DARPA Defense Advanced Research Projects Agency

American Agency for Research and Development for the Needs of the Country's Defense. During its history, which began in 1958, it made several major discoveries related to weapons issues. Some of them subsequently began to be used at the civilian level.

DARPA participated in the development of the ARPANET network (later developed into the Internet), the BSD version of the Unix system, the TCP/IP protocol stack and robotic cars.

2024: US Department of Defense prepares new stealth network technology for hidden information transmission

The US Department of Defense Advanced Research Projects Administration (DARPA) announced^[1] in late September a new program for deploying and detecting so-called hidden (strange) networks ("Evidently Weird Network Deployment and Detection" - PWND2). It is assumed that a combination of formal methods and software-defined networks (SDN) will be used to create such hidden networks, which should replace the technology of "onion" Tor networks .

According to the description, the project will last 30 months, during which the research teams will seek to create a new subject-oriented language and formal analysis tools to verify the properties of PWND2 networks.

𝓲

DARPA

Supporting efforts to ensure Internet freedom and protect the US military, DARPA is investing in the development of technologies that provide trust in the information field, including the delivery of electronic messages in various forms and with various gradations of observation, the study said on the DARPA website. - In particular, the agency's Information Innovation Office (I2O) funds research and development to protect, detect attacks and measure the state of this area in a broad sense. The newest I2O program - PWND2 - will continue this legacy. Building on the success of the Resilient Anonymous Communication for Everyone (RACE) program, which recently published[2] its code on GitHub, PWND2 will develop formal models of emergent communication paths, also known as strange networks, to fundamentally improve deployment and detect reliable and persistent hidden networks.

It should be noted that the RACE project published on GitHub is an open source project aimed at developing technologies to ensure anonymous, secure and sustainable sharing of metadata for users around the world. RACE provides anonymity by directing messages through a network of voluntary servers using cryptographic algorithms that prevent a malicious subset of those servers from determining who is messaging whom. In fact, this is a continuation of Tor technology with its "onion" routing, but when using Linux containers and with Android support.

If we succeed, I foresee the creation of a new science about hidden networks, "explained Michael Lack, DARPA program manager for PWND2, the need for a new project. - What has traditionally been a craft process can be improved with mathematical techniques that provide greater reliability when deploying a network with a clear understanding of the choice between performance and privacy.

Michael Lack may understand the "craft process" as DNS-VPN technology, which hackers invented to output information from corporate networks using specially formed queries to DNS servers and specifying their own server. It is quite possible to classify this technology as "strange" until you understand its basic principle - the non-standard use of the network protocol for resolving DNS domain names. It is possible that other protocols of layers 2-3 of the OSI model can also be used to create similar hidden networks, but no longer "artisanal," but industrially using a new subject-oriented language.

Will it be possible to detect the use of such professional hidden networks?

This is quite real, - Sergei Golovanov, chief expert of Kaspersky Lab, assured TAdviser readers. - It will be possible to detect such activity only with the help of security solutions with the heuristic analysis function. Such analysis involves the use of non-concretized detection techniques to search for new and unknown patterns, such as the duration of a network session with high-entropy data transmission and search for deviations from standard-prescribed values. In any case, it will be a high-load system, demanding a large amount of analyzed data.

Actually, the use of such technologies for the hidden transmission of encrypted information is quite possibly already being tested on the Internet. In particular, GrayNoise discovered^[3] on the network the presence of "Noise Storms," the origin and purpose of which the company's specialists could not determine. These waves mainly consist of ICMP packets and TCP packets to port 443 (HTTPS) originating from millions of fake IP addresses from various sources such as QQ, WeChat and WePay. Moreover, in the generated ICMP packets, built-in ASCII-strings "LOVE" were found, which, as it were, hints at freedom from the dictatorship that DARPA promotes in its project.

GrayNoise specialists themselves have different theories about what is happening, such as incorrectly configured routers, the activities of control servers of some kind of malware, or attempts to carry out complex DDoS attacks. The company published on the same GitHub intercepted PCAP packets for two recent waves in the hope that specialists from other companies will be able to unravel the nature of the processes taking place on the Internet. However, these noise waves may not be associated with the PWND2 or RACE project and initiated by other actors - experts have not yet come to a common opinion.

2020: Victoria Coleman takes over as DARPA chief

In early September 2020 Victoria Coleman , she headed the Agency for Advanced Defense Research Projects (USA DARPA). Coleman has more than thirty years of experience in government, academia and the private sector, and has held senior positions in companies such as Atlas AI, Yahoo!,,, and Nokia. Samsung Intel More. here

2017: Investing in the development of an unbreakable computer

In December 2017, it became known that as part of the $50 million program of the Defense USA Advanced Research Projects Agency (DARPA) to improve cyber security , scientists from the University of Michigan are developing a security system that is built directly into the "iron" and making it unbreakable.

As part of its cybersecurity program, DARPA has identified seven classes of hardware vulnerabilities, and if they are removed, most of the possibilities for hacker attacks will be closed. Such vulnerabilities include permissions and access rights, buffer errors, resource management, information leakage, numerical and cryptographic errors, code injection. DARPA intends to eliminate them completely within 5 years.

DARPA funds development of unbreakable computer

DARPA has issued 9 grants under the System Security Integrated Through Hardware (SSITH) program, including $3.6 million in funding to a group of researchers from the University of Michigan to implement the project. In order not to allow hackers to commit hacking, scientists are developing such hardware that regularly and randomly moves data around the computer, destroying previous versions.

According to the developers, not only data that is potentially of interest to attackers is moved, but also any error that can be used. Thus, even if hackers manage to get to confidential data, they will move again before they have time to use it.

As a rule, the location of such data never changes, so if hackers solved the puzzle and found where the gap is and where the data is, then "game over," says Todd Austin, lead researcher at Morpheus. "We make the computer an intractable puzzle. It's like if you collect the Rubik's Cube and every time you blink I'm him.[4]

Notes