By Kris Osborn
DARPA and BAE Systems are prototyping a new AI-empowered cybersecurity technology to fight new waves of highly sophisticated cyberattacks specifically engineered to circumvent the best existing defenses.
The program, called Cyber Hunting at Scale (CHASE), uses computer automation, advanced algorithms and a new caliber of processing speed to track large volumes of data in real-time, enabling human cyber hunters to find advanced attacks otherwise hidden or buried within massive amounts of incoming data.
DARPA information explains the technology as “adaptive data collection” able to conduct real-time investigations by sifting through enormous amounts of information not “trackable” by human defenders.
“The CHASE program seeks to develop automated tools to detect and characterize novel attack vectors, collect the right contextual data and disseminate protective measure both within and across enterprises,” DARPA CHASE Program Manager Jennifer Roberts said in a written statement.
Working in tandem with DARPA, a BAE Systems scientist says the potential promise of these advanced techniques is quite significant, because there is often simply not enough storage and memory to monitor nearly 80-percent of trafficking data goes undetected in large enterprise networks.
“Cyber hunt teams are currently massively overburdened and can only look at a small percentage of data collected using filters. Advanced adversaries take advantage of this,” Sam Hamilton, BAE Systems Chief Scientist, told Warrior Maven in an interview. “Sophisticated adversaries understand today’s cyber defense chain very well and are building things to defeat it.”
DARPA’s CHASE Broad Agency Announcement emphasizes this challenge and explains that large enterprise networks generate more data than there is available storage.