Raytheon Company has been selected to support an insider threat research programme led by the Defense Advanced Research Projects Agency (DARPA).
The goal of the DARPA Anomaly Detection at Multiple Scales (ADAMS) programme is to create, adapt and apply technology to the problem of anomaly characterization and detection in large data sets.
In order to build algorithms to better detect anomalous behaviors, the ADAMS project will use data collected by Raytheon's endpoint audit and investigation solution known as SureView(TM). The specific goal of ADAMS researchers is to detect anomalous behaviors shortly after a trusted insider "turns" and begins committing malicious acts. Unlike previous insider threat research programmes that were limited in size and scope, ADAMS will leverage massive data sets from large computer end-user populations observed in live, operational environments. DARPA has stated it wants the technology developed by ADAMS researchers to bolster the capabilities of existing sensor suites currently employed by cybersecurity analysts and operators.
"This project will provide unprecedented understanding of the insider threat at a time when the US government is mandating that agencies implement automated insider threat detection capabilities to protect their classified information systems," said Steve Hawkins, vice president of Raytheon's Intelligence and Information Systems' Information Security Solutions business. "The ADAMS programme will ensure that operationally proven tools such as SureView can be further enhanced to keep pace with the ever-evolving nature of the insider threat and allow analysts to better identify precursor behaviors before damaging incidents occur."
SureView captures malicious activity by proactively auditing end-user behavior on computer endpoints for policy violations and high-risk activity, such as accessing classified or proprietary data and trying to send it outside the firewall. Whether an incident is accidental or deliberate, SureView provides customers visibility and context to discern benign and malicious behavior all while adhering to an organization's privacy policies.
SureView agents are able to collect data associated with a multitude of applications, processes and behaviors, including Web browsing, removable media, MS Office applications, file activity, email, MS Windows registry, peer-to-peer applications, log on/log off activity, keystroke logging and clipboard functions, use of printers, use of Windows terminal services, instant messaging, command line operations and use of encryption.
Source: Raytheon
Until the 21st century, intelligence was gathered in discreet ways. People would go undercover, use secret codes, and pass intelligence over at park benches. With thanks to the huge leap forward in technology, we now live in a world with an abundance of easily accessible information.
L3Harris has been contracted by the US Intelligence Advanced Research Projects Activity to carry out human mobility modelling and simulation to support development of future autonomous systems.
The US Marine Corps is acquiring further L3Harris Falcon IV tactical radios under two new contracts.
Northrop Grumman has begun delivering Integrated Battle Command System relay units under Poland's Wisla medium-range air defence programme.
USSOCOM is betting on meshed networking technology to enable a single operator to control multiple swarming uncrewed systems across air, land and sea.
The demo will showcase a layered and integrated communications network featuring mobile ad hoc network, tropospheric scatter, and satellite connectivity.
Connect with us on socials
