May 7, 2016 ·
Mohit Kumar writes on the May 5, 2016 web edition of The Hacker News, that “the Pentagon wants a better way to not only identify malicious hackers; but, also practical algorithms that can predict where that hacker [or hackers] might attack next.” He adds that the Defense Advanced Research Projects Agency (DARPA) is offering funding for security researchers who can identify hackers under its new’ game-changing initiative’ called — Enhanced Attribution Program (EAP).
‘Pinning The Tail On The Donkey’ in the digital wilderness of mirrors is to say the least, very challenging when the hacker is clever and devious Add encryption, as well as denial and deception techniques into the mix, and it becomes a digital game of cat-and-mouse.
DARPA is funding an effort to see if sophisticated hackers, cyber criminal entities, cyber militia/’cyber patriots, nation-states and lone wolf’s can be identified by monitoring their online behavior and habits, as well as their biometric signatures. As Mr. Kumar put it, “the aim of the EAP is to track [digital] personas continuously, and create “algorithms for developing predictive [digital] behavior profiles.”
In a public release describing the initiative, DARPA said “the goal of the EAP is to develop technologies for generating operationally, and tactically relevant information about multiple concurrent independent malicious cyber campaigns, each involving several operators; and, the means to share such information with any number of interested parties — without putting at risk the sources and methods used for collection.”
“In other words,” Mr. Kumar wrote, “the EAP will not only help the government characterize the cyber criminal, but also share the criminal’s modus operandi with potential victims, and predict the attacker’s next target.” DARPA “also wants the program to include algorithms to predictive behavioral profiles within the context of cyber campaigns, as well as the technologies to validate and improve this knowledge base with public and commercial sources of information,” he added.
DAPRA stated the program is arrayed in three bins: (1) Behavior and Activity Tracking and Summarization; (2) Fusion and Predictive Analysis; AND (3) Validation and Enrichment.
Research proposals for the eighteen month trial are due June 7, 2016.
This is an interesting effort, and probably will pay dividends and help with the very difficult task of cyber forensic attribution. But, as with anything, this kind of strategy isn’t perfect, and the most savvy and devious hackers will no doubt alter or disguise their digital signatures. This effort has promise; but, make no mistake — even the best algorithms cannot account for human ingenuity, and our ability to think of clever and devious ways to both breach our networks and hide their digital tracks
No comments:
Post a Comment