SBIR-STTR Award

We propose to research, design, and evaluate the feasibility of a Visualization for Integrated Cyber Command and Control (VIC3) system that fuses and displays vast amounts of multidimensional cyber security data from multiple sources to provide a unified view of the cyber battlespace. VIC3 will allow commanders to monitor cyber activity, correlate events, understand information dependencies, evaluate alternative COAs, project potential effects, and view relationships between cyber and kinetic operations. Cyberspace superiority is a prerequisite for effective operations in all other warfighting domains. A key challenge to cyber C2 is the complexity of relevant data: it is immense and multidimensional, includes streaming and log data, and comes from a diverse set of applications and devices. Cyber security visualization is still nascent and focused on the application of traditional and limited methods to static application logs. New visualization methods must be applied to support cyber situation awareness and provide decision makers information on a) the current state of the cyber battlespace, b) enemy and friendly capabilities and vulnerabilities, c) correlations between cyber events and how they affect or are affected by kinetic events, and c) potential effects of alternative courses of action within cyberspace.  

Benefit:
The results of the proposed research will support cyber C2 and can be transitioned for use at the AFNOC or within the AOC for integrated ATO production that factors in cyber security implications and enablers. The proposed effort will advance VisiTrends commercial offerings for visualization and cyber security including interfaces and APIs licensed to commercial partner NitroSecurity.

Keywords:
Visualization, Cyber Security, Cyber Situation Awareness, Command And Control, Planning, Hci

Cyberspace superiority is a prerequisite for effective operations in all other warfighting domains. To maintain cyberspace superiority, there is a need for effective Command and Control (C2) tools to observe, plan, and execute cyber operations. Visualization is a key enabler of C2 but new approaches are required to address cyber security data sets. A principal challenge is the complexity of this data: it is immense and multidimensional, includes streaming and log data, and comes from a diverse set of applications with different protocols and formats. The Visualization tool for Integrated Command and Control (VIC3) fuses these disparate data sets to provide cyber situation awareness and decision support for cyber planning and operations. It allows users to identify information dependencies and critical data flows, correlate cyber events, project potential effects, evaluate alternative cyber COAs, and view the relationships between cyber and kinetic operations. VIC3 uses A) Coordinated Views to fuse different data sets and provide multiple perspectives, B) Abstract Information Layers (AIL) to provide querying and visual layering of cyber security data sets analogous to geographical information systems (GIS), C) Dynamic Queries to select items that match user specified criteria, and D) a Plug-in Architecture to integrate with external tools.

Benefit:
The Visualization tool for Integrated Cyber Command and Control (VIC3) will facilitate cyber planning and operations with features that are unavailable in current tools and is therefore ideal for transitioning to support I-NOSC, AFNOC, and related personnel. The proposed effort will also advance VisiTrend’s commercial offerings for visualization and cyber security including interfaces and APIs to be licensed to commercial partners.

Keywords:
Cyber Security, Information Visualization, Command And Control, Effects Analysis