DARPA Dangles $2 Million For Security Automation Idea

Agency's latest challenge will award $2 million to team that builds an unmanned, self-patching network defense system capable of responding to cyber-attacks.

Elena Malykhina

October 25, 2013

3 Min Read
NetworkComputing logo in a gray background | NetworkComputing

DARPA Robot Challenge: Disaster Recovery

DARPA RobotChallenge: Disaster Recovery


DARPA Robot Challenge: Disaster Recovery(click image for larger view)

The Defense Advanced Research Projects Agency (DARPA) is recasting the focus of its $2 million Grand Challenge from autonomous vehicles to autonomous networks, putting the agency one step closer to creating the mythical Skynet. The latest in a series of major innovation competitions sponsored by the agency is intended to "drive automation revolution in information security."

Teams participating in the Cyber Grand Challenge will build fully automated network defense systems that compete against each other by evaluating software, testing for vulnerabilities, creating security patches and applying them to protected computers on a network, DARPA said. The concept is similar to computer security tournaments involving trained experts, but in this case unmanned systems will be competing.

The evolution of cyber-attacks and malware is driving the need for automation in IT security analysis. Thus the goal of the Cyber Grand Challenge is to create a self-patching system that could respond to attacks, and even go a step further by reconciling security problems before they happen. "Today, our time to patch a newly discovered security flaw is measured in days. Through automatic recognition and remediation of software flaws, the term for a new cyber-attack may change from zero-day to zero-second," DARPA program manager Mike Walker said in a written statement.

[ "Peace Corps for Geeks" offers important lessons to IT professionals while helping local government. Read Code For America Made Me A Better IT Leader. ]

The cyber competition will take place on a "network framework purpose-built to interface with automatic systems," according to DARPA. Competitors will have a series of challenges, including a qualifying event where a collection of software will be analyzed. Teams that qualify will need to automatically identify, analyze and repair software flaws. Top experts from various computer security disciplines, such as reverse engineering, formal methods and program analysis are expected to participate. The agency said it will host teaming forums on the official Cyber Grand Challenge websiteto promote extensive participation.

A select group of top competitors will join the Cyber Grand Challenge final event, scheduled for early to mid-2016. In that event, each team's system will be required to automatically identify software flaws and scan the network to find affected hosts. The highest scores will go to systems that are most capable of protecting hosts, scanning the network for vulnerabilities and maintaining software function.

The winning team will receive $2 million. $1 million will go to second-place competitors, and third place teams will get $750,000.

This isn't the first time that DARPA has shelled out millions of dollars for such a competition. The tradition of DARPA Grand Challenges started with self-driving cars. In October 2005, Stanford University's robotic vehicle, Stanley, won $2 million for beating out the competition and finishing a 132-mile course through the Mojave Desert. The Robotics Challenge -- focusing on autonomous robots -- followed. That challenge kicked off in October 2012 and is scheduled to run through 2014, with three planned competitions, one virtual and two live.

Read more about:

2013
SUBSCRIBE TO OUR NEWSLETTER
Stay informed! Sign up to get expert advice and insight delivered direct to your inbox

You May Also Like


More Insights