Cyber Intelligence Analysis Platform

Abstract

This is the final report for the research and development project between the Royal Canadian Mounted Police (RCMP) and l'Ecole Polytechnique de Montral. The principal objective for this project was to produce a "blue-print" for a Cyber Intelligence Analysis Platform (CIAP), which has advanced capabilities to study sophisticated cyber threats in a secure environment. In this report, a "how to guide" detailing all the key steps to build a CIAP that automates the execution and analysis of complex malware samples is presented. The CIAP follows the design implemented at l'Ecole Polytechnique de Montrals SecSI Cyber Security Laboratory, which has been used to emulate and study real world botnets at scale in an isolated environment. In particular, the SecSIs cluster has generated a 3000 node Waledac botnet, which enable researchers to understand its complex command and control infrastructure used operate it.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Apr 01, 2014
Accession Number
AD1016998

Entities

People

  • Antoine Lemay
  • Jose M. Fernandez
  • Pier-luc St-onge

Organizations

  • Polytechnic School of Montreal

Tags

Communities of Interest

  • Cyber

DTIC Thesaurus Topics

  • Command And Control
  • Computers
  • Contracts
  • Cyber Threats
  • Databases
  • Electrical Networks
  • Environment
  • Infrastructure
  • Intelligence Analysis
  • National Security
  • Network Protocols
  • Networks
  • Operating Systems
  • Security
  • Servers (Computer Hardware)
  • Uninterruptible Power Supplies
  • Virtual Machines

Fields of Study

  • Computer science

Readers

  • Canadian European Scientific Immigration and Epilepsy Clearance Studies
  • Computer Science.
  • Cybersecurity.

Technology Areas

  • Cyber
  • Fully Networked C3
  • Fully Networked C3 - Command and Control