Kudu Dynamics joins DARPA trusted computing project to devise cyber security for network botnet attacks
ARLINGTON, Va. – Kudu Dynamics LLC in Chantilly, Va., is joining two other trusted computing companies in a U.S. military project to identify and eliminate botnet, large-scale malware, and other cyber security threats from compromised military devices and networks.
Officials of the U.S. Defense Advanced Research Projects Agency (DARPA) on Tuesday announced a $7.9 million contract to Kudu Dynamics for the Harnessing Autonomy for Countering Cyber-adversary Systems (HACCS) program. Kudu joins Sotera Defense Solutions Inc. in Herndon, Va., and to Aarno Labs LLC in Cambridge, Mass., on the project.
HACCS seeks the ability to find and eliminate sophisticated cyber security threats in a scalable, timely, safe, and reliable manner, while maintaining privacy and other legal safeguards -- even if the owners of botnet-conscripted networks are unaware of the infection and are not participating in neutralization.
Sotera won a $7.3 DARPA HACCS contract on 5 April, and Aarno Labs won a $6.5 million HACCS contract on 2 April. In the HACCS program, Sotera, Aarno Labs, and Kudu Dynamics will investigate creating safe and reliable autonomous agents to counter various types of malicious botnet implants and similar large-scale malware.
The companies will develop the techniques and software necessary to measure the accuracy of identifying botnet-infected networks, the accuracy of identifying the type of devices residing in a network, and the stability of potential access vectors.
Sotera, Aarno, and Kudu also will measure the effectiveness of denying, degrading, and disrupting botnets and individual botnet implants without affecting the systems and networks where they reside.
Malicious actors can penetrate and use with impunity large numbers of devices owned and operated by third parties, DARPA officials say. Such collections of compromised devices, commonly referred to as botnets, are used for criminal, espionage, and computer network attack purposes -- sometimes all three.
Recent examples of botnets and self-propagating malcode include Mirai, Hidden Cobra, WannaCry, and Petya/NotPetya. The scale of their potential and actualized effects make such malware a national security threat. Yet improving the security posture of U.S. military networks alone is insufficient to counter such threats, DARPA officials say. Current incident response methods are too resource- and time-consuming to address the problem at scale.
Active defense methods are insufficiently precise and predictable in their behavior, posing a risk that the “fix” may cause processing issues or other side effects. This is where the HACCS program comes in.
The HACCS contractors will identify and fingerprint not only botnet-conscripted networks to determine the presence of botnet implants, but also the number and types of devices present on said networks, and the software services running on these devices.
The companies will generate non-disruptive software exploits for many known vulnerabilities that could establish initial presence in each botnet-conscripted network without affecting legitimate system functionality.
In addition, the companies will create software agents that autonomously navigate within botnet-conscripted networks, identify botnet implants, and neutralize them or otherwise curtail their ability to operate, while minimizing network side effects.
Ready to make a purchase? Search the Military & Aerospace Electronics Buyer's Guide for companies, new products, press releases, and videos