Monday, October 28, 2013

DARPA Grand Challenge targets automated cyber security

A view of some of the sensing hardware on an
autonomously piloted vehicle in the DARPA Grand Challenge.
DARPA (the Defense Advanced Research Projects Agency) announced the next focus area in their series of Grand Challenges that have included autonomously driven vehicles, humanoid robotics and now automated network defenses. The Cyber Grand Challenge seeks to drive an automation revolution in information security.

"The trends we've seen in cyber attacks and malware point to a future where automation must be developed to assist IT security analysts," said Dan Kaufman, director of DARPA's Information Innovation Office which is in charge of organizing the Challenge.

The competition, slated for early to mid-2016, is expected to draw teams of experts from industry and academia, with qualifying teams competing for a cash prize of $2 million, with second place earning $1 million and third taking home $750,000. The teams' systems would automatically identify software flaws, scanning the network to identify affected hosts. Teams would score based on how capably their systems could protect hosts, scan the network for vulnerabilities and maintain the correct function of software.

While Uplogix most likely will not be participating in the competition we do offer some related functionality that could be incorporated into a Grand Challenge solution.

First, there is secure access. No security solution would be successful if it introduces new security vulnerabilities to the gear it is supposed to be protecting. For example, managing in-line devices like intrusion prevention systems (IPSs), Uplogix manages from an out-of-band position. This ensures that even if the network is down, the devices are still being monitored, and access to those devices over the console port continues to be enforced with AAA (authentication, authorization and accounting) measures still in place.

Applying the requirements of the Cyber Grand Challenge to a larger view of a network means that when a threat is automatically detected and patched, that update will likely need to be distributed to similar devices across the network. The configuration management automation Uplogix provides could be useful in this situation.

With reliable enterprise-wide execution of configuration changes, Uplogix can push config updates to similar devices automatically and verify that the changes "take" with the device returning to an operational state. For those devices with issues that prevent them from coming back up, the SurgicalRollback feature will back out the changes and return the devices to its previous state. Notifications for system administrators will indicate which devices might require additional human attention.

While the Grand Challenge series is designed to spark innovation initially targeted at a defense industry application, the commercial applications (both direct and indirect) of the Cyber Grand Challenge will likely be seen even faster than autonomous cars and robotic disaster first responders. And as for the Uplogix solutions, they are available today!