The Defense Advanced Research Projects Agency (DARPA) is seeking technical proposals for a new program that aims to develop automated approaches to conducting cybersecurity assessments on computer networks, according to an announcement posted to SAM.gov on Oct. 24.
DARPA’s new program intends to focus on technology that can accelerate cybersecurity assessments with automated, repeatable, and measurable approaches.
The agency is targeting three technical areas in the broad agency announcement – automate the creation of realistic network environments; learn cyber defensive operations for maintaining operations; and enumerate potential attack paths. The program is expected to run for four years.
The Cyber Agents for Security Testing and Learning Environments (CASTLE) program seeks to improve cyber testing and evaluation by developing a toolkit that instantiates realistic network environments and trains artificial intelligence (AI) agents to defend against advanced persistent cyber threats.
Teams in the CASTLE program plan to use reinforcement learning to automate the process of reducing vulnerabilities within networks.
“Attackers often have a better understanding of network vulnerabilities than defenders, but it doesn’t have to be that way,” said Tejas Patel, CASTLE program manager in DARPA’s Information Innovation Office, in a press release. “Reinforcement learning may enable the creation and training of cyber agents that are much more effective than current manual approaches for addressing APTs in networks.”
The CASTLE program also intends to create open-source software that can help network defenders anticipate vulnerabilities an attacker may exploit. DARPA explained that datasets created by the CASTLE software will also promote open, rigorous evaluation of defensive approaches that last beyond the life of the program.