Charles River Analytics, developer of intelligent systems solutions, is building a system for the US Navy that detects cyberattacks before they have the chance to damage or compromise mission-critical systems. The Detecting Anomalies in Application Memory Space (DAAMS) effort will provide attack-detection capabilities specifically for memory space, an area frequently targeted by cyberattacks. The contract is valued at ~$1.5 million over three years with options exercised.
“Charles River has dedicated significant resources to build state-of-the-art cyber-defense systems that help the military get ahead of crippling cyberattacks,” said Dan Mitchell, the technical lead on the DAAMS effort. “We’re excited to leverage our expertise in advanced anomaly detection and machine learning techniques to help the US Navy detect cyberattacks before they can damage naval systems.”
Application-level software is frequently the target of attacks and can be difficult to protect. Although many current defense systems counter cyberattacks, they are narrowly focused or usable only at certain levels of the software stack and do not protect the full application. Attacks that operate on the memory space of applications are especially common, effective, and hard to detect using current systems.
We are applying our Systemic Functional Grammar (SFG) Toolkit and the Anomaly Detection Toolkit to this problem. DAAMS will use these toolkits to detect cyberattacks on memory space by identifiying anomalies without affecting the application’s mission-time performance.
DAAMS builds on our capabilities in cyber defense, such as our cyber vulnerability testing in HAMLET and our cyber modeling and adversary toolkit, CyMod.
This material is based upon work supported by the Naval Sea Systems Command under Contract No. N00178-17-C-1126. Any opinions, findings and conclusions or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of the Naval Sea Systems Command. Statement A: Approved for Release. Distribution is unlimited.