Print Print  
Award Information
Proposal Number: 0611183
Proposal Title: Bayesian Activity Monitor for Botnet Defense (BAM-BD)
Topic Number: H-SB06.1-008
Phase: Phase I
Topic Title: BOTNET DETECTION AND MITIGATION
Organization: Milcord LLC
Address: 1050 Winter Street Suite 1000
Waltham, MA 02451-1406  
Abstract: As reported by Internet security threat reports, Bot networks are becoming the focal point for cybercriminals. Milcord and the University of Wisconsin, responds to this challenge with our proposal - a "Bayesian Activity Monitor for Botnet Defense" (BAM-BD). In this proposal, we will research, design, and develop a botnet detection and mitigation tool that automatically classifies botnet behavior, scans for malicious codes on networks and machines, and recommends solutions to mitigate the attacks to system security analysts and administrators. The successful execution of such a project requires, first, an Internet laboratory that captures the botnet mindset. The Wisconsin Advanced Internet Laboratory (WAIL) provides us exactly that - a top-tier DHS PREDICT (Protected REpository for Defense of Infrastructure against Cyber Threats) laboratory resource. Second, a successful execution requires the ability to distinguish between botnets from worms and misconfigurations. Our Bayesian network based incident analysis technology from our Incident Response Decision Aid (irDA) project solves this issue by starting with University of Wisconsin's NetSA body of work. Third, a successful transition to a commercial environment demands an extensible approach where the evolving bot threats are modeled, and classified with ease. Our data driven learning algorithms will ensure that these objectives are met.
Award/Contract Number: NBCHC060135
Period of Performance: 09/01/2006 - 03/15/2007
Award/Contract Value: $100,000.00
Award/Obligated Amount: $100,000.00