By Aaron Boyd
December 18, 2014
The Defense Advanced Research Projects Agency (DARPA) is trying to get ahead of the sneakiest and most persistent threats in cyberspace and is putting up $60 million to find truly innovative ideas.
The research agency posted a request for proposals for a Transparent Computing program designed to shine a light on malware hiding in the depths of complex computer systems and actively adapt to new threats.
Skilled hackers attacking a network often work in the background over a long period of time, slowly infecting the systems with code masked in the normal ins and outs. This type of breach — called an advanced persistent threat (APT) — is difficult to detect and expose, particularly in large, complex networks made up of many entry points.
A Transparent Computing system, if successful, would give security managers a granular view of the network, including detailed information on where data are coming from.
Specifically, DARPA is looking for a program that can:
■ Record and preserve the provenance of all system elements/components (inputs, software modules, processes, etc.);
■ Dynamically track the interactions and causal dependencies among cyber system components;
■ Assemble these dependencies into end-to-end system behaviors; and
■ Reason over these behaviors, both forensically and in real-time.
In practice, the program would identify all incoming connections and active processes, learn which are malicious (or at least arbitrary) and move to remediate.
"By automatically or semi-automatically 'connecting the dots' across multiple activities that are individually legitimate but collectively indicate malice or abnormal behavior, TC has the potential to enable the prompt detection of APTs and other cyber threats," the RFP states.
Per many DARPA initiatives, "It is expected that this prototype will provide a starting point for technology transition," sparking a new wave of cybersecurity, according to the RFP. Proposers are warned against offering "evolutionary improvements" to current cybersecurity methods.
DARPA is holding a Proposers' Day at the DARPA Conference Center in Arlington on Dec. 15. The unclassified event will be an opportunity for prospective applicants to get information on Transparent Computing and the solicitation. Attendance at the Proposers' Day is not required to send a submission later.
Multiple awards are expected across five technical areas. The combined total has a funding ceiling of $60 million.
Proposals are due to DARPA by noon on Feb. 10.
No comments:
Post a Comment