Skip to main content

Cybersecurity – Put to the test

The D2U model categorizes user data by capturing behavior in all open programs throughout a user’s day. Credit: Nathan Armistead/ORNL, U.S. Dept. of Energy

Oak Ridge National Laboratory researchers have created a technology that more realistically emulates user activities to improve cyber testbeds and ultimately prevent cyberattacks.

The Data Driven User Emulation, or D2U, uniquely uses machine learning to simulate actual users’ actions in a network and then enhances cyber analysts’ ability to thwart, expose and mitigate network vulnerabilities.

“Understanding and modeling individual user behaviors is critical for cybersecurity,” said ORNL’s Sean Oesch. “D2U can create unlimited, realistic test users of a particular network for developers of cyber tools to improve their products.”

Where other user models need large numbers of testers or make assumptions about their behavior, D2U needs a small number of users and emulates actual user behavior.

The software is currently deployed to help evaluate defensive cyber technologies but could have benefits to the broader cyber community. – Liz Neunsinger