SBIR-STTR Award

  1. You are here:    Home
  2. Search Databases
  3. Search SBIR-STTR Awards
  4. SBIR-STTR Award

Protecting IT Systems From Cyber Attacks
Award last edited on: 4/7/2010

Sponsored Program
SBIR
Awarding Agency
DOD : AF
Total Award Amount
$847,623
Award Phase
2
Solicitation Topic Code
AF05-106
Principal Investigator
Duen-Ping Tsay

Company Information

Cyber SPK LLC

74 Northeastern Boulevard Suite 12
Nashua, NH 03062
   (603) 880-1911
   dirk@CyberSPK.com
   www.CyberSPK.com
Location: Single
Congr. District: 02
County: Hillsborough

Phase I

Contract Number: ----------
Start Date: ----    Completed: ----
Phase I year
2005
Phase I Amount
$99,958
This proposal describes a plan to enhance cyber attack assessment abilities in a way that reduces both the threat to the network and the time it takes to defend it. It will be accomplished by fusing digital forensic data from 4 primary sources and then mining those sources. The data sources will include traditional Intrusion Detection Systems (including IDS/IPS/network management, etc.) and 3 additional sources not normally included. The additional sources will be system configuration snapshots, memory dumps, and both internal (private) and external (public) Cyber Threat Repositories (CTR). The system snapshots will provide all delta to the system configuration linearly over time while the memory dumps will report the state of the system in RAM in a vertical slice in time. The CTR will report actual threats experienced by others as well as any detail or resolutions added by IT staff. Mining will include direct searches as well as Bayesian probability filtering. To ensure that the process is as simple and efficient as possible, it will be incorporated into a design for a new software utility called Cyber SPKT (System Protection Kit). The Cyber SPK will represent a valuable product applicable to any component of the DoD as well as to any commercial office but will be especially valuable for industries including banking, investment, and insurance. Should this Phase I project prove the value it proposes, Phase II can follow on with the building of a demonstrable prototype

Phase II

Contract Number: ----------
Start Date: ----    Completed: ----
Phase II year
2006
Phase II Amount
$747,665
Based upon successful research in Phase I, this Phase II proposal describes the creation of a demonstrable prototype that will reduce the threat of cyber attacks. In addition, it will reduce the time (and therefore cost) IT staff need to defend their systems. The prototype will be a software utility called the Cyber SPKô (System Protection Kit). The SPK will fuse data from four sources including traditional IDS/IPS with three additional sources not normally included. These additional sources of data are system configuration data, debug/dump file data, and both internal (private) and external (public) Cyber Threat Repositories (CTR). The configuration data show all delta to the system configuration linearly over time while the debug/dump data reports the state of the system in a vertical slice in time. The CTR reports actual threats experienced by others as well as any detail or resolutions added by IT staff. The Cyber SPK will represent a valuable product applicable to any component of the DoD as well as to any commercial office but will be especially valuable for industries including banking, investment, insurance, and hospitals. Following completion of this Phase II project, Phase III will see an excellent opportunity to commercialize the Cyber SPK.

Keywords:
Cyber, Attack, Defense, Assessment, Response, System, Forensics, Software