The Department of Defense’s computer assets are constantly under attack from a wide range of threats. Since much of today’s military infrastructure depends on the security of these systems, the DoD has undertaken a continuous mission to provide overall information security and has created a long-range preparedness strategy. The threats of malware, root kits, and viruses raise the specter of unauthorized access to confidential information, reverse engineering attacks against software, and cyber-warfare.  As anti-tamper systems have improved to defeat these threats, the sophistication of the threats have evolved to defeat common security measures making the process of detecting threats a much more difficult problem. Cybernet is developing a software system that can detect the presence of these threats and alert administrators to their presence. This software resides on dedicated hardware to insure that the software threats cannot attack it. In this project, we are generating a comprehensive taxonomy of threats, developing software to autonomously extract low-level features of processes, and then using them to robustly report on and visualize the overall system state.  To eliminate the possibility that threats can spoof our software, we are leveraging our hardware based detection solutions that cannot be affected by software threats. In our intial system, we will provide a taxonomy of threats, develop an architecture for aggregating relevant features, and provide a mock up demonstration of future systems.  Our successful concept will allow detection of novel threats in a paradigm complimentary to signature based detectors.