DARPA’s SafeWare program aims to develop obfuscation technology that would render the intellectual property in software (e.g., proprietary algorithms) incomprehensible to a reverse engineer, but allow the code to otherwise compile and run normally. To accomplish this, SafeWare researchers aim to develop fundamentally new program obfuscation technology with (i) quantifiable security that (ii) depends not on the appearance of complexity in code structure, but on the difficulty of the mathematical problems an attacker would have to solve to successfully de-obfuscate the program.
As new defensive technologies make old classes of vulnerability difficult to exploit successfully, adversaries move to new classes of vulnerability. Vulnerabilities based on flawed implementations of algorithms have been popular targets for many years. However, once new defensive technologies make vulnerabilities based on flawed implementations less common and more difficult to exploit, adversaries will turn their attention to vulnerabilities inherent in the algorithms themselves.
The Space/Time Analysis for Cybersecurity (STAC) program aims to develop new program analysis techniques and tools for identifying vulnerabilities related to the space and time resource usage behavior of algorithms, specifically, vulnerabilities to algorithmic complexity and side channel attacks. STAC seeks to enable analysts to identify algorithmic resource usage vulnerabilities in software at levels of scale and speed great enough to support a methodical search for them in the software upon which the U.S. government, military, and economy depend.
The objective of the Cyber Genome Program is to produce revolutionary cyber defense and investigatory technologies for the collection, identification, characterization, and presentation of properties and relationships from collected digital artifacts of software, data, and/or users to support DoD law enforcement, counter intelligence, and cyber defense teams. Digital artifacts may be collected from live systems (traditional computers, personal digital assistants, and/or distributed information systems such as ‘cloud computers’), from wired or wireless networks, or collected storage media. The format may include electronic documents or software (to include malicious software - malware). The Cyber Genome Program will encompass several program phases and technical areas of interest. Each of the technical areas will develop the cyber equivalent of fingerprints or DNA to facilitate developing the digital equivalent of genotype, as well as observed and inferred phenotype in order to determine the identity, lineage, and provenance of digital artifacts and users.
The TransApps program seeks to develop a library of secure military applications that are as easy to use as commercial smartphone apps and that troops can access on their military mobile devices. The program also wants to establish a business model for the apps that bypasses bureaucratic delays in acquiring and fielding new technology.
The Department of Defense’s information technology (IT) infrastructure is made up of a large, complex network of connected local networks comprised of thousands of devices. Cyber defenders must understand and monitor the entire environment to defend it effectively. Toward this end, cyber-defenders work to correlate and understand the information contained in log files, executable files, databases of varying formats, directory structures, communication paths, file and message headers, as well as in the volatile and non-volatile memory of the devices on the network. Meanwhile, adversaries increasingly use targeted attacks that disguise attacks as legitimate actions, making discovery far more difficult. It is within this complicated web of networked systems that cyber defenders must find targeted cyber-attacks.
The Integrated Cyber Analysis System (ICAS) program aims to make system information readily useful for attack forensics and tactical cyber defense. ICAS will attempt to integrate all sources of network data in a federated database to enable reasoning across the enterprise. If successful, ICAS will provide cyber defenders with a complete, current picture of the IT environment and will reduce the time required to discover targeted attacks.
Terrorist attacks involving the use of proliferated radiological and special nuclear materials pose a potential threat to U.S. citizens and servicemembers. Early detection of such materials and devices made from them is a critical part of the U.S. strategy to prevent attacks. Lower-cost and more sensitive detectors, along with innovative deployment strategies, could significantly enhance detection and deterrence of attack.
The SIGMA program aims to revolutionize detection and deterrent capabilities for countering nuclear terrorism. The desire for significantly lower-cost and more capable radiation detectors is a common element of multiple detection concepts-of-operations (CONOPs). A key component of SIGMA thus involves developing novel approaches to achieve low-cost, high-efficiency, packaged radiation detectors with spectroscopic gamma and neutron sensing capability. The program will seek to leverage existing infrastructure to help enable these next-generation detectors and their deployment in order to demonstrate game-changing detection and deterrent systems.
If SIGMA is successful, the ubiquitous availability of cheaper and more efficient detectors will permit ample CONOPs to enhance the security of U.S. citizens and servicemembers around the world.
Cyberspace is now recognized as a critical domain of operations by the U.S. military and its protection is a national security issue.
Plan X is a foundational cyberwarfare program to develop platforms for the Department of Defense to plan for, conduct, and assess cyberwarfare in a manner similar to kinetic warfare. Towards this end the program will bridge cyber communities of interest from academe, to the defense industrial base, to the commercial tech industry, to user-experience experts.
Plan X will not develop cyber offensive technologies or effects. National policymakers, not DARPA, will determine how the cyber capabilities developed under Plan X will be employed to serve the national security interests of the United States.
U.S. forces are often immersed in a highly complex, rapidly evolving, hostile environment containing a diverse collection of potential threats. Despite significant recent advances in both the platforms (e.g., unmanned aerial vehicles) and the sensor payloads (e.g., very high resolution cameras) employed within the wide array of modern Intelligence, Surveillance, and Reconnaissance (ISR) capabilities, these conventional solutions do not currently provide the spatial, temporal or functional capabilities required by the individual warfighter.
The vision of the Soldier Centric Imaging via Computational Cameras (SCENICC) program is to develop novel computational imaging capabilities and explore joint design of hardware and software to give warfighters access to systems that greatly enhance their awareness, security and survivability. The SCENICC program envisions a final system comprising both imaging and non-imaging optical sensors deployed both locally (e.g., soldier mounted) and in a distributed fashion (e.g., exploiting collections of soldiers and/or unmanned vehicles).