|Mayhem Wins DARPA Cyber Grand Challenge|
|Written by Lucy Black|
|Tuesday, 09 August 2016|
Mayhem, a fully autonomous system for finding and fixing computer security vulnerabilities, emerged as the winner of the first all-machine hacking tournament held last week at the DEF CON hacker conference in Las Vegas.
As outlined in our report last month on the background to the DARPA Cyber Grand Challenge, the final round of the contest was a Capture the Flag tournament in which seven autonomous computer security systems took part. The systems had to analyse code to find bugs then patch to protect their own virtual territory while exploiting the same bugs to attack others taking part and the winning system is the one that does the best job of finding and fixing bugs while using them to hamper the efforts of others.
The contest ran for eight hours over 96 rounds with each round posing a different challenge. Some were based on well-known software bugs such as Heartbleed, SQL Slammer and Crackaddr to discover if the smart software could do a better job than humans did at finding fixes for these vulnerabilities when they first appeared.
This video of early highlights from the competition reveals that one of the bugs that was discovered and successfully dealt with was an unintended and unknown vulnerability - i.e. one that was not deliberately planted as part of the contest.
This 10-minute expanded highlights video has more about how the conditions required for the tournament, how the competition unfolded and introduces the three winning teams.
Mayhem took an early lead in the tournament and, despite a late crash which meant it logged some no-scoring rounds, held on until the end. This system was built and programmed by ForAllSecure, a team formed from Carnegie Mellon University faculty and alumni, which was awarded the $2m top prize.
The second prize of $1m went to TECHx the team behind a program called Xandra which was drawn from security experts from the University of Virginia and European firm GrammaTech, while the third prize of $750,000 went to Shellphish, builders of the Mech Phish system, a team from the University of California.
or email your comment to: email@example.com
|Last Updated ( Tuesday, 09 August 2016 )|