Cyber-Hunting at Scale (CHASE)
Abstract
The Cyber-Hunting at Scale (CHASE) program is developing data-driven tools for real-time cyber threat detection, characterization, and protection within enterprise-scale networks. U.S. computer networks are continually under attack, but at present no tools exist to efficiently extract the right data from the right device at the right time to analyze these attacks for DoD-scale information networks. For example, analysis of an in-memory exploit would require detailed data from a few devices, while analysis of a global botnet attack would require summary data from a great many devices. CHASE is developing novel algorithms and analysis tools to dynamically collect data from across the network, actively hunt for advanced threats that evade routine security measures, and automatically disseminate protective measures that bolster the collective cyber defense posture.
Document Details
- Document Type
- Accomplishment
- Publication Date
- Oct 01, 2021
- Source ID
- 2878d23dd59d5c76db81952ad53c223e