DARPA Contest Aims to Create Self-Defending Networks

Thirty teams will participate in the Cyber Grand Challenge, aiming to make networks smart enough to detect and repair vulnerabilities before attackers can exploit them.

Download the authoritative guide: The Ultimate Guide to IT Security Vendors

DARPA Cyber Challenge security

Aiming to make computer networks and systems self-defending, more than 30 teams will compete in the U.S. government's first-ever Cyber Grand Challenge, the Defense Advanced Research Project Agency (DARPA) announced on June 3.

The contest will challenge teams to create systems that can detect vulnerabilities in a network and fix them before attackers can exploit the flaws to penetrate the network and their underlying data stores.

Defenders normally need to find flaws, create patches and deploy those software updates to harden their networks against attack. Yet the process takes time. While more than 80 percent of attacks compromise systems in days, less than 20 percent of incidents are detected by defenders in the same amount of time, according to the latest Data Breach Investigations Report released by communications services firm Verizon.

The Cyber Grand Challenge aims to find a solution to that fundamental imbalance between attackers and defenders, Mike Walker, DARPA program manager, said in a statement announcing the contest.

"The only effective approach to defending against today's ever-increasing volume and diversity of attacks is to shift to fully automated systems capable of discovering and neutralizing attacks instantly," Walker said.

The Cyber Grand Challenge will take the form of a capture-the-flag event, with an attacker attempting to breach defenders' networks to grab sensitive data. Unlike other contests run all over the world, however, the CGC will task automated defenses, not human defenders, to repel the attackers. Teams will have to make it through qualifying events to compete in the finals, which will be held at the DEFCON hacking conference in 2016.

The team that wins the challenge will be awarded $2 million, while second- and third-place runner ups will received $1 million and $750,000, respectively.

Since competition breeds innovation, the contest could deliver some interesting new technologies, Michael Sutton, vice president of security research for Zscaler, a cloud-security company, told eWEEK. While companies and academic researchers have created components of self-healing networks and biologically inspired digital immune systems, no one has succeeded in creating a fully automated system.

One major issue is the problem of false positives, labeling legitimate traffic as malicious. Many automated analysis systems have high rates of false positives, sending defenders on wild goose chases to find non-existent threats, he said.

"I will incur the wrath of my customers far more if I prevent them from getting to the Internet than if I miss a vulnerability," Sutton said.

As part of the infrastructure to support the Cyber Grand Challenge, DARPA released on June 3 a software platform dubbed DECREE, a unique framework on which malicious software samples can be executed without running the risk of infecting other systems. Because the structure of DECREE is unlike other computer systems, software that runs on DECREE will not run on production systems, and so cannot escape into the wild, according to DARPA.

Robert Lemos

Robert Lemos

Robert Lemos is an award-winning freelance journalist who has covered information security, cybercrime and technology's impact on society for almost two decades. A former research engineer, he's...