Summaries - Office of Research & Innovation
Back Adapting to Dynamic Cyber Threats through Continuous Deployment of Firewall Rules
|Division||Graduate School of Operational & Information Sciences|
Monaco, John V.
|Sponsor||Army Network Enterprise Technology Command (Army)|
|Summary||This project will quantify the dynamic threats that exist on a live network and address the need to continuously deploy firewall rules that aim to mitigate moving targets. This work will not replace the network administrator, but rather provide the administrator with a curated shortlist of recommendations consisting of firewall rule additions and deletions. These recommendations will be formed by modeling the ingress and egress filters specified by domain experts, analyzing the traffic on a live network, and recommending new rules with a machine learning model. The project will deliver 1) a dataset that contains known benign and malicious traffic labeled through domain expertise and used to facilitate model specification; 2) an analysis of the dataset summarizing known threats; 3) a firewall rule recommendation system which facilitates continuous rule deployment, providing capabilities beyond current generation firewalls; 4) a technical report summarizing work performed; 5) documentation summarizing data processing workflow.|