Soft Auditing on Trust for Detecting Clandestine Executions with Maximum Deployability
Abstract
Existing security approaches need to be urgently re-examined to defend against the increasingly destructive cyberattacks, including,ransomware and supply-chain attacks. In this project, we aim to design and demonstrate a new high-risk high-return approach, called,soft auditing on trust, or trust soft auditing. Trust soft auditing uses both system security and machine learning techniques to mon,itor and quantitatively analyze the use of a small set of security-critical assets. Soft audit will emphasize the heuristic aspect o,f the detection approach, which differs from the traditional binary all-or-nothing paradigm. For experimental evaluation, We will fo,cus on detection time and detection autonomy. A key goal is to reduce the mean time to threat detection for APTs. Our design also ai,ms to minimize the reliance on security analysts and manual investigation, which will help achieve a higher degree of autonomy. Our,solutions will provide another layer of defense in depth, which is criticalin todays cyber landscape.
Document Details
- Document Type
- DoD Grant Award
- Publication Date
- Dec 10, 2021
- Source ID
- N000142212057
Entities
People
- Danfeng Yao
Organizations
- Office of Naval Research
- United States Navy
- Virginia Tech