New program looks at how information is connected to stay ahead of the cyber threat

Jan 23, 2013

The Department of Defense (DoD) maintains one of the largest computer networks in the world. The network follows DoD personnel across the globe collecting, transferring and processing information in forms as diverse as data warehouses, in-the-field mobile devices and mission computers on board F-18's. This network is also constantly changing in size and shape as new missions are undertaken and new technology is deployed. In military terms, that means the cyber terrain of the DoD network is constantly shifting.

Traditional approaches to protecting networks involve static cyber firewalls around the perimeter and patching any discovered holes. DARPA researchers seek a new approach, one that relies on knowing the cyber terrain within the network and understanding how across the enterprise is connected to find actions associated with an attack buried under or within all the normal data.

DARPA's new Cyber Targeted-Attack Analyzer program will attempt to automatically correlate all of a network's disparate data sources—even those that are as large and complex as those within the DoD—to understand how information is connected as the network grows, shifts and changes. Once all of the data sources are correlated, the program will attempt to integrate them on a network to allow the defenders to understand the connections—like injecting a contrasting smoke into the air to see how it flows. The third phase of the program also seeks to build tools that use this information for of the network.

"The Cyber Targeted-Attack Analyzer program relies on a new approach to security, seeking to quickly understand the interconnections of the systems within a network without a human having to direct it," said Richard Guidorizzi, DARPA program manager. "Cyber defenders should then be capable of more quickly discovering attacks hidden in normal activities."

Performers for the program will address three challenges: Automatically indexing data sources on a network without human intervention; Integration of all data structures through a common language for security-related data, and; Development of tools to allow reasoning over the federated database

It is anticipated that the BAA for this effort will be posted to www.fbo.gov within the next month.

Explore further: Innovative new supercomputers increase nation's computational capacity and capability

add to favorites email to friend print save as pdf

Related Stories

Cyber experts engage on DARPA's Plan X

Oct 18, 2012

When the team behind DARPA's Plan X mapped out where it wanted to go with research in the development of cyber capabilities and platforms, it knew the DARPA approach to problem solving included soliciting ...

National cyber range rapidly emulates complex networks

Nov 14, 2012

Realistically and quickly replicating globally interconnected networks to securely test new cyber tools and capabilities is no longer an issue for cyber researchers thanks to the DARPA-developed National ...

Lockheed Martin hit by cyber attack

May 29, 2011

Hackers launched a "significant and tenacious" cyber attack on Lockheed Martin, a major defense contractor holding highly sensitive information, but its secrets remained safe, the company said Saturday.

Baker College wins cyber defense contest

Apr 24, 2008

Baker College of Flint, Mich., Texas A&M University and the University of Louisville have won top honors in the National Collegiate Cyber Defense Competition.

Recommended for you

Forging a photo is easy, but how do you spot a fake?

Nov 21, 2014

Faking photographs is not a new phenomenon. The Cottingley Fairies seemed convincing to some in 1917, just as the images recently broadcast on Russian television, purporting to be satellite images showin ...

Algorithm, not live committee, performs author ranking

Nov 21, 2014

Thousands of authors' works enter the public domain each year, but only a small number of them end up being widely available. So how to choose the ones taking center-stage? And how well can a machine-learning ...

Professor proposes alternative to 'Turing Test'

Nov 19, 2014

(Phys.org) —A Georgia Tech professor is offering an alternative to the celebrated "Turing Test" to determine whether a machine or computer program exhibits human-level intelligence. The Turing Test - originally ...

User comments : 0

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.