Digital Intelligence and Investigation Research

Digital intelligence and investigation research currently focuses on automated text extraction, the use of social media, mobile platforms, and secure lifecycle solutions.

Automated Text Extraction and Video Exploitation Improvement: The Media Analysis Engine

The Media Analysis Engine operates on a cloud architecture to enable us to effectively triage and perform automated analysis operations on various media. By leveraging an extensible backend architecture and shared processing, we are able to more efficiently run various algorithms from duplicate image detection to enhanced biometric comparisons with less processing overhead than traditional approaches. To perform the analysis we use cutting edge research from the computer visioning arena.

Leveraging Online Social Media to Discover Malicious Activity

Social media can provide data leading to early discovery of malicious activity such as URLs, websites, servers, malware repositories, command and control (C&C). In this research, DIID team members instrument a framework facilitating the automatic extrapolation of specific data from social websites to an analysis system that can correlate such data to assess current or potential malicious activities, provide attacker attribution, and identify victims or targets of a malicious act. The goal of this research is to show the efficacy of using social media to track down malicious activities and actors, and assist in early interception of future malicious events.

Mobile Malware Detection

This research takes a proactive approach to protecting mobile devices from unknown malware attacks by creating a behavior-based malware detection prototype. The prototype is based on fundamental malware characteristics occurring mostly at the beginning of the malware infection cycle. The approach is generalized and implementable on any operating system, with a focus on Android OS and Apple iOS. The end goal of this research is to equip mobile devices with efficient and effective behavior-based malware detection capable of identifying of adversarial malware attacks early.

Secure Lifecycle Solutions

Built on proven SEI software engineering methodologies and CERT cybersecurity expertise, Secure Lifecycle Solutions engineering processes lead to efficient, successful, and secure product development and deployment. Our expertise in DevOps process and tools, resilient system design and implementation, and requirements gathering and analysis enables us to develop comprehensive practices and engineering processes that meet evolving challenges by leveraging emerging technologies. We combine Agile software development and human-centered design into our modern, adaptive, and iterative secure development and operational process.
Learn more about this research >