NETWAR provides a utility that enables detection of both tactical and
strategic threats against an individual entity and
interrelated/affiliated networks of entities. A distributed network of
sensors and evaluators are utilized to detect tactical attacks against
one or more entities. Events on the general network are represented as an
input graph, which is searched for matches of example pattern graphs that
represent tactical attacks. The search is performed using a scalable
graph matching engine and an ontology that is periodically updated by a
subject matter expert or analyst. NETWAR provides the functionality to
determine/understand the strategic significance of the detected tactical
attacks by correlating detected tactical attacks on the individual
entities to identify the true motive of these attacks as a strategic
attack. NETWAR also provides predictive capability to predict future
entities and sub-entities that may be targeted based on evaluation of the
attack data.