Portable Analytics for Multi-Stage Cyber Attack Investigation
ID: N24A-T019Type: Phase I
Overview

Topic

Portable Analytics for Multi-Stage Cyber Attack Investigation

Agency

Department of DefenseN/A

Program

Type: STTRPhase: Phase IYear: 2024

Topic Link

https://www.sbir.gov/node/2479617

Additional Information

https://www.defensesbirsttr.mil/SBIR-STTR/Opportunities/
Timeline
  1. 1
    Release Nov 29, 2023 12:00 AM
  2. 2
    Open Jan 3, 2024 12:00 AM
  3. 3
    Next Submission Due Feb 21, 2024 12:00 AM
  4. 4
    Close Feb 21, 2024 12:00 AM
Description

The Department of Defense (DOD) is seeking proposals for a Small Business Innovation Research (SBIR) Phase I project titled "Portable Analytics for Multi-Stage Cyber Attack Investigation". The Navy branch is specifically interested in developing forward-deployed portable analytics to automate the initial stages of cyber attack investigation in connectivity-disadvantaged tactical platforms. The goal is to reconstruct attack stories and distill important events from large amounts of low-level system and network data. The project aims to address the challenge of conducting effective Defensive Cyber Operations (DCO) in environments with limited connectivity.

In Phase I, the objective is to define and develop a concept for automated rapid cyber forensics that can enable multi-stage cyber attack investigation. A model of how the analytics would feed the cyber event distillation should be provided. Phase II would involve developing a containerized portable analytic capability to validate the concepts defined in Phase I. The prototype should demonstrate attack story reconstruction and key data distillation on different types of system and network data. The final phase, Phase III, focuses on integrating the developed portable analytics prototype into a DCO system and fielding it with appropriate data ingestors. The commercial use of this technology includes cyber security analysis in various sectors such as automotive, IoT, robotics, agricultural, and industrial control.

The project duration and funding specifics are not provided in the document. For more information and to access the solicitation, visit the DOD SBIR/STTR Opportunities website.

Files
No associated files provided.
Similar Opportunities
DOD STTR 24.D Annual - Reasoned Cyber Visualization (RC-Vis)
Active
Department of Defense
The Department of Defense (DOD) is seeking proposals for the Reasoned Cyber Visualization (RC-Vis) topic as part of the Small Business Innovation Research (SBIR) Phase I program. The objective of RC-Vis is to develop semantic technology that generates tiered visualizations of cyber defense coverage and interactions to assess cyber vulnerability. The technology aims to address the gap in reasoning and visualizing how multiple cyber defenses interrelate and the implications of known threats. The project duration for Phase I is six months with a funding amount of $250,000. Successful proposals should include an architecture for producing a modular, intermediate semantic representation, a methodology for reasoning over this representation, a constructive and/or generative approach for creating tiered visualizations, and a graphic user interface. Phase II, with a duration of 24 months and funding of $1.8 million, focuses on developing a full prototype that can generate both semantic and graphic representations. The technology resulting from this SBIR has potential applications in risk management, cyber security training, and improving cyber security posture.
DOD SBIR 24.4 Annual - Small Unmanned Ground Robotic Systems
Active
Department of Defense
The Department of Defense (DOD) is seeking proposals for the development of a cyber-hardened small unmanned ground robotic system. The system should be capable of being operated using both a vendor-developed .apk TAK GOV software controller and a Tomahawk Robotics Grip S20 universal controller. It should integrate the best C2/data link components and be operable with Silvus Technologies and Persistent Systems radios. The system should be designed for intelligence, surveillance, and reconnaissance (ISR) purposes and be able to operate in all-weather conditions within rural and urban environments. The system should have a minimum battery life of 60-90 minutes and a ground control station line-of-sight range capability of 100 meters. The integrated sensors should be able to identify moving armed personnel at specified distances. The system should also have cyber survivability attributes and be capable of carrying various payloads. The Phase I of the project involves conducting a feasibility study to assess the options that satisfy the requirements. The Phase II includes developing, installing, and demonstrating a prototype system. The system has potential applications in a broad range of military operations, enhancing operational situational awareness, reducing cognitive and physical workload, and reducing risk to the user. The project is open for proposals until March 31, 2025. For more information, visit the [solicitation link](https://www.defensesbirsttr.mil/SBIR-STTR/Opportunities/).
DOD SBIR 24.4 Annual - NAVWAR Open Topic for Advanced Data Integrity and Control Methods
Active
Department of Defense
The Department of Defense (DOD) is seeking proposals for the NAVWAR Open Topic for Advanced Data Integrity and Control Methods. The objective of this solicitation is to develop a method to assure integrity, control access, and distribution for information on any device or network. The DOD requires the ability to securely move information from anywhere to anywhere, and once delivered, ensure its integrity, control access, and limit further distribution. The current approach to achieving this relies on networks and applications, but the DOD is exploring methods to control data independent of an application or platform. Proposed solutions must protect data independent of networks, applications, or database technologies, function in disrupted, disconnected, intermittent, and low-bandwidth situations, and recover gracefully once connectivity is restored. The Phase I awards for this topic will have a period of performance of four months and a cost not to exceed $75,000, while Phase II will involve a small-scale deployment of the proposed concept. Phase III will focus on integrating the capability demonstrated in Phase II with current Naval networks. The technology developed through this solicitation has potential applications beyond the defense domain and can benefit anyone working with sensitive information.
DOD SBIR 24.4 Annual - User and Entity Behavior Analysis
Active
Department of Defense
The Department of Defense (DOD) is seeking proposals for the topic of "User and Entity Behavior Analysis" as part of their SBIR program. The objective of this research is to develop a UEBA capability that serves as a Policy Decision Point (PDP) in the Tactical Zero Trust Architecture (ZTA). The UEBA will analyze user and entity behavior by collecting activity data and applying advanced analytics to detect anomalies. The solution will leverage data already collected and normalized by the Elastic Stack and incorporate various sources such as Active Directory, endpoint systems, firewalls, and vulnerability scans. The UEBA should include a flexible REST API for obtaining telemetry and making authorization decisions. The project will be conducted in three phases. Phase I requires a proof of concept in the form of a whitepaper, demonstrating the feasibility of developing the UEBA capability. Phase II involves developing a prototype to collect and interpret data, display risk score changes, and allow human decision-making based on alerts. Phase III focuses on dual-use applications, such as embedding AI/ML pattern recognition into cybersecurity operations and applying UEBA to IoT, healthcare, and finance sectors. The project duration is not specified, but the solicitation is open until March 31, 2025. For more information and to submit proposals, interested parties can visit the DOD SBIR website at [solicitation_agency_url].
DOD SBIR 24.4 Annual - Small Unmanned Ground Robotic Systems
Active
Department of Defense
The Department of Defense (DOD) is seeking proposals for the development of a cyber-hardened small unmanned ground robotic system. The system should be capable of being operated using both a vendor-developed .apk TAK GOV software controller and a Tomahawk Robotics Grip S20 universal controller. It should integrate the best C2/data link components and be operable with Silvus Technologies and Persistent Systems radios. The system should be designed for intelligence, surveillance, and reconnaissance (ISR) purposes and be able to operate in all-weather conditions within rural and urban environments. The system should have a minimum operating time of 60 minutes for smaller systems and 90 minutes for larger systems, with a ground control station line-of-sight range capability of 100 meters. The integrated sensors should be able to identify moving armed personnel at specified distances. The system should also have cyber survivability attributes and be capable of carrying various payloads. The feasibility study for Phase I should investigate all options that meet or exceed the minimum performance parameters. Phase II involves developing and demonstrating a prototype system, and Phase III focuses on dual-use applications in military settings. The solicitation is open until March 31, 2025. For more information, visit the [solicitation link](https://www.defensesbirsttr.mil/SBIR-STTR/Opportunities/).