Research Summaries

Back Anomaly Detection Across Navy Networks/Platforms

Fiscal Year 2015
Division Research & Sponsored Programs
Department Naval Research Program
Investigator(s) Gallup, Shelley P.
Sponsor NPS Naval Research Program (Navy)
Summary In the Navy's cyber domain, an insider threat may be a current or former employee/ contractor, with authorized access to an organization's network, systems, or data, who intentionally misused that access in a manner that negatively affects the confidentiality, integrity, or availability of sensitive information. Detecting and mitigating the insider threat is crucial to national security. The Naval Postgraduate School (NPS) Distributed Information Systems Experimentation (DISE) research group proposes to design and develop automated and manual processes to mitigate the insider threat. The research will leverage a near-real-time (NRT) response model that is part of the current NPS OPNAV Studies Cyber Research Project. The basic premise is to align Insider Threat Program (InTP) and Computer Network Defense (CND) processes and procedures within an automated and manual "Playbook" construct. The project will seek to aggregate mitigation capabilities in an extensible, actionable, and executable information model to characterize insider interaction with enterprise and Internet domain access to deter, detect and mitigate threats within the emergent Information Dominance architecture.
Keywords
Publications Publications, theses (not shown) and data repositories will be added to the portal record when information is available in FAIRS and brought back to the portal
Data Publications, theses (not shown) and data repositories will be added to the portal record when information is available in FAIRS and brought back to the portal