DARPA Cyber Range Project Doomed to Failure - Slashdot

Slashdot

DARPA Cyber Range Project Doomed to Failure 41

Posted by ScuttleMonkey on Friday June 06, 2008 @06:21PM
from the long-way-behind-the-power-curve dept.

carusoj writes "Former black-hat hacker Noah Schiffman details why DARPA's National Cyber Range project is bound to fail. The NCR is proposed as a simulation of the Internet, including replicating 'human behavior and frailties.' Schiffman argues that if the Defense Department is really building something of this scope, it might as well use the actual Internet."

This discussion has been archived. No new comments can be posted.

DARPA Cyber Range Project Doomed to Failure

Search 41 Comments Log In/Create an Account

Comments Filter:

What does "failure" mean though? (Score:5, Insightful)

by biolysis (1303409) writes: on Friday June 06, 2008 @06:23PM (#23688509)

Won't they be learning valuable lessons even if they fail to meet their mission objectives?

Share
twitter facebook linkedin
By using the actual internet.... (Score:5, Insightful)

by Hankapobe (1290722) writes: on Friday June 06, 2008 @06:31PM (#23688597)

you can't run 'what-if' scenarios and keep certain variables constant.
On the other hand, by using the internet, the powers that be wouldn't be able to rig or dumb down any tests so that they succeed. Like they did with some of the Star Wars tests. Useful when justifying budgets to Congress.

Share
twitter facebook linkedin
I disagree (Score:4, Insightful)

by WarJolt (990309) writes: on Friday June 06, 2008 @06:40PM (#23688691)

In the end, the underlying necessity of this project is an impossibility-the simulation of true human behavior. If this was possible, and one could accurately know and predict online behavior, the acceleration of these calculations would border the lines of predeterminism and precognition. This type of "sci-fi success" would render the creation of the NCR unnecessary, since it would create the ability to anticipate, know, and adequately prepare for all future cyber attacks.
I don't think the goal is to reproduce human behavior, but reproduce the environment and basic human input. I'd argue that the user is not the cause of most vulernerabilities. Most vulernabilities are flaws with the applications, architectures, systems and protocols themselves. The human factor for most vulnerabilities has already been compiled into applications distributed and is ready for testing. There is already AI that searches for vulnerabilities in systems. This is just looking for it on a massive scale.

Share
twitter facebook linkedin
Pretty good idea. (Score:2, Insightful)

by ZonkerWilliam (953437) * writes: on Friday June 06, 2008 @06:42PM (#23688709) Journal

They (DARPA) Can't test for every outcome at once, but they could and most likely will get valuable information when they test for well defined attacks.

Share
twitter facebook linkedin
Bogus analysis - not 30 billion. (Score:5, Insightful)

by Animats (122034) writes: on Friday June 06, 2008 @07:21PM (#23689051) Homepage

Nothing in the solicitation has a $30 billion price tag on it. No idea where that number came from. There are no dollar amounts at this stage; DARPA is soliciting bids.
What DARPA is asking for is a 10,000 node Internet simulator, and that's in the final phase. The whole system can be started, stopped, and flushed to a clean state for new tests. Users are simulated: "Replicants will simulate physical interaction with device peripherals, such as keyboard and mice. Replicants will drive all common applications on a desktop environments." Attacks on the network are supported; the vendor even has to provide a "malware library".
The simulated machines have to be simulated at a fine level of detail. "The NCR must be capable of taking a physical computer and rapidly creating a functionally equivalent, logical instance of that machine that can be replicated repeatedly and injected into a testbed. Given a never-before-seen physical computing device, create logical instantiations of the physical native machine that accurately replicates, not only the software on the machine, but hardware to the interrupt level, chipset, and peripheral cards and devices.". That's going to be hard. They may end up with real computers hooked up to peripherals that simulate human inputs. (DoD does this all the time; it's how flight control software is debugged. Serious flight simulators use the real "black boxes" of real aircraft with simulated inputs and outputs.) They need that level of fidelity because they want to observe virus and attack behavior.
This is going to be a useful asset.

Share
twitter facebook linkedin

There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.

Related Links Top of the: day, week, month.

546 commentsChanging the Ratio of Women In Tech: How Etsy Did It
334 commentsLast Forking Warning For Bitcoin
274 commentsBotched Security Update Cripples Thousands of Computers
234 commentsFedora 19 To Stop Masking Passwords
211 commentsMitigating Password Re-Use From the Other End

I feel like I'm in a Toilet Bowl with a thumbtack in my forehead!!