# DARPA on Cyber Targeted-Attack Analyzer program & micro-satellites

Protect the country, population and assets from cyber threats, this is a must for every government, a challenge for  every state, new processes, large investment and innovative researches are the topics most debated in this period. Yesterday I wrote about the Russian government and its commitment to strengthen cyber defense, today I desire to introduce how US are trying to improve their cyber capabilities to face with cyber threats. Surely one of the most interesting and prolific agency in this sense is the US DARPA (Defense Advanced Research Projects Agency) responsible for the development of new technologies for use by the military, so I decide to introduce some of its actual and future works that could impact security in cyberspace. Few days ago the agency announced the development of a program to design a defense system able to uncover and prevent targeted cyber attacks based on the computer network managed directly from Department of Defense. The network is considered one of the largest structure in the world and is used to provide a connection infrastructure to personnel across the globe, through the net the employees of DoD collect, transfer and process any kind of information referring a multitude of sources using various device. The network is also used for military operative purposes, its nodes include in-the-field mobile devices and mission computers on board F-18's, it is fundamental to understand the dynamicity of the structure due the continuous technological improvement and the huge and growing quantity of information managed. This characteristic make very difficult its protection against cyber attacks, perimeter defense  could be inappropriate, that why DARPA researchers are trying to define a new defensive model. The announcement made on DARPA web site states:

"[DARPA] seek a new approach, one that relies on knowing the cyber terrain within the network and understanding how information across the enterprise is connected to find actions associated with an attack buried under within all the normal data."

The project appears ambitious and hard to realize, the new Cyber Targeted-Attack Analyzer program will attempt to automatically monitor the entire network, every node and correlate the data flow from different sources despite the technological mutation of the network, its grows and shifts. The principal deliverables of the project are:

• Automatically indexing data sources on a network without human intervention;
• Integration of all data structures through a common language for security-related data, and;
• Development tools to allow reasoning over the federated database

The principal problem is identify in a timely manner the information flows with the intent to be able to discriminate any faults in it, in a successive phase of program the agency seeks to build tools that use this information for cyber defense of the network. DARPA program manager Richard Guidorizzi declared:

"The Cyber Targeted-Attack Analyzer program relies on a new approach to security, seeking to quickly understand the interconnections of the systems within a network without a human having to direct it," "Cyber defenders should then be capable of more quickly discovering attacks hidden in normal activities."

Networks aren't the only concern of  DARPA that is looking with great attention to UAV and satellites technologies considered pillars of military operations. DARPA is specializing its researches on micro-satellites used for spying purpose and to support militias in case of battlefield. UAV technology is also used for this task but has the great limit that the aircraft need to be re-fueled, on the other side orbiting satellites have operational windows limited by their overflight schedule. DARPA is evaluating the creation of a hybrid solution to support troops in real time, Tom Bussing, vice president of Advanced Missile Systems at Raytheon Missile Systems declared.

"We're putting near-real time data where the warfighter needs it – directly into their hands – and providing them with vital, tactical intelligence they can control,"

Raytheon is often present in DARPA projects, let's remind CHAMP project developed by Air Force Research Laboratory that explores the possibility to design a directed-energy weapon capable of destroying and interfering with adversary's electronic systems such as radar systems, telecommunication systems, computer systems and power distribution systems. While the project is started in military and is led by Boeing the technology comes from a small company called Ktech, acquired by Raytheon bought last year, specialized in the providing of microwave generators to generate EMP able to knock out electronics equipment. Last December, DARPA awarded Raytheon a $1.5 million contract for first Phase of the Space Enabled Effects for Military Engagements (SeeMe) project that will build a constellations of micro-satellites to provide troops with accurate satellite imaging within 90 minutes. DARPA program manager Dave Barnhart added: "SeeMe is a logical adjunct to UAV technology, which will continue to provide local or regional very high-resolution coverage, but which can't cover extended areas without frequent refueling," The satellites will have reduced dimensions, about 3 feet long, a foot in diameter, weigh around 25 pounds, and carry a$500,000 price tag.

Both projects are in the embryonic phase but DARPA agency consider them strategic to support future military operations and are the demonstration of the effort that governments are spending to improve their cyber capabilities in an era where technology is the most important factor for both defense and offense.

Pierluigi Paganini

References

Copyright 2010 Respective Author at Infosec Island