30 avril 2018 | International, C4ISR

DARPA wants to arm ethical hackers with AI

By:

The Defense Advanced Research Projects Agency (DARPA) wants to leverage human-artificial intelligence teaming to accelerate the military's cyber vulnerability detection, according to agency documents.

The task of securing the Pentagon's diverse networks, which support nearly every function of the military's operations, presents a nightmare for defense officials. The current time-intensive and costly process involves extensively trained hackers using specialized software suites to scour the networks in search of vulnerabilities that could potentially be exploited, but the scarcity of expert hackers makes detecting cyberthreats a challenge for the Defense Department.

DARPA's Computers and Humans Exploring Software Security (CHESS) program seeks to bolster existing cyber defenders with a new tool that would render much of the current toolkit ancient history: artificial intelligence.

The program aims to incorporate automation into the software analysis and vulnerability discovery process by enabling humans and computers to reason collaboratively. If successful, the program could enhance existing hacking techniques and greatly expand the number of personnel capable of ethically hacking DoD systems.

To achieve its goal, DARPA will solicit proposals from industry across five technical areas, including developing tools that mimic the processes used by expert hackers and ultimately transitioning a final solution to the government.

“Through CHESS, we're looking to gather, understand and convert the expertise of human hackers into automated analysis techniques that are more accessible to a broader range of technologists,” the DARPA program description reads. “By allowing more individuals to contribute to the process, we're creating a way to scale vulnerability detection well beyond its current limits.”

While DARPA sees artificial intelligence as an important tool for enhancing cybersecurity efforts, officials emphasize the essential role humans play in the collaborative process.

“Humans have world knowledge, as well as semantic and contextual understanding that is beyond the reach of automated program analysis alone,” said Dustin Fraze, the I2O program manager leading CHESS. “These information gaps inhibit machine understanding for many classes of software vulnerabilities. Properly communicated human insights can fill these information gaps and enable expert hacker-level vulnerability analysis at machine speeds.”

The CHESS program will span three phases lasting a total of 42 months. Each phase will focus on increasing the complexity of an application the CHESS system is able to analyze effectively.

https://www.c4isrnet.com/it-networks/2018/04/27/darpa-wants-to-arm-ethical-hackers-with-ai/

Sur le même sujet

  • Vulcan Update: New organization features and new calls for capabilities

    19 septembre 2019 | International, Aérospatial, Naval, Terrestre, C4ISR, Sécurité

    Vulcan Update: New organization features and new calls for capabilities

    Please find attached the latest Vulcan updates and highlights. More specifically: Understanding how you can edit and enhance your organizational profile New calls for capabilities from Government organizations, including SOF needs for advanced communication capabilities; Updates on ongoing technology assessment activities and upcoming experimentation events It takes a Network!

  • Interior Department inks $95M dollar deal to modernize IT system from 1990s

    30 avril 2020 | International, C4ISR, Sécurité

    Interior Department inks $95M dollar deal to modernize IT system from 1990s

    Andrew Eversden The Department of the Interior awarded a $95 million contract to NTT DATA Federal Services to modernize one of its critical information systems, the company announced April 28. The five-year contract will modernize Interior's Technical Information Management System, or TIMS, which automates business and regulatory functions for the department's Bureau of Ocean Energy Management as well as its Bureau of Safety and Environmental Enforcement. The latter, BSEE, maintains the system. Under the contract, NTT DATA will “provide operations support, infrastructure and application maintenance, security, cloud transformation and other IT services.” TIMS was established in the 1990s, according to an Interior privacy impact assessment from 2018. The system supports the core mission of the two bureaus and enables the four regional offices and the Virginia headquarters to share and combine data, print maps, and standardize forms and other documents. The system is also used by the Office of Natural Resource Revenue, oil and gas stakeholders, and state and local governments. "NTT DATA is honored to help the Department of the Interior take full advantage of new and emerging technologies to promote safety, protect the environment and conserve resources offshore,” said Tim Conway, NTT DATA's president of public sector work. “Our team is committed to working with BSEE to deliver on their important mission of oversight and enforcement in these areas by leveraging automation, agile development and innovation to streamline operations.” In the long term, the Interior Department wants to merge TIMS' daily operations with the system's maintenance cycle, while adding new developments, the NTT DATA news release said. According to USAspending.gov, NTT DATA is a subprime contractor on several multimillion contracts with the departments of Justice and Homeland Security as well as the U.S. Agency for International Development. https://www.federaltimes.com/home/2020/04/29/interior-department-inks-95m-dollar-deal-to-modernize-it-system-from-1990s

  • UK approves TransDigm-CPI deal with national security condition

    28 février 2024 | International, Terrestre

    UK approves TransDigm-CPI deal with national security condition

Toutes les nouvelles