DARPA CASTLE项目强化计算机网络

DARPA使用人工智能创建现实环境并训练网络智能体以应对高级持续性网络威胁

在保护关键计算资产方面，不断扩大的网络攻击面、频繁的计算机漏洞扫描和繁重的安全程序造成了一场看似不平衡的战斗。将这些因素与通常缺乏可操作反馈的昂贵的网络安全评估相结合，有利于网络攻击者。

DARPA打算通过一个专注于技术的CASTLE项目来改变这种态势，该项目可以通过自动化、可重复和可测量的方法加速网络安全评估。

用于安全测试和学习环境的网络智能体(Cyber Agents for Security Testing and Learning Environments，CASTLE)项目旨在通过开发一个工具包来改进网络测试和评估，该工具包可实例化现实网络环境并训练AI智能体以防御高级持续性网络威胁(advanced persistent cyber threats，APT)。团队将使用强化学习方法来自动化减少网络漏洞的过程。

DARPA信息创新办公室的CASTLE项目经理Tejas Patel说：“攻击者通常比防御者更了解网络漏洞”“强化学习可以创建和培训网络智能体，这些智能体比当前解决网络中APT的手动方法更有效。”

CASTLE的另一个目标是创建开源软件，帮助网络防御者预测攻击者可能利用的漏洞。作为一项重要的好处，CASTLE软件创建的数据集将促进对超出程序生命周期的防御方法进行开放、严格的评估。

更多信息也可以在CASTLE广泛的机构公告中找到。

https://www./news-events/2022-10-24

DARPA’s CASTLE to Fortify Computer Networks

DARPA accepting proposals using AI to create realistic environments and train cyber agents to counter advanced persistent cyber threats

An ever-expanding cyber-attack surface, infrequent computer vulnerability scans, and burdensome security procedures create a seemingly lopsided battle when it comes to defending critical computing assets. Couple those factors with costly cybersecurity assessments that often lack actionable feedback, and the odds may appear to favor bad actors.

DARPA intends to change that dynamic through a new program focused on technology that can accelerate cybersecurity assessments with automated, repeatable, and measurable approaches.

The Cyber Agents for Security Testing and Learning Environments (CASTLE) program seeks to improve cyber testing and evaluation by developing a toolkit that instantiates realistic network environments and trains AI agents to defend against advanced persistent cyber threats (APTs). Teams will use a class of machine learning known as reinforcement learning to automate the process of reducing vulnerabilities within a network.

“Attackers often have a better understanding of network vulnerabilities than defenders but it doesn’t have to be that way,” said Tejas Patel, CASTLE program manager in DARPA’s Information Innovation Office. “Reinforcement learning may enable the creation and training of cyber agents that are much more effective than current manual approaches for addressing APTs in networks.”

Another goal of CASTLE is to create open-source software that can help network defenders anticipate vulnerabilities an attacker may exploit. As an important benefit, datasets created by the CASTLE software will promote open, rigorous evaluation of defensive approaches that last beyond the life of the program.

More information can also be found in the CASTLE Broad Agency Announcement.