CybersecurityDARPA working on major cyber security break through

Published 3 February 2011

The DOD’s advanced research arm, DARPA, is currently working on two programs that could radically change cyber security; one program, CRASH, is based on the human immune system and will make it less likely that computers will spread cyber infections to other networks; DAPRA is also working on another program, PROCEED, which will allow programmers to work directly with encrypted data without having to decrypt it first; both are highly experimental and may not succeed, but researchers have high hopes

Defenders of cyber space and hackers that unleash nasty computer viruses are locked in a perpetual technological arms race.

Some have likened the relationship between hackers and anti-virus maker to a Red Queen’s race, an allusion to Lewis Carroll’s Through the Looking Glass, in which one side is constantly trying to one up the other in technical breakthroughs.

As hackers develop sophisticated new viruses, defenders must find new anti-virus solutions and vice versa. Delays in the development of anti-virus software allow more time for viruses to run rampant and cause even more damage.

Researchers at the Department of Defense’s Defense Advanced Research Projects Agency (DARPA) are currently working on ground breaking new software that could end this Red Queen’s race.

One program, dubbed the Clean-slate Design of Resilient, Adaptive, Secure Hosts, or CRASH, functions as the human body’s immune system does, enabling computers to recover and repair themselves after a virus attacks.

Researchers began by examining how the human body wards off diseases. They found that in people, each individual’s immune system operates differently due to genetic diversity, which results in viruses infecting some people and not others.

In contrast, computers lack this genetic diversity and more or less all share similar computer hardware. By exploiting these similarities, hackers can infect large swathes of computers and cause major disruptions by attacking only one computer.

According to Kaigham Gabriel, DARPA’s deputy director, researchers are looking to build computer hardware with more diversity to limit their susceptibility to cyber infections.

“The idea is to look at the structure of computers, which are identical and have no security in the hardware … because performance was king 15 or 20 years ago,” he said. “Transistors and computer performance were precious and you didn’t give up any of it to security. Now, the world is different.”

DARPA is also working on a program to work directly with encrypted data. The Programming Computation on Encrypted Data, or PROCEED, aims at developing a method to operate with encrypted data without first decrypting it, making it more difficult for malware programmers to write viruses.

We’re never going to catch up [with malware], so how do we change the game? How do we essentially create surprise for our adversaries in this challenge area?” Gabriel said.

The programs are both highly experimental and their success is not guaranteed, but DARPA will continue to push ahead with research as it is in their mission to constantly push the limits of what is possible.

Both programs are being designed for military use, but as with many previous breakthroughs, the technology will have real world applications.

Gabriel is confident in DARPA’s ability to succeed.

They are aggressive programs; they may or may not be successful. That’s the nature of DARPA. But we have high hopes.”