Often, critical cyber vulnerabilities go unfixed as resources are allocated to less significant issues.
That is why the Defense Advanced Research Projects Agency (DARPA), a research division within the US Department of Defense (DoD), has created a system known as the Intelligent Generation of Tools for Security (INGOTS) programme that autonomously identifies and measures the severity of vulnerabilities before attackers exploit them.
INGOTS is a three-year programme with two phases. Phase 1 will focus on exploring, designing, developing, and demonstrating tools and techniques. Phase 2 will focus on maturing and refining these tools and techniques and expanding their coverage across vulnerability and exploitation classes. Each phase will have intermediate meetings, hackathons, demonstrations and will end with an evaluation in collaboration with government partners.
DARPA tells us that today’s metrics fail to capture numerous nuanced factors that differentiate a harmless software flaw from a potent vulnerability.
Without accurate methods to measure the exploitability of a particular vulnerability, developers and defenders must rely on empirical evidence to assess its severity and prioritise it for remediation. Such evidence requires time and costly resources and is often insufficient or incomplete.
INGOTS will pioneer new techniques driven by programme analysis and artificial intelligence (AI) to measure vulnerabilities within modern, complex systems, such as web browsers and mobile operating systems.
The cybersecurity project is based on an emerging area of human-machine teaming. The autonomous system collects data on vulnerabilities while human operators determine where resources will be allocated to shore up the most most severe weaknesses.
For INGOTS, this means that “rather than develop a fully automatic process, we want to create a computer-human pipeline that seamlessly allows human intervention in order to fix high-severity vulnerabilities before an attack,” the programme manager, Perri Adams, stated.
INGOTS research will improve software and hardware resiliency of commercial devices by rapidly identifying and prioritising their most dangerous flaws.
DARPA also notes that attackers will link multiple vulnerabilities together to bypass security measures. “In an attack paradigm where exploitability depends on… vulnerability combination, risk depends on understanding the complex relationships between neighbouring vulnerabilities,” Adams added.
Growing prominence of cybersecurity
State-sponsored cyber attacks are likely to increase throughout 2023, GlobalData says. The Russian invasion of Ukraine, a continuing trade war between the US and China and high-profile elections are all catalysts for state-sponsored attacks.
According to GlobalData forecasts, the global cybersecurity market will be worth $334bn by 2030, having grown at a compound annual growth rate of 10% between 2022 and 2030. Software-based cybersecurity products will be the largest market segment, contributing 44% of total revenue in 2030, with services accounting for 39%.
GlobalData also suggests that defence companies should invest in technologies at every level of the value chain to ensure they have watertight cybersecurity products and strategies. This involves building cybersecurity into the design of systems, utilising AI to enhance analytics and threat detection, and training personnel to ensure they are not targeted.
