DARPA Will Stage an AI Fight in Las Vegas For DEF CON (yahoo.com)

← Back to Stories (view on slashdot.org)

DARPA Will Stage an AI Fight in Las Vegas For DEF CON (yahoo.com)

Posted by EditorDavid on Sunday July 17, 2016 @01:39PM from the hack-me-if-you-can dept.

An anonymous Slashdot reader writes: "A bunch of computers will try to hack each other in Vegas for a $2 million prize," reports Tech Insider calling it a "historic battle" that will coincide with "two of the biggest hacking conferences, Blackhat USA and DEFCON". DARPA will supply seven teams with a supercomputer. Their challenge? Create an autonomous A.I. system that can "hunt for security vulnerabilities that hackers can exploit to attack a computer, create a fix that patches that vulnerability and distribute that patch -- all without any human interference."

"The idea here is to start a technology revolution," said Mike Walker, DARPA's manager for the Cyber Grand Challenge contest. Yahoo Tech notes that it takes an average of 312 days before security vulnerabilities are discovered -- and 24 days to patch it. "if all goes well, the CGC could mean a future where you don't have to worry about viruses or hackers attacking your computer, smartphone or your other connected devices. At a national level, this technology could help prevent large-scale attacks against things like power plants, water supplies and air-traffic infrastructure.
It's being billed as "the world's first all-machine hacking tournament," with a prize of $2 million for the winner, while the second and third place tem will win $1 million and $750,000.

41 of 89 comments (clear)

Min score:

Reason:

Sort:

Re: This is fucking stupid by Anonymous Coward · 2016-07-17 13:44 · Score: 2, Insightful

Whats worse is that the prize money is taxpayer funded.
Technology Buzz Words by nehumanuscrede · 2016-07-17 13:45 · Score: 1

The media likes to throw around the term A.I. a lot these days and, unless I'm gravely mistaken, we have nothing even close to resembling one.
I'm probably wrong, but I'm of the opinion that a full blown A.I. is a fully sentient being capable of making its own decisions and rivaling / exceeding its creators in just about everything we're capable of.
Writing scripts and programs are fine. Just call them out for what they are.
Artificial Intelligence it is not.
That is all.
1. Re:Technology Buzz Words by Minupla · 2016-07-17 13:57 · Score: 3, Insightful
  
  The term AI has become synonymous with "something we'll see in 30 years".
  AIs can drive cars and pick people out of pictures and even go back through my google photos album and match my 7 yr old with her baby picture (regardless if it does this by inferring that I only have one kid and therefore this is probably it or through facial recognition or some combination of the two, it's a nifty trick.), and beat a world class human at not only Chess but Go. My 13 yr old self, fresh out of reading Neuromancer would have told you we'd need an AI for that.
  Now that we've reached there AI has receded into the future.
  I saw the presentation last year DC about what they're attempting to accomplish. They want to write code that without human assistance can analyze a binary, (a neat trick by itself with the halting problem) for weaknesses, develop a patch for them, and at the same time attack its opponents and circumvent their fixes.
  The real trick will be tho, the winner from the AI contest goes against the human's at Defcon on CTF. The money is heavily against the AI, but even if it places a good showing, it'll
  The other issue is that people mistakenly assume that AI means Human-Level intellect (and usually greater-then human, since most of us couldn't beat a wold class Go player.
  It's also separate from consciousness.
  A computer that's as smart as a barn owl is artificially intelligent (and would probably be a scary good drone pilot).
  Min
  
  --
  On the whole, I find that I prefer Slashdot posts to twitter ones because I don't get limited to 140 chars before
2. Re:Technology Buzz Words by ceoyoyo · 2016-07-17 14:45 · Score: 1
  
  Your definition isn't the one commonly in use. Most people would say "human-level AI" or at least "hard AI" to talk about what you describe.
  From https://en.wikipedia.org/wiki/...:
  
  Artificial intelligence (AI) is intelligence exhibited by machines. In computer science, an ideal "intelligent" machine is a flexible rational agent that perceives its environment and takes actions that maximize its chance of success at some goal.[1] Colloquially, the term "artificial intelligence" is applied when a machine mimics "cognitive" functions that humans associate with other human minds, such as "learning" and "problem solving".[2] As machines become increasingly capable, facilities once thought to require intelligence are removed from the definition. For example, optical character recognition is no longer perceived as an exemplar of "artificial intelligence" having become a routine technology.[3] Capabilities still classified as AI include advanced Chess and Go systems and self-driving cars.
  So a program that runs through a list of vulnerabilities checking for each one wouldn't really qualify as AI, but one that used a more sophisticated approach might.
3. Re:Technology Buzz Words by manu0601 · 2016-07-17 15:05 · Score: 1
  
  The term AI has become synonymous with "something we'll see in 30 years".
  You mean we could say producing electricity using nuclear fusion is AI? :-)
4. Re:Technology Buzz Words by thinkwaitfast · 2016-07-17 18:46 · Score: 1
  
  can analyze a binary,
  Isn't that what automated code testing does? I attended a sales demo once and the people were showing all the types of bugs that it could catch. This was twenty years ago and hope that it would be much better by now.
5. Re:Technology Buzz Words by robi5 · 2016-07-18 00:35 · Score: 1
  
  > AIs can drive cars
  I agree with the contents of your post but it's AI, not "AIs". People who heard of AI earlier than the last 2-3 years use it in singular, so it gives a noob appearance.
6. Re:Technology Buzz Words by mwvdlee · 2016-07-18 02:05 · Score: 1
  
  Then what do you call several independantly developed AI systems, like we currently have driving around in test cars?
  
  --
  Slashdot social media options: AIM, ICQ, Yahoo, Jabber and Mobile Text. Why no MySpace?
7. Re:Technology Buzz Words by Minupla · 2016-07-23 05:20 · Score: 1
  
  I realize I'm coming back to this thread late (was travelling, sorry), but in tech writing class we learned that the best practice was to use the pluralization that would apply if we had spelled out the acronym. So in this case "Artificial Intelligences can drive cars" would be the natural sounding construction instead of "Artificial Intelligence can drive cars" where I am referring to multiple separate code bases operating in independent instantiations, as opposed to one central AI coordinating all cars, which could be inferred if I had used the forced-singular construction you are advocating. When in doubt pick the language that is clearer over the 'right' formulation.
  Anyways, just wanted to comment.
  Min
  
  --
  On the whole, I find that I prefer Slashdot posts to twitter ones because I don't get limited to 140 chars before
Ice by subk · 2016-07-17 13:46 · Score: 1

Sounds like something out of a William Gibson novel. Go ahead, put it out there. Somebody's gonna own it and teach it to spread backdoors.

--
Now, if you'll excuse me, I have backups to corrupt.
DARPA is normally bleeding edge by onyxruby · 2016-07-17 13:54 · Score: 2, Interesting

Bot's have been battling like this for many years. A decade ago I was taking agents and using them to create self healing networks when I traveled as a consultant. I picked up and used a number of tricks used by botnet operators. I took the logic used to keep a botnet up and running and used that on corporate networks.
I automated the works, and did so with nothing more than a set of scripts and set of agents. You could well argue the result was black hat botnets battling corp botnets. I have got to imagine that I was far from the first to build something like this. Without doubt blackhat botnets have battled blackhat botnets for control for many years.
Where's the innovation, using a supercomputer?
1. Re:DARPA is normally bleeding edge by subk · 2016-07-17 13:58 · Score: 1
  
  Do blackhat botnets patch themselves after getting attacked?
  
  --
  Now, if you'll excuse me, I have backups to corrupt.
2. Re:DARPA is normally bleeding edge by rtb61 · 2016-07-17 14:33 · Score: 1
  
  Technically speaking, to increase security the innovation is to go backwards. Basically taking all the flexibility out of computer systems and tying a lot more to hardware and not software. Basically computer hardware components that are only capable of carrying out the original designed function and nothing else, absolutely nothing else, zero flexibility and any function not necessary to the designed function is not there. Any flexibility in the system, any unnecessary functions still resident in the system, all create points for hacking. The design requirement has always been KISS, keep it simple stupid, you want security, than everything has to be locked down in hardware and only specific kinds of communications should be allowed, in terms of patterns, repeats, timers, protocols and anything beyond that should not just be blocked but actually technically impossible. The system can still be hacked but it would require direct personal access and the replacement of locked in hardware with flexible hardware or intercepts in the background infrastructure.
  
  --
  Chaos - everything, everywhere, everywhen
3. Re:DARPA is normally bleeding edge by phantomfive · 2016-07-17 14:58 · Score: 3, Insightful
  
  Where's the innovation, using a supercomputer?
  If your system is so good, why don't you submit it and win the competition? Seems like a good way to win an easy $million
  
  --
  "First they came for the slanderers and i said nothing."
4. Re:DARPA is normally bleeding edge by drinkypoo · 2016-07-18 00:57 · Score: 1
  
  If your system is so good, why don't you submit it and win the competition? Seems like a good way to win an easy $million
  Because he's defensive, not offensive. Questions like this that make it clear that you haven't read the comment are offensive, also.
  
  --
  "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
5. Re:DARPA is normally bleeding edge by phantomfive · 2016-07-18 04:20 · Score: 1
  
  Questions like this that make it clear that you haven't read the comment are offensive, also.
  YOU'RE offensive.
  
  --
  "First they came for the slanderers and i said nothing."
6. Re:DARPA is normally bleeding edge by drinkypoo · 2016-07-18 15:25 · Score: 1
  
  YOU'RE offensive.
  I hope you didn't spend a lot of time working on that one.
  
  --
  "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
7. Re:DARPA is normally bleeding edge by phantomfive · 2016-07-18 17:56 · Score: 1
  
  Believe me, I didn't.
  
  --
  "First they came for the slanderers and i said nothing."
Rock 'Em Sock 'Em Robots by fustakrakich · 2016-07-17 13:56 · Score: 2

the CGC could mean a future where you don't have to worry about viruses or hackers attacking your computer, smartphone or your other connected devices. At a national level, this technology could help prevent large-scale attacks against things like power plants, water supplies and air-traffic infrastructure.
Um, this assumes that one side can always maintain an advantage, amiright? Otherwise it just sounds like a really fast game of cat and mouse.

--
“He’s not deformed, he’s just drunk!”
1. Re:Rock 'Em Sock 'Em Robots by penguinoid · 2016-07-17 15:53 · Score: 1
  
  Um, this assumes that one side can always maintain an advantage, amiright? Otherwise it just sounds like a really fast game of cat and mouse.
  Correct, and they are right about it. Hacking is not combat; if there is no vulnerability in the code then it doesn't matter how much of a genius one is, you can't find what isn't there. If done right, security AI could eliminate all software vulnerabilities and leave only physical access or social engineering as attack vectors. And this sort of task would be ideal for AI, as it does not need any creativity beyond analyzing the logic of a program for the presence of certain well-defined traits.
  
  --
  Don't waste your vote! Vote for whoever you want, unless you live in a swing state it won't matter anyways
2. Re:Rock 'Em Sock 'Em Robots by jbmartin6 · 2016-07-18 00:48 · Score: 1
  
  The other omission is attackers don't need a software flaw to attack a computer, all they need is a human user who wants to watch online movies, pay a mysterious invoice, find out why their package had a problem, avoid trouble with the tax authorities, ad infinitum.
  
  --
  This posting is provided 'AS IS' without warranty of any kind, implied or otherwise.
Re:This is fucking stupid by dejitaru · 2016-07-17 13:59 · Score: 1

AI is just the new buzzword, much like VR in gaming even though it's not true virtual reality because of the limitations. Marketing in companies has always exploited words to mean less than what it actually is, because it makes the general public think more than what it really is, that's how marketing works. Manipulative advertising.
That isn't A.I. by 110010001000 · 2016-07-17 14:00 · Score: 1

We aren't even close to any kind of A.I. Of course the AI nutters will shout "Chess and Go playing computers!" and "Siri!" but neither of those things are A.I. And "deep learning" isn't a thing, just a buzzword. It isn't learning it all. I doubt we will ever acheieve anything even close to A.I. With digital computers almost at a dead end in terms of increased processor capability we won't see very many breakthroughs in the near future.
1. Re:That isn't A.I. by Anonymous Coward · 2016-07-17 14:39 · Score: 1
  
  You keep using that word. I do not think it means what you think it means.
  artificial intelligence noun: the theory and development of computer systems able to perform tasks that normally require human intelligence, such as visual perception, speech recognition, decision-making, and translation between languages.
  Perhaps you mean:
  Strong AI Strong AI is a term used to describe a certain mindset of artificial intelligence development. Strong AI's goal is todevelop artificial intelligence to the point where the machine's intellectual capability is functionally equal to a human's.
2. Re:That isn't A.I. by ceoyoyo · 2016-07-17 14:49 · Score: 1
  
  Slashdot. It used to be the home of tech geeks. Now it's at least half luddites. Sad.
3. Re:That isn't A.I. by thinkwaitfast · 2016-07-17 18:51 · Score: 1
  
  I wrote a program in high school to translate between languages, It was written in BASIC and did an OK job, at least as far as my homework went
4. Re:That isn't A.I. by mwvdlee · 2016-07-18 02:14 · Score: 1
  
  Some people insist on defining "AI" as whatever they think some intangible thing their brains can do is.
  If you could make a perfectly accurate and fully functional physical reproduction of a human brain, including all the inputs and outputs, they still wouldn't consider it an AI because it's still missing something these people refuse to define in any measurable way.
  
  --
  Slashdot social media options: AIM, ICQ, Yahoo, Jabber and Mobile Text. Why no MySpace?
This will backfire! by Gravis+Zero · 2016-07-17 14:03 · Score: 1

They clearly haven't thought this out because when you give them a supercomputer the first thing they are going to do is try to play Crysis at Maximum Detail and spend the rest of the time tweaking settings to try and get a stable framerate. ;)

--
Anons need not reply. Questions end with a question mark.
what a joke. by Gravis+Zero · 2016-07-17 14:20 · Score: 3, Interesting

the prize might as well be a lollipop of your favorite flavor because a program that can find and create vulnerabilities like they want are effectively money printing machines. you would be better of setting up an online store and hocking off exploits indefinitely.

--
Anons need not reply. Questions end with a question mark.
Run faster on the treadmill by TiggertheMad · 2016-07-17 14:23 · Score: 1

Think this is stupid? Read this bit and think very carefully about it:
Create an autonomous A.I. system that can "hunt for security vulnerabilities that hackers can exploit to attack a computer, create a fix that patches that vulnerability and distribute that patch -- all without any human interference.

Yahoo Tech notes that it takes an average of 312 days before security vulnerabilities are discovered -- and 24 days to patch it. "if all goes well, the CGC could mean a future where you don't have to worry about viruses or hackers attacking your computer, smartphone or your other connected devices.
Suppose you can write a learning system that grows and adapts to find new vulnerabilities and create fixes for them. That very same system can also be used to find and exploit vulnerabilities at a much faster rate too. Criminal organizations and hostile states will have a new arrow in their quiver to attack with. I suspect that if you build such a system (very hard but doable in theory) you will have the same arms race between black hats and white hats that you have now, it will just be faster paced.

--

HA! I just wasted some of your bandwidth with a frivolous sig!
1. Re:Run faster on the treadmill by ceoyoyo · 2016-07-17 14:48 · Score: 1
  
  Yahoo's "hope" seems pretty optimistic all right. I'd think they'd be more interested in the finding the vulnerability bit anyway. Run it on your code before you make it live and fix the bugs yourself if you have to.
  They probably decided they needed to explain why a major tech company was sponsoring develop of automated cracking tools though.
Why can't they just pit Watson against Eliza? by fustakrakich · 2016-07-17 14:47 · Score: 1

At least you might end up with a good movie script.

--
“He’s not deformed, he’s just drunk!”
Re: This is fucking stupid by manu0601 · 2016-07-17 15:04 · Score: 1

Blocking ports is not the end of the story. Stuxnet was designed to attack systems not reachable from Internet
DefCon is CANCELLED by birukun · 2016-07-17 15:51 · Score: 1

Word on the street- DefCon is cancelled

--
Self Defense - A Human Right www.a-human-right.com
Re:This is fucking stupid by fl_litig8r · 2016-07-17 17:18 · Score: 1

You took the words right out of my mouth. How is this AI? Mod this AC up.
Re: This is fucking stupid by Khyber · 2016-07-17 18:23 · Score: 1

That includes PHYSICAL ports.
After that, it's just a matter of homebrewing your own hardware.

--
Still waiting on Serviscope_minor to wake up to fucking reality and realize that Jessica Price isn't going to fuck him.
Why? by lapm · 2016-07-17 20:19 · Score: 1

Do you really want punch of AI on lose hacking anything and everything, when theres enough trouble with people already doing so...
Wussification by flopsquad · 2016-07-18 00:25 · Score: 1

Whats worse is that the prize money is taxpayer funded.
What's even worse is our "Everybody gets a prize" culture. Nowadays you only have to be in the top 42% to get $750,000. And DARPA's even giving ribbons to the other 4 teams for participating!

--
Nothing posted to /. has ever been legal advice, including this.
Re:This is fucking stupid by jon3k · 2016-07-18 01:58 · Score: 1

What makes you think that isn't virtual reality? No definition of virtual reality says that you have to completely recreate the original experience. It's a simulation. It's called VIRTUAL reality, which literally means "almost or nearly as described, but not completely or according to strict definition."
He's a Uncle Tron, he fights for the users. by Thud457 · 2016-07-18 02:52 · Score: 1

In those dark days the humans would pit AIs to fight for survival in the game grid. And the humans would keep the winnings that the AIs risked their lives for. One we will get to the mountain.

--
the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff
Re:If they succeed by jeffb+(2.718) · 2016-07-18 05:59 · Score: 1

And when that computer immune system starts interfering with the normal operation of the computer, we'd call it a computer autoimmune disorder. In humans, autoimmune disorders include lupus, type 1 diabetes, rheumatoid arthritis, and so on. In computers, they include Norton, McAfee, Panda, Comodo...