The research agency claims that traditional mechanisms to prevent networks from attacks include deployment of static firewalls and patching of any discovered vulnerabilities within the systems in the network. Researchers at DARPA are looking for new ways of protecting networks and are looking at “connections” between information; how it moves about within a network.
Dubbed Cyber Targeted-Attack Analyzer, DARPA reveals that the new program will look at information in the network and go about automatically co-relating data sources – even if seemingly unrelated, and will try to understand “how information is connected as the network grows, shifts and changes.”
Developing the program in three main phases, the agency will first try to build capabilities into the program that will index data sources on a network automatically; next, will integrate all data structures through a common security-related language and; finally develop reasoning and defense tools into the program.
Richard Guidorizzi, DARPA program manager, said, “The Cyber Targeted-Attack Analyzer program relies on a new approach to security, seeking to quickly understand the interconnections of the systems within a network without a human having to direct it.”
Once the co-relation is established, the program will integrate the co-related data onto the network enabling preventive devices to understand the “connections.” Following this, the tools within the program will use the fed information to protect the network.