Network analysis for cyber applications has been outpaced by the availability of community data, resulting in missed exploitation opportunities that could have kept deployed personnel safer through non-kinetic targeting solutions.ICR proposes an innovative approach to ingest network capture data into an existing big data framework, Cognos, and run Machine Learning (ML) anomaly detection algorithms against the data for identification of new offensive cyber attack opportunities (offensive cyber applications). This project will help resolve Command, Control, Communications, Intelligence, and Network (C3I&N) challenges in the focus area of data capture and analytics employing ML techniques. Successful execution of Phase I will enhance offensive cyber applications.In context to the proposed effort, consider an offensive cyber application that uses a pretrained ML algorithm to scan and select relevant network data sent back from a target. Due to the traffic volume on most target networks, coupled with constraints arising from exfiltration bandwidth limitations, collecting all network traffic for detailed offline analysis is rarely possible. Instead, a pretrained algorithm could optimize the data sent back to include anomalous events rather than full network captures, maximizing the utility of the limited bandwidth available on most Air Force communication links for addition data streams.Data Science,machine learning,Big Data,Predictive Analytics,network data capture,offensive cyber,anomaly detection,Network Analysis
