Active Network Security Situation Awareness and Impact Mitigation

Award Information
Agency: Department of Defense
Branch: Air Force
Contract: FA9453-14-C-0016
Agency Tracking Number: F112-053-1010
Amount: $745,884.00
Phase: Phase II
Program: SBIR
Awards Year: 2014
Solitcitation Year: 2011
Solitcitation Topic Code: AF112-053
Solitcitation Number: 2011.2
Small Business Information
Intelligent Fusion Technology, Inc
39 Timber Rock Rd, Gaithersburg, MD, 20878-2266
Duns: 967349668
Hubzone Owned: N
Woman Owned: Y
Socially and Economically Disadvantaged: Y
Principal Investigator
 Dan Shen
 Project Manager
 (240) 644-3391
Business Contact
 Yingli Wu
Title: President
Phone: (949) 596-0057
Email: yingliwu@intfusiontech.com
Research Institution
ABSTRACT: Cyber-attacks are increasing in frequency, impact, and complexity, which demonstrate extensive vulnerabilities of networks with the potential for catastrophic damage. Defending against these cyber-attacks requires network security situation awareness (SA) through distributed collaborative monitoring, detection, and mitigation. In the Phase I project, IFT team has developed a Network Sensor-Based Defense Framework for Active Network Security Situation Awareness and Impact Mitigation. The framework features five elements: distributed network sensors (both passive and active), effective anomaly detectors, cyber-attack scene investigation, game theoretic cyber-attack formalization, and Google Earth based multi-view and multi-layer visualization. The preliminary yet promising results obtained in the Phase I study clearly demonstrate that IFT"s network sensor based defense framework provides innovative and effective SA techniques for active network security and proactive impact mitigation against cyber network attacks. In the Phase II research proposed, we will revise, extend, and optimize the Phase I research results with the focus on enhanced detection techniques, privacy-preserving, insider attack detection, game theoretic intent inference and impact mitigation, trust/assurance of network sensors, system resilience/agility, social-cultural factor modeling, traceback for anonymous attacks, and coordination between passive sensors and active sensors for a holistic cyber assessment testbed to enhance strategic and operational capabilities. BENEFIT: The innovations that we are developing will improve situation awareness, planning, data theft protection, and decision support for many military applications contending with complex malicious network attacks. The first near term DOD application target is the Cyber Warriors program, which is an Air Force stringent need. The second near term DOD application target is Distributed Common Ground System (DCGS) program and other programs where Raytheon-IIS is the Prime Contractor. Raytheon-IIS is prime contractor on the DCGS, Universal Control System (UCS), and next generation GPS control segment (GPS OCX). IFT has developed a strong and realistic plan to transition our technology to Raytheon programs. The cyber technology is also applicable to commercial systems. IFT"s target application will focus on civilian networks, such as finance, medicine, communications, electric power, nuclear energy, Internet service providers, and air traffic control.

* information listed above is at the time of submission.

Agency Micro-sites

US Flag An Official Website of the United States Government