Cyber-Hunting at Scale (CHASE)
Abstract
The Cyber-Hunting at Scale (CHASE) program will develop data-driven tools for real-time cyber threat detection, characterization, and protection within enterprise-scale networks. U.S. computer networks are continually under attack, but at present no tools exist to efficiently extract the right data from the right device at the right time to analyze these attacks. The nature of the threat should be used to determine which data and analyses are required. For example, analysis of an in-memory exploit would require detailed data from a few devices, while analysis of a global botnet attack would require summary data from millions of devices. CHASE is will develop novel algorithms and analysis tools to dynamically collect data from across the network, actively hunt for advanced threats that evade routine security measures, and disseminate protective measures that automatically bolster the collective cyber defense posture.
Document Details
- Document Type
- Accomplishment
- Publication Date
- Oct 01, 2018
- Source ID
- 73f9013b57ae5394c2ff7b0b5ca1dee6