The CNY Hackathon is an annual, beginner-friendly event hosted at Mohawk Valley Community College (MVCC) for cybersecurity and computer science students.

Assured Information Security (AIS) is pleased to announce that the U.S. Patent and Trademark Office has issued the company two new patents in October 2024, expanding AIS’s intellectual property (IP) and raising its portfolio to 24 issued patents with multiple currently pending.

“Expanding our patent portfolio is central to our mission of advancing cybersecurity solutions that can adapt to evolving threats,” said Michael Sieffert, Chief Engineer at AIS. “These new patents introduce breakthrough methods in malware prevention and data modeling. One patent enhances proactive malware defense by tracking process behavior, selectively presenting ‘canary files’ to suspicious processes and terminating them based on a malice scoring system. The second patent focuses on a novel approach to data modeling, enabling more precise feature selection through an iterative process that optimizes resource allocation. Together, these patents exemplify AIS’s commitment to building technologies that address complex cybersecurity challenges with efficiency and precision.”

Patent Details:

U.S. Patent Number: 12,124,568: PREVENTION AND REMEDIATION OF MALWARE BASED ON SELECTIVE PRESENTATION OF FILES TO PROCESSES
Malware prevention and remediation is provided by monitoring actions performed by processes and maintaining indications of which processes are trusted; selectively presenting canary files to these processes, which includes presenting the canary files to processes not indicated as being trusted and hiding the canary files from processes indicated as being trusted, and where the monitoring includes monitoring for access of canary files with change privileges; scoring each of the processes based on the actions performed, including any access of canary files with change privileges, which scoring produces a malice score for each process; and automatically terminating any process for which its malice score indicates at least a threshold level of malice in the execution of the process.

Invention is credited to AIS employees Sean LaPlante and Patrick McHarris.

Patent Details:

U.S. Patent Number: 12,131,230: FEATURE EQUIVALENCE AND DOCUMENT ABNORMALITY THRESHOLD DETERMINATION
A method includes, as part of establishing a feature merging threshold (α) for determining equivalence between two features, selecting a set of candidate α values, partitioning training data into a plurality of groups, establishing a model Wα for each α value of the set of candidate α values, iteratively performing: selecting a next group of training data of the plurality of groups of training data; adding the selected next group of training data to a training set; and for each α value in the set of candidate α values: training the Wα for the α value using the training set, and evaluating a size of Wα, the size comprising a number of features included in the model, and choosing the feature merging threshold α based on the iteratively performing.

Invention is credited to former AIS employees Daniel Scofield and Craig Miles.

To view the complete list of AIS patents, click here.

U.S. Acting Secretary of Labor Julie A. Su recognized Assured Information Security (AIS) as one of the 839 recipients of the 2024 HIRE Vets Medallion Award during a virtual award ceremony presented by U.S. Department of Labor.

AIS earned the gold award after applying earlier this year. The Honoring Investments in Recruiting and Employing American Military Veterans Act (HIRE Vets Act) Medallion Program is the only federal award program that recognizes employers who successfully recruit, hire and retain veterans.

AIS joins 838 other companies from 49 states, plus the District of Columbia, who have shown a commitment to hiring veterans, but also ensuring that they have a long-term career and growth plan that uses the diverse skills they acquired through their military service.

Large language models (LLMs) have introduced an exciting new paradigm to the machine learning world in the past few years.

Research groups like AIS’s Advanced Research Concepts (ARC) team have been quick in exploring the range of possibilities with this new technology. However, aspiring AI developers and scientists often have no idea where to start learning about the science of large language models. In this blog post, we’ll review five seminal papers from the field and provide a brief reading guide so that you know which details to look for when you read them yourself.

Earlier this month, I had the privilege of representing Assured Information Security (AIS) at a three-day Naval Surface Technology and Innovation Consortium (NSTIC) collaboration event in Fredericksburg, Virginia.

The highlight of the event was being one of 10 companies to present, allowing me to share the AIS story with more than 200 attendees, including an audience with senior Naval flag officers, large and small defense industry businesses and warfighters: the end users of our products and services contributing to the national security apparatus. Participants heard from numerous program managers who provided an overview of NSWCDD and the command’s technical approach. The published pre-event statement of needs provided industry partners an opportunity to explore new business with the U.S. Navy, where I was able to meet with government representatives and discuss the advanced research and development capabilities of AIS and how our teams of technical experts, engineers and scientists can meet the 21st century challenges facing the Navy. NSTIC 2024 contained a few light moments as well, with multiple networking events held throughout the three days and a social hour mixer with industry partners to establish new relationships and identify potential leads for new business opportunities in the coming months and years.

Attending the NSTIC collaboration event was a great experience and demonstration of how vital public-private partnerships are in national security. AIS continues moving forward in establishing a strong presence in the U.S. Navy and becoming the small business of choice for cyber operations, mission solutions and advanced research and development.

Prior to joining AIS, Westerman most recently served as Senior Manager, LT Gen Vince Stewart Innovation Center at KBR in Columbia, Maryland. While there, he spearheaded strategic initiatives and drove innovative solutions in Cybersecurity, Artificial Intelligence/Machine Learning, 5G, Edge and Multi-Domain Operations.

Westerman holds a bachelor’s degree in Business Administration from the University of Baltimore and is currently pursuing a master’s degree in Analytics from Georgia Institute of Technology. His certifications include Project Management Professional, PMI-Agile Certified Practitioner, Executive Data Science Certificate and ANSI/EIA-649 CM Professional.

The UAS Hack, a hands-on event dedicated to exploring the intersection of cybersecurity and drone technology was held from August 19 to 23, 2024, at the ORION NTROPEE hangar and concluded with resounding success.

This weeklong challenge brought together 15 talented university-aged participants to tackle real-world cybersecurity challenges in the realm of unmanned aerial systems (UAS) and provided a unique platform for these emerging tech enthusiasts to learn, demonstrate their skills and push the boundaries of innovation.

“UAS Hack has truly exceeded our expectations,” said Eric Thayer, Chief Engineer at AIS and UAS Hack instructor. “The 15 students demonstrated remarkable ingenuity and technical expertise, tackling complex UAS cybersecurity challenges head-on. Their ability to produce innovative solutions showcases the promising future of our industry. We are already looking forward to planning next year’s challenge.”

The event provided a unique opportunity for participants to immerse themselves in the practical application of cybersecurity principles within the rapidly evolving UAS landscape. By leveraging ORION’s hangar space and New York’s 50-mile UAS corridor as well as expert mentors and instructors, UAS Hack offered participants a collaborative and challenging environment to learn, innovate and develop crucial technical skills.

“UAS Hack was an incredible learning opportunity,” said Zack Kornreich, UAS Hack participant and current master’s student at Binghamton University. “The hands-on experience with UAS cybersecurity gave me practical skills that will undoubtedly add value to my career. The event pushed me to think critically and creatively, and I’m excited to apply what I’ve learned in my future endeavors.”

As the industry continues to evolve, events like UAS Hack play a critical role in ensuring that emerging talent is well-equipped to meet the cybersecurity challenges of tomorrow. The collaborative efforts between the 15 students, industry experts and sponsors have laid the groundwork for continued innovation and progress in the field of UAS cybersecurity.

It was an honor to present the latest updates to FISSURE at the DEF CON Radio Frequency Village in Las Vegas this past Saturday, August 10.

One of the key updates I showcased was the introduction of deployable remote sensor nodes. These nodes are run on general-purpose computers (single-board computers, mini-PCs, laptops, desktops, etc.) and control many types of radio peripherals. They can also receive input from just about any type of sensory device that can be controlled by a computer.

To seize the opportunity presented by this new deployment scheme, we added a variety of example triggers (acoustic, environmental, filesystem, networking, RF, time and visual) that can be used to kick off many types of electromagnetic effects/actions supported by FISSURE. Additionally, we added a new type of playlist that can run scripts simultaneously across multiple radio peripherals to increase productivity on a sensor node. This new playlist type can be controlled over a network through the FISSURE Dashboard GUI or operate independently upon startup of the sensor node to execute any number of automated tasks.

Another topic that was covered were changes to the Target Signal Identification tab – the beginning component of FISSURE that will detect, isolate and classify signals using machine learning. The new signal conditioner, feature extractor and signal classifier elements provide a testbed for maturing algorithms across a range of topics and comparing machine learning models for classifying RF protocols and emitters.

We’ve also made it easier to conduct remote and cost-effective testing. Now, cybersecurity professionals can access specialized RF environments globally, whether they’re working from home or a remote location, without the need for physical presence at a specific site.

If you missed my presentation at DEF CON, don’t worry! A pre-recorded version will be available soon through the RF Village and linked to in the GitHub page.

Stalwart is a task order that is part of the larger AWARE effort, a $150 million, Indefinite Delivery/Indefinite Quantity (IDIQ) contract focused on researching novel and innovative anti-fragility concepts and integrating proven anti-fragility tools, techniques and processes into operational and emerging cyber platforms. AWARE is focused on delivering systems characterized by greater cyber resiliency and fewer vulnerabilities throughout the development life cycle, thereby reducing risk to mission systems and ensuring mission demands are met under an array of conditions.

“Stalwart is an exciting effort because it provides AIS the opportunity to continue its anti-fragility research, but now with a focus on cyber embedded systems,” said Salvatore Paladino, Director of Cyber Operations Research and Development at AIS. “Embedded systems are those that comprise the Internet of Things (IoT) and include devices from routers, to drones, to wearable sensors. There are profound opportunities to leverage these complex, interconnected systems to achieve military objectives, improve communications and operations and better connect military and civilian systems with the physical environment to improve quality of life, automation and safety on military facilities both at home and abroad.”

Work will be performed in Rome, New York, and is expected to be completed by July 19, 2029. The Air Force Research Laboratory Information Directorate in Rome, New York, is the contracting activity.

The SBA Mentor-Protégé Program is designed to encourage large businesses to provide various forms of assistance to eligible small businesses, promoting economic growth and ensuring a more dynamic and inclusive marketplace. Through this partnership, PAS will benefit from AIS’s guidance in areas such as business development, technical knowledge and contracting.

AIS, a recognized, local leader in the field of cyber and information security, will provide PAS with mentoring that encompasses a wide range of business and technical disciplines. This collaboration is expected to improve PAS’s operational processes and open new avenues for growth and innovation.