Defense Advanced Research Projects AgencyTagged Content List

Cyber

Relating to digital systems and information

Showing 33 results for Cyber + Automation RSS
The Department of Defense’s information technology (IT) infrastructure is made up of a large, complex network of connected local networks comprised of thousands of devices. Cyber defenders must understand and monitor the entire environment to defend it effectively. Toward this end, cyber-defenders work to correlate and understand the information contained in log files, executable files, databases of varying formats, directory structures, communication paths, file and message headers, as well as in the volatile and non-volatile memory of the devices on the network. Meanwhile, adversaries increasingly use targeted attacks that disguise attacks as legitimate actions, making discovery far more difficult. It is within this complicated web of networked systems that cyber defenders must find targeted cyber-attacks.
As new defensive technologies make old classes of vulnerability difficult to exploit successfully, adversaries move to new classes of vulnerability. Vulnerabilities based on flawed implementations of algorithms have been popular targets for many years. However, once new defensive technologies make vulnerabilities based on flawed implementations less common and more difficult to exploit, adversaries will turn their attention to vulnerabilities inherent in the algorithms themselves.
Modern computing systems act as black boxes in that they accept inputs and generate outputs but provide little to no visibility of their internal workings. This greatly limits the potential to understand cyber behaviors at the level of detail necessary to detect and counter some of the most important types of cyber threats, particularly advanced persistent threats (APTs). APT adversaries act slowly and deliberately over a long period of time to expand their presence in an enterprise network and achieve their mission goals (e.g., information exfiltration, interference with decision making and denial of capability).
Government agencies and the military rely upon many kinds of Commercial Off-the-Shelf (COTS) commodity Information Technology (IT) devices, including mobile phones, printers, computer workstations and many other everyday items. Each of these devices is the final product of long supply chains involving many vendors from many nations providing various components and subcomponents, including considerable amounts of software and firmware. Long supply chains provide adversaries with opportunities to insert hidden malicious functionality into this software and firmware that adversaries can exploit to accomplish harmful objectives, including exfiltration of sensitive data and sabotage of critical operations.
Program Manager
Mr. Dustin Fraze joined DARPA in January 2017 to develop, execute, and transition programs in cyberspace operations automation.