Signature Management using Operational Knowledge and Environments (SMOKE)
Abstract
The Signature Management using Operational Knowledge and Environments (SMOKE) program will develop signature management technologies that generate evasive cyber infrastructure which minimizes signatures as a source of attribution. SMOKE will accomplish this goal by incorporating counter-attribution techniques into the design process; quantitatively measuring attribution risk in real-time; and maintaining evasiveness after infrastructure changes. SMOKE will develop data-driven tools to automate the planning and execution of threat emulated cyber infrastructure needed for network security assessments by red teams. SMOKE will also develop data-driven tools to automate the discovery of cyber threat infrastructure signatures. SMOKE will prototype components that enable red teams to plan, build, and deploy cyber infrastructure that is informed by machine-readable signatures of sophisticated cyber threats.
Document Details
- Document Type
- Accomplishment
- Publication Date
- Oct 01, 2024
- Source ID
- 0a7d398139ea74411e34bc06301be4f2