recommended reading

DARPA Plugs Contest for Watson-like System to Deflect Hackers

Pavel Ignatov/

In the wake of an alleged hack that stole the passwords of two million Facebook, Google and other Internet users, Pentagon officials are plugging a new contest to build a Watson-like system that can find and eradicate Achilles heels in software. 

The Defense Advanced Research Projects Agency, the test tube branch of the Pentagon, announced the Cyber Grand Challenge on Oct. 22. The winning team will take home $2 million for creating an unmanned hacker-halter that finds and repairs bugs in software connected to a network, without disrupting the software program.

"As the lessons of how to do this emerge -- what we're hoping for is that we will have automated systems that can recognize novel flaws, novel threats, in networks and remediate them in real-time," DARPA program manager Mike Walker told reporters on Friday. Software flaws that let in hackers include, among other things, weak verification of data, user interface errors and authentication problems. 

The two-year race will finish too late to stop hackers from weaponizing the 60-some software bugs in Microsoft and other popular software that boutique companies find and sell every day. But the goal is for the match itself to jumpstart industry investment in robotic analysis. 

DARPA has tried this gambit before. Previous grand challenge contests dared scientists to invent robotic vehicles, spurring what Walker called "the dawn of the self-driving car revolution." Everybody failed the first year in 2004. But during the 2005 grand challenge, four autonomous vehicles made it through a 132-mile desert route within the 10-hour time limit. And now a smattering of states nationwide are allowing Google’s driverless cars on roads. 

At the end of the vehicle challenges, "those prototypes were not ready to roll off the contest raceway and on to American highways, but what did transition out of that first race was the dream that vehicles could actually pilot themselves on complex courses," Walker said. 

Programmers in need of financial support for the cyber challenge have until Jan. 14, 2014 to submit a grant proposal. This money -- $750,000 per year -- is separate from the prize money and funding is limited. An unlimited number of self-funded participants can enter. Walker would not disclose the number of registrants but said officials "have seen a lot of interest." 

Workshops for potential entrants were held in Arlington, Va., on Tuesday and Wednesday. On Monday, West Coast coders can attend a session in San Francisco. 

Web companies for years have been working on manual and piecemeal mechanized systems for identifying bugs. Using a tool called SAGE, Microsoft researchers found and fixed one-third of the flaws in Windows 7 before the operating system was released.  

Walker compared DARPA's project to the development of automated chess systems in the 1970s. "By playing each other, chess systems were able to figure out what approaches work," he said. The cyber challenge will "hopefully follow in the footsteps of systems like Deep Blue, like Watson, and let these systems someday play the experts at their own game."

An earlier version of this story misstated the deadline for grant proposals. Submissions are due Jan. 14, 2014. 

Threatwatch Alert

Accidentally leaked credentials

U.K. Cellphone Company Leaks Customer Data to Other Customers

See threatwatch report


Close [ x ] More from Nextgov

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • It’s Time for the Federal Government to Embrace Wireless and Mobility

    The United States has turned a corner on the adoption of mobile phones, tablets and other smart devices, outpacing traditional desktop and laptop sales by a wide margin. This issue brief discusses the state of wireless and mobility in federal government and outlines why now is the time to embrace these technologies in government.

  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

  • A New Security Architecture for Federal Networks

    Federal government networks are under constant attack, and the number of those attacks is increasing. This issue brief discusses today's threats and a new model for the future.

  • Going Agile:Revolutionizing Federal Digital Services Delivery

    Here’s one indication that times have changed: Harriet Tubman is going to be the next face of the twenty dollar bill. Another sign of change? The way in which the federal government arrived at that decision.

  • Software-Defined Networking

    So many demands are being placed on federal information technology networks, which must handle vast amounts of data, accommodate voice and video, and cope with a multitude of highly connected devices while keeping government information secure from cyber threats. This issue brief discusses the state of SDN in the federal government and the path forward.

  • The New IP: Moving Government Agencies Toward the Network of The Future

    Federal IT managers are looking to modernize legacy network infrastructures that are taxed by growing demands from mobile devices, video, vast amounts of data, and more. This issue brief discusses the federal government network landscape, as well as market, financial force drivers for network modernization.


When you download a report, your information may be shared with the underwriters of that document.