The U.S. Defense Advanced Research Projects Agency (DARPA) has developed programs that deal with cybersecurity threats by surprising the attackers. The agency created the Clean-slate Design of Resilient, Adaptive, Secure Hosts (CRASH) and Programming Computation on Encrypted Data (PROCEED) programs to enhance the agency's cybersecurity research, says DARPA's Kaigham Gabriel.
CRASH aims to develop new computer systems that resist cyber attacks the same way organisms fight bacteria and viruses. Gabriel says the researchers are developing computer hardware that gives systems a kind of genetic diversity that would make them more resistant to cyber infections by learning from attacks and repairing themselves. He notes that over the last two decades, the lines of code in security software has increased from approximately 10,000 to about 10 million lines, but the number of lines of code in malware has remained constant at about 125 lines. This analysis and others "led us to understand that many of the things we're doing are useful, but they're not convergent with the problem," Gabriel says.
The PROCEED program is working to improve the efficiency of working on encrypted data that has not been decrypted. "If we were able to do relevant sorts of operations without ever having to decrypt, that would be a tremendous gain because . . . whenever you decrypt into the open, you create vulnerability," Gabriel says.
View Full Article
Abstracts Copyright © 2010 Information Inc., Bethesda, Maryland, USA
No entries found