Research Summaries

Back Fingerprinting, Tracing, and Mitigating Malicious Traffic with CSAAC

Fiscal Year 2015
Division Research & Sponsored Programs
Department Cebrowski Institute
Investigator(s) Xie, Geoffrey G.
Sponsor Marine Corps Forces Cyberspace Command (Marine Corps)
Summary We propose to conduct a case study to understand the power of DISA's Cyber Situation Awareness Analytic Cloud (CSAAC) system. Specifically, we will leverage recent NPS thesis work by Capt Matthew Weant, USMC, and Capt Daniel Alexander, USA, on fingerprinting reverse web proxies through TCP timing analyses. We will refine their timing analysis methods and integrate them into CSAAC in order to detect a wider range of malicious network traffic, mitigate the negative impact, and track down the sources of such traffic. By examining new forms of malicious traffic that may arise in the emerging cloud-based enterprise settings and focusing on tool development and real-world experiments, this study is also relevant to two other MARFORCYBER topics presented in the 2015 thesis research study group meeting: (1) Future threats/threat environment in cyberspace, and (2) Attaining I&W in cyberspace.
Keywords
Publications Publications, theses (not shown) and data repositories will be added to the portal record when information is available in FAIRS and brought back to the portal
Data Publications, theses (not shown) and data repositories will be added to the portal record when information is available in FAIRS and brought back to the portal