Loren Data's SAM Daily™

 fbodaily.com
Home Today's SAM Search Archives Numbered Notes CBD Archives Subscribe
FBO DAILY - FEDBIZOPPS ISSUE OF OCTOBER 20, 2013 FBO #4348
MODIFICATION

A -- Integrated Command & Control

Notice Date
10/18/2013
 
Notice Type
Modification/Amendment
 
NAICS
541712 — Research and Development in the Physical, Engineering, and Life Sciences (except Biotechnology)
 
Contracting Office
Department of the Air Force, Air Force Materiel Command, AFRL/RIK - Rome, 26 Electronic Parkway, Rome, New York, 13441-4514, United States
 
ZIP Code
13441-4514
 
Solicitation Number
BAA-10-01-RIKA
 
Point of Contact
Gail E. Marsh, Phone: 315-330-7518
 
E-Mail Address
Gail.Marsh@us.af.mil
(Gail.Marsh@us.af.mil)
 
Small Business Set-Aside
N/A
 
Description
The purpose of this modification is to: (1) Incorporate additional information for the following two focus areas for FY14; and (2) Changing the FY14 recommended date for white papers for the C2PD topic area. (1) Insert the following two topic areas under I. Funding Opportunity Description: FY14 Focus Area for Proactive Shaping : This topic announcement describes a research project titled Proactive Shaping, to be executed under the Command and Control of Proactive Defense (C2PD) Program for the Air Force Research Laboratory. The objective of this consolidated program is to orchestrate the dynamic employment of multiple moving-target defense components, configurations and services across the enterprise to assure and empower the mission. The Proactive Shaping project will carve out and address a portion of these objectives in the growing moving-target research area. Specifically, this project will: (1) conduct attack surface analyses of critical services at multiple system levels; (2) characterize several MTDs with specific attributes that define their impact on critical services and mission objectives; and (3) assign and configure the best pairing of MTDs and critical services that minimize attack surfaces and maximize attacker costs. The submission of white papers, their evaluation and the placement of research grants and contracts will be carried out as described in the Broad Agency Announcement. FY14 Focus Areas for C2PD : Today, defenders of computer networks are faced with an asymmetric disadvantage compared to attackers. Attackers are free to study a target network and discover its vulnerabilities at length, and then launch an attack when ready. The sum of the vulnerabilities and attack vectors available to the attacker is termed the 'attack surface'. A leading researcher in the attack surface area defines the components of the attack surface as the methods (e.g. Remote Procedure Calls), channels (e.g. TCP sockets, open ports on network computers or firewalls), and untrusted data items (e.g. database records, registry values) that can be used by an attacker to gain unauthorized access to the network [1]. Facing this situation, a defender can protect his network by (i) reducing his network's attack surface, or (ii) periodically 'shifting' the attack surface by changing the methods, channels, and data items available to the attacker as attack vectors. This second option is a developing field of research, where Moving Target Defense (MTD) assets are developed that can shift a network's attack surface for defensive purposes, nullifying the asymmetric time advantage currently enjoyed by the attacker. This proposed project addresses this area of study in three major steps. The first step is to develop a metric for calculating the attack surface of a computer network at three levels; network, host/OS, and application/service. The second step is to develop an algorithm that combines these three attack surface measurements into a single "reachability" metric. This metric will define the "reachability" of the target network, which is proportional to the effort an attacker must expend to breach the network. The third step {future} will be to develop a Command and Control (C2) tool that uses the "reachability" metric to analyze available MTD assets and predict the effect these MTDs will have on the attack surface of a defended network. Additionally, this C2 tool will analyze the effects the MTD has on the availability of the critical services provided by the network. In a live-fire environment, the C2 tool will be able to recommend MTDs for use to protect a network while ensuring that there are no conflicts between deployed MTDs that result in a loss of critical services. At this time we seek white papers addressing the challenges of first two steps described above, to measure an attack surface. It is recommended that white papers be received by the following date to maximize the possibility of an award in FY 14: 18 Nov 2013. It is anticipated that awards for this particular topic will range in duration from 9 to 24 months with dollar amounts up to $500K per award. Please email your white papers to: Bridget.Flatley.1@us.af.mil References [1] Manadhata, K. P., Wing, M. J. "A formal Model for a System's Attack Surface." Moving Target Defense: Creating Asymmetric Uncertainty for Cyber Threats. Springer, 2011, Ch 1, pp. 1-28; [http://www.cs.cmu.edu/~wing/publications/CMU-CS-07-144.pdf]
 
Web Link
FBO.gov Permalink
(https://www.fbo.gov/spg/USAF/AFMC/AFRLRRS/BAA-10-01-RIKA/listing.html)
 
Record
SN03218716-W 20131020/131018234042-4be481413c9de3f4b5810735cd6ef356 (fbodaily.com)
 
Source
FedBizOpps Link to This Notice
(may not be valid after Archive Date)
FSG Index  |  This Issue's Index  |  Today's FBO Daily Index Page |
ECGrid: EDI VAN Interconnect ECGridOS: EDI Web Services Interconnect API Government Data Publications CBDDisk Subscribers
 Privacy Policy  Jenny in Wanderland!  © 1994-2024, Loren Data Corp.