DARPA Autonomous Bug-Hunting Bots Don't Need Human Hackers Anymore: Are Bots The Future Of Cybersecurity?

The Cyber Grand Challenge took place under DARPA patronage, and it is good to see how preoccupied the U.S. Department of Defense is with cybersecurity.

The event pitted computers against each other in an attempt to uncover which one can best fulfill the tasks of human cybersecurity researchers, that is, discovering a bug in a software program and fixing it.

It is no news that global IT departments are in a constant struggle to detect issues and bugs in due time for meeting release times, and specially crafted computers could alleviate some of that pressure.

We can only guess how many liabilities exist in active software right now, but experts looked into it.

Symantec reports that, during 2015, worldwide researchers discovered about one zero-day vulnerability per week. The worst news is that the bugs are far from being a thing of the past, as developers are copy-pasting outdated code into their new products on a regular basis.

According to experts, the new technology will give cyber defenders the edge in a fight that currently focuses on the malicious actors. This happens because finding one vulnerability and exploiting it is a highly convenient strategy for evil doers, while security teams have to keep their eyes peeled in many more directions.

"The idea is, you find it before the bad guys do," says David Brumley, the helm of startup ForAllSecure.

One of the teams competing in the Cyber Grand Challenge uses an algorithm based on the ForAllSecure product.

Some are worried that Darpa's project could run out of human hands into a Skynet level scenario.

Whether the tech provides a reason to panic or not, only time will tell.

What you should know now is that cybersecurity leaders are slowly embracing the technology called machine learning, a term that denominates a vast array of techniques, all of which are supposed to let humans take the back seat while computers drive us to a glorious future.

For example, machine learning is in place in computer defense systems and is staying on a lookout for hackers attempting to break in. However simple that sounds, keep in mind that humans are not as proficient as machines at keeping cyber watch.

On average, a company from the U.S. takes as long as 146 days to realize it was hacked, cybersecurity firm FireEye points out in a report. Despite being an improvement over previous years, the window of opportunity leaves enough space for hackers to push dishonest agenda.

The Competition

The Cyber Grand Challenge tests teams' ingenuity in creating machine learning tools that not only identify hackers in a timely manner, but also have a proactive dimension and resolve software bugs that enable hackers to penetrate the systems.

The seven teams that enrolled in the competition belong to cybersecurity companies as well as universities. Each of the machines was designed so that it runs a special algorithm that operates sans human interference.

The competition counted 94 rounds in which computers hunted for vulnerabilities in code imputed by the organizers. The next step was to patch the programming and send it to be tested on another computer.

Prize money was not too shabby, with a total of $3.75 million in total shelled out to the participating teams.

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion
Real Time Analytics