Defense Advanced Research Projects AgencyTagged Content List

Technologies for Trustworthy Computing and Information

Confidence in the integrity of information and systems

Showing 35 results for Trust RSS
Today, code for input data validation is typically written manually in an ad-hoc manner. For commonly-used electronic data formats, input validation is, at a minimum, a problem of scale whereby specifications of these formats comprise hundreds to thousands of pages. Input validation thus translates to thousands or more conditions to be checked against the input data before the data can be safely processed.
The goal of the Safer Warfighter Communications (SAFER) program is to develop technology that will enable safe, resilient communications over the Internet, particularly in situations in which a third-party is attempting to discover the identity or location of the end users, or block the communication. The technology developed through the program will also provide the quality of service (QoS) required to support applications such as instant messaging, electronic mail, social networking, streaming video, voice over Internet protocol (VoIP), video conferencing and other media that promote effective communication.
It is easy to reverse engineer software today. An attacker generally requires no more than a basic debugger, a compiler and about a day's effort to de-obfuscate code that has been obfuscated with the best current methods. The reason for the relative ease is that program obfuscation is primarily based on "security through obscurity" strategies, typified by inserting passive junk code into a program’s source code. Existing program obfuscation methods also do not have quantifiable security models, and so it is difficult even to measure how much security is gained by a given obfuscation effort.
With the spread of blogs, social networking sites and media-sharing technology, and the rapid propagation of ideas enabled by these advances, the conditions under which the nation’s military forces conduct operations are changing nearly as fast as the speed of thought. DARPA has an interest in addressing this new dynamic and understanding how social network communication affects events on the ground as part of its mission of preventing strategic surprise.
As new defensive technologies make old classes of vulnerability difficult to exploit successfully, adversaries move to new classes of vulnerability. Vulnerabilities based on flawed implementations of algorithms have been popular targets for many years. However, once new defensive technologies make vulnerabilities based on flawed implementations less common and more difficult to exploit, adversaries will turn their attention to vulnerabilities inherent in the algorithms themselves.