DARPA's Cyber Insider Threat Program Is the Agency's Great Hope for Ending Leaks | Popular Science 10-09-04

10-09-04 12:33 PM

DARPA's Cyber Insider Threat Program Is the Agency's Great Hope

for Ending Leaks
By Clay Dillow Posted 09.01.2010 at 4:27 pm

Protecting Military Networks Thinking about WikiLeaking? Think again. U.S. Navy

The recent WikiLeaks exposure was a huge black eye for the U.S. Department of Defense, supposedly one of the more secure state organizations we have working for us. Its impact
clearly wasn’t lost on the Pentagon, whose blue sky research arm has launched a new project designed to ferret out malicious behavior on DoD networks. Named CINDER – Cyber
INsiDER Threat – the project is designed not to sniff out people, but adversarial actions as they happen.

To quote DARPA’s request for industry solicitations: “The goal of CINDER will be to greatly increase the accuracy, rate and speed with which insider threats are detected and
impede the ability of adversaries to operate undetected within government and military interest networks.”

The philosophy driving CINDER is the idea that singular actions by an insider with malicious intent aren’t noticeable as malicious –
say, the downloading of a sensitive document from a DoD server or the searching for information on a particular topic. But the larger RELATED ARTICLES
adversary mission should be noticeable when compared to normal mission activities. By monitoring strings of actions rather than
Pentagon: 2008 Cyber Breach,
isolated events, CINDER is expected to pinpoint system users who may be up to something malicious. Considered the Biggest Ever,
Was Caused By a Simple Flash
CINDER assumes that insiders are operating within the Pentagon’s most sensitive networks, so rather than focus on keeping outside Drive
threats out, it will be designed to weed out those already inside. As Danger Room points out, it seems like a recipe for false positives,
but DARPA seems to think a properly-designed CINDER will be able to distinguish between normal and malicious mission contexts. DARPA Chief Testifies That US
May Soon Face Critical Nerd
We’ll see. In the meantime, while DARPA works CINDER into serviceable shape, the DoD is expected to roll out a new cyber strategy Shortage
by year’s end to hopefully curtail the kinds of massive leaks and cyber breaches that have been the embarrassment of the Pentagon
lately. DARPA Spends $51 Million On
Matrix-Like Cyber War Firing
[FedBizOpps via Danger Room] Range

TAGS
Technology, Clay Dillow, cinder, cyber
defense, cybersecurity, darpa, DOD, military,
pentagon

Previous Article: Undergrads at Next Article: Archive Gallery: 138

Colorado Crash a NASA Satellite Years of Architectural Landmarks

http://www.popsci.com/technology/article/2010-09/darpas-cyber-insider-threat-program-will-track-down-network-infiltrators-are-already-inside# Page 1 of 2
DARPA's Cyber Insider Threat Program Is the Agency's Great Hope for Ending Leaks | Popular Science 10-09-04 12:33 PM

Into The Ocean

6 COMMENTS
Fatarion 09/01/10 at 5:25 pm
Yeah... and after that just place web-cams on every person who works
there and complete the fascism...

Link to this comment

KH2 09/01/10 at 6:14 pm

Isn't it interesting how people suddenly love the word fascism.

I would hope that a security organization would be allowed to implement

actual security.

No one accuses casinos of being fascist and they watch everything and
everybody.

Why should the DOD be any different?

Link to this comment

briann88 09/01/10 at 8:03 pm

webcams would be a good idea then you have video of them in the act,
besides when you work for the military i think you have to give up some
freedoms

Link to this comment

Steggy 09/01/10 at 10:24 pm

Doesn't anyone think of the implications these things will have on
humanity when Skynet goes live?

We're so screwed

Link to this comment

tcolguin 09/02/10 at 4:08 am

Fatarion and Steggy,

This is on and I quote "Pentagon’s most sensitive networks" do you really

believe that a person working on that kind of network should any kind of
privacy at all? The only kind of activity that should be on that network is
sensitive government work. It is not some kind X-Box play station for the
people's amusement.

Link to this comment

09/03/10 at 5:14 am
Stop making secrets and nothing will ever get leaked. Your battle will
never end and your secrets will never be safe.
bdotalex
Link to this comment

To comment, please Login.

Copyright © 2009 Popular Science

A Bonnier Corporation Company. All rights reserved. Reproduction in whole or in part without permission is prohibited.

http://www.popsci.com/technology/article/2010-09/darpas-cyber-insider-threat-program-will-track-down-network-infiltrators-are-already-inside# Page 2 of 2