The Mayhem Cyber Reasoning System

The Mayhem Cyber Reasoning System

Mayhem is one of the first generation of autonomous computer security bots that finds and fixes vulnerabilities without any human intervention. Mayhem won the DARPA Cyber Grand Challenge (CGC) contest and 2,000,000 in August 2016 against six other finalists. The contest was the result of a two-year...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:IEEE security & privacy 2018-03, Vol.16 (2), p.52-60
Hauptverfasser: Avgerinos, Thanassis, Brumley, David, Davis, John, Goulden, Ryan, Nighswander, Tyler, Rebert, Alex, Williamson, Ned
Format: Magazinearticle
Sprache:eng
Schlagworte:
Autonomous systems
Commercialization
Computer bugs
Computer hacking
Computer security
Cybersecurity
debugging
formal methods
Games
Hacking without Humans
program verification
Program verification (computers)
R&D
Research & development
security
Servers
Software engineering
Software reliability
testing
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Mayhem is one of the first generation of autonomous computer security bots that finds and fixes vulnerabilities without any human intervention. Mayhem won the DARPA Cyber Grand Challenge (CGC) contest and 2,000,000 in August 2016 against six other finalists. The contest was the result of a two-year DARPA program, but the R&D necessary to compete stands on the shoulders of decades of basic academic and industry scientific research in program analysis, verification, and self-healing systems. The Mayhem system alone was developed over a decade of research in academia, which was spun out to a company called ForAllSecure. Mayhem is now being commercialized by ForAllSecure to autonomously check and protect the world's software from exploitable bugs. In this article, we look back and give our story in creating Mayhem, and also look forward to a vision where autonomous security bots like Mayhem will radically improve the security of computer systems.
ISSN:1540-7993
1558-4046
DOI:10.1109/MSP.2018.1870873