Tag Archive for: DARPA

DARPA is hosting a Black Hat contest to create cyber-security AI models

/in


Forward-looking: The Black Hat Def Con conference portrays itself as an internationally recognized cybersecurity event showcasing the most “technical and relevant” information security research in the business. For the next two years, the event will host a DARPA-funded contest to put AI algorithms to work on the increasingly pressing software security problem.

DARPA’s Artificial Intelligence Cyber Challenge (AIxCC) is a two-year competition for the “best and brightest” minds in the AI field, the contest’s official site explains. The Pentagon’s research agency wants companies and experts to create novel AI systems; machine learning models designed to secure the critical software code that runs beneath financial systems, public utilities and other digital infrastructures enabling modern life.

Software runs everything these days, DARPA states, which unfortunately provides an “expanding” attack surface for cyber-criminals and other malicious actors. The new AI capabilities developed during the past decade have shown “significant potential” to help address key societal challenges like cybersecurity, the US agency says. AIxCC will reward people and organizations that can actualize this theoretical potential.

DARPA says it will award a cumulative $18.5 million in prizes to the teams with the best AI systems. An additional $7 million will be awarded to small business ventures taking part in the contest. With AIxCC, the US military is seeking the development of ML models capable of identifying, and maybe fixing, dangerous security flaws within critical software projects.

DARPA will work with “leading” AI companies Anthropic, Google, Microsoft, and OpenAI to give AIxCC competitors access to the most advanced technology and expertise. With their help, contestants will likely increase their chances of developing a true “state-of-the-art” cybersecurity system infused with AI algorithms. The Open Source Foundation will contribute as well, as most modern software needing protection is based on open-source code projects.

The AIxCC challenge has already started during this year’s Def Con conference held in Las Vegas. AI teams will compete in a series of preliminary trials during 2024, with the…

Source…

New ‘Morpheus’ CPU Design Defeats Hundreds of Hackers in DARPA Tests

/in


This site may earn affiliate commissions from the links on this page. Terms of use.

A new microprocessor design is being lauded for its security features after nearly 600 experts failed to hack it in a series of tests last summer. The new processor, codenamed “Morpheus,” continually rewrites its own architecture, making it impossible for an attacker to target the kinds of flaws that allow Spectre and Meltdown-style side-channel attacks against conventional x86 processors.

Morpheus was developed as part of a DARPA-funded project. Some 580 experts attempted to hack a medical database by injecting code into the underlying machine. Despite burning 13,000 hours collectively in an effort to hack the system, the effort failed.

“Today’s approach of eliminating security bugs one by one is a losing game,” said Todd Austin, professor of computer science and engineering at the University of Michigan. “People are constantly writing code, and as long as there is new code, there will be new bugs and security vulnerabilities…With MORPHEUS, even if a hacker finds a bug, the information needed to exploit it vanishes 50 milliseconds later. It’s perhaps the closest thing to a future-proof secure system.”

Morpheus was implemented using the gem5 simulator on a Xilinx FPGA and simulates a MinorCPU 4-stage in-order core running at 2.5GHz with a 32KB L1i and 32KB L1d. The L2 cache was 256KB. This is not a high-performance x86 CPU you can run out and buy, in other words.

According to Austin, his research team at the University of Michigan focused on making Morpheus a difficult target for any CPU-targeting exploit rather than focusing on building a chip that could defeat a specific class of exploits. The question was, how do you hide critical information from the attacker, without screwing up what the programmer is attempting to do — namely, write effective code?

The Morpheus FPGA. Image credit: Todd Austin

Austin’s team settled on the idea of obfuscating a class…

Source…

DARPA's Cyber Grand Challenge: Expanded Highlights from the Final Event

/in



DARPA Chooses Intel, Microsoft to Quest for Cryptography’s Holy Grail

/in


This site may earn affiliate commissions from the links on this page. Terms of use.

Microsoft and Intel will be working with the Defense Advanced Research Projects Agency (DARPA) to develop and implement fully homomorphic encryption (FHE) in hardware. A breakthrough in this field would have a profound impact on cybersecurity.

The encryption schemes in use today all have a common weakness: decryption. You can encrypt data any way you like, but if you want to perform useful work with it, you have to decrypt it first. Homomorphic encryption removes this problem. Not only can you compute using encrypted data, but the output of your computation also remains encrypted. A fully homomorphic encryption scheme would be capable of performing all mathematical operations on any encrypted data without the need to decrypt it.

FHE is a sort of cryptographic Holy Grail. A lot of work has been done on the topic over the past decade, but all of the current implementation methods rely on software execution rather than dedicated hardware, and they run too slowly to be of much practical use. DARPA wants to change this via its Data Protection in Virtual Environments (DPRIVE) program. The government agency has selected four research teams to pursue the question, led by Duality Technologies, Galois, SRI International, and Intel. The teams are tasked with developing a hardware accelerator for FHE that can compete with the processing speed of unencrypted algorithms. The various teams are also tasked with evaluating different word sizes rather than sticking to the 64-bit words common in modern computing.

Intel plans to tackle the problem by developing an Application Specific Integrated Circuit (ASIC) to address it. This is an interesting choice on Intel’s part, given some of the work that’s been done to implement FHE on Intel FPGAs. A 2019 paper by Microsoft engineers described a hypothetical FHE implementation dubbed “HEAX,” which demonstrated substantial performance…

Source…