CybersecurityDHS S&T’s Transition to Practice program unveils 2017 cohort

Published 12 May 2017

Eight new cybersecurity technologies developed by researchers at federally funded laboratories and academic research centers are ready for the commercial market. DHS S&T’s Transition to Practice (TTP) program will showcase its 2017 cohort 16 May in Washington. D.C.

Eight new cybersecurity technologies developed by researchers at federally funded laboratories and academic research centers are ready for the commercial market. The Department of Homeland Security (DHS) Science and Technology Directorate’s (S&T) Transition to Practice (TTP) program will showcase its 2017 cohort 16 May in Washington. D.C.  

DHS S&T notes that each fiscal year, the TTP program selects promising cybersecurity technologies developed with federal funding to incorporate into its proven transition-to-market program. The TTP program selects the technologies from Department of Energy National Labs, Department of Defense-affiliated labs, Federally Funded Research and Development Centers, University Affiliated Research Centers, and universities.

“The 2017 TTP cohort is comprised of a diverse range of innovative cybersecurity technologies that will help strengthen the cyber defenses of critical networks in the public and private sectors,” said DHS Under Secretary (Acting) for Science and Technology Dr. Robert Griffin.

The eight new TTP technologies are:

Cyber Human Language Technology Analysis, Reasoning and Inference for Online Threats (CHARIOT)addresses the data overload problem cyber-analysts encounter by filtering open-source social media to eliminate irrelevant topics. It was developed at the Massachusetts Institute of Technology’s Lincoln Laboratory (MIT LL).

Quantitative Attack Space Analysis and Reasoning (QUASAR)provides visualization and quantitative analytics for determining the security impact of deploying cyber-defenses in an enterprise environment. QUASAR also was developed at MIT LL.

A Novel Intrusion Prevention System for Android(APE) is an application for Android devices that performs deep-packet inspection and filtering of traffic entering and leaving the device, thus blocking malicious traffic and lowering its attack profile. APE was developed by the Mitre Corporation.

Akatosh: Automated Cyber Incident Verification and Impact Analysisenables automated, real-time forensic analysis of endpoints after malware-attacks and other cybersecurity incidents by automatically maintaining detailed snapshots of host-level activity on endpoints over time. The technology was developed at Oak Ridge National Laboratory (ORNL).

Real-Time Cyber-Physical Attack Detection (CPAD)protects power transmission and distribution and other highly sensitive control systems by performing analytics and automatically inferring underlying physical relationships to detect sensor failures, replay attacks and other data-integrity issues in real time. CPAD also was developed at ORNL.

StreamWorks: Continuous Pattern Detection on Streaming Datasupports continuous detection of emerging patterns in a system of graph-structured data, which are used to detect emerging events in massive netflow or event log data streams. It was developed at the Pacific Northwest National Laboratory.

Keylime: Enabling Trusted Platform Module-Based Trust in the Cloudenables users to securely bootstrap secrets (e.g., cryptographic keys, passwords, etc.) and continuously verify trust in their cloud computing resources without needing to trust their cloud provider. Keylime also was developed at MIT LL.

Policy Enforcement and Access Control for Endpoints (PEACE)protects endpoint devices in an enterprise network by intercepting all new network connections and vetting them at a centralized network controller, allowing administrators to enforce network policy and control access to proactively defend their networks. PEACE was developed at the Worchester Polytechnic Institute.

The 2017 cohort will be introduced to cybersecurity professionals — investors, developers and integrators — through a series of “Demonstration Day” events around the country that also will showcase the technologies to companies, including those from the energy, financial and government sectors. “These events will help spur pilot opportunities and kick start commercialization by connecting the technologies with those who can advance the technologies and turn them into commercially viable products,” S&T says.

The cohort’s unveiling to the cybersecurity community will be at a 16 May Technology Demonstration Day in Washington, D.C. at the J. W. Marriott. “We are excited to introduce to the private sector and investor communities all of the innovative technologies that comprise the 2017 TTP cohort, beginning with the 16 May event in the nation’s capital. We also look forward to forging new relationships that will help the technologies reach the marketplace faster” said TTP Program Manager Nadia Carlsten.

TTP currently has a total of forty technologies in its portfolio. Several TTP technologies already successfully transitioned to the marketplace, including: Quantum Secured Communications, Hyperion (first as a nonexclusive license; then as an exclusive license), Hone, NeMS, PathScan, PACRAT, LOCKMA and ZeroPoint.

The TTP program is administered by S&T’s Cyber Security Division’s (CSD), part of the Homeland Security Advanced Research Projects Agency.