Intelligence researchers get ready for CAUSE cyber security program to forecast cyber attacks
WASHINGTON, 28 Jan. 2015. U.S. intelligence experts are ready to kick off a program to find ways of forecasting cyber warfare attacks and other cyber security issues to assist cyber defenders with the earliest possible modes of detection.
Officials of the U.S. Intelligence Advanced Projects Agency (IARPA) in Washington, say they soon will release a formal solicitation for the Cyber-attack Automated Unconventional Sensor Environment (CAUSE) program.
IARPA experts briefed industry on the program last week. The agency is the research arm of the U.S. Director of National Intelligence.
The CAUSE program seeks to develop cyber attack forecasting methods to help cyber defenders anticipate and detect cyber attacks involving distributed denial of service (DDoS), spear phishing, drive-by, remote exploitation, unauthorized access, reconnaissance, and other incidents of cyber security breaches.
The CAUSE program seeks to initiate a paradigm shift in U.S. government cyber security approaches, which until now typically have focused on post-mortem analysis of the various attack vectors that adversaries use, IARPA officials explain.
As attacks have evolved and increased over the years, established cyber security approaches like signature-based detection and anomaly detection have not helped cyber defenders get ahead of modern cyber threats.
This has led to an industry that has invested heavily in analyzing the effects of cyber attacks instead of analyzing and mitigating the causes of cyber attacks, IARPA officials say.
To change this, the CAUSE program aims to develop unconventional multi-disciplined sensor technologies like actor behavior models and black market sales that will help experts forecast cyber attacks and bolster existing advanced intrusion-detection capabilities.
IARPA cyber security experts say the anticipate the CAUSE program to develop innovations like methods to manage and extract huge amounts of streaming and batch data; applying new and existing features from other disciplines to the cyber domain; and new models to generate probabilistic warnings for future cyber events.
IARPA will ask industry to combine cutting-edge research with the ability to develop robust forecasting capabilities from several different sensors not typically used in the cyber domain.
The CAUSE program will have unclassified and optional classified research activities involving academia and industry through collaborative teaming. The program may involve computer scientists, data scientists, social and behavioral scientists, mathematicians, statisticians, content extraction experts, information theorists, and experienced cyber security subject matter experts.
Email questions or concerns about the CAUSE program to IARPA's Robert Rahmer at firstname.lastname@example.org.
More information is online at https://www.fbo.gov/notices/09acdf6b3e577e4082149d86a8bbe308.