Army Cyber Defenders Open Source Code

Army cyber defenders have released code to help detect and understand cyber attacks.

The forensic analysis code called Dshell has been used, for nearly five years, as a framework to help the U. S. Army understand the events of compromises of Department of Defense networks.

(U.S. Defense Department graphic illustration by Jessica L. Tozer/Released)

(U.S. Defense Department graphic illustration by Jessica L. Tozer/Released)

A version of Dshell was added to the GitHub social coding website on Dec. 17, 2014 with more than 100 downloads and 2,000 unique visitors to date. Download Dshell now!

Dshell is a framework that its users can use to develop custom analysis modules based on compromises they have encountered. It is anticipated that other developers would contribute to the project by adding modules that benefit others within the digital forensic and incident response community, said William Glodek, Network Security branch chief, U.S. Army Research Laboratory.

“Outside of government there are a wide variety of cyber threats that are similar to what we face here at ARL.”

“Dshell can help facilitate the transition of knowledge and understanding to our partners in academia and industry who face the same problems,” said Glodek, whose page is the first official U.S. Army page on GitHub.

GitHub is the center of gravity for software developers not only in the U.S, but around the world. Since the release, Dshell has been accessed by users in 18 countries, he said.

“For a long time, we have been looking at ways to better engage and interact with the digital forensic and incident response community through a collaborative platform,” Glodek said.

The U.S. Army Research Laboratory is a leader in protecting and defending Defense networks. In 2013, ARL established a collaborative research alliance to explore the basic foundations of cyber science issues in the context of Army networks. (Photo provided by ARL Public Affairs/Released)

The U.S. Army Research Laboratory is a leader in protecting and defending Defense networks. In 2013, ARL established a collaborative research alliance to explore the basic foundations of cyber science issues in the context of Army networks. (Photo provided by ARL Public Affairs/Released)

“The traditional way of sharing software even between government entities, can be challenging. We have started with Dshell because the core functionality is similar to existing publicly available tools but provides a simpler method to develop additional functionality.”

“What Dshell offers is a new mechanism, or framework, which has already been proven to be useful in government to better analyze data.”

Glodek would like to see others in the open source community add value and expertise to the existing Dshell framework, he said.

He is starting an open source working group at ARL to look at other potential projects for a GitHub repository.

“I want to give back to the cyber community, while increasing collaboration between Army, the Department of Defense and external partners to improve our ability to detect and understand cyber attacks,” Glodek said.

In the next six months, Glodek expects to have a flourishing developer community on GitHub with users from government, academia and industry.

“The success of Dshell so far has been dependant on a limited group of motivated individuals within government. By next year it should be representative of a much larger group with much more diverse backgrounds to analyze cyber attacks that are common to us all,” Glodek said.

By Joyce Brayboy, ARL Public Affairs
Follow Armed with Science on Facebook and Twitter!

———-

Disclaimer: The appearance of hyperlinks does not constitute endorsement by the Department of Defense of this website or the information, products or services contained therein. For other than authorized activities such as military exchanges and Morale, Welfare and Recreation sites, the Department of Defense does not exercise any editorial control over the information you may find at these locations. Such links are provided consistent with the stated purpose of this DOD website.

This entry was posted in Articles, Cyber Security and tagged , , , , , , , , , , , , , . Bookmark the permalink.

Comments are closed.