Categories: Technology

DARPA’s New Cyber Targeted-Attack Analyzer Program

DARPA’s-new-Cyber-Targeted-Attack-Analyzer-program

Credit: DARPA

DARPA’s new Cyber Targeted-Attack Analyzer program looks at how information is connected and moves to uncover and prevent targeted attacks without a human having to direct it.

The Department of Defense (DoD) maintains one of the largest computer networks in the world. The network follows DoD personnel across the globe collecting, transferring and processing information in forms as diverse as data warehouses, in-the-field mobile devices, and mission computers on board F-18s. This network is also constantly changing in size and shape as new missions are undertaken and new technology is deployed. In military terms, that means the cyber terrain of the DoD network is constantly shifting.

Traditional approaches to protecting networks involve static cyber firewalls around the network perimeter and patching any discovered holes. DARPA researchers seek a new approach, one that relies on knowing the cyber terrain within the network and understanding how information across the enterprise is connected to find actions associated with an attack buried under or within all the normal data.

DARPA’s new Cyber Targeted-Attack Analyzer program will attempt to automatically correlate all of a network’s disparate data sources—even those that are as large and complex as those within the DoD — to understand how information is connected as the network grows, shifts, and changes. Once all of the data sources are correlated, the program will attempt to integrate them on a network to allow the defenders to understand the connections—like injecting a contrasting smoke into the air to see how it flows. The third phase of the program also seeks to build tools that use this information for cyber defense of the network.

“The Cyber Targeted-Attack Analyzer program relies on a new approach to security, seeking to quickly understand the interconnections of the systems within a network without a human having to direct it,” said Richard Guidorizzi, DARPA program manager. “Cyber defenders should then be capable of more quickly discovering attacks hidden in normal activities.”

Performers for the program will address three challenges: Automatically indexing data sources on a network without human intervention; Integration of all data structures through a common language for security-related data, and; Development of tools to allow reasoning over the federated database

It is anticipated that the BAA for this effort will be posted to www.fbo.gov within the next month.

Share
By
DARPA

Recent Posts

Fatty Liver Disease: A Hidden Danger to Your Brain?

A study conducted by the Roger Williams Institute of Hepatology, affiliated with King's College London…

February 8, 2023

Space Mystery: Unexpected New Ring System Discovered in Our Own Solar System

ESA’s Cheops finds an unexpected ring around dwarf planet Quaoar During a break from looking…

February 8, 2023

Smart Energy Savings: Chameleon-Like Building Material Changes Its Infrared Color

To address the challenge of saving energy in the face of increasingly frequent extreme weather…

February 8, 2023

Cancer Conundrum Solved: Researchers Unravel a Population of ‘Cheating’ Cells

The study provides answers to multiple conundrums about cancer, while also uncovering new areas for…

February 8, 2023

Unlocking the Mystery of the Stellar Initial Mass Function: A New Breakthrough Discovery

The fate of galaxies is determined by the initial mass distribution at the birth of…

February 8, 2023

NASA Awards $11.7 Million to Historically Black Colleges and Universities

NASA is awarding $11.7 million to eight Historically Black Colleges and Universities (HBCUs) through the…

February 8, 2023