DARPA Cyber Grand Challenge AI Will Prevail
Wednesday, 20 July 2016

Next month Las Vegas will host the Final Event of the DARPA Cyber grand Challenge as an all-computer cyber-defence Capture the Flag tournament. From an initial field of over 100 applicant seven teams will compete for the $3.5 million prize pool.

cyberdarpa

As we reported at the time, DARPA announced this contest in October 2013. It called for teams to develop autonomous cyber reasoning systems capable of comprehending and protecting software with the stated goal being:

"to vastly improve the speed and effectiveness of IT security against escalating cyber threats."

These AI systems would be designed to compete in CTF (Capture the Flag) contests, speed-driven bug hunting tournaments where experts reverse-engineer software, probe its weaknesses, search for deeply hidden flaws and create securely patched replacements. 

For the purposes of this contest DARPA built DECREE, DARPA Experimental Cybersecurity Research Evaluation Environment as an experimentation ecosystem capable of uniting program analysis research, Capture-The-Flag competitions, and other applied research activities.It is an open source operating system extension with the following features that make it ideal for security experimentation: 

  • Simplicity  Where any industry OS such as Linux will have hundreds of OS interface methods (“system calls”), DECREE has just seven, easing the work required to perform automatic identification of program input and output. DECREE also has its own executable format with a single entry point method to lower the barrier to entry for automation research.

  • High Determinism  Reproducibility is a key aspect of a sound scientific design. While perfect system state replay is impossible without a full system event recorder, DECREE has been designed to allow high determinism and reproducibility given a record of software and inputs. This reproducibility property has been built into DECREE from kernel modifications up through the entire platform stack.

  • Incompatibility  The software that runs in DECREE is custom-built for computer security research. DECREE programs have their own binary format, their own system call paradigm and share no code or protocols with the real world. For this reason, automation research done in DECREE is incompatible with the software that runs our world.

DECREE is Open Source and will remain so in perpetuity as it is an experimentation ecosystem capable of uniting program analysis research, Capture-The-Flag competitions, and other applied research activities.

After three qualifying events the seven finalists were announced at DEFCON 2015 and given awards of $750,000 to help them to prepare for the final, which takes place on August 4th in conjunction with this year's DEFCON/Black Hat conferences. They are:

  • Codejitsu from Berkeley, California, Lausanne Switzeland and Syracuse, New York 
  • CSDS from the University of Idaho
  • Deep Red Arlington Virginia 
  • Disekt from Athen Georgia
  • ForAllSecure Pittsburgh PA
  • Shellphish from University of California, Santa Barbara
  • TechX from Ithaca New York and the University of Virginia

Videos from each team can be found on the Cyber Grand_Challenge website.

The first prize is $2 million, with second and third place taking $1 million and $750,000 respectively but as the video about the contest makes clear this contest is about more than the money and the teams see that the future security of civilisation is at stake:

 

 

More Information

Cyber Grand_Challenge

DARPA Cyber Grand Challenge on GitHub

Related Articles

DARPA Competition For The Intelligent Defensive Computer

To be informed about new articles on I Programmer, sign up for our weekly newsletter, subscribe to the RSS feed and follow us on Twitter, FacebookGoogle+ or Linkedin.

 

Banner

Apollo Adds REST APIs For GraphQL
29/10/2024

Apollo has added a simpler way to integrate REST APIs into a federated GraphQL environment. Available now in public preview, can be used to map REST API endpoints to their GraphQL schema using a decla [ ... ]


+ Full Story
Extend NGINX With The New JavaScript Module
28/10/2024

Inject middleware functionality into NGINX with the expressive power of Javascript. NGINX JavaScript or NJS for short is a dynamic module under which you can use scripting for hooking into the NGINX e [ ... ]


+ Full Story
More News

 

espbook

 

Comments




or email your comment to: comments@i-programmer.info
Last Updated ( Wednesday, 20 July 2016 )