Technology Highlight

QUASAR

An analytical software evaluates and prioritizes the success of different cyber defenses against potential attacks on an enterprise network.
Screenshot of QUASAR interactive display, showing organizations a multifaceted analysis of cyber risk and defense options.
Download PDF
Quantitative Attack Space Analysis and Reasoning (QUASAR)

QUASAR software analyzes countermeasures to potential cyberattacks on an enterprise network. It answers a range of questions to inform decisions about cyber defenses: how do different countermeasures affect the network, what defensive investments are most valuable, how may attackers respond to certain defenses, and what gaps in defense coverage remain?

Cybersecurity personnel in an organization are faced with many questions when choosing defenses to best protect their network from cyberattack. What software or techniques are worth deploying? How do these defensive solutions interact with the organization's existing systems? Are there gaps in the cybersecurity coverage? What strategies might attackers use to bypass the organization's defenses?

Screenshot of QUASAR interactive display, showing organizations a multifaceted analysis of cyber risk and defense options.
In an interactive display, QUASAR gives organizations a multifaceted analysis of cyber risk and defense options.

Lincoln Laboratory researchers developed QUASAR to help cybersecurity specialists answer these and other questions about countering attacks. QUASAR has three components:

  • A knowledge base of cyberattack strategies and defenses drawn from 10 years of academic publications and incident reports; this base is kept up to date with information from threat intelligence data provided by private industry and academic cybersecurity research
  • An automated reasoning engine that combines the knowledge base with a high-level profile of the customer's environment to create a tailor-made mathematical model of possible attack surfaces and defenses to mitigate them
  • A browser interface for visualization and interactive analysis of the tradeoffs between different defensive strategies; this visualization displays quantitative metrics about the impact that proposed defenses would have on a customer's network and recommendations for additional defenses to mitigate an attack

QUASAR recommendations for defenses are based on an examination of the capabilities needed to mount a successful attack. This approach guides strategic reasoning for an organization's defense planners and provides insights for researchers developing new cyber defenses.

Benefits

  • Customized for an organization's system and software requirements, recognizing cyber defenses already deployed on the organization's network
  • Uses a scalable defense analysis technique unconstrained by specific software versions or configurations
  • Evaluates/prioritizes the success of different cyber defenses against potential attacks so customers can proactively secure systems
  • Facilitates budget planning by providing estimates of the costs for various cybersecurity solutions
  • Provides information in a user-friendly visualization

Additional Resources

U.S. Patent 10,819,752

More Information

R. Skowyra et al., "QUASAR: Quantitative Attack Space Analysis and Reasoning," Proceedings of the 33rd Annual Computer Security Applications Conference, December 2017.

Tagged As
Cyber Software