b'InfrastructureResearchers codified an attack surface into an international data standard, eXpression enabling new defense modeling for better infrastructure protection.T he goals of this project were to use an international data standard to describe critical infrastructure digital configurations, enable automated cyber detection and response at near machine speeds, and provide context rich infrastructure modeling using graph theoretics. The project produced the software, Infrastructure eXpression, which automatically discovers configuration TOTAL APPROVED AMOUNT:components and creates full attack surfaces, including the normally hidden $735,000 over 2 years components in hardware, networks, and firmware. Infrastructure eXpression PROJECT NUMBER:implements a common language for systems and their potential cyber issues, which 20A44-025 provides the framework for automated discovery, detection, and response.PRINCIPAL INVESTIGATOR:The largest research challenge was to implement a draft standard that has never Rita Foster been used. Many different techniques were attempted to codify the wide variety of infrastructure information needed to enable the advanced data analytics capabilities CO-INVESTIGATORS: in graph theoretics. Data science advances in nodes, edges, and relationships enabled Ryan Hruska, INL the representations of disparate data types (e.g., temporal network session and John-Mark Gurney,more static operating systems). After validating the data structures, mathematical New Context Services, Inc. measures for similarities to the evidence-based infrastructure observables is possible. The test infrastructure was analyzed for vertex clustering, communities, and cliques within a subgraph. Clique discovery used connected edges for a pair of nodes; other similarities only show connection to one node.TALENT PIPELINE:Isabella Magallanez, student at the University of Texas at San AntonioKarina Permann, student at University of IdahoManual Maestas, student at Idaho State UniversityShaya Wolf, student at University of WyomingPRESENTATION:Foster, R., Z. Priest, and M. Cutshaw, Infrastructure eXpression for codified cyber-attack surfaces and automated applicability, IEEE Resilience Week (RWS) (2021).Partial attack surface showing hardware components, malware, vulnerabilities, and courses of action. (Image generated from the Structured Threat Intelligence Graph).127'