DARPA to detail Transparent Computing cyber security program to industry on 15 Dec. 2014

ARLINGTON, Va., 10 Dec. 2014. U.S. military researchers will brief industry next week on a proposed new cyber security program to enhance the understanding of internal computer functions as a way to detect and counter advanced cyber warfare threats.

DARPA to detail Transparent Computing cyber security program to industry on 15 Dec. 2014
DARPA to detail Transparent Computing cyber security program to industry on 15 Dec. 2014
ARLINGTON, Va., 10 Dec. 2014. U.S. military researchers will brief industry next week on a proposed new cyber security program to enhance the understanding of internal computer functions as a way to detect and counter advanced cyber warfare threats.

Officials of the U.S. Defense Advanced Research Projects (DARPA) in Arlington, Va., will brief industry from 2 to 5:30 p.m. on Monday, 15 Dec. 2015, on the Transparent Computing project.

The Transparent Computing program aims to make currently opaque computing systems transparent by providing high-fidelity visibility into component interactions during system operation across all layers of software abstraction, while imposing minimal performance overhead.

Related: The scourge of cyber hackers: government and industry gear-up for new generation of cyber security

The Transparent Computing industry briefings Monday will be at the DARPA Conference Center at 675 N. Randolph St. in Arlington, Va. For those who cannot attend in person, there will be a Webcast. The deadline for registering to attend in person is tomorrow, 11 Dec. 2014.

Modern computing systems act as black boxes in that they accept inputs and generate outputs but provide little to no visibility of their internal workings, DARPA researchers explain.

This lack of transparency limits the ability to understand cyber behaviors at the level of detail necessary to detect and counter some of the most important types of cyber threats like Advanced Persistent Threats (APTs).

Related: Nine companies share $800 million contract to support nuclear weapons, cyber warfare, and C4ISR

APT adversaries act slowly and deliberately over a long period of time to expand their presence in an enterprise network and achieve their mission goals, such as information exfiltration, interference with decision making, and denial of capability.

Because modern computing systems are opaque, the APT can remain undetected for years if their activities can blend with the background noise inherent in any large, complex environment.

Beyond the APT problem, the lack of understanding of complex system interactions interferes with the ability to diagnose and troubleshoot less sophisticated attacks or non-malicious faulty behavior that spans several applications and systems.

Related: DARPA picks six companies to define enabling technologies for U.S. cyber warfare strategy

The Transparent Computing program aims to make currently opaque computing systems transparent by providing high-fidelity visibility into component interactions during system operation across all layers of software abstraction, while imposing minimal performance overhead.

The program will develop technologies to record and preserve the origins of all system elements and components like inputs, software modules, and processes; dynamically track the interactions and dependencies among components; assemble these dependencies into system behaviors; and reason about these behaviors forensically and in real-time.

The Transparent Computing program will construct an enterprise-wide information plane that creates, propagates, and reasons about computational metadata that could reveal malice or abnormal computer behavior concealed within individually legitimate computer activities.

Related: Cyber security is more pressing than ever, yet U.S. and its allies are just getting started

Transparent Computing will enable the prompt detection of APTs and other cyber threats, and allow complete root cause analysis and damage assessment once adversary activity is identified, DARPA researchers say.

In addition, the Transparent Computing program will integrate its basic cyber reasoning functions in an enterprise-scale cyber monitoring and control construct that enforces security policies at key data input and output points, like the firewall.

The program will produce basic technologies and an experimental prototype with multilayer data collection and an analysis/enforcement engine that will enforce permissible and impermissible interactions, as well as near-real-time intrusion detection and forensic analysis.

Related: Advanced cyber security for C4ISR computer systems is aim of Air Force cyber program

The Transparent Computing program will have five technical areas: tracking causal relationship among programs and data; analyzing data forensically and in real-time; constructing the integrated experimental prototype; creating scenarios to guide periodic simulated cyber attacks; and simulating cyber attacks.

Following the industry briefings, DARPA will post other program information online at www.darpa.mil/Opportunities/Solicitations/I2O_Solicitations.

Those who would like to attend the Transparent Computing industry briefings in person should register online no later than 8 a.m. tomorrow, 11 Dec. 2014, online at https://www.schafertmd.com/darpa/i2o/transparent_computing/2014/dec_pd/.

Those who would like to view the industry briefings but who cannot attend in person may view the proceedings via Webcast. Website and logon information will be available online at 1:30 p.m. eastern time on 15 Dec. 2014 at https://www.schafertmd.com/darpa/i2o/transparent_computing/2014/dec_pd/.

Email questions or concerns to TransparentComputing@darpa.mil. More information is online at https://www.fbo.gov/spg/ODA/DARPA/CMO/DARPA-SN-15-10/listing.html.

More in Computers