The hi-tech research wing of the US military DARPA (Defence Advanced Research Projects Agency) is to hold the first “fully automated” DARPA Grand Challenge, with a $2 million prize offered for a fully automated defense system – a computer that defends itself without human intervention, according to CBS News.
In an official release, DARPA said of Cyber Grand Challenge, “Over the next two years, innovators worldwide are invited to answer the call of Cyber Grand Challenge. In 2016, DARPA will hold the world’s first all-computer Capture the Flag tournament live on stage co-located with the DEF CON Conference in Las Vegas where automated systems may take the first steps towards a defensible, connected future.”
Thirty-five teams of academics and security researchers will compete. DARPA points out that the recently discovered Heartbleed bug went undiscovered by automated systems – but was found by humans.
In an official release, the Department of Defense said that the goal of the contest was to create systems that could respond to cyberattacks “as fast as they are launched”.
The winning team from the Cyber Grand Challenge finals stands to receive a cash prize of $2 million. Second place can earn $1 million, and third place $750,000. V3 reports that the first qualifying round will be held in 2015.
Competitions similar to the Grand Challenge have been held at Def Con for decades, The Register reports – the only difference being the stipulation that the defense systems be “human free”.
The site quotes the agency’s Mike Walker, saying, “The only effective approach to defending against today’s ever-increasing volume and diversity of attacks is to shift to fully automated systems capable of discovering and neutralizing attacks instantly.”
DARPA says, “Today’s attackers have the upper hand due to the problematic economics of computer security. Attackers have the concrete and inexpensive task of finding a single flaw to break a system.”
“Defenders on the other hand are required to anticipate and deny any possible flaw – a goal both difficult to measure and expensive to achieve. Only automation can upend these economics.”
DARPA is credited with inventing a precursor of the current internet, according to CBS, and with other innovations such as the self-driving car and humanoid robots. This year, the agency showed off a concept for a “virtual reality” computer defense system, as reported by We Live Security here.
The official release imagines a computer which could, “scour the billions of lines of code we depend on, find and fix the toughest flaws, upend the economics of computer security, and level the playing field between attackers and defenders.”
The agency said, “The coming advent of the Internet of Things, data insecurity is on track to become physical insecurity. The same code that powers today’s networked computers – code that is routinely compromised by attackers – is making its way into our vehicles, our smart homes, our augmented reality, and our connected culture. This future requires fundamentally new thinking about how networked devices will be defended.”
Author Rob Waugh, We Live Security