Cybersecurity, as interpreted by the Pentagon’s premiere researcher, isn’t just about protecting data networks. It’s about making the military’s killer drones, subs and trucks hacker-proof as well, Darpa revealed on Monday.
The usual picture of cyberattacks involves hackers — maybe sponsored by a government — trying to penetrate a data network. But Darpa’s Kathleen Fisher told the agency’s first-ever Cyber Colloqium, a gathering that seeks to enlist hackers’ ideas, that this conception is too narrow. Think of all the software that goes into a vehicle, for instance the software that controls your car’s anti-lock braking system, could be just as buggy as Windows. Better still, think of all the software that helps keep the U.S.’ fleet of deadly flying robots in the air. (Some of the computers in those drones’ cockpits really do run Windows.) Now remember how Danger Room broke the story last month of the computer virus that infected those drone cockpits, and the vulnerabilities become clearer.
Fisher’s trying to stop those kinds of attacks. Traditional security methods, like anti-virus scanning, can’t solve the problem, because they focus on known families of vulnerabilities. Brand new angles of attack render those defenses useless. So do clueless users, who gets themselves pwned while trying to play Mafia Wars or open up that email promising male enhancement. And the problem gets harder when considering the vulnerabilities in hardware, like the drones themselves. (Counterfeit microchips, anyone?) “You probably can’t just reboot your car as you’re speeding down the highway,” Fisher told the colloquium.
Her answer is mostly a non-answer, like many on display at the colloquium. As one of Darpa’s program managers, she has an effort devoted to creating “high-assurance” systems — effectively, to stop the drones or their software from getting infected. How she’ll do it is unclear: she invited the nearly 700 people in the Renaissance Arlington Capitol View hotel to tell her how.
But that’s not the only way that Darpa is moving in cyberspace. Director Regina Dugan and her very powerful military friend, Gen. Keith Alexander — who runs both the military’s Cyber Command and the super-snoops at the National Security Agency — told the colloquium, very vaguely, that they want more Darpa research devoted to “the investigation of offensive capabilities to address military-specific needs,” as Dugan put it. In cyberspace, it’s “currently easier to play offense than defense,” Dugan said.
Dugan and Alexander didn’t unveil some massive cyber death ray at the colloquium. Indeed, the offensive research that they’re talking about is actually a symptom of what they say they don’t want — that is, an inability to break the paradigm where it’s easier and more cost effective to attack than defend. Only here, they’d be the ones attacking an adversary’s infrastructure, like the U.S. and Israel reportedly did when the Stuxnet worm gunked up the industrial-control systems of the Iranian nuclear program.
Like setting up a firewall, it’s basically a stopgap solution — and not one a vulnerable military wants to junk. But there is the need for a better, long-term answer.
Howard Shrobe thinks one already courses through the veins of every human being who’s ever lived. Shrobe, who joined Darpa last year from MIT, wants to study the human immune system’s multiple tiers of defense. The innate immune system takes care of “common technical vulnerabilities” by making it difficult for germs and dangers to penetrate. But when these natural firewalls fail, the adaptive immune system studies the particular infection, waits a few days, attacks it powerfully, and remembers the malicious microscopic actor in case of Round 2.
Shrobe’s program is called CRASH, for — deep breath — Clean-Slate Design of Resilient, Adaptive, Secure Hosts. The idea is for networked “systems to check each other,” Shrobe says, the way the body’s immune systems do. “They’ll share information about observed things. We [want to] make them act as societies do with public health systems, and then act to deflect” dangers. Anyone in the audience want to help? Email Shrobe.
Darpa’s next big cybersecurity initiative, unveiled on Monday, is also big on networking. It’s a program to crowdsource the detect and remove buggy or malicious lines of code. Possibly as a videogame.
“We want to ‘game-ify’ geeky formal verification,” announced Drew Dean, another Darpa program manager. Dean’s brand-new effort, Crowd Sourced Formal Verification, would replace the expensive, slow model of a single expert or security company taking a fine toothed comb to a bit of software, line by line. Instead, Dean wants to turn the hunt for, say, a buffer overflow vulnerability (which allows a hacker to insert to insert malicious code when all the programmer meant to ask for was a password) into a kind of game.
Dean’s theory is that if you do that, people who like brainteasers can become deputized guardians of the military’s networks. His rough sketch of the verification game, shown above, would drop bits of code, represented in colored blocks, down pipes. If you can’t fit a block down a pipe, you’ve got an anomaly to report. It’s a bit like Tetris for the security set.
All of this is in its early stages, though. Darpa’s research typically takes years to develop, and cybersecurity needs to move, as the cliche on display in the ballroom goes, at net-speed. The stopgap solution may well be the U.S. playing more offense online, and less defense. But the long run, Darpa hopes, its study of white blood cells, anti-lock brakes and endless hours of gaming will make that whole model obsolete.