Skip to Main Content

Title ImagePublic Abstract

 
Collapse

DE-SC0017081: Correlating and Analyzing Network Data through Interpretable Decompositions (CANDID)

Award Status: Inactive
  • Institution: Reservoir Labs, Inc., New York, NY
  • UEI: J4DVUAMQJMW7
  • DUNS: 022423854
  • Most Recent Award Date: 03/29/2022
  • Number of Support Periods: 4
  • PM: Finkel, Hal
  • Current Budget Period: 06/17/2021 - 12/01/2021
  • Current Project Period: 06/17/2021 - 12/01/2021
  • PI: Baskaran, Muthu
  • Supplement Budget Period: N/A
 

Public Abstract

Correlating and Analyzing Network Data through Interpretable Decompositions (CANDID)—Reservoir Labs, Inc., 632 Broadway Suite 803, New York, NY 10012

Muthu Baskaran, Principal Investigator, baskaran@reservoir.com

Giselle Melconian, Business Official, melconian@reservoir.com

Amount:  $1,149,999.00

 

There is an overwhelming demand for developing and delivering an advanced network analysis and cybersecurity tool to analyze and monitor networks and counter cyberattacks and cyber terrorism that are hampering the national and global security and socio-economic prosperity. The shortage of cybersecurity experts exacerbates the problem and increases the need for a powerful cyber analytic tool that genuinely enhances the scope, confidence, and speed of analysis. Network analysis and cybersecurity are also critical in the scientific world for allowing scientists to operate uninterrupted on high-speed secure networks and to accelerate innovations. The overall objective of this project is to develop and deliver a practical and advanced network analysis and cybersecurity tool that can scale to huge volumes of cyber data and provide actionable insights into network activities and attacks/threats without stressing the cognitive load of analysts. The purpose of developing such a tool is to address the challenging and critical problems that the Government and commercial organizations are facing in managing and securing their network and provide them with an advanced analytic tool to secure and operate networks effectively. The overall technical approach is based on advanced “tensor analysis” (an unsupervised machine learning technique) that enables the user to deeply, scalably, and rapidly analyze network data to get actionable insights and discover sophisticated attacks without having the need for the user to specify rule sets for identifying attacks. We have developed a robust and advanced network analysis and cybersecurity tool that: (1) provides comprehensive visibility on the network state and actionable insights with respect to network maintenance, monitoring, and security, (2) provides non-signature based detection of obfuscated and suspicious network behaviors with no upfront specification of the behaviors, (3) scalably analyzes large volumes of data to identify threats and attacks (including zero-day attacks and low-and-slow attacks), (4) provides rapid streaming analysis demanded by the dynamic nature of network data, (5) integrates seamlessly into existing network analysis workflows, (6) provides a user-friendly Python data analytic environment to users, and (7) reduces the cognitive load of network analysts. We have successfully demonstrated the value and capabilities of our solution to prospective Government and commercial customers to solve previously unknown or intractable security problems via proof-of-concept engagements for transition. We have published peer-reviewed technical papers and filed patent applications on the novel techniques involved in our solution. CANDID will significantly improve the security, reliability and operation of commercial, research, and Government (DOE, DoD, and other agencies) networks, and will reduce the overall operational costs and risks for network operation. By providing deeper visibility into threats and attacks (including zero-day attacks) on networks, CANDID will be a critical tool for the cybersecurity community. Several commercial sectors will benefit from the capabilities of CANDID to provide improved visibility, reliability, and security to the networks that are critical for their operations and business. Some of these commercial sectors include (but are not limited to) finance, health, and telecommunications. These sectors will benefit from CANDID’s cybersecurity solution to prevent cyberattacks, prevent data theft, and protect data integrity.




Scroll to top