DARPA Competition For The Intelligent Defensive Computer

### New Book Reviews!

 DARPA Competition For The Intelligent Defensive Computer
Written by Lucy Black
Wednesday, 23 October 2013

DARPA's latest challenge seems like a good idea, but it is asking for enough AI to make sure that a computer detects an attack, defends and repairs itself?

The Cyber Grand Challenge is another one of those Sci-Fi mad-real competitions.

The DARPA announcement makes it sound all perfect reasonable:

"What if computers had a “check engine” light that could indicate new, novel security problems? What if computers could go one step further and heal security problems before they happen?"

But if you think about it, the threats are so open ended that you need AI to detect them and you certainly need AI to "heal" them. The idea is that automatic systems would evaluate software, test for vulnerabilities and generate security patches which could then be automatically applied.

"DARPA’s Cyber Grand Challenge (CGC) aims to create the first-ever tournament for fully automatic network defense systems. Teams would create automated systems that would compete against each other in real-time to evaluate software, test for vulnerabilities, generate security patches and apply them to protected computers on a network. The CGC’s goal is to vastly improve the speed and effectiveness of IT security against escalating cyber threats."

This sounds hard, but the first prize is $2 million, with second and third place taking$1 million and $750,000 respectively. The challenge is planned to start in early 2016 and as it is a tournament each team will score points and there will be a winner no matter how poorly they all perform. There will be a qualifying event and competitors with a system that they think can succeed can simply enter. If you need help with funding then you have to apply to DARPA with a convincing case to show you have a good idea. There are also plans for a second initiative to develop support technologies for the challenge such as visualizations and custom problem sets. The problem of detecting a threat seem the easiest part of the task - after all intelligent network scanners and malware detection should be possible with the technologies we already have. The hard part is probably working out how to defend and repair the system after a problem has arisen. Systems that protect themselves - It sounds like something from science fiction and we all know how that ends. #### More Information #### Related Articles Bounty Hunter Awarded$100,000

Microsoft Offers \$100,000 For Novel Exploits

Frankenstein - Stitching Code Bodies Together To Hide Malware

ROP Mitigations Bypassed