Integrated Cyber Analysis System (ICAS)
Abstract
The Integrated Cyber Analysis System (ICAS) program will develop techniques to automatically discover probes, intrusions, and persistent attacks on enterprise networks. At present, discovering the actions of capable adversaries requires painstaking forensic analysis of numerous system logs by highly skilled security analysts and system administrators. ICAS will develop technologies to allow for the correlation of interactions and behavior patterns across all system data sources and thereby rapidly uncover aberrant events and detect system compromise. This includes technologies for automatically representing, indexing, and reasoning over diverse, distributed, security-related data and system files.
Document Details
- Document Type
- Accomplishment
- Publication Date
- Oct 01, 2015
- Source ID
- a3281af2e2d345552ab55a0c35ad1612