Cybersecurity program from DARPA seeks to use AI to counter threatsNews
October 24, 2022
ARLINGTON, Va. The Defense Advanced Research Projects Agency (DARPA) launched a program it calls CASTLE [Cyber Agents for Security Testing and Learning Environments] that intends to counter advanced persistent cyberthreats with a focus on technology that can accelerate cybersecurity assessments with automated, repeatable, and measurable approaches.
CASTLE teams will develop a toolkit that instantiates realistic network environments and trains artificial intelligence (AI) agents to defend against advanced persistent cyber threats (APTs) using a class of machine learning (ML) known as "reinforcement learning" to automate the process of reducing vulnerabilities within a network.
The program is also tasked with creating open-source software that can help network defenders anticipate vulnerabilities and create datasets that will promote open, rigorous evaluation of defensive approaches that last beyond the life of the program.
Tejas Patel, CASTLE program manager in DARPA’s Information Innovation Office, said of the program: “Attackers often have a better understanding of network vulnerabilities than defenders but it doesn’t have to be that way. Reinforcement learning may enable the creation and training of cyber agents that are much more effective than current manual approaches for addressing APTs in networks.”