Comprehension Aid for cyber analysis

Period of Performance: 02/23/2016 - 11/21/2016

$149K

Phase 1 SBIR

Recipient Firm

Machine Understanding, LLC
12204 St. James Rd. Array
Potomac, MD 20854
Firm POC, Principal Investigator

Abstract

This project will develop novel methods and software tools for human cognition augmentation in cyber security systems. The methods and tools produced in this effort will be used to increase situational awareness of cyber analysts, focusing on improving their comprehension of dynamic interplay between attack characteristics and network conditions, as the situations unfold. Improved situational comprehension will enable improved performance across a range of tasks carried out in the course of cyber analysis, including assessing threats, determining their likely impact, and selecting defensive and/or offensive countermeasures commensurate with the changing conditions and operational priorities. The effort will produce functional modules that can be configured into a stand-alone Comprehension Aid or “Intelligent Interface” mediating between the analyst and the system under control. The interface will help the analyst to process data generated by network traffic assessment, intrusion detection, and other such activities across different tasks, and to combine the results into a unified, meaningful representation of the overall situation. The technical approach involves organizing and displaying data in a format facilitating performance of the main cognitive operations underlying situation comprehension, such as prioritization, establishing and maintaining mapping between different tasks and the overall mission and objectives, unification (data grouping), and coordination between the groups. The product will help to streamline cognitive operations and reduce cognitive workload experienced by cyber analysts.