Raytheon chosen by DARPA for cybersecurity programme
Raytheon Company has been selected to support an insider threat research programme led by the Defense Advanced Research Projects Agency (DARPA).
The goal of the DARPA Anomaly Detection at Multiple Scales (ADAMS) programme is to create, adapt and apply technology to the problem of anomaly characterization and detection in large data sets.
In order to build algorithms to better detect anomalous behaviors, the ADAMS project will use data collected by Raytheon's endpoint audit and investigation solution known as SureView(TM). The specific goal of ADAMS researchers is to detect anomalous behaviors shortly after a trusted insider "turns" and begins committing malicious acts. Unlike previous insider threat research programmes that were limited in size and scope, ADAMS will leverage massive data sets from large computer end-user populations observed in live, operational environments. DARPA has stated it wants the technology developed by ADAMS researchers to bolster the capabilities of existing sensor suites currently employed by cybersecurity analysts and operators.
"This project will provide unprecedented understanding of the insider threat at a time when the US government is mandating that agencies implement automated insider threat detection capabilities to protect their classified information systems," said Steve Hawkins, vice president of Raytheon's Intelligence and Information Systems' Information Security Solutions business. "The ADAMS programme will ensure that operationally proven tools such as SureView can be further enhanced to keep pace with the ever-evolving nature of the insider threat and allow analysts to better identify precursor behaviors before damaging incidents occur."
SureView captures malicious activity by proactively auditing end-user behavior on computer endpoints for policy violations and high-risk activity, such as accessing classified or proprietary data and trying to send it outside the firewall. Whether an incident is accidental or deliberate, SureView provides customers visibility and context to discern benign and malicious behavior all while adhering to an organization's privacy policies.
SureView agents are able to collect data associated with a multitude of applications, processes and behaviors, including Web browsing, removable media, MS Office applications, file activity, email, MS Windows registry, peer-to-peer applications, log on/log off activity, keystroke logging and clipboard functions, use of printers, use of Windows terminal services, instant messaging, command line operations and use of encryption.
Source: Raytheon
More from Digital Battlespace
-
DARPA awards AI contracts
The US has been working to out how to use and defend against AI with DARPA alone outlining in 2008 ‘AI Next’ programme with US$2 billion committed to advance the science of AI.
-
Finding your space
Digital mapping and geolocation have become critical to battlespace users, and ensuring the best content is delivered is vital.
-
Why the US would struggle to overcome Russia’s nuclear anti-satellite weapon
Russia's move to develop a nuclear anti-satellite weapon has highlighted US anxieties over space combat readiness, challenging the Pentagon's strategic defences in a potential cosmic battleground.
-
China’s AI developments in electronic surveillance extends to battlefield
‘Nowhere to hide’ as Chinese progress in AI-enabled surveillance technological has enabled it to identify and suppress enemy communications systems.
-
Boeing wins $440 million contract for 12th Wideband Global SATCOM satellite
Wideband Global SATCOM (WGS) satellites have been supporting the US DoD’s warfighting information exchange requirements, enabling execution of tactical C4ISR, battlefield management and combat support information.