Charles River Analytics has received a two-phase contract from the Office of Naval Research for the development of a tool that can aid forensic analysis of cyberthreat actors’ tactics, techniques and procedures.
The software company said Tuesday the $2.5 million award under ONR’s Small Business Technology Transfer program centers on the Cyber Adversary Discovery Engine, which uses artificial intelligence to help visualize and test TTP hypotheses on actors attempting cybertechnical and cybersocial attacks.
CADE employs probabilistic programming language-based machine learning to detect changes in the actors’ behaviors, which indicate a possible shift in their strategy. It also works to identify the actors through their signature TTPs and track records.
Charles River Analytics collaborated with the University of Santa Cruz for the project, which completed its design and feasibility testing phase. The second phase is ongoing and focuses on prototype construction.
“With CADE, we are developing a thought accelerator system that works with the complex reasoning that analysts are already doing in their heads … Having an analyst put their thoughts down in terms of visualizations helps them put the puzzle pieces together more effectively,” said Bryan Loyall, director of technology innovation and principal scientist at Charles River Analytics.