Palo Alto, CA, Dec. 08, 2015 (GLOBE NEWSWIRE) -- PARC, a Xerox company, today announced it has secured funding under a Defense Advanced Research Projects Agency (DARPA) program to research complex distributed computing environments to expose and potentially stop advanced cyber adversaries (aka Advanced Persistent Threats, or APTs).
PARC is part of a team led by Galois, Inc, that also includes University of Edinburgh, and Oregon State University. The team will offer A Diagnostics Approach for Persistent Threat detection (ADAPT) that enables stakeholders to better understand activities in their networks and computers by identifying subtle causal chains that represent malicious behavior and localize the root of such behavior in order to make recommendations on how to mitigate those effects.
The contract is from DARPA’s Transparent Computing (TC) program, which aims to make currently opaque computing systems more transparent by providing high-fidelity visibility into component interactions during system operation across all layers of software abstraction, while imposing minimal performance overhead.
Under the DARPA project, ADAPT will provide semantic descriptions of computational activities providing visibility into system behaviors. It will identify potentially suspicious activities, and further investigate distributed patterns of behavior that may characterize persistent threats. It will trace suspicious actions, and provide explanations to systems operators of evidence of the threats and propose possible mitigations.
Man + Machine
ADAPT will build on PARC’s capabilities in building systems that augment human capabilities (human-centered design). The human operator and computing system will work together to mitigate problems to satisfy security policy enforcement. Patterns will be seeded by human modeling, and can be augmented over time.
“We’re especially excited about our multidisciplinary approach that combines two of our core PARC competencies,” commented Dr. Hoda Eldardiry, PARC researcher and expert in machine learning, anomaly detection, and statistical relational learning. “Trying to solve tough computing problems with different perspectives helps us apply an innovative approach that only one ‘type’ of researcher may not achieve. I’m very much looking forward to working on this project to solve a very difficult problem.”
Dr. Johan de Kleer, PARC researcher and leader in the field of model-based diagnosis commented, “Our approach combines machine learning and model-based diagnostics to solve a very critical cyber security problem. Machine learning research classifies segments of events by the specific activities they represent. Model-based diagnosis reasons through various activities to identify causal links in order to trace back to root causes to explain various events.”
This project was funded by the Air Force Research Laboratory (AFRL) and the Defense Advanced Research Agency (DARPA).
About PARC
PARC, a Xerox company, is in the Business of Breakthroughs®. Practicing open innovation, we provide custom R&D services, technology, expertise, best practices, and intellectual property to Fortune 500 and Global 1000 companies, startups, and government agencies and partners. We create new business options, accelerate time to market, augment internal capabilities, and reduce risk for our clients. Since its inception, PARC has pioneered many technology platforms – from the Ethernet and laser printing to the GUI and ubiquitous computing – and has enabled the creation of many industries. Incorporated as an independent, wholly owned subsidiary of Xerox in 2002, PARC today continues the research that enables breakthroughs for our clients' businesses. To learn more about PARC, visit our website or contact engage@parc.com.
About Galois
Galois specializes in the research and development of innovative technologies that protect critical networks, systems, devices and vehicles by solving the most difficult problems in computer science. Our team obsesses over applied research that ensures the security, reliability, and privacy for trusted systems where failure is unacceptable.