An upcoming cyber challenge seeks to strengthen the ability of automated programs to detect cyber threats, a development that could resolve a number of problems in the field of cybersecurity.
The Defense Advanced Research Projects Agency (DARPA) is hard at work promoting its two-year cyber contest, known as the Cyber Grand Challenge.
According to the official rules page, teams who enter the contest will be required to build Cyber Reasoning Systems (CRSs) that combine together various automated program analysis capabilities. These technologies include dynamic analysis, which allows analysts to inspect programs in a run-time environment, and constraint solving, in which the programmer declares certain properties about a solution that he/she wishes the computer to find. In the final round, the remaining teams’ CRSs will compete against one another and will be evaluated based upon their performance.
Michael Walker, DARPA’s cybersecurity program manager, hopes the findings of the contest will help build smart programs that will be able to identify vulnerabilities, block intruders, and make repairs without the assistance of a human security expert.
These types of programs envisioned by Walker would address a number of today’s cyber problems. First, it would help to rectify the occurrence of “human error”. In a report conducted by IBM Global Technology Services, researchers conclude that “human error,” such as employees using easily guessable passwords, losing their company devices, and failing to adequately patch vulnerabilities, played a part in 95% of the cyber threats, incidents, and events of 2013. Automated program analysis capabilities could lower this figure by removing human fallibility from the threat detection process.
Technologies capable of automating cyber defense could also counteract some of the most recent developments in cyber security. This could include securing the Internet of Things. Lots of things today are becoming “smart”, which creates a slew of new vulnerabilities whose exploitation would affect not only users’ information but also their physical reality. Automated cyber defense technologies could better navigate the nuanced relationships connecting “smart” devices to one another than could human analysts.
Additionally, automated cyber security programs could remedy the current dearth of U.S. federal cyber personnel. A report released by Martin Libicki of RAND asserts that the federal government is struggling to compete for cyber professionals with private organizations, the latter of which offers more competitive salaries and more willingly hires analysts from foreign countries. These programs could fill that employment void for the United States, rendering public-private rivalry irrelevant.
Given the discussion above, automated program analysis capabilities stand to change the field of cyber security for the better. Still, it is worth wondering whether such technologies could replicate the intuition that is sometimes necessary to identify an attacker and/or what they are after. Every cyber attack is in some way influenced by human intention after all. Until that changes, the input of human security analysts will remain valuable, if not essential, to threat detection in cyberspace.
