National Institute of Standards and Technology, Commerce.
Notice of invention available for licensing.
The invention listed below is owned in part by the U.S. Government, as represented by the Department of Commerce, and George Mason University. The U.S. Government's ownership in the invention is available for licensing in accordance with 35 U.S.C. 207 and 37 CFR part 404 to achieve expeditious commercialization of results of federally funded research and development.Start Further Info
FOR FURTHER INFORMATION CONTACT:
Technical and licensing information on this invention may be obtained by writing to: National Institute of Standards and Technology, Office of Technology Partnerships, Attn: Mary Clague, Building 222, Room A240, Gaithersburg, MD 20899. Information is also available via telephone: 301-975-4188, fax 301-975-3482, or e-mail: email@example.com. Any request for information should include the NIST Docket number and title for the invention as indicated below.End Further Info End Preamble Start Supplemental Information
NIST may enter into a Cooperative Research and Development Agreement (“CRADA”) with the licensee to perform further research on the invention for purposes of commercialization. The invention available for licensing is:
[NIST DOCKET NUMBER: 07-001].
Title: Interactive Analysis of Attack Graphs Using Relational Queries.
Abstract: Attack graph is important in defending against well-orchestrated network intrusions. However, the current analysis of attack graphs requires an algorithm to be developed and implemented, causing a delay in the availability of analysis. Such a delay is usually unacceptable because the needs for analyzing attack graphs may change rapidly in defending against network intrusions. An administrator may want to revise an analysis upon observing its outcome. Such an analysis, similar to that in decision support systems, is difficult if at all possible with current approaches based on proprietary algorithms. This invention removes the above limitation and enables interactive analysis of attack graphs. A relational model is devised for representing necessary inputs including network configuration and domain knowledge. The attack graph from those inputs as relational views is generated. Typical analyses of the attack graph can be realized as relational queries against the views are shown. This approach eliminates the needs for developing a proprietary algorithm for each different analysis, because an analysis is now simply a relational query. The interactive analysis of attack graphs is now possible, because relational queries can be dynamically constructed and revised at run time. Moreover, the mature optimization techniques in relational databases can also improve the performance of the analysis.Start Signature
Dated: July 6, 2009.
[FR Doc. E9-16370 Filed 7-9-09; 8:45 am]
BILLING CODE 3510-13- P