FAA Cyber Security Analytics System to Feature Real-time Analysis
A research and development project to protect the nation’s civilian aviation system from the ever-growing threat of cyber attacks is being undertaken jointly by IBM and the U.S. Federal Aviation Administration (FAA). Researchers and cyber security experts will design and build a prototype security system capable of scaling to accommodate the FAA’s high-speed networks. The project will introduce first-of-a-kind security analytics technologies and entirely new approaches to protecting large digital and physical infrastructures from hacking, botnets, malware and other forms of cyber attacks.
The prototype system will go beyond traditional security approaches of encryption, firewalls, intrusion-detection devices and anti-virus software. Not only will the flexible model be designed to look retrospectively at event occurrences and system compromises, it will be able to correlate historical traffic patterns with dynamic data from monitors, sensors and other devices capturing information about network traffic and user activity in real time.
Streaming analytics will be a key design component of the FAA prototype system. This advanced technology will enable the FAA to continually analyze the massive amounts of data flowing through its networks in real time and get fast and accurate insights about possible threats and system compromises — in time to take action. The FAA also will be able to store real-time results in a data warehouse for later analysis and supervised learning.
In the design, customized executive-level dashboards will be used to deliver up-to-the-second information on the security posture of the FAA networks. These dashboards will give FAA officials visual representations of network workloads, tickets for found malware, and historical trends to facilitate decision making and early action in the event of network anomalies suggesting a possible attack.
“Cyber attacks have become a global pandemic, and no system is immune,” said Todd Ramsey, general manager, U.S. Federal, IBM. “Through this collaboration with the FAA, as well as others underway in government and the private sector, we hope to develop comprehensive solutions for protecting the digital and physical infrastructures of critical national networks and enterprise systems.”
The pilot project is part of IBM’s First-of-a-Kind (FOAK) program, which engages scientists from IBM Research with clients to explore and pilot emerging technologies that address real-world problems.
IBM also has established the IBM Institute for Advanced Security, in Washington, D.C., to help government agencies and other institutions gain access to tools, resources and expertise to address cyber security issues.