31, 2013): Closing Date: Proposals will be accepted at any time until 12:00 noon (ET), August 3 April1, 2013 https://www.fbo.gov/spg/ODA/DARPA/CMO/DARPA-RA-11-52/listing.html Distribution A: Approved for Public Release, Distribution Unlimited.
How is it solved today? 3. What is the new technical idea; why can we succeed now? 4. What is the impact if successful? 5. How will the program be organized? 6. How will intermediate results be generated? 7. How will you measure progress? 8. What will it cost? Heilmeyer Questions: 3 When George Heilmeier was the director of DARPA in the mid 1970s, he had a standard set of questions he expected every proposal for a new research program to answer. Distribution A: Approved for Public Release, Distribution Unlimited.
or strategic in nature? 2. What is the asymmetry for this solution? 3. What unintended consequences will be created? 4. Do attack surfaces shrink, grow, or remain unchanged? 5. How will this solution incentivize the adversary? Distribution A: Approved for Public Release, Distribution Unlimited.
1995 2000 2005 2010 x x x x DEC Seal Stalker Milky Way Snort Network Flight Recorder Unified Threat Management 10,000,000 8,000,000 6,000,000 4,000,000 2,000,000 0 Security software * Malware lines of code averaged over 9,000 samples x x Are you tactical or strategic; what is the asymmetry? 7 Distribution A: Approved for Public Release, Distribution Unlimited.
In 48 hours, the winning team had 38,000*. (*this was not the important take away…) Profile for the winning team, Team Hashcat. Time # Passwords Unintended consequences… 9 Distribution A: Approved for Public Release, Distribution Unlimited.
Unintended consequences… 10 Distribution A: Approved for Public Release, Distribution Unlimited. The first CrackMeIfYouCan contest challenged participants to crack 53,000 passwords. In 48 hours, the winning team had 38,000*. (*this was not the important take away…)
Fix in development Color Code Key: Current vulnerability watch list: Vulnerability Title Fix Avail? Date Added XXXXXXXXXXXX XXXXXXXXXXXX Local Privilege Escalation Vulnerability No 8/25/2010 XXXXXXXXXXXX XXXXXXXXXXXX Denial of Service Vulnerability Yes 8/24/2010 XXXXXXXXXXXX XXXXXXXXXXXX Buffer Overflow Vulnerability No 8/20/2010 XXXXXXXXXXXX XXXXXXXXXXXX Sanitization Bypass Weakness No 8/18/2010 XXXXXXXXXXXX XXXXXXXXXXXX Security Bypass Vulnerability No 8/17/2010 XXXXXXXXXXXX XXXXXXXXXXXX Multiple Security Vulnerabilities Yes 8/16/2010 XXXXXXXXXXXX XXXXXXXXXXXX Remote Code Execution Vulnerability No 8/16/2010 XXXXXXXXXXXX XXXXXXXXXXXX Use-After-Free Memory Corruption Vulnerability No 8/12/2010 XXXXXXXXXXXX XXXXXXXXXXXX Remote Code Execution Vulnerability No 8/10/2010 XXXXXXXXXXXX XXXXXXXXXXXX Multiple Buffer Overflow Vulnerabilities No 8/10/2010 XXXXXXXXXXXX XXXXXXXXXXXX Stack Buffer Overflow Vulnerability Yes 8/09/2010 XXXXXXXXXXXX XXXXXXXXXXXX Security-Bypass Vulnerability No 8/06/2010 XXXXXXXXXXXX XXXXXXXXXXXX Multiple Security Vulnerabilities No 8/05/2010 XXXXXXXXXXXX XXXXXXXXXXXX Buffer Overflow Vulnerability No 7/29/2010 XXXXXXXXXXXX XXXXXXXXXXXX Remote Privilege Escalation Vulnerability No 7/28/2010 XXXXXXXXXXXX XXXXXXXXXXXX Cross Site Request Forgery Vulnerability No 7/26/2010 XXXXXXXXXXXX XXXXXXXXXXXX Multiple Denial Of Service Vulnerabilities No 7/22/2010 Additional security layers often create vulnerabilities… 6 of the vulnerabilities are in security software 11 Distribution A: Approved for Public Release, Distribution Unlimited.
surface area available to attack. Regardless of the application size, the system loads the same number of support functions. For every 1,000 lines of code, 1 to 5 bugs are introduced. Identifying attack surfaces… 13 Distribution A: Approved for Public Release, Distribution Unlimited.
problem. Bot Herder Cost Bot Herder Return Antivirus Cost Antivirus Return Short Long Small High High Low High Small High 0 High Low Traditional C2 Botnet New P2P Botnet Strategy 2: AES* branch Solution exists: weekly patch, kills branch Solution needed: high cost solution, kills tree “Storm” Botnet Strategy 1: XOR‡ branch Bot Herder strategy example: The security layering strategy and antitrust has created cross incentives that contribute to divergence. ‡ = “exclusive or” logical operation * = Advanced Encryption Standard Root Tree Branch How are you incentivizing the adversary? 14 Distribution A: Approved for Public Release, Distribution Unlimited.
or strategic (a)? 2. What is the asymmetry for this solution (a)? 3. Can you forecast the unintended consequences (b)(e)? 4. Do attack surfaces shrink, grow, or remain unchanged? (c)(d)? 5. How does this solution incentivize the adversary (e)? (*) If you had to defeat your own effort, how would you go about it? a b c d e Distribution A: Approved for Public Release, Distribution Unlimited.
Track DARPA-PA-11-52 cft.usma.edu https://www.fbo.gov/spg/ODA/DARPA/CMO/DARPA-RA-11-52/listing.html Distribution A: Approved for Public Release, Distribution Unlimited.
between the DoD and a novel performer community. • Become a resource to that community in a way that encourages mutually beneficial research efforts resulting in prototypes and proofs of concepts in a matter of months • Improve goodwill and understanding in both communities. CFT promotes aligned interests, not the realigning of interests to meet Government needs Distribution A: Approved for Public Release, Distribution Unlimited.
Other • Direct • Program of Record (POR) • Memorandum of Understanding (MOU) • Memorandum of Agreement (MOA) • Technology Transition Agreement (TTA) The Importance of Transition 18 The objective of technology transition is to make the desired technology available as quickly as possible and at the lowest cost. Distribution A: Approved for Public Release, Distribution Unlimited.
– CINDER • Advanced IPv6 capabilities • 200 new network scanning and discovery modules (NSE) • Common Platform Enumeration (CPE) output support • Scanner, GUI, and differencing engine performance scaling (1 million target IP addresses) • Adversary Mission Identification System (AMIS) • Transition: Downloads 3,096,277 (5,600 .gov & 5,193 .mil)… and counting… Distribution A: Approved for Public Release, Distribution Unlimited.
unique process that allows DARPA to legally do Cyber R&D contracting extremely fast • A framework that anyone can use • Streamline negations • One page commercial contracts • Firm Fixed price • Rapid awards (selection to contract in 10 days or less) Diplomacy • Align the Cyber Fast Track research goals with the goals of the research community • How do your priorities and theirs align? • Engage leaders and influencers • Socialize the effort, take feedback, and modify the program structure accordingly • Ambassador • Speak the language, demonstrate an understanding of both cultures Distribution A: Approved for Public Release, Distribution Unlimited.
award 100 90 80 70 60 50 40 30 20 10 0 Min. days Avg. days Max. days B A A P R O C E S S CFT 2 6 12 90+ Distribution A: Approved for Public Release, Distribution Unlimited.
44 programs underway 19 completed programs open-source 29 completed programs closed source 92 Projects awarded to date (as of Feb 13, 2013) 48% 21% 31% Distribution A: Approved for Public Release, Distribution Unlimited.