Real Time Advanced Persistent Threats (APTs) Simulation, Modeling, Detection and Mitigation Using an Integrated High Performance Machine Learning Platform

Abstract

Project Abstract: Advanced Persistent Threats (APT) is a multi-step long-term targeted cyber-attacks using multiple phases to infiltrate victims in order to avoid detection. This Cyber threat has been of concern to governments, financial service institutions, and large energy/utility companies. Some of the common APT steps include: reconnaissance, incursion, discovery, capture and exfiltration. These various steps are all geared towards the goal of penetrating computer systems and networks and stealing classified or sensitive data from their victims. In 2011, Operation Shady Rat revealed that there were 71 institutions across 31 government establishments and industries that have been hacked by one or more attackers. Among these victims; 21 were government establishments and 13 were defense contractors. Others include energy, heavy industry including steel and high-tech companies, political and non-profit organizations, financial service companies and several others. It was concluded that traditional security approaches cannot effectively defend against APT. Facing these new and emerging threats, governments and organizations must adopt new security implementations as it is clear that existing approaches are inadequate and somewhat comprised. This project and research effort will build an integrated platform to simulate, model, detect and mitigate against APT and is expected to be conducted in three phases: 1) Big data APT analytics, 2) APT simulation and modeling, and 3) APT detection and mitigation. The project will also focus on applying big data technologies to conduct APT analytics in the first phase. The next phase will focus on developing APT simulation and modeling, while the last project phase will be on building algorithms for real time APTs detection and mitigation.

Document Details

Document Type
DoD Grant Award
Publication Date
Aug 19, 2019
Source ID
W911NF1910456

Entities

People

  • Samuel Olatunbosun

Organizations

  • Army Contracting Command
  • Norfolk State University
  • Office of the Secretary of Defense

Tags

Readers

  • Cybersecurity.
  • Defense Technology Research and Development.
  • Distributed Systems and Data Platform Development

Technology Areas

  • AI & ML
  • AI & ML - DoD AI Strategy
  • Cyber