skip to main content
OSTI.GOV title logo U.S. Department of Energy
Office of Scientific and Technical Information

Title: Agile Agent Architecture for LArge-Scale Computer Network Defense.

Abstract

Abstract not provided.

Authors:
Publication Date:
Research Org.:
Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)
Sponsoring Org.:
USDOE National Nuclear Security Administration (NNSA)
OSTI Identifier:
1148461
Report Number(s):
SAND2007-2306C
523426
DOE Contract Number:
AC04-94AL85000
Resource Type:
Conference
Resource Relation:
Conference: Proposed for presentation at the Cybercraft Workshop held April 17-18, 2007 in Colorado Springs, CO.
Country of Publication:
United States
Language:
English

Citation Formats

Goldsmith, Steven Y. Agile Agent Architecture for LArge-Scale Computer Network Defense.. United States: N. p., 2007. Web.
Goldsmith, Steven Y. Agile Agent Architecture for LArge-Scale Computer Network Defense.. United States.
Goldsmith, Steven Y. Sun . "Agile Agent Architecture for LArge-Scale Computer Network Defense.". United States. doi:. https://www.osti.gov/servlets/purl/1148461.
@article{osti_1148461,
title = {Agile Agent Architecture for LArge-Scale Computer Network Defense.},
author = {Goldsmith, Steven Y.},
abstractNote = {Abstract not provided.},
doi = {},
journal = {},
number = ,
volume = ,
place = {United States},
year = {Sun Apr 01 00:00:00 EDT 2007},
month = {Sun Apr 01 00:00:00 EDT 2007}
}

Conference:
Other availability
Please see Document Availability for additional information on obtaining the full-text document. Library patrons may search WorldCat to identify libraries that hold this conference proceeding.

Save / Share:
  • This effort involves the development of global and detailed network models of a large central computer network system. The models will be utilized in the capacity planning and expansion requirements as future computers are added to the network. A top-down modeling approach is being utilized in creating a global model of the system and followed by a more detailed model as deemed necessary. The global model includes the major network components and through sensitivity analysis will serve to identify areas of criticality. Thee areas of criticality will be the basis for the development of the more detailed models.
  • Abstract not provided.
  • The state of the art in automation of nuclear power plants has been largely limited to computerized data acquisition, monitoring, display, and recording of process signals. Complete automation of nuclear power plants, which would include plant operations, control, and management, fault diagnosis, and system reconfiguration with efficient and reliable man/machine interactions, has been projected as a realistic goal. This paper presents the concept of a computer network architecture that would use a high-speed optical data highway to integrate diverse, interacting, and spatially distributed functions that are essential for a fully automated nuclear power plant.
  • Effective visual analysis of computer network defense (CND) information is challenging due to the volume and complexity of both the raw and analyzed network data. A typical CND is comprised of multiple niche intrusion detection tools, each of which performs network data analysis and produces a unique alerting output. The state-of-the-practice in the situational awareness of CND data is the prevalent use of custom-developed scripts by Information Technology (IT) professionals to retrieve, organize, and understand potential threat events. We propose a new visual analytics framework, called the Oak Ridge Cyber Analytics (ORCA) system, for CND data that allows an operatormore » to interact with all detection tool outputs simultaneously. Aggregated alert events are presented in multiple coordinated views with timeline, cluster, and swarm model analysis displays. These displays are complemented with both supervised and semi-supervised machine learning classifiers. The intent of the visual analytics framework is to improve CND situational awareness, to enable an analyst to quickly navigate and analyze thousands of detected events, and to combine sophisticated data analysis techniques with interactive visualization such that patterns of anomalous activities may be more easily identified and investigated.« less
  • Abstract not provided.