Insider Threat Detection and Response Using Formal Methods

Award Information
Agency:
Department of Energy
Branch
n/a
Amount:
$100,000.00
Award Year:
2009
Program:
SBIR
Phase:
Phase I
Contract:
DE-FG02-09ER85280
Agency Tracking Number:
91438
Solicitation Year:
n/a
Solicitation Topic Code:
n/a
Solicitation Number:
n/a
Small Business Information
Aries Design Automation, Llc
6157 N. Sheridan Road, Suite 16M, Chicago, IL, 60660
Hubzone Owned:
N
Socially and Economically Disadvantaged:
N
Woman Owned:
N
Duns:
361627933
Principal Investigator:
Miroslav Velev
Dr.
(773) 856-6633
miroslav.velev@aries-da.com
Business Contact:
Miroslav Velev
Dr.
(773) 856-6633
miroslav.velev@aries-da.com
Research Institution:
n/a
Abstract
This project will extend the Capability Acquisition Graph (CAG) model to a form that can be easily analyzed with formal methods in order to develop countermeasures for cyber attacks arising from within an organization. The extension will be based on an efficient translation of the problem to Boolean Satisfiability (SAT), in order to exploit the both the speed and capacity of SAT solvers. Extensions of the model will be explored to improve its robustness, including its response to insider threats from system administrators. Formal techniques will be implemented to automatically generate plausible attacks and to develop recommendations for network hardening. Commercial Applications and other Benefits as described by the awardee Besides the DOE, the resulting technology should be of benefit to the DoD and all other organizations that need to protect high-value information, such as the banking industry, high-tech companies developing expensive intellectual property, and civilian government infrastructures

* information listed above is at the time of submission.

Agency Micro-sites

US Flag An Official Website of the United States Government