The US Defense Advanced Research Projects Agency (DARPA) has selected BAE Systems to develop tools that detect and analyse cyber threats.

The company say this is to help protect extremely large enterprise networks. The contract for Phase 1, 2, and 3 of the program is valued at approximately $5.2 million.

BAE say that because most current tools do not offer the scale and processing speed needed to adequately defend enterprise networks, the goal of DARPA’s Cyber-Hunting at Scale (CHASE) program is to develop, demonstrate, and evaluate new, automated cyber-defense tools for use within and across these types of networks.

BAE Systems say their unique solution, which combines advanced machine learning and cyber-attack modeling, intends to address this critical need by automatically detecting and defeating advanced cyber threats that could currently go undetected. The result could be better-defended commercial networks, using existing storage and existing resources. The technology could also be used to help protect government and military networks.

“Today, advanced cyber attacks within many enterprise networks go entirely unnoticed among an overwhelming amount of network data, or they require intensive manual analysis by expert teams,” said Anne Taylor, product line director for the Cyber Technology group at BAE Systems.

“Our technology aims to alleviate resource constraints to actively hunt for cyber threats that evade security measures, enhancing the collective cyber defense of these networks.”

BAE say its efforts on the CHASE program builds on previous company work in real-time, cyber-defense based anomaly detection, evidence-driven decision making, and related techniques for DARPA, the U.S. Army, and the U.S. Navy. The company’s subcontractors and research partners on the program include Digital Operatives, Dr. Ruslan Salakhutdinov from Carnegie Mellon University, and Dr. Farshad Khorrami and team from New York University. BAE Systems’ work for the program will be performed in Arlington, Virginia.

5
Leave a Reply

avatar
1 Comment threads
4 Thread replies
0 Followers
 
Most reacted comment
Hottest comment thread
3 Comment authors
Daniele MandelliJulianCallum Recent comment authors
  Subscribe  
newest oldest
Notify of
Julian
Guest
Julian

If I’ve understood it properly then this would really nail one of the biggest if not the biggest issue in national cyber security and if it works then we really do need this in the UK. It’s all very well having a bunch of boffins in GCHQ but if a cyber attack is against our utilities, the NHS, the rail network or any of the many parts of our services and infrastructure that are run by commercial organisations then boffins in GCHQ are about as useful as a chocolate teapot(*) if commercial organisations don’t implement best security practices as defined… Read more »

Daniele Mandelli
Guest
Daniele Mandelli

Great post.

I can see people hitting the roof though over GCHQ having access! Just look at the fuss over Snowden, Cable Intercepts and rumours of the “Sniffer” packets they are said to have inserted in various locations. You’ll get liberty groups complaining about “back doors”

Who would pay for the equipment? Rich private corporations should be paying themselves for defending their parts of the CNI not money from the intelligence budget.

Callum
Guest
Callum

Part of what we all pay our taxes for is protection against threats like criminals, terrorist groups, hostile foreign powers, etc. Traditionally that things like the police and armed forces, but in a world thats increasingly online, its fair to argue that a portion of our taxes should also be dedicated to protecting our online assets.

Of course, if there are big companies out there not paying their taxes, well… 😉

Julian
Guest
Julian

Thanks Daniele. Good point re potential public backlash but the irony is that a lot of commercial organisations are already potentially giving third parties such as Microsoft, Google and Amazon potential access to critical corporate data. The cloud computing services from the companies just mentioned (which are called Azure, Google Cloud and Amazon Web Services respectively) are possibly the biggest growth area in IT at the moment with many organisations hosting major parts of their corporate IT environments on them. Amazon is the biggest player showing 49% growth in AWS revenue last quarter with AWS accounting for over 55% of… Read more »

Daniele Mandelli
Guest
Daniele Mandelli

Another great post. Love this stuff.i find it all quite fascinating.