You are here
GRASP: Global Recognition of Attacker Signatures and Policy Response
Title: Senior Research Scientist
Phone: (612) 789-0559
Email: dthomsen@sift.info
Title: Vice President of Research and Deve
Phone: (612) 578-7438
Email: hfunk@sift.info
GRASP integrates three innovative new technologies: application intrusion detection, proactive deception of attackers, and application intrusion response into technology to collect intelligence on the humans behind cyber attacks and adapt the mandatory operating system policy to prevent the intrusion in the future. Once detected, intruders are silently redirected to the secure GRASP Deception Shell, a software decoy. The Deception Shell presents varying sequences of stimuli. The attackers responses reveal information about the human behind the attack, such as what languages they speak, their cultural knowledge, and their attack skills and resources. Using data mining techniques these attacker metrics create attacker signatures that identify or partially identify the attacker. In response to the intrusion GRASP also adapts the low-level security policy to prevent the intrusion in the future, by monitoring and adapting resource accesses. Safety mechanisms are in place to ensure the evolving security policy does not impact legitimate users conducting mission critical tasks. Together the GRASP components provide intelligence and security currently unavailable to critical applications.
* Information listed above is at the time of submission. *