U.S. Air Force cyber security experts are looking to Kudu Dynamics LLC in Catharpin, Va., to help enhance the understanding of internal computer functions as a way to detect and counter advanced cyber warfare threats.
Officials of the Air Force Research Laboratory at Wright-Patterson Air Force Base, Ohio, announced a $7.2 million contract to Kudu Dynamics late Thursday to participate in the Transparent Computing project. The Air Force Research Lab awarded the contract on behalf of the U.S. Defense Advanced Research Projects Agency (DARPA) in Arlington, Va.
Kudu Dynamics cyber experts will develop ways for the prompt detection of advanced persistent threats and other cyber threats and allow complete root cause analysis and damage assessment once adversary activity is identified.
The DARPA Transparent Computing program aims to make currently opaque computing systems transparent by providing high-fidelity visibility into component interactions during computer and network system operation across all layers of software abstraction, while imposing minimal performance overhead.
Modern computing systems act as black boxes in that they accept inputs and generate outputs but provide little to no visibility of their internal workings, DARPA researchers explain.
This lack of transparency limits the ability to understand cyber behaviors at the level of detail necessary to detect and counter some of the most important types of cyber threats like Advanced Persistent Threats (APTs).
APT adversaries act slowly and deliberately over a long period of time to expand their presence in an enterprise network and achieve their goals, such as information exfiltration, interference with decision making, and denial of capability.
Because modern computing systems are opaque, the APT can remain undetected for years if their activities can blend with the background noise inherent in any large, complex environment.
Beyond the APT problem, the lack of understanding of complex system interactions interferes with the ability to diagnose and troubleshoot less sophisticated attacks or non-malicious faulty behavior that spans several applications and systems.
The Transparent Computing program aims to make currently opaque computing systems transparent by providing high-fidelity visibility into component interactions during system operation across all layers of software abstraction, while imposing minimal performance overhead.
Source: Military & AeroSpace