Cyber-Threat Analytics (Cyber-TA)
Over the last several years, there has been an emerging interest in the development of wide-area security data collection and analysis centers to help identify, track, and formulate responses to the ever-growing number of coordinated attacks and self-replicating malware infections that plague networks worldwide. To date, there have been a number of exemplar wide-area analysis centers, within both the military and public Internet, that collect streams of security log content from a distributed sampling of network participants, and use this information to gain a network-wide perspective of dominant intrusion patterns, attack trends, and spikes in the various alert content that may be indicative of emerging wide-spreading threats.
Cyber-Threat Analytics (Cyber-TA) is a research initiative to accelerate the ability of organizations to defend against Internet-scale threats by delivering technology that will enable the next generation of privacy-preserving digital threat analysis centers. These centers must be fully automatic, scalable to alert volumes and data sources that characterize attack phenomena across millions of IP addresses, and higher fidelity in their ability to recognize attack commonalities, prioritize, and isolate the most critical threats.
Cyber-TA brings together leading researchers in large-scale network intrusion defenses with leaders from the information privacy community to develop next-generation wide-area collaborative defense technologies that maximally balance the needs for contributor privacy with the need for rich-content data to drive new threat detection and mitigation systems.
More Information: http://www.cyber-ta.org/Principal Investigator:
The Cyber-TA '06 project is managed through the U.S. Army Research Laboratory’s Army Research Office (ARO) under Research Grant No. W911NF-06-1-0316. Thank you to Cliff Wang for his ongoing support.
In FY’05 the Cyber-TA initiative was managed under the guidance of the Disruptive Technology Office (formerly ARDA). Thank you to Carl Landwehr and Richard Brackney for their support.