DOD SBIR 24.1 BAA

Active
No
Status
Closed
Release Date
November 29th, 2023
Open Date
January 3rd, 2024
Due Date(s)
February 21st, 2024
Close Date
February 21st, 2024
Topic No.
MDA241-004

Topic

Insider Threat Risk Calculator

Agency

Department of DefenseN/A

Program

Type: SBIRPhase: BOTHYear: 2024

Summary

The Department of Defense (DOD) is seeking proposals for the development of an Insider Threat Risk Calculator. The objective is to create a tool that can ingest leads from various sources, synthesize the information with other available data on a Possible Threat Actor (PTA), assign a risk level to the PTA, and notify Counter-Insider Threat (C-InT) analysts of the risk level. The tool should automate the lead screening process and leverage Artificial Intelligence (AI) to enhance analysts' abilities to recognize potential threats. In Phase I, the tool should demonstrate the ability to collect leads from automated sources, written reports, and online reporting sources. Phase II should focus on fusing and synthesizing the collected data, assigning appropriate risk levels, and storing the data for analyst review. The risk levels should be presented as a percentage threat value with associated explanations. In Phase III, the tool should create human interface technologies that allow analysts to interpret the collected data and risk levels. The project duration and funding specifics are not provided in the document. For more information and to submit a proposal, visit the DOD SBIR 24.1 BAA solicitation page on grants.gov.

Description

OUSD (R&E) CRITICAL TECHNOLOGY AREA(S): Human-Machine Interfaces

 

OBJECTIVE: Develop a tool that would ingest leads from various sources, synthesize the leads with all other available information regarding a Possible Threat Actor (PTA), assign a risk level to the PTA, and notify Counter-Insider Threat (C-InT) analysts of the risk level.

 

DESCRIPTION: Defense Agencies, along with C-InT Programs across the entire U.S. Government, collect leads on PTA’s through multiple sources, some of which include: User Activity Monitoring (UAM), Information Technology professionals, and Agency reporting tools.  Unfortunately, few if any C-InT programs have the workforce needed to adequately screen each lead, compare it with available other collected data, and assign a risk level to the PTA.  The two main reasons for this is that screening thousands of leads each month requires a cost-prohibitive number of analysts, and the enormous volume of leads fatigues analysts, resulting in missed warning signals.  Automating the lead screening process and leveraging Artificial Intelligence (AI) to assign risk levels to PTAs would enhance analysts’ abilities to recognize potential threats and increase the time available for leaders to interdict and mitigate unfavorable behaviors.

 

PHASE I: Demonstrate ability to ingest leads and collect from automated sources, written reports, and on-line reporting sources such as social media.  Collections could include written documents, images, or video feeds.

 

PHASE II: Demonstrate ability to fuse and synthesize the collected data and assign appropriate risk levels.  The system should store in such a way that analysts could access and review the collected artifacts.  Risk levels should appear as a percentage threat value with zero percent meaning no threat, and 100 percent meaning imminent threat.  The risk level should also come with an associated write-up explaining how the system arrived at the risk level.

 

PHASE III DUAL USE APPLICATIONS: Demonstrate ability to create human interface technologies that would allow Counter-Insider Threat analysts the ability to interpret the data collected and the risk levels assigned.  The system should be capable of presenting all collected data, risk levels, and explanations of findings in an easily readable, intuitive human interface, such as an "analyst workbench" or other similar interface.

 

REFERENCES:

DoD Instruction 5205.16, The DoD Insider Threat Program.  https://www.esd.whs.mil/Portals/54/Documents/DD/issuances/dodd/520516p.pdf 
National Insider Threat Task Force Maturity Framework https://www.dni.gov/files/NCSC/documents/nittf/20181024_NITTF_MaturityFramework_web.pdf 

 

KEYWORDS: Insider Threat; Risk assessment; Risk Scoring

Similar Opportunities

DOD SBIR 24.4 Annual
Department of Defense
The Department of Defense (DOD) is seeking proposals for the topic of "User and Entity Behavior Analysis" as part of their SBIR program. The objective of this research is to develop a UEBA capability that serves as a Policy Decision Point (PDP) in the Tactical Zero Trust Architecture (ZTA). The UEBA will analyze user and entity behavior by collecting activity data and applying advanced analytics to detect anomalies. The solution will leverage data already collected and normalized by the Elastic Stack and incorporate various sources such as Active Directory, endpoint systems, firewalls, and vulnerability scans. The UEBA should include a flexible REST API for obtaining telemetry and making authorization decisions. The project will be conducted in three phases. Phase I requires a proof of concept in the form of a whitepaper, demonstrating the feasibility of developing the UEBA capability. Phase II involves developing a prototype to collect and interpret data, display risk score changes, and allow human decision-making based on alerts. Phase III focuses on dual-use applications, such as embedding AI/ML pattern recognition into cybersecurity operations and applying UEBA to IoT, healthcare, and finance sectors. The project duration is not specified, but the solicitation is open until March 31, 2025. For more information and to submit proposals, interested parties can visit the DOD SBIR website at [solicitation_agency_url].
DOD SBIR 24.4 Annual
Department of Defense
The Department of Defense (DOD) is seeking proposals for the topic "xTechScalable AI" as part of the SBIR program. The Army branch is specifically interested in novel and disruptive concepts and technology solutions that can address the vulnerabilities of current machine learning pipelines and models. The goal is to develop comprehensive security models capable of defending against universal AI threat vectors. The Army is prioritizing proposals that focus on systematic testing and evaluation methods, trusted and secure validation and verification strategies, continuous monitoring capabilities, improved transparency and assurance of code and data, and improved telemetry capabilities. The Army will use the xTechScalable AI prize competition to identify small businesses that meet the criteria for award, and only winners of the competition will be eligible to submit a proposal under this topic. The project will have three phases: Phase I involves submitting a Direct to Phase II (DP2) proposal, Phase II involves producing prototype solutions for evaluation by soldiers, and Phase III involves completing the maturation of the technology and producing prototypes for further development and commercialization. The deadline for proposal submission is March 31, 2025. For more information and to submit a proposal, visit the solicitation agency's website at [solicitation_agency_url].