If You Don't Like the Game, Hack the Playbook... (Zatko)
Peiter “Mudge” ZatkoProgram Manager, Information Innovation Office If you dont like the game, hack the playbook... DARPA Cyber Colloquium Arlington, VA November 7, 2011 Approved for Public Release, Distribution Unlimited.
The Problem: Not Convergent x Unified Threat 10,000,000 Management 8,000,000Lines of Code Security software 6,000,000 4,000,000 x Network Flight 2,000,000 Recorder Milky Way Malware: DEC Seal Stalker x Snort 125 lines of code* x x x 0 1985 1990 1995 2000 2005 2010 * Public sources of malware averaged over 9,000 samples (collection of exploits, worms, botnets, viruses, DoS tools) Approved for Public Release. Distribution Unlimited.
Maker spaces and boutique security firms • Small groups of motivated and like minded researchers have repeatedly shown significant talent and capabilities. • Commodity high end computing, personal prototyping and fabrication capabilities, and open software tools remove barrier to entry. • The new “home brew computer club”… • This relationship needs to be mutually beneficial. DARPA intends to cultivate relations and become a resource. Number of US Maker Spaces120100806040 NYC Resistor – Brooklyn, NY20 Source: Make Magazine 0 1985 1990 1995 2000 2005 2010 Approved for Public Release. Distribution Unlimited.
The New Cyber Braintrust Assembly, Helsinki, Finland May 8, 2004 Approved for Public Release. Distribution Unlimited.
Cyber Fast Track DARPA-PA-11-52Approved for Public Release, Distribution Unlimited.
Patient Zero Dino Dai Zovi Hank Leininger Fyodor Bruce Potter Approved for Public Release. Distribution Unlimited.
Cyber Fast Track Themes• Crowd • Many eyes on many efforts• Fast and cheap • Faster than adversary lifecycle (transition while still relevant) • Low price point• Diverse • Numerous approaches • Numerous efforts The key to a good strategy is to have multiple options. Approved for Public Release. Distribution Unlimited.
Current Cyber Fast Track Efforts Performer Effort Period of PerformanceRogue Networks Methods of Detecting Malicious Web Server Traffic 3 MonthsImmunity Federal Combining Expert Knowledge and Symbolic Analysis 7 MonthsServices, LLC for Detection of Exploitable Bugs Evaluation of Near Field Communication in MobileCharlie Miller 7 Months SmartphonesSecure Ideas, LLC MobiSec Live Environment Mobile Testing Framework 3 MonthsKorelogic, Inc. Hand Held Testing 2 MonthsAssuredInformation MoRE: Measurement of Dynamic Code 4 MonthsSecurity, Inc. TinyLANE - Mobile Hardware Endpoint Security forPeak Security, Inc. 9 Months Individuals A Language to Control and Automate CyberRaphael Mudge 7 Months Capabilities Approved for Public Release, Distribution Unlimited.
Cyber Fast Track So Far…In its first 2 months: • 31 submissions - 19 non-traditional performers • 8 awards - 7 non-traditional performers • Average time from submission to award is 7 days • Average period of performance: 5 months www.cft.usma.edu Approved for Public Release, Distribution Unlimited.
Cyber Fast Track PA #: DARPA-PA-11-52 CyberFastTrack@DARPA.MIL DARPA CFT Town Hall meetings URL: http://www.cft.usma.edu Contact: CyberFastTrack@darpa.mil Approved for Public Release. Distribution Unlimited.
A particular slide catching your eye?
Clipping is a handy way to collect important slides you want to go back to later.