U.S. military, government and commercial IT networks face constant cyberattack from both criminal and state-sponsored adversaries. Current IT security response practices to these attacks boil down to four steps: find the invading code, unplug the affected systems, create security patches to thwart particular attacks, and apply those patches network-wide. This reactive engagement model is effective on a case-by-case basis but does not address key advantages attackers have—for example, adversaries can easily make small changes to malware that bypass patches and distribute that new malware on a massive scale. To stay ahead of increasingly sophisticated, stealthy and dangerous threats, defenders must move beyond traditional static defenses to exploit the natural advantages of their IT systems and expertise.
DARPA’s Active Cyber Defense (ACD) program is designed to help reverse the existing imbalance by providing cyber defenders a “home field” advantage: the ability to perform defensive operations that involve direct engagement with sophisticated adversaries in DoD-controlled cyberspace. Created in December 2012, the program seeks to develop a collection of synchronized, real-time capabilities to discover, define, analyze and mitigate cyber threats and vulnerabilities. These new proactive capabilities would enable cyber defenders to more readily disrupt and neutralize cyberattacks as they happen. These capabilities would be solely defensive in nature; the ACD program specifically excludes research into cyber offense capabilities.
You are now leaving the DARPA.mil website that is under the control and
management of DARPA. The appearance of hyperlinks does not constitute
endorsement by DARPA of non-U.S. Government sites or the information,
products, or services contained therein. Although DARPA may or may not
use these sites as additional distribution channels for Department of
Defense information, it does not exercise editorial control over all of
the information that you may find at these locations. Such links are
provided consistent with the stated purpose of this website.
After reading this message, click to continue