The Department of Defense (DOD) is seeking proposals for a Small Business Innovation Research (SBIR) Phase I project titled "Portable Analytics for Multi-Stage Cyber Attack Investigation". The Navy branch is specifically interested in developing forward-deployed portable analytics to automate the initial stages of cyber attack investigation in connectivity-disadvantaged tactical platforms. The goal is to reconstruct attack stories and distill important events from large amounts of low-level system and network data. The project aims to address the challenge of conducting effective Defensive Cyber Operations (DCO) in environments with limited connectivity.
In Phase I, the objective is to define and develop a concept for automated rapid cyber forensics that can enable multi-stage cyber attack investigation. A model of how the analytics would feed the cyber event distillation should be provided. Phase II would involve developing a containerized portable analytic capability to validate the concepts defined in Phase I. The prototype should demonstrate attack story reconstruction and key data distillation on different types of system and network data. The final phase, Phase III, focuses on integrating the developed portable analytics prototype into a DCO system and fielding it with appropriate data ingestors. The commercial use of this technology includes cyber security analysis in various sectors such as automotive, IoT, robotics, agricultural, and industrial control.
The project duration and funding specifics are not provided in the document. For more information and to access the solicitation, visit the DOD SBIR/STTR Opportunities website.