The Department of Homeland Security (DHS) has published its first guide of technologies that are ready, or close to being ready, to transition from federally-funded research programs managed by the Energy Department’s national laboratories into the commercial sector.
The Cyber Security Transition to Practice (TTP) program and the new guide stem from a White House initiative aimed at accelerating the transition of cyber security research to deployment and commercial products. The program is managed by the Cyber Security Division of DHS’ Science and Technology branch, which is hosting a conference on Aug. 22 in San Jose, Calif., to demonstrate eight technologies featured in the new guide and that were gathered through its foraging efforts.
The TTP Demonstration Day is open to cyber security investors, integrators and information technology companies, and security professionals from the federal, state and local government.
The program has three goals, the first of which is to identify mature technologies that address existing or emerging cyber security gaps in public or private systems that impact national security. The second is to identify and fund improvements discovered during pilot programs and conduct testing and evaluation. The final goal is to introduce cyber security technologies throughout the Homeland Security Enterprise through partnerships and commercialization.
In addition to targeting technologies expected to successfully transition into the commercial market, the TTP program also provides “a connection point for cybersecurity researchers, the Federal Government, and the private sector and ensure technology transitions from the research lab to the Homeland Security Enterprise,” says the new guide. DHS said it will publish the guide annually.
The following is a list of the eight technologies that are profiled in the guide:
· HONE is a host-based cyber sensor developed at the Pacific Northwest National Laboratory (PNNL) that provides a new data source of correlated host and network data. The sensors are open source software. Current plans call for pilot testing and further development in FY ’13;
· CodeSeal provides tamper-proof trust anchors that provide commercial hardware and software from malicious tampering throughout their life-cycle. The Sandia National Laboratory technology is at a technology readiness level of five or six and is ready to be pilot tested in an operational environment;
· Choreographer, developed at Oak Ridge National Laboratory (ORNL), changes the public addresses of public-facing computer servers, making it difficult for attackers to find the server’s address while also seamlessly redirecting attacks so they can be monitored. Partners are being sought to transition the technology and use in non-critical production environments;
· The ORNL-developed USB-ARM architecture is a customizable layer of security that brokers all communication between removable media and the operating system. The technology facilitates the use of multiple anti-virus engines based on security properties established by an organization. Partners are sought for piloting and commercializing USB-ARM;
· Hyperion generates associated program behaviors, without the use of source code, that can be automatically checked for known malicious signatures and inspected by domain experts. ORNL is ready to customize, deploy and support Hyperion as required by sponsors;
· MLSTONES provides a set of tools to support a methodology of finding an unknown cyber event amidst a clutter of known events, reducing “extremely large data sets to much smaller sets of family motifs that enable identification or classification in near real-time,” says the guide. PNNL is testing the tools and is ready to pilot them in an operational environment;
· Net_Mapper is a software-based network characterization and discovery tool developed by Lawrence Livermore National Lab. The technology produces a comprehensive representation of IP-based computer network environments allowing security managers and information technology personnel to explore the findings of each mapping operation. The tool is available for pilot deployment;
· PathScan, developed by Los Alamos National Lab, passively detects the movement of hackers once they are inside a network. Partners are being sought for pilot testing, commercialization and further research and development.