Integrated Cyber Analysis System (ICAS)
Abstract
The Integrated Cyber Analysis System (ICAS) program developed techniques to automatically discover probes, intrusions, and persistent attacks on enterprise networks. At present, discovering the actions of capable adversaries requires painstaking forensic analysis of numerous system logs by highly skilled security analysts and system administrators. ICAS technologies facilitate the correlation of interactions and behavior patterns across all system data sources and thereby rapidly uncover aberrant events and detect system compromise. This includes technologies for automatically representing, indexing, and reasoning over diverse, distributed, security-related data and system files.
Document Details
- Document Type
- Accomplishment
- Publication Date
- Oct 01, 2017
- Source ID
- 2f851efd0caaaef8c4bf671b59624054