Slashdot Mirror

← Back to Stories (view on slashdot.org)

DARPA Cyber Range Project Doomed to Failure

Posted by ScuttleMonkey on from the long-way-behind-the-power-curve dept.

carusoj writes "Former black-hat hacker Noah Schiffman details why DARPA's National Cyber Range project is bound to fail. The NCR is proposed as a simulation of the Internet, including replicating 'human behavior and frailties.' Schiffman argues that if the Defense Department is really building something of this scope, it might as well use the actual Internet."

5 of 41 comments (clear)

  1. What does "failure" mean though? by biolysis · · Score: 5, Insightful

    Won't they be learning valuable lessons even if they fail to meet their mission objectives?

  2. By using the actual internet.... by Hankapobe · · Score: 4, Insightful
    you can't run 'what-if' scenarios and keep certain variables constant.

    On the other hand, by using the internet, the powers that be wouldn't be able to rig or dumb down any tests so that they succeed. Like they did with some of the Star Wars tests. Useful when justifying budgets to Congress.

  3. I disagree by WarJolt · · Score: 3, Insightful

    In the end, the underlying necessity of this project is an impossibility-the simulation of true human behavior. If this was possible, and one could accurately know and predict online behavior, the acceleration of these calculations would border the lines of predeterminism and precognition. This type of "sci-fi success" would render the creation of the NCR unnecessary, since it would create the ability to anticipate, know, and adequately prepare for all future cyber attacks. I don't think the goal is to reproduce human behavior, but reproduce the environment and basic human input. I'd argue that the user is not the cause of most vulernerabilities. Most vulernabilities are flaws with the applications, architectures, systems and protocols themselves. The human factor for most vulnerabilities has already been compiled into applications distributed and is ready for testing. There is already AI that searches for vulnerabilities in systems. This is just looking for it on a massive scale.
  4. Pretty good idea. by ZonkerWilliam · · Score: 1, Insightful

    They (DARPA) Can't test for every outcome at once, but they could and most likely will get valuable information when they test for well defined attacks.

  5. Bogus analysis - not 30 billion. by Animats · · Score: 4, Insightful

    Nothing in the solicitation has a $30 billion price tag on it. No idea where that number came from. There are no dollar amounts at this stage; DARPA is soliciting bids.

    What DARPA is asking for is a 10,000 node Internet simulator, and that's in the final phase. The whole system can be started, stopped, and flushed to a clean state for new tests. Users are simulated: "Replicants will simulate physical interaction with device peripherals, such as keyboard and mice. Replicants will drive all common applications on a desktop environments." Attacks on the network are supported; the vendor even has to provide a "malware library".

    The simulated machines have to be simulated at a fine level of detail. "The NCR must be capable of taking a physical computer and rapidly creating a functionally equivalent, logical instance of that machine that can be replicated repeatedly and injected into a testbed. Given a never-before-seen physical computing device, create logical instantiations of the physical native machine that accurately replicates, not only the software on the machine, but hardware to the interrupt level, chipset, and peripheral cards and devices.". That's going to be hard. They may end up with real computers hooked up to peripherals that simulate human inputs. (DoD does this all the time; it's how flight control software is debugged. Serious flight simulators use the real "black boxes" of real aircraft with simulated inputs and outputs.) They need that level of fidelity because they want to observe virus and attack behavior.

    This is going to be a useful asset.