Cyber Defense for Cloud-based Applications

Aerospace and Air Force researchers created a cyber defense capability for cloud-based computing environments using commercial and custom components.

Sometimes a small problem can lead to a major innovation. That's what happened recently when a team at The Aerospace Corporation embarked on a pathfinder project to move data and applications to a cloud computing environment for an Air Force customer. The project was intended to identify, virtualize, and migrate instantiations of a mission system to both the DISA1 MilCloud and a FedRAMP2-certified commercial cloud. As the project got underway, the team faced challenges in finding someone to provide cyber defense services. This was essential before the applications could be allowed to use live data.

Unable to find a suitable commercial solution, the researchers set about building their own. The team developed a suite of tools for cyber monitoring, end-point protection, and zero-day attack protection, incorporating threat models for space data and using early indicators and cyber alerts based on nominal data footprints and signatures.

On-Orbit Cyber Defense

During both lab simulations and cyber exercises involving on-orbit spacecraft, the tool—dubbed Eirene Sceptre3—successfully detected:

  • State-of-health anomalies simulated through radio frequency (RF) interference that produces abnormal health data
  • Command sequence anomalies simulated through attempts to take control of a satellite by sending abnormal commands
  • Malware with unknown signatures simulated through firewall traffic data affected by such malware
  • Abnormal data trends simulated through time-series data, in which all values are within normal bounds, but the sequence over time is abnormal
On-orbit cyber defense
On-orbit cyber defense schemtic for national security payloads.

Intelligent Cyber Security

Eirene Sceptre is ideally suited for the cloud; however, local deployments have also proved effective, even for antiquated MS DOS systems. The tool employs responsive machine-learning techniques to collect information on computing processes to help identify potential vulnerabilities.

Eirene Sceptre is being integrated with other cybersecurity tools for monitoring national security space assets. Ultimately, the technology will help fill a critical gap in cyber defense specifically for the space domain.

 

ACRONYMS:

1  DISA = Defense Information Systems Agency
2  FedRAMP = Federal Risk and Authorization Management Program
3  Eirene Sceptre = Eirene, Greek goddess of peace; sceptre =  Eirene's regal sign of authority

This story appeared in the December 2018 issue of Getting It Right, Collaborating for Mission Success.

Subscribe to Getting It Right

Want Getting It Right delivered to your inbox quarterly?
Abstract background with blue line