Zero-day cyber-attacks employed by nation states and enabled by insiders can result in corruption-based denial-of-service for critical Air Force assets during a conflict. Corruption based denial-of-service attacks are attacks designed to disable computational nodes in a network by corrupting the critical information on the node. As malicious cyber-attacks rapidly increase in frequency and sophistication, cybersecurity professionals must currently use complex tools and have limited time to analyze and address the myriad of alerts these tools produce. As comprehensive COTS XDR/EDR solutions are adopted by the Air Force to detect and remediate these attacks, there remains significant delays in detection and remediation from current COTS solutions due to the human-in-the-loop analysis that is required. COTS XDR/EDR solutions provide many benefits but remain CPU heavy, complex, and slow. Enhancing the Air Forces primary COTS XDR/EDR protection with an autonomous, machine-speed, AI/ML-based behavioral, solution that (i) provides high precision/recall detection, (ii) real-time remediation, (iii) is interoperable with the Air Forces COTS XDR/EDR solution of choice; and, (iv) can operate both in networked and air-gapped environments is critical. Based on MIT research funded by DARPA, Synaptic Security, Inc. has developed and owns a patent pending autonomous Threat Specific Protection (TSP) solution that meets these requirements. Synaptic Security will collaborate with MITs Lincoln Lab and Carnegie Mellons Software Engineering Institute (SEI) to adapt the current commercial solution to provide zero-day protection against denial-of-service attacks that could disable critical Air Force assets.
