DARPA Cyber Grand Challenge Ends With Mayhem

DARPA's Cyber Grand Challenge pitted machine against machine in an effort to find the best in autonomous computer security. In the end, Mayhem was the big winner.

Cyber Grand Challenge

LAS VEGAS—After three years of planning and lead-up contests, the finals of the Defense Advanced Research Projects Agency's Cyber Grand Challenge (CGC) to show the best in autonomous computer security concluded with a win by the Mayhem system from the ForAllSecure team, which won the $2 million grand prize. The Xandra system finished in second place, winning $1 million, while the Mechaphish system placed third, claiming $750,000.

The three systems finished at the top of a field of seven systems that battled for 8 hours in front of an audience at the DefCon security conference here Aug. 4. There was live play-by-play and color commentary of the last hours of the contest from a broadcast booth.

DARPA first announced the CGC effort in 2013 as a way to help spur innovation in autonomous computer security systems. In a press conference following the event, Mike Walker, the DARPA program manager responsible for CGC, said that approximately $55 million was invested in the effort over the three years of the program's development.

The contest had 96 rounds, with each round throwing a different challenge at the autonomous systems, Walker said. Over that time, the systems generated a total of 421 replacement binaries. The binaries were new native code authorized synthetically by the systems to be more secure than the original versions they were given. Walker said that in modern software, unknown vulnerabilities can potentially represent a universal lock pick for intruders.

"Tonight we showed that machines can exist that can detect those lock picks in use and respond immediately," he said. "We have redefined what is possible in the course of hours with autonomous systems that we challenged the world to build."

The promise of autonomous security systems is that they will one day help organizations and networks automatically defend against and patch new vulnerabilities without human intervention.

During the press conference, Walker was also asked about the potential offensive capabilities of the systems that competed in the CGC.

"I cannot change the reality that all security tools are dual-use," Walker said.

For example, he noted that ransomware depends on off-the shelf cryptography to lock up user data.

"The difference between offensive and defensive use of technology is often secrecy versus openness," he said.

Walker added that the way to assure an open technology revolution is to conduct all the research in a crowdsourced, global way on an open-source platform for all to see.

"As long as there is a spark to light the revolution of automated vulnerability search, bugs that can be found in the open can be patched in the open," he said.

Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.

Sean Michael Kerner

Sean Michael Kerner

Sean Michael Kerner is an Internet consultant, strategist, and contributor to several leading IT business web sites.