December 11, 2014
Aaron Boyd, writing in the December 10, 2014 edition of DefenseNews.com, notes that “the Defense Advanced Research Projects Agency (DARPA) is trying to get ahead of the sneakiest, and most persistent threats in cyber space; and, is putting up $60M to find truly innovative ideas.” He added that DARPA “posted a request for proposals, for a Transparent Computing program — designed to shine a light on malware hiding in the depths of complex computer systems; and, actively adapt to new threats.”
Mr. Boyd writes that “skilled hackers attacking an network, often work in the background over a long period of time, slowly infecting systems with code — masked in the normal in’s and out’s.” of a IT ecosystems daily activities. “”This type of breach — called Advanced Persistent Threat (APT) — is difficult to detect and expose, particularly in large, complex networks made up of many entry points.”
Mr. Boyd says “if successful, a Transparent Computing system would give security managers a granular view of the network….including detailed information on where data are coming from.” Specifically, DARPA is looking for a program that can:
— Record and preserve the provenance of all system elements/components (inputs, software, modules, processes, etc.);
— Dynamically track the interactions and casual dependencies among cyber system components;
— Assemble these dependencies into end-to-end system behaviors; and,
— Reason over these behaviors, both forensically, and in real-time.
“In practice,” Mr. Boyd writes, “the program would identify all incoming connections, and active processes, learn which are malicious (or, at least arbitrary) and move to remediate. By automatically, or semi-automatically ‘connecting the dots’ across multiple activities that are individually legitimate — but, collectively indicate malice, or abnormal behavior. Transparent Computing has the potential to enable the prompt detection of APTs and other cyber threats,” the DARPA request states.
“Per many DARPA initiatives,” Mr. Boyd writes, “it is expected that this prototype will provide a stating point for technology transition, sparking a new wave of cyber security,” the request states. “Proposers are warned against offering “evolutionary improvements” to current cyber security methods.” Mr. Boyd adds that “DARPA is holding a Proposer’s Day Conference Center in Arlington, VA., on December 15, 2014.” “The unclassified event will be an opportunity for prospective applicants to get information on Transparent Computing, and the solicitation. Attendance at the Prospers Day is not required to send a submission later,” he noted.
“Multiple awards are expected across five technical areas,” Mr. Boyd concludes. “The combined total has a funding ceiling of $60M. Proposals are due to DARPA by noon, February 10, 2015.”
Sounds promising; but, I admit I am fairly ignorant on this topic and this new technique or leap ahead in cyber security. When I understand more, the pros, cons, etc., I will do a follow-up article.
No comments:
Post a Comment