"But what if that system of finding and fixing flaws were just as fast and automated as the computer systems they are trying to protect? What if cyber defense were as seamless, sophisticated, and scalable as the internet itself?" Those are questions the Cyber Grand Challenge seeks to answer.

Cyber Grand Challenge Taking Place This Week

The Aug. 4 event in Las Vegas in collaboration with DEF CON 24 is the culmination of a multiyear DARPA competition: Seven high-performance computers will compete live in the world's first all-machine game of Capture the Flag.

This is a big week for the hacker community, with both DEF CON 24 and DARPA's Cyber Grand Challenge taking place at the Paris Hotel & Conference Center in Las Vegas (and at Bally's, in the case of DEF CON). DARPA calls its event "the ultimate test of wits in computer security," an open competition and "the world's first all-computer Capture the Flag tournament." It is a final event on Aug. 4 featuring seven prototype systems competing for nearly $4 million in prizes in a live network competition.

In Capture the Flag contests, experts reverse-engineer software to find deeply hidden flaws and create securely patched replacements; DARPA modeled the Cyber Grand Challenge on thes tournaments in order to "create public proof that it's possible to automate the cyber defense process with machines that can discover, confirm and fix software flaws in real-time," according to the agency.

"The Heartbleed security bug existed in many of the world's computer systems for nearly two-and-a-half years before it was discovered and a fix circulated in the spring of 2014, by which time it had rendered an estimated half a million of the internet’s secure servers vulnerable to theft and other mischief," DARPA notes. "And while Heartbleed was in some respects an outlier, long-lived critical flaws in widely deployed bedrock internet infrastructure are not rare. Analysts have estimated that, on average, such flaws go unremediated for 10 months before being discovered and patched, giving nefarious actors ample opportunity to wreak havoc in affected systems before they move on to exploit new terrain. The reason for these time lags? In contrast to the sophistication and automation that characterize so much of today's computer systems, the process of finding and countering bugs, hacks and other cyber infection vectors is still effectively artisanal. Professional bughunters, security coders, and other security pros work tremendous hours, searching millions of lines of code to find and fix vulnerabilities that could be taken advantage of by users with ulterior motives.

"But what if that system of finding and fixing flaws were just as fast and automated as the computer systems they are trying to protect? What if cyber defense were as seamless, sophisticated, and scalable as the internet itself?" Those are questions the Cyber Grand Challenge seeks to answer.

"Playing in a specially created computer testbed laden with an array of bugs hidden inside custom, never-before-analyzed software, the machines will be challenged to find and patch within seconds—not months—flawed code that is vulnerable to being hacked, and find their opponents' weaknesses before the defending systems do. The entire event will be elaborately visualized on giant monitors in the Paris Las Vegas Hotel's 5,000-person-capacity auditorium while expert 'sportscasters' document the historic competition. And it may not end there," according to the agency’s outline of the event. "The organizers of DEF CON CTF have boldly invited the winning automated system to compete against the world's best human hackers in their Capture the Flag competition the following day, Aug. 5. That would be the first-ever inclusion of a mechanical contestant in that event, and could presage the day when, as eventually happened with chess and Jeopardy!, a computer proves to be the Grand Master of cyber defense."

Download Center

HTML - No Current Item Deck
  • Free Safety Management Software Demo

    IndustrySafe Safety Management Software helps organizations to improve safety by providing a comprehensive toolset of software modules to help businesses identify trouble spots; reduce claims, lost days, OSHA fines; and more.

  • The Top 5 Safety and Technology Trends to Watch in 2019

    Get the latest on trends you can expect to hear more about in 2019, including continued growth of mobile safety applications, wearable technology, and smart PPE; autonomous vehicles; pending OSHA recordkeeping rulemaking; and increased adoption of international safety standard, ISO 45001.

  • Get the Ultimate Guide to OSHA Recordkeeping

    OSHA’s Form 300A posting deadline is February 1! Are you prepared? To help answer your key recordkeeping questions, IndustrySafe put together this guide with critical compliance information.

  • Safety Training 101

    When it comes to safety training, no matter the industry, there are always questions regarding requirements and certifications. We’ve put together a guide on key safety training topics, requirements for certifications, and answers to common training questions.

  • Conduct EHS Inspections and Audits

    Record and manage your organization’s inspection data with IndustrySafe’s Inspections module. IndustrySafe’s pre-built forms and checklists may be used as is, or can be customized to better suit the needs of your organization.

  • Industry Safe

OH&S Digital Edition

  • OHS Magazine Digital Edition - January 2019

    January 2019

    Featuring:

    • PREVENTING ERRORS
      Production vs. Safety 
    • EMERGENCY SHOWERS & EYEWASH
      Meeting the Requirements for Emergency Equipment
    • CONSTRUCTION SAFETY
      The State of Contractor Safety
    • FOOT PROTECTION
      The Three Keys to Effective Chemical Management
    View This Issue