Computer Network Defense

Next-Generation Defensive Cyber Operations (DCO) Platform

Abstract:

The  frequency  and  complexity  of  recent  cyber  intrusions  have  made  the  job  of defending networks a daunting task. Signs of suspicious or malicious activity can be found in one of many data sources within the network. Local network defenders are held accountable for preventing cyber intrusions but generally are not provided with adequate tools to aid in prevention and detection. With the variety of local network-defense data sources (for example, log files, network traffic, endpoint artifacts) that must be analyzed for suspicious activity, a network defender’s responsibility has evolved from finding a needle in a haystack to finding parts of a needle from among multiple haystacks. The National Security Agency’s (NSA) next- generation Defensive Cyber Operations (DCO) sensor platform, known as CHUCK (Comprehensive Hunt & Ultimate Cyber Kit), is an initiative to provide a platform for local network defenders to collect large volumes of network-defense data from multiple sources within an environment, thereby enabling detection and discovery of new threats in a secure and timely manner.

Journal of Information Warfare

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

Keywords

Quill Logo

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

SUBSCRIBE NOW

Get in touch

  • Journal of Information Warfare
    114 Ballard Street
    Yorktown, VA
    23690
  • 757.234.6664
  • jiw@gbpts.com