Summaries - Research
Back Open-Source Network Traffic Characterization and Anomaly Detection
|Division||Graduate School of Operational & Information Sciences|
Dell, Robert F.
|Sponsor||Army Network Enterprise Technology Command (Army)|
|Summary||The United States Army Network Enterprise Technology Command (NETCOM) Data Science Division (DSD) helps ensure freedom of action in Army cyberspace while denying the same to our adversaries. This requires robust descriptive and predictive capabilities in the network domain and dynamically informed and responsive prescriptive analytic capability with machine-to-machine efficiency. While there are open-source programming tools available for performing some of the required analysis, these tools must be configured specifically for NETCOM using advanced mathematical modeling and programming techniques. The Naval Postgraduate School Data Science and Analytics Group (DSAG) will use data primarily from the Army's Big Data Platform (Gabriel Nimbus) to characterize network behavior in terms of normalcy across many domains. DSAG will use existing open source software tools to configure and implement a software system for NETCOM analysts to analyze and visualize network behavior. DSAG will also use existing open source software tools to configure and implement a software system for NETCOM that detects and reports network anomalies resulting from insider threats and legacy or misconfigured systems. The detected anomalies will be presented in a graphical dash board for action by a human operator. These tools will provide NETCOM analysts custom-designed, state-of-the-art analytic methodologies to support their mission.|
|Publications||Publications, theses (not shown) and data repositories will be added to the portal record when information is available in FAIRS and brought back to the portal|
|Data||Publications, theses (not shown) and data repositories will be added to the portal record when information is available in FAIRS and brought back to the portal|