Army cyber defenders have released code to help detect and understand cyber attacks.
Dshell is a framework that its users can use to develop custom analysis modules based on compromises they have encountered. It is anticipated that other developers would contribute to the project by adding modules that benefit others within the digital forensic and incident response community, said William Glodek, Network Security branch chief, U.S. Army Research Laboratory.
“Outside of government there are a wide variety of cyber threats that are similar to what we face here at ARL.”
“Dshell can help facilitate the transition of knowledge and understanding to our partners in academia and industry who face the same problems,” said Glodek, whose page is the first official U.S. Army page on GitHub.
GitHub is the center of gravity for software developers not only in the U.S, but around the world. Since the release, Dshell has been accessed by users in 18 countries, he said.
“For a long time, we have been looking at ways to better engage and interact with the digital forensic and incident response community through a collaborative platform,” Glodek said.
“The traditional way of sharing software even between government entities, can be challenging. We have started with Dshell because the core functionality is similar to existing publicly available tools but provides a simpler method to develop additional functionality.”
“What Dshell offers is a new mechanism, or framework, which has already been proven to be useful in government to better analyze data.”
Glodek would like to see others in the open source community add value and expertise to the existing Dshell framework, he said.
He is starting an open source working group at ARL to look at other potential projects for a GitHub repository.
“I want to give back to the cyber community, while increasing collaboration between Army, the Department of Defense and external partners to improve our ability to detect and understand cyber attacks,” Glodek said.
In the next six months, Glodek expects to have a flourishing developer community on GitHub with users from government, academia and industry.
“The success of Dshell so far has been dependant on a limited group of motivated individuals within government. By next year it should be representative of a much larger group with much more diverse backgrounds to analyze cyber attacks that are common to us all,” Glodek said.
Disclaimer: The appearance of hyperlinks does not constitute endorsement by the Department of Defense of this website or the information, products or services contained therein. For other than authorized activities such as military exchanges and Morale, Welfare and Recreation sites, the Department of Defense does not exercise any editorial control over the information you may find at these locations. Such links are provided consistent with the stated purpose of this DOD website.