Connect with us

Hi, what are you looking for?


Network Security

DARPA to Study Network Traffic to Stay Ahead of Attackers

The Defense Advanced Research Projects Agency (DARPA) has said that a new project will help the government make sense of the massive amounts of network data that’s collected, and use it to stay ahead of cyber attackers.

The Defense Advanced Research Projects Agency (DARPA) has said that a new project will help the government make sense of the massive amounts of network data that’s collected, and use it to stay ahead of cyber attackers.

According to a news release from the think tank, traditional approaches to defending networks include firewalls on the perimeter, and patching holes as they are discovered. However, that doesn’t always work, and the larger the network the harder the process is. In addition, massive networks, such as those used by the Department of Defense (US DOD), makes the task almost impossible.

DARPA GlobeThus, DARPA researchers are seeking new approaches to the task, including one that focuses on knowing the “terrain within the network, and understanding how information across the enterprise is connected to find actions associated with an attack buried under or within all the normal data.”

The Cyber Targeted-Attack Analyzer program is DARPA’s latest endeavor, correlating all of a network’s data sources to understand how information is connected as the network grows and changes.

Performers for the program will address three challenges: Automatically indexing data sources on a network without human intervention; Integration of all data structures through a common language for security-related data, and; Development of tools to allow reasoning over the federated database

“The Cyber Targeted-Attack Analyzer program relies on a new approach to security, seeking to quickly understand the interconnections of the systems within a network without a human having to direct it,” said Richard Guidorizzi, DARPA program manager.

“Cyber defenders should then be capable of more quickly discovering attacks hidden in normal activities.”

This isn’t the first cybersecurity related project from DARPA. Previously, DARPA publically discussed a plan that will improve the government’s cyberwar capabilities, Plan X, and the VET program that will verify the security and functionality of commodity IT devices to ensure they are free of hidden backdoors and malicious functionality.

Advertisement. Scroll to continue reading.

It is anticipated that the BAA for this effort will be posted to within the next month.

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...

Network Security

NSA publishes guidance to help system administrators identify and mitigate cyber risks associated with transitioning to IPv6.


Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Network Security

Our networks have become atomized which, for starters, means they’re highly dispersed. Not just in terms of the infrastructure – legacy, on-premises, hybrid, multi-cloud,...