Home | About | News | R&D | Products & Services | Community | Publications | Careers | Contact
Home

Research and Development

A partial list of Government-funded research projects indicate the research areas of interest, world class skills, and licensable technology of Adventium Labs. The intellectual property developed by Adventium Labs is available for licensing.

 

Cyber NEST (AFRL, Adventium Labs):
The goal of the Cyber Node Enforcing Self-protection and Communication Trustworthiness (Cyber NEST) project is to provide the Air Force with the capability to minimize the time and resources required to develop and deploy trustworthy distributed cyber defenses. On this project, Adventium Labs is designing a cyber defense platform that incorporates a set of trustworthiness properties consistent with the good trust engineering and software development practice described in the Common Criteria. By targeting an assured platform with the appropriate trustworthiness properties and services, cyber security developers can concentrate on the functionality specific to their defensive techniques, thus ensuring lower cost and more rapid deployment. Our tools help system security analysts set up and maintain more secure networks faster and easier.

Papers: none

 

Deep Green LIME Seedling (DARPA/IPTO, Adventium Labs):
Language for Investigating Myriad Eventualities (LIME) was a research project to provide the representational basis for the DARPA Deep Green(DG) program. LIME requirements are derived from the three DG scenarios (mid intensity conflict, humanitarian aid, and counter insurgency) and the DG vision as described in the published BAA. Pulling from existing military domain representations, such as MSDL, AUTL, 2525b, JC3IEDM, and existing planning representations, such as PDDL, CIRCA, ACT, LTML, and O-Plan, LIME’s goal is robust representational capabilities needed for DG. Challenges include what types of abstraction are required, how should state, plans, and commander's intent be represented, and what changes are needed to standards (such as MSDL). The objective is to jump start the program performers (especially the integrator) by identifying these issues and proposing an approach to addressing them.

Papers:

  • Deep Green Seedling: Language for Investigating Myriad Eventualities 

 

Scalable Monitoring in the Extreme (SMITE) Phase I and II (DARPA/STO, Adventium Labs):
SMITE, part of DARPA’s Scalable Network Monitoring (SNM) program, is developing new approaches to network-based monitoring that improve performance by orders of magnitude over conventional approaches, regardless of the network’s size and computational burden. Adventium Labs is leading the effort to extend the Scyllarus intrusion detection system (IDS) fusion engine to enable it to keep up with the flow of events from the hardware-based SMITE sensors on a 100Gbps network, 2 to 3 orders of magnitude more traffic than previous implementations. Scyllarus performs IDS fusion using dynamically generated Bayesian belief networks and qualitative probability, and has given excellent results on a corporate network and in a DARPA-funded assessment. Strong results in the Phase I evaluation of SMITE have led to ongoing development in Phase II.

Papers:

  • Model-based Intrusion Assessment in Common Lisp

 

Strengthen, Prepare, Detect, React to Mitigate the Insider Threat (DARPA/IPTO, Adventium Labs):
The SPDR system detects, thwarts, and attributes attacks by malicious insiders, in a manner that enables individuals (even the malicious insiders) to accomplish their authorized tasks. The benefit is increased security without loss of performance in both enterprise and tactical systems. SPDR reduces the insider's access advantage by strategically placing sensors to minimize noise while detecting a broad set of attacks, including attacks based on the user's authorized accesses to the system. These sensors and related response mechanisms are hosted on an innovative hardware component developed by Adventium Labs, the Detection and Response Embedded Device (DRED) that insiders cannot disable or bypass from their host systems. The DRED defenses operate at multiple layers of the network stack, ranging from link and network layer filtering to custom proxies. The reasoning components combine previous results from programs for AFRL and ARDA (now IARPA) that developed sophisticated course-of -action generation technology with a novel application of Bayesian inference to identify the perpetrators of attacks. In a three-day exercise SPDR thwarted over 90% of the attacks mounted by an experienced, independent red team, and correctly attributed 80% of the attacks, including all the successful attacks.

Papers:

  • Trapping Malicious Insiders in the SPDR Web
  • Course of Action Generation for Cyber Security Using Classical Planning