Defense Advanced Research Projects AgencyTagged Content List


Relating to digital systems and information

Showing 125 results for Cyber RSS
As new defensive technologies make old classes of vulnerability difficult to exploit successfully, adversaries move to new classes of vulnerability. Vulnerabilities based on flawed implementations of algorithms have been popular targets for many years. However, once new defensive technologies make vulnerabilities based on flawed implementations less common and more difficult to exploit, adversaries will turn their attention to vulnerabilities inherent in the algorithms themselves.
Electronic system security has become an increasingly critical area of concern for the DoD and more broadly for security of the U.S. as a whole. Current efforts to provide electronic security largely rely on robust software development and integration. Present responses to hardware vulnerability attacks typically consist of developing and deploying patches to the software firewall without identifying or addressing the underlying hardware vulnerability. As a result, while a specific attack or vulnerability instance is defeated, creative programmers can develop new methods to exploit the remaining hardware vulnerability and a continuous cycle of exploitation, patching, and subsequent exploitations ensues.
Modern computing systems act as black boxes in that they accept inputs and generate outputs but provide little to no visibility of their internal workings. This greatly limits the potential to understand cyber behaviors at the level of detail necessary to detect and counter some of the most important types of cyber threats, particularly advanced persistent threats (APTs). APT adversaries act slowly and deliberately over a long period of time to expand their presence in an enterprise network and achieve their mission goals (e.g., information exfiltration, interference with decision making and denial of capability).
Government agencies and the military rely upon many kinds of Commercial Off-the-Shelf (COTS) commodity Information Technology (IT) devices, including mobile phones, printers, computer workstations and many other everyday items. Each of these devices is the final product of long supply chains involving many vendors from many nations providing various components and subcomponents, including considerable amounts of software and firmware. Long supply chains provide adversaries with opportunities to insert hidden malicious functionality into this software and firmware that adversaries can exploit to accomplish harmful objectives, including exfiltration of sensitive data and sabotage of critical operations.
Deputy Director
Dr. Jennifer Roberts was named Deputy Director of the Information Innovation Office (I2O) in November 2019, after serving as a program manager in I2O since 2015. Roberts works with I2O program managers in the development of programs, technologies, and capabilities to ensure information advantage for the U.S. and its allies, and coordinates this work across the Department of Defense and U.S. government. While serving as a program manager role, her principal research interests included scalable analytics and machine learning algorithms that yield insights to human users across multiple military missions and applications.