recommended reading

Pentagon cyberwarriors to unload some defensive tasks to big data


The Defense Department hopes to offload some of the work of analyzing network vulnerabilities to a machine, Pentagon officials said on Friday.

The Cyber Targeted Attack Analyzer is intended to reduce the workload for the department’s short-handed cyber forces by organizing information from “disparate network data sources” to more easily see computer abnormalities, according to the Pentagon’s laboratory. Information technology development efforts will kick off with a briefing for prospective contractors on Jan. 30, Defense Advanced Research Projects Agency officials said. DARPA expects to release a solicitation for project proposals within a few weeks afterward.   

The trick will be reeling in all that intelligence from devices that are not necessarily compatible.

“Changing the way the information in the IT infrastructure is acquired, processed and made available” will help tackle the “scale-of-data” problem, DARPA officials said in announcing the industry event.

The ideal technology would need to automatically index data sources without much human intervention, according to officials. The CAT program “seeks to reduce the amount of time cyber defenders in the Department of Defense spend discovering cyber-attacks by federating and correlating” dissimilar data streams, officials said.

But the tool also must allow humans to exercise judgment so that they can, for instance, “query relationships between any connected data fields across the network” to probe irregularities further, officials added.

The contract labor likely will be divided into two sections, with one effort focused on research to devise a functioning system, and the other concentrating on testing to ensure the envisioned technology works and is secure.

The CAT program is one of several ongoing big data projects at DARPA related to cybersecurity.

The Pentagon is plowing $250 million annually into initiatives aimed at harnessing large data sets at the agency, the National Security Agency’s code-cracking division, and elsewhere. For example, DARPA’s Anomaly Detection at Multiple Scales, or ADAMS, system looks for willful or inadvertent malicious actions taken by trusted individuals -- insider threats -- against a backdrop of normal network activity. Another experimental technology, the Video and Image Retrieval and Analysis Tool, or VIRAT, scouts for dangerous combinations of videotaped activities captured by battlefield sensors that Defense would never have the time or people to review.

CORRECTION: The original version of this story had the wrong dollar figure for the amount the Pentagon is devoting to harnessing large data sets. The correct figure is $250 million.

(Image via eteimaging /

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats


Close [ x ] More from Nextgov

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Modernizing IT for Mission Success

    Surveying Federal and Defense Leaders on Priorities and Challenges at the Tactical Edge

  • Communicating Innovation in Federal Government

    Federal Government spending on ‘obsolete technology’ continues to increase. Supporting the twin pillars of improved digital service delivery for citizens on the one hand, and the increasingly optimized and flexible working practices for federal employees on the other, are neither easy nor inexpensive tasks. This whitepaper explores how federal agencies can leverage the value of existing agency technology assets while offering IT leaders the ability to implement the kind of employee productivity, citizen service improvements and security demanded by federal oversight.

  • Effective Ransomware Response

    This whitepaper provides an overview and understanding of ransomware and how to successfully combat it.

  • Forecasting Cloud's Future

    Conversations with Federal, State, and Local Technology Leaders on Cloud-Driven Digital Transformation

  • IT Transformation Trends: Flash Storage as a Strategic IT Asset

    MIT Technology Review: Flash Storage As a Strategic IT Asset For the first time in decades, IT leaders now consider all-flash storage as a strategic IT asset. IT has become a new operating model that enables self-service with high performance, density and resiliency. It also offers the self-service agility of the public cloud combined with the security, performance, and cost-effectiveness of a private cloud. Download this MIT Technology Review paper to learn more about how all-flash storage is transforming the data center.


When you download a report, your information may be shared with the underwriters of that document.