DHS said Thursday that researchers at federally funded laboratories and academic research centers developed the technologies which will be offered to clients in the commercial market.
The TTP program picks potential cybersecurity technologies, from Energy and Defense Department laboratories, federally funded research and development centers, university affiliated research centers and universities, which will be developed with federal funding and incorporated into the transition-to-market program.
The Demonstration Day event will showcase the 2017 batch of products to cybersecurity professionals, developers, integrators, investors and technology companies including those from the energy, financial and government sectors.
DHS will host more demonstration day events in the future. The events are designed to help foster pilot opportunities by bridging concepts with cybersecurity professionals who can help further develop technologies into commercially viable products.
Robert Griffin, acting DHS under secretary for science and technology said the 2017 TTP cohort includes a range of cybersecurity technologies designed to boost cyber defenses of networks in the public and private sectors.
The eight new TTP technologies include:
- Cyber Human Language Technology Analysis, Reasoning and Inference for Online Threats (CHARIOT) addresses the data overload problem cyber-analysts encounter by filtering open-source social media to eliminate irrelevant topics. It was developed by Massachusetts Institute of Technologyâs Lincoln Laboratory (MIT LL).
- Quantitative Attack Space Analysis and Reasoning (QUASAR) provides visualization and quantitative analytics for determining the security impact of deploying cyber-defenses in an enterprise environment. QUASAR also was developed by MIT LL.
- A Novel Intrusion Prevention System for Android (APE) is an application for Android devices that performs deep-packet inspection and filtering of traffic entering and leaving the device, thus blocking malicious traffic and lowering its attack profile. APE was developed by the Mitre Corporation.
- Akatosh: Automated Cyber Incident Verification and Impact Analysis enables automated, real-time forensic analysis of endpoints after malware-attacks and other cybersecurity incidents by automatically maintaining detailed snapshots of host-level activity on endpoints over time. The technology was developed at Oak Ridge National Laboratory (ORNL).
- Real-Time Cyber-Physical Attack Detection (CPAD) protects power transmission and distribution and other highly sensitive control systems by performing analytics and automatically inferring underlying physical relationships to detect sensor failures, replay attacks and other data-integrity issues in real time. CPAD also was developed at ORNL.
- StreamWorks: Continuous Pattern Detection on Streaming Data supports continuous detection of emerging patterns in a system of graph-structured data, which are used to detect emerging events in massive netflow or event log data streams. It was developed at the Pacific Northwest National Laboratory.
- Keylime: Enabling Trusted Platform Module-Based Trust in the Cloud enables users to securely bootstrap secrets (e.g., cryptographic keys, passwords, etc.) and continuously verify trust in their cloud computing resources without needing to trust their cloud provider. Keylime also was developed at MIT LL.
- Policy Enforcement and Access Control for Endpoints (PEACE) protects endpoint devices in an enterprise network by intercepting all new network connections and vetting them at a centralized network controller, allowing administrators to enforce network policy and control access to proactively defend their networks. PEACE was developed at the Worchester Polytechnic Institute.