Phase II Amount
$1,574,960
Threats of malicious activity exist today not only on the internet and within business networks, but also within the industrial control system (ICS) realm which is critical to our national infrastructure. ICSs are typically used in industries such as electric, water and wastewater, oil and natural gas, transportation, chemical, pharmaceutical, pulp and paper, food and beverage, and discrete manufacturing (e.g., automotive, aerospace, and durable goods). Within the computing industry, cybersecurity tools on the market today are largely structured to detect known bad entities (malware, viruses, etc). Adversaries are generating malware and finding new vulnerabilities faster than security software companies can respond; the approach today is very much based on prevention by securing systems using best practices and tools for detection of known threats. The detection methods search for known bad signatures. However, using advanced computing capabilities such as automated machine learning, it is possible to develop methods for identifying previously unknown threats and to potentially stop unknown malware before it impacts system functionality. To detect unregistered threats, that is threats that have not been identified previously, a new paradigm for the basis of detection is proposed in this research. This technology has broad applicability to address cyber issues and beyond.
