The U.S. Defense Advanced Research Projects Agency (DARPA) has selected BAE Systems to develop data-driven, cyber-hunting tools that detect and analyze cyber threats to help protect extremely large enterprise networks.
The contract for Phase 1, 2, and 3 of the program is valued at approximately $5.2 million.
Because most current tools do not offer the scale and processing speed needed to adequately defend enterprise networks, the goal of DARPA’s Cyber-Hunting at Scale (CHASE) program is to develop, demonstrate, and evaluate new, automated cyber-defense tools for use within and across these types of networks. BAE Systems’ unique solution, which combines advanced machine learning and cyber-attack modeling, intends to address this critical need by automatically detecting and defeating advanced cyber threats that could currently go undetected. The result could be better-defended commercial networks, using existing storage and existing resources. The technology could also be used to help protect government and military networks.
“Today, advanced cyber attacks within many enterprise networks go entirely unnoticed among an overwhelming amount of network data, or they require intensive manual analysis by expert teams,” said Anne Taylor, product line director for the Cyber Technology group at BAE Systems. “Our technology aims to alleviate resource constraints to actively hunt for cyber threats that evade security measures, enhancing the collective cyber defense of these networks.”
BAE Systems’ efforts on the CHASE program builds on previous company work in real-time, cyber-defense based anomaly detection, evidence-driven decision making, and related techniques for DARPA, the U.S. Army, and the U.S. Navy. The company’s subcontractors and research partners on the program include Digital Operatives, Dr. Ruslan Salakhutdinov from Carnegie Mellon University, and Dr. Farshad Khorrami and team from New York University. BAE Systems’ work for the program will be performed in Arlington, Virginia.