Seven teams have advanced to the finals of DARPA’s automated cyber challenge, designed to find new and innovating methods of improving automated security software:
The qualifying competition took the form of a CTF game, which in the cyber realm is a common and popular way for security experts to develop their skills. There are leagues and large-scale competitions devoted to it. Member’s the Army’s burgeoning Cyber Mission Force, in fact, recently staged a CTF game as part of their training.
For DARPA’s competition, teams built and programmed high-performance computers to play the game, in which the machines had to reverse-engineer software created for the contest and find and fix weaknesses hidden within. And because it was the first CTF event played solely by machines, it was conducted at a speed that human-controlled computers can’t match. A typical CTF tournament might involve participants analyzing 10 pieces of software over the course of 48 hours; in DARPA’s qualifier, the machines examined 131 pieces of software and had to do it in 24 hours, DARPA said. In total, the teams fixed all 590 software flaws the contest developers knew about.
“The results bode well for an exciting competition next year and confirm the value of using a grand challenge format,” Walker said. “With no clear best approach going in, we can explore multiple approaches and improve the chances of producing groundbreaking improvements in cybersecurity technology.”