Xie, Geoffrey G.

We propose to conduct a case study to understand the power of DISA 's Cyber Situation Awareness Analytic Cloud (CSAAC) system. Specifically, we will leverage recent NPS thesis work by Capt Matthew Weant, USMC, and Capt Daniel Alexander, USA, on fingerprinting reverse web proxies through TCP timing analyses. We will refine their timing analysis methods and integrate them into CSAAC in order to detect a wider range of malicious network traffic, mitigate the negative impact, and track down the sources of such traffic. By examining new forms of malicious traffic that may arise in the emerging cloud-based enterprise settings and focusing on tool development and real-world experiments, this study is also relevant to two other MARFORCYBER topics presented in the 2015 thesis research study group meeting: (1) Future threats/threat environment in cyberspace, and (2) Attaining I&W in cyberspace.
Cebrowski Institute
Marine Corps Forces Cyberspace Command
Marine Corps
2016