Asset Publisher
Characterization and Analysis of Army Cyber Data

The Army Cyber (ARCYBER) Command collects and examines data flowing across computer networks. Its goals include identifying possible misuse of Army networks, interdicting hackers, and identifying potentially harmful actions and actors. The amount of data collected by ARCYBER is enormous, and the signatures of adverse actions can change with time. ARCYBER employs some cyber operators to examine windows of this data using software applications developed in a unique environment, Gabriel Nimbus.

The research will focus on developing methods and tools for use in Gabriel Nimbus to improve ARCYBER's capability in two problem areas: intrusion detection and behavioral monitoring, both of which benefit from a capability to identify anomalous traffic. The research team, working in largely in parallel, will leverage expertise from the areas of statistics, mathematics, and computer science to address these problems in conjunction with the sponsor.
Operations Research
TRADOC Analysis Center-Monterey
Army
2017