Cyber Computational Intelligence (CCI)
Abstract
The Cyber Computational Intelligence (CCI) program will create new approaches to computational intelligence specialized to the cyber domain. In enterprise networks and Internet autonomous systems, huge volumes of event data are generated by diverse network elements, hosts, and end-point devices. These event data typically do not adhere to any standard, machine-readable format and some may even be provided as plain text warning/error messages intended for a human operator. CCI will create flexible knowledge base and data-scraping technologies to transparently ingest and normalize unstructured event data. In addition, CCI will develop advanced cyber reasoning engines that can extract and apply general rules for traffic flows and network behaviors to infer (and compute the likelihood of) the most plausible explanations for anomalous network activity. CCI technologies will facilitate the use of event data for monitoring network health, detecting zero-day attacks, optimizing network performance, maintaining network performance during a cyber attack, and reconstituting network capabilities in the aftermath of an attack.
Document Details
- Document Type
- Accomplishment
- Publication Date
- Oct 01, 2015
- Source ID
- d0e8d208514d50ad175aed1939ca216f