Defense Advanced Research Projects AgencyTagged Content List


Relating to digital systems and information

Showing 110 results for Cyber RSS
A zero-knowledge (ZK) proof is an interactive protocol between a prover and a verifier. The prover creates a statement that they want the verifier to accept, using knowledge that will remain hidden from the verifier. Recent research has substantially increased the efficiency of ZK proofs, enabling real-world use, primarily by cryptocurrencies. While useful for cryptocurrencies, the ZK proofs created are specialized for this task and do not necessarily scale for transactions that are more complex. For highly complex proof statements like those that the Department of Defense (DoD) may wish to employ, novel and more efficient approaches are needed.
Serial Interactions in Imperfect Information Games Applied to Complex Military Decision Making (SI3-CMD) builds on recent developments in artificial intelligence and game theory to enable more effective decisions in adversarial domains. SI3-CMD will explore several military decision making applications at strategic, tactical, and operational levels and develop AI/game theory techniques appropriate for their problem characteristics.
As new defensive technologies make old classes of vulnerability difficult to exploit successfully, adversaries move to new classes of vulnerability. Vulnerabilities based on flawed implementations of algorithms have been popular targets for many years. However, once new defensive technologies make vulnerabilities based on flawed implementations less common and more difficult to exploit, adversaries will turn their attention to vulnerabilities inherent in the algorithms themselves.
Electronic system security has become an increasingly critical area of concern for the DoD and more broadly for security of the U.S. as a whole. Current efforts to provide electronic security largely rely on robust software development and integration. Present responses to hardware vulnerability attacks typically consist of developing and deploying patches to the software firewall without identifying or addressing the underlying hardware vulnerability. As a result, while a specific attack or vulnerability instance is defeated, creative programmers can develop new methods to exploit the remaining hardware vulnerability and a continuous cycle of exploitation, patching, and subsequent exploitations ensues.
Modern computing systems act as black boxes in that they accept inputs and generate outputs but provide little to no visibility of their internal workings. This greatly limits the potential to understand cyber behaviors at the level of detail necessary to detect and counter some of the most important types of cyber threats, particularly advanced persistent threats (APTs). APT adversaries act slowly and deliberately over a long period of time to expand their presence in an enterprise network and achieve their mission goals (e.g., information exfiltration, interference with decision making and denial of capability).