If you are awaiting exciting news from your friend, what is the better way to read your email? As it comes in, or after a batch collects? Well, if you read it as it comes in, you will surely get the news faster.
Now, a team led by computer scientist Sutanay Choudhury at the Department of Energy's Pacific Northwest National Laboratory has developed a software app that can do the same for computer networks. Monitoring the activity within a network in real-time can allow cybersecurity analysts to detect cyberattacks quickly, before thieves steal data or crash your system.
Called StreamWorks, the software app detects patterns within data as the data flows between computers, users, and applications. Cybersecurity staff can define the patterns themselves, depending on what type of attack they want to keep an eye out for. StreamWorks finds patterns 10 to 100 times faster than current methods, using a type of analysis called graph analytics.
"PNNL is doing some cutting edge research in computer science, and this effort shows how different taxpayer-funded organizations can work together to bridge the gap between abstract algorithms and solving a national security problem."
This success caught the attention of the Department of Homeland Security. DHS has included StreamWorks in its 2017 cohort of eight patented technologies it is helping to commercialize via its Transition to Practice program.
"Being selected for DHS's program is an honor," said Choudhury. "PNNL is doing some cutting edge research in computer science, and this effort shows how different taxpayer-funded organizations can work together to bridge the gap between abstract algorithms and solving a national security problem." Read more about all the technologies in this DHS news release and more about Choudhury and the whole StreamWorks team.
In this demo, StreamWorks analyzes data flowing between computers, creating patterns of nodes (colored dots, the computers) and edges (links between nodes, the moving data).
Searching for matching patterns of nodes and edges, StreamWorks zeros in on potential bad actors, the largest dots.