The Defense Advanced Research Projects Agency (DARPA) was heavily involved in creating the internet and now they are stepping up their efforts to help improve internet security.
At its Colloquium on Future Directions in Cyber Security, Dugan declared that the agency has steadily increased its cyber research and that the agency is set to increase its funding once again in 2012. Its budget submission for 2012 will increase cyber research funding by $88 million, from $120 million to $208 million. The agency is also planning to increase its top-line budget investment in cyber research from 8% to 12% within the next 5 years.
DARPA Director Regina Dugan stated “DARPA’s role in the creation of the Internet means we were party to the intense opportunities it created and share in the intense responsibility of protecting it. Our responsibility is to acknowledge and prepare to protect the Nation in this new environment. We need more and better options. We will not prevail by throwing bodies or buildings at the challenges of cyberspace. Our assessment argues that we are capability limited, both offensively and defensively. We need to fix that.”
The agency has been studying the cyber community to come up with the DARPA Cyber Analytic Framework. One key aspect that they have discovered is that over the last 20 years, the cost and effort of information security software has increased exponentially. Software packages have developed from containing thousands of lines of code to packages nearing 10 million lines of code. Over the same period and examination of 9,000 examples of viruses, worms, exploits and bots, it has been discovered that there is a fairly constant average of 125 lines of code for malware.
Dugan firmly believes that the current U.S. approach to cyber security that simply layers security on top of architecture is not working and stated “These efforts represent the wisdom of the moment. But if we continue only down the current path, we will not converge with the threat.”
In an attempt to improve cyber security, DARPA has managed to assemble a top class team which includes people from the “white hat” hacker community, academia, labs and nonprofits, and major commercial companies. The agency has also managed to enlist the help of other security experts such as the inventor of L0phtCrack and ex- BBN scientist Peiter Zatko. Zatko is currently running a DARPA program called Cyber Fast Track which he claims brings unique security technologies into the military realm.
Zatko stated “Having some of the best minds developing unique technologies and paying for what they do best is a key driver for Cyber Fast Track. Within the first two months of the program we have received 30 submissions, we have funded eight of them and handled the negotiations for those within seven days — four day has been the median. So we can now get prototypes delivered within months rather than years.”
Dan Roelker is another security expert who has been enlisted. He has worked at Raytheon where he started the DC Black Ops security unit and is currently developing what he calls offensive security software for DARPA.
Roelker explains “The current hacker vs. hacker mentality doesn’t work very well and it doesn’t scale.”
Another expert who is involved for the agency, Tim Fraser, is looking at ways to exploit the reuse code from current malware strings. Fraser said that the idea is to extract malware features, study their evolution of malware and come up with an automated way to compare malware components and rapidly figure what’s old and what’s new. Fraser added that this can help reduce analysts’ time and costs and allow them to concentrate on the new component of a threat.