DARPA challenges AI teams for $2 million reward
Thu 14 Jul 2016
Seven teams of white hat hackers have developed artificially intelligent systems to find and fix software bugs without human intervention. This summer, the teams will go head to head in Las Vegas to compete for a $2 million prize.
The US government’s Defense Advanced Research Projects Agency (DARPA) has invited seven teams of finalists to the Cyber Grand Challenge, to be held on August 4, 2016 at DEF CON in Las Vegas. The participants will join an all-AI version of ‘capture the flag’, where over the course of 10 hours their competing systems will examine networked servers to find vulnerabilities, predict potential crashes, and then protect their systems by fixing detected flaws. Teams will gain points for finding vulnerabilities, and lose points if their system is unable to protect servers against simulated attacks.
The teams have also agreed to take the competition to DEF CON, one of the largest hacker conferences in the world, where they will put their systems to the test against humans, marking the first AI-human white hat hacking competition.
DARPA announced the Cyber Grand Challenge back in 2013, when 100 teams applied to be included. After three elimination rounds, the field was narrowed to seven finalists who were invited to participate in the Grand Challenge, and were given high-performance software from DARPA to develop artificially intelligent cyber-reasoning systems. The top three contenders will receive prize money – $2,000,000 for the first place team, $1,000,000 for the second, and $750,000 for the third.
Mike Walker, program manager for the Cyber Grand Challenge, said, “We’re hoping to see proof that the entire computer security cycle of responding to flaws can be automated.” He also outlined different tactics that an automated system could use to provide protection to a network, noting two types of security measures that an AI system can take to protect a network. The first, a ‘binary armor’, can be created ahead of time to protect against general threats. The trick to binary armor, though, is keeping the system quick and agile enough for user effectiveness. “People want computers to be secure, but don’t want it to be secure at the cost of taking two hours to send an email,” he said. The alternative is ‘point patching’, which involves detecting an issue as it arises and creating an effective patch specifically for that problem. This method allows the network speed to remain relatively unaffected, but as it is much more complicated, it represents the true test for an effective AI system.