The Intelligence Advanced Research Projects Activity has launched a multi-year research and development effort to create new technologies that could provide an early warning system for detecting precursors to cyberattacks. If successful, the government effort could help businesses and other targets move beyond the reactive approach to contending with a massive and growing problem.
IARPA, part of the Office of the Director of National Intelligence, says the three-and-a-half year program will develop software code to sense unconventional indicators of cyber attack, and use the data to develop models and machine learning systems that can create probabilistic warnings.
Current early warning systems are focused on traditional cyber indicators such as activity targeted toward IP addresses and domain names, according to IARPA program manager Robert Rahmer. The first stage, lasting 18 months, will examine data outside of the victim network, such as black market sales of exploits that take advantage of particular software bugs. The second and third phases, 12 months each, will examine internal target organization data and look for ways to develop warnings and transfer any tools that emerge from the research from one organization to another, he said.
Read more