Cyber Insider Threat (CINDER)
Abstract
The Cyber Insider Threat (CINDER) program will develop technologies for identifying advanced cyber threat missions that may be currently ongoing within DoD and government interest systems and networks. The program focuses on identifying ongoing adversary missions rather than a person, program, or particular piece of malware. Current cyber defenses are primarily based on network and host intrusion detection and look for break-ins and abnormal behavior without context. The CINDER program will build tools and techniques that apply mission templates of advanced cyber espionage onto seemingly normal internal system and network activity. Through this CINDER will uncover ongoing advanced persistent cyber threats and espionage within our cyber environments. Capabilities from this program will transition to DoD and/or the defense industrial base.
Document Details
- Document Type
- Accomplishment
- Publication Date
- Oct 01, 2013
- Source ID
- d8b578996b11d46bc8aa2ddaf5f4dc0f