Home 

Cyber threat hunting is defined in current standards as a proactive search capability in organizational systems to search, detect, track, identify, and disrupt advanced persistent cyber threats. The Cyberspace Threat Discovery Module (CTDM) is an integrated approach that addresses the various functions which need to be integrated into a complete real-time analysis process.

A Combatant ship’s Navigation enclave supports many critical ship missions from navigation and maneuver in restricted, shallow, hazardous, or congested waterspace to support for weapons engagements. For Air warfare, precisely timed and highly accurate initialization of SM-x is critical for successful guidance. For Land and Surface warfare, transfer alignment of ship’s aircraft and cruise missiles is critical. For Space, it must provide very exacting stabilization parameters for radar beam pointing with little to no noise anomalies.

CTDM is innovative in several ways:

·       Newly invented Data Fusion (DF) Artificial Intelligence (AI) algorithms infer attack behavior from observations and features of ownforce assets. This way, when a zero-day (never seen before) attack occurs, the DF algorithms will still detect the effects even though the cause is initially unknown.  Typical cyber threat detection products have signature-based threat detection. Catching threats by signatures is like trying to catch burglars by fingerprinting every surface of a city.

·       The DF can produce multiple hypotheses yet keep the operator’s decision space tractable because each hypothesis has a mathematically rigorous likelihood ratio that can be used to filter, screen, threshold, and prioritize the cyberspace situational display.

·       The DF algorithms are informed by a formal ontology populated with authoritative cyberspace knowledge such as CAPEC and ATT&CK®.

·       Novel adaptation of patented IBSM Level 4 data fusion algorithm to optimize cyberspace expected information value rate.

Never before sophisticated Level 0-4 DF and ontology applied to realtime shipboard Industrial Control System (ICS) environment. Integration of a widely used Commercial Off The Shelf (COTS) cyber product (Elastic) with state-of-the art scientific DF algorithms.