Active

Contract Opportunity

TECHNOLOGY LICENSING OPPORTUNITY

Advanced Anomaly Detection in Real-Time Deep Packet Inspection

A real-time deep packet inspection solution that empowers network security operators with a visual and human-readable approach to detect, analyze, and mitigate anomalous network packets.

Opportunity: Idaho National Laboratory (INL), managed and operated by Battelle Energy Alliance, LLC (BEA), offers the opportunity to explore a license and/or collaborative research agreement to commercialize this anomaly detection technology. This technology transfer opportunity is part of a dedicated effort to convert government-funded research into job opportunities, businesses, and, ultimately, an improved way of life for the American people.

Overview: In the escalating landscape of cyber threats, safeguarding network infrastructures is of paramount importance. The rise of IoT devices, especially within the realms of smart city initiatives and medical service providers, intensifies the need for more sophisticated security measures. Our novel solution addresses this critical need by offering a pioneering approach to detecting and analyzing anomalous network packets.

Description: Our technology presents a groundbreaking method for real-time deep packet inspection, with a unique focus on identifying anomalous network packets. This solution is based on a specialized autoencoder with an intrinsic clustering capability, presenting network packet contents visually according to their level of anomaly. The result is a human-readable, latent space representation, enabling the rapid identification of compromised devices or those under attack.

Key components of this process include:

• An autoencoder trained on "normal" packets representing typical benign network traffic, eliminating the need for data labeling or human oversight.

• The generation of a 3-D latent space representation for network packet payloads.

• Optimization of the latent space representation using K-means clustering, separating normal from anomalous packets visually.

• Upon completion of training, the autoencoder retains only the optimized encoder, providing a simplified yet effective method for dimensionality reduction.

Benefits:

• First-of-its-kind real-time deep packet inspection capability.

• A unique visual and human-readable approach to identifying anomalous packets.

• Capability to monitor thousands of devices simultaneously.

• Rapid identification of potential network security threats.

• No need for data labeling or human oversight, reducing operational complexity.

Applications:

• IoT Device Manufacturing: Enhancing the security measures of IoT devices to prevent data intrusion and exfiltration.

• Smart Cities: Boosting the robustness of smart city network infrastructures against potential cyber threats.

• Healthcare Providers: Protecting critical healthcare data and network systems from unauthorized access and potential breaches.

Development: Technology Readiness Level (TRL) 5. It has been successfully validated in a relevant laboratory environment, demonstrating its promising potential for a broader application.

IP Status: Provisional Patent No. 63/592,850, “Network Security and Related Apparatuses, Methods, and Security Systems,” BEA Docket No. BA-1503.

INL seeks to license the above intellectual property to a company with a demonstrated ability to bring such inventions to the market. Exclusive rights in defined fields of use may be available. Added value is placed on relationships with small businesses, start-up companies, and general entrepreneurship opportunities.

Please visit Technology Deployment’s website at https://inl.gov/inl-initiatives/technology-deployment for more information on working with INL and the industrial partnering and technology transfer process.

Companies interested in learning more about this licensing opportunity should contact Andrew Rankin at td@inl.gov.

Attachments/Links