Cyber Network Attack & Intrusion Detection & Recovery Environment (CYANIDE) CYANIDE is a customizable environment for developing, testing and deploying out-of-brand sensing,

CYANIDE is a customizable environment for developing, testing and deploying out-of-brand sensing, monitoring, and recovery technologies for the cyber defense of information and sensor networks.

KBSI’s Cyber Network Attack and Intrusion Detection and Recovery Environment (CYANIDE) initiative developed a customizable environment that supports the modeling, development, test, and deployment of sensing, monitoring and recovery technology for centralized and distributed cyber attacks on a wide range of sensor and information networks.  The CYANIDE vision was to provide a comprehensive experimentation framework that supports a wide range of attack, detection, and recovery modules. The framework is extensible and supports new research ideas for cyber exploitation, cyber infrastructure protection, anomaly detection, distributed intrusion detection and cyber recovery.

webbanner_cybersecurityThe CYANIDE technology allows network security specialists and researchers to keep pace with developments in cyber networks and, consequently, cyber network attacks. The CYANIDE technology assembles, into a common experimentation station, multiple anomaly/intrusion detection and cyber situational awareness techniques and applies them to emerging cyber networks including wireless sensor networks (WSNs) and heterogeneous sensor networks (HSNs), electronic warfare networks, space-based networks, and their interconnections.  The CYANIDE technology provides the tools necessary for rapidly generating threats and malware, and the technology monitors and detects attacks and intrusions using different strategies for applications, hosts and networks (information, sensor and grid).  CYANIDE uses centralized, hierarchically and fully distributed strategies and deploys these strategies over a wide range of cyber networks to provide network situational awareness and analysis of intrusion detection performance.

The initial phase of the intiative established the feasibility of the concept, designing and demonstrating a proof-of-concept CYANIDE framework and situational awareness capabilities for emerging cyber network types. Phase II of the project developed the CYANIDE method, which utilizes a number of network simulation engines to model and generate data from simulations of emerging cyber networks and threats.