DARPA military researchers ask industry for new cyber security tools for large computer networks
ARLINGTON, Va.. U.S. military researchers are in the hunt for cyber security threats in large and distributed U.S. Department of Defense (DOD) computer networks.
Officials of the U.S. Defense Advanced Research Projects Agency (DARPA) in Arlington, Va., released a solicitation Wednesday (HR001117S0035) for the Cyber-Hunting at Scale (CHASE) project, which seeks to address the challenges of protecting dozens of enterprise networks in a coordinated way.
DARPA CHASE seeks to develop data-driven, cyber-hunting tools that detect, characterize, and protect against cyber threats in real time across several DOD enterprise networks and Internet exchange points.
One of the big problems that the DARPA CHASE project seeks to tackle is the sheer magnitude of data flowing over DOD networks and network storage systems, which exceeds analysis capabilities.
DARPA computer scientists are looking for dynamic approaches to accelerate cyber hunting by extracting the right data from the right device at the right time.
The goal is to enable warfighters to collect data dynamically from mission-critical parts of a network, hunt for threats that evade routine security measures, and disseminate protective measures.
Sophisticated computer hackers often use lightly defended networks to pivot into networks containing key assets. CHASE seeks to find ways to adjust network and host sensors at machine speeds to detect these kinds of threats.
Today’s state-of-the-art commercial cyber security tools do not address the scale and speed necessary to provide the best defenses, and networks lack ways to collect, share, and respond to threat intelligence.
Today's cyber defense data routinely exceed available network storage, bandwidth, and analysis capability, often by several orders of magnitude, DARPA researchers point out. Only some stored data is analyzed, and only a few alerts are threat related. This project seeks to develop tools that strategically direct resources toward the data that actually contains information about threats.
The CHASE program not only will develop algorithms able to characterize and react to different kinds of cyber threats, and develop fundamental technologies for cyber threat detection, characterization, and strategic data management, but also generate protective measures automatically.
The DARPA CHASE program will last for four years, and has a two-year first phase, and one-year second and third phases. The first phase will develop individual technology components; the second phase will evaluate feedback loops formed by integrating prototype components; and the third phase will extend functionality to military forces and other federal agencies.
The program also has five technical areas: threat detection and characterization; informed data planning; global analysis; protective measure generation and dissemination; and infrastructure for evaluation exercises.
DARPA experts may chooses several contractors for the first four technical areas, and only one contractor for the fifth area. The DARPA CHASE program should begin on or after 1 Jan. 2018.
Companies interested should upload abstracts no later than 14 June 2017, and full proposals no later than 22 Aug. 2017 to the DARPA BAA Website at https://baa.darpa.mil.
Email questions or concerns to DARPA's Jennifer Roberts at CHASE@darpa.mil. More information is online at http://www.fbodaily.com/archive/2017/06-June/02-Jun-2017/FBO-04527128.htm.
Learn more: search the Aerospace & Defense Buyer's Guide for companies, new products, press releases, and videos