How IARPA hopes to get ahead of cyberattacks
The intelligence community's research shop wants to move beyond the typical emphasis on "post mortem analysis."
WHAT: The Intelligence Advanced Research Projects Activity's Proposers' Day Conference for cyber defense.
WHY: IARPA said it wants to use its Jan. 21 Proposers' Day for the Cyber-attack Automated Unconventional Sensor Environment (CAUSE) Program to explore options beyond the typical "postmortem analysis" approaches to cyber defense that focus on the attack vectors used by adversaries.
According to IARPA, as attacks have evolved and increased over the years, established approaches such as signature-based and anomaly detection have not adequately enabled cybersecurity practitioners to get ahead of the threats. The result is an industry heavily invested in analyzing the effects of cyberattacks instead of analyzing and mitigating the cause of the attacks, IARPA officials said.
The CAUSE Program seeks to develop attack forecasting methods and identify emerging cyber phenomena to help defenders detect cyberattacks as early as possible.
IARPA officials said they hope the CAUSE Program can develop and validate unconventional sensor technology that can detect activities such as actor behavior models and black market sales to help forecast cyberattacks and complement existing capabilities.
Under CAUSE, it wants to develop innovative technologies that could manage and extract huge amounts of streaming and batch data, apply existing features from other disciplines and introduce new ones to the cyber domain, and develop models to generate probabilistic warnings for future cyber events.
Successful proposers will combine cutting-edge research with the ability to develop robust forecasting capabilities from multiple sensors not typically used in the cyber domain, IARPA said.
Officials expect the CAUSE Program to tap a wide variety of sources, including academia and industry. Researchers could include computer scientists, data scientists, social and behavioral scientists, mathematicians, statisticians, content extraction experts, information theorists and cybersecurity experts.
Click here for more on the CAUSE Program.