U.S. Army Gets Predictive On Cyber Threats - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Software // Information Management
11:23 AM

U.S. Army Gets Predictive On Cyber Threats

The armed service branch is testing business intelligence technology to identify cyber-related attack patterns that threaten critical sets of infrastructure.

The Critical Infrastructure Assurance Program for Cyber Threats (CIAP-CT), a division of the U.S. Army's Homeland Infrastructure Security Threats Office (HISTO), assesses cyber threats aimed at critical infrastructures that support the U.S. military's mission to move troops and resources around the world. To identify and correlate cyber-related attack patterns, CIAP-CT/HISTO is now testing business intelligence technology.

A cyber-attack, which can disable a computer network -- or multiple networks for that matter -- is an ominous, and costly, sign of the times. Firewalls and other security measures, including advanced encryption, are employed by many companies' IT divisions to ward off viruses and hackers. But even the most sophisticated security systems aren't bulletproof. For the U.S. Army, a cyber-attack on one or more of its infrastructures could have a damaging impact on crucial military operations.

In early October, CIAP-CT/HISTO began testing Clementine, a data-mining workbench application developed by Chicago-based SPSS. The goal: to help personnel identify possible cyber threats to infrastructures that support the Army and other branches of the military. CIAP-CT/HISTO declined to comment on a timeline for a full deployment.

The application, which runs on both UNIX and Windows platforms, is being used by CIAP-CT/HISTO for predictive analysis. Users can access historical data on activity-level transactions. The mined data is entered into a rule system, which allows users to identify specific patterns that may be suspicious. Examples range from a user attempting to enter an ID or password three or more times to someone trying to scan ports in a server for several hours in an attempt to gain access to the server. By mining and then analyzing data sets this way, users at CIAP-CT/HISTO can characterize various activities as cyber threats based on established patterns.

The key for CIAP-CT/HISTO, of course, is to identify patterns that may suggest a cyber threat in the timeliest way possible. According to Major Jeffrey T. Newhard, Director for CIAP-CT/HISTO, early testing of Clementine shows promising results on that front. "The SPSS software (Clementine) has improved our analyst processing timeline from four weeks to three days, helping greatly in the tracking and trending of cyber threats directed at our critical infrastructure providers," he says.

It's fair to say predictive technology can help to prevent cyber-attacks; however, it can't stop them altogether. Hackers who want to bring down a network by flooding servers with active sessions can still find a way. And a mass e-mail virus could always work its way through a network and send servers crashing. What the Army is hoping the technology will do is help identify threats immediately, thereby heading off a cyber-attack at the pass, so to speak.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
1 of 2
Comment  | 
Print  | 
More Insights
InformationWeek Is Getting an Upgrade!

Find out more about our plans to improve the look, functionality, and performance of the InformationWeek site in the coming months.

Remote Work Tops SF, NYC for Most High-Paying Job Openings
Jessica Davis, Senior Editor, Enterprise Apps,  7/20/2021
Blockchain Gets Real Across Industries
Lisa Morgan, Freelance Writer,  7/22/2021
Seeking a Competitive Edge vs. Chasing Savings in the Cloud
Joao-Pierre S. Ruth, Senior Writer,  7/19/2021
White Papers
Register for InformationWeek Newsletters
Current Issue
Monitoring Critical Cloud Workloads Report
In this report, our experts will discuss how to advance your ability to monitor critical workloads as they move about the various cloud platforms in your company.
Flash Poll