Defense Media Network

DARPA’s Cyber Grand Challenge Aims to Stop Cyber Attacks Before They Start

The Defense Advanced Research Projects Agency (DARPA) has always thought big. The Cyber Grand Challenge (CGC), DARPA’s latest endeavor to improve the speed and effectiveness of IT security in the face of escalating cyber threats, keeps with that tradition. Certainly the $2 million that will be awarded to the winner is big, but that only tells part of the story. The goal of the CGC is to attract teams who will craft automated systems that will compete against each other in order to evaluate software, test for vulnerabilities, generate security patches, and apply them to a network of computers, in the first-ever tournament for fully automatic network defense systems.

“Today our time to patch a newly discovered security flaw is measured in days. Through automatic recognition and remediation of software flaws, the term for a new cyber attack may change from zero-day to zero-second.”

Experts regularly compete in global “capture the flag” tournaments in order to improve their skills and measure their excellence in head-to-head competitions, something DARPA knows and wants to harness. Using these competitions as a model, DARPA seeks to have unmanned systems compete against each other in a real-time tournament environment. The difference is that the CGC will be the first time that cyber competition will take place on a network that is purpose-built to interface with automatic systems. Currently cyber attacks and malware are combatted in a matter of days. DARPA wants to reduce that time period significantly. “Today our time to patch a newly discovered security flaw is measured in days. Through automatic recognition and remediation of software flaws, the term for a new cyber attack may change from zero-day to zero-second,” said Mike Walker, DARPA program manager. In order to have a shot at the prize money, the competing teams will need to bridge the gap between security software and cutting-edge program analysis research.

Cyber Grand Challenge

The Defense Advanced Research Projects Agency’s (DARPA’s) Cyber Grand Challenge (CGC) aims to create the first-ever tournament for fully automatic network defense systems. Teams would create automated systems that would compete against each other in real-time to evaluate software, test for vulnerabilities, generate security patches and apply them to protected computers on a network. The CGC’s goal is to vastly improve the speed and effectiveness of IT security against escalating cyber threats. DARPA graphic

Top competitors will be invited by DARPA to navigate a series of challenges, from the qualifying event through the CGC final event. The challenges are tentatively scheduled for early to mid-2016. The qualifying event will require a collection of software to be automatically analyzed, with software flaws being identified and repaired. The final competition will involve each team’s system automatically identifying software flaws and scanning the network to identify the affected hosts. CGC will be scored by how their systems are able to protect hosts, scan the network for vulnerabilities, and maintain the correct function of software. This is the part where the prize money comes into play. The winning team would be awarded $2 million, the second place team $1 million, and the third place team $750,000.

DARPA sees where the future of cyber attacks is headed and wants to get in front of it. “The growth trends we’ve seen in cyber attacks and malware point to a future where automation must be developed to assist IT security analysts,” said Dan Kaufman, director of DARPA’s Information Innovation Office, which will oversee the CGC.

This is not the first time that DARPA has conducted a Grand Challenge. “DARPA’s series of vehicle Grand Challenges were the dawn of the self-driving car revolution,” said Walker. With the CGC, DARPA hopes to foment new ideas. “With the Cyber Grand Challenge, we intend a similar revolution for information security,” added Walker.

“The growth trends we’ve seen in cyber attacks and malware point to future where automation must be developed to assist IT security analysts.”

Experts from a wide range of computer security disciplines are expected to participate. These disciplines include reverse engineering, formal methods, program analysis, and computer security competition. To foster participation, DARPA will be hosting teaming forums on the CGC website. Potential competitors will have the option to either pursue a funded or unfunded track. The unfunded track allows anyone capable of fielding a network to participate, while a funded one will see DARPA awarding contracts to organizations that present the most compelling proposals.

Interested competitors can find specific information related to the CGC in the Broad Agency Announcement (BAA). Another BAA is planned for the near future that will seek proposals for technologies that can support the CGC. Support technologies include accessible visualization of a real-time cyber competition and custom problems sets. Two Challenger’s Days, where potential competitors can learn more about the CGC, are also in the planning stages. One will be at DARPA’s offices in Arlington, Va., while the other will take place on the West Coast.

By

Steven Hoarn is the Editor/Photo Editor for Defense Media Network. He is a graduate of...