Below are the key areas of interest for the Cyber Operations, Analysis, and Research Section:
We research large Internet infrastructure issues including cloud security, physical vulnerabilities with cascading cyber consequences, routing and backbone denial of service, fiber path redundancy and data dependency analysis.
We currently collaborate with Argonne’s Advanced Powertrain Research Facility (APRF) to investigate automotive cyber vulnerabilities including remote attack vectors for vehicles such as wireless and vehicle-to-vehicle communications.
This website now runs on our patent pending MORE MTD technology. We have ongoing projects to implement MTD on industrial control system platforms and for C4I and military communications.
Our current botnet research is directed at attacking infected botnet hosts to mitigate botnets instead of attacking the command and control centers. This technique would mitigate “zombie recidivism” and reduce resources for cyber criminals.
We are developing tools to enable novel visualizations for displaying dependencies and interdependencies between critical infrastructure facilities and sectors.
Mobile Encryption Gateway (MEG)
MEG is a prototype technology that strives to bring best effort email encryption to end users. MEG will make PGP setup effectively as easy as installing a cell phone app and will establish the users’ smartphone as a private key store, allowing for ubiquitous access to private keys without key distribution.
We are investigating the ability to infiltrate satellite communications via cyber attacks and use those communications to eavesdrop or spoof communications or even alter the path of satellites, possibly accelerating the Kessler effect.
We have reviewed fatigue studies to identify vulnerabilities in guards and watch floors to social engineering attacks. We are studying spear phishing attacks to determine what specific times and patterns are generally successful.
We are researching both the legal implications and the effectiveness of using offensive techniques, tactics, tools and practices as a defensive strategy and/or deterrence in the cybersecurity space.
Security Intelligence for Trending Events
We are improving intelligence in trending events using social media analytics, geoclustering, and dynamic, interactive visualization to allow intelligence analysts to respond quickly to emerging world events.