DARPA Information Assurance Program dynamic defense experiment summary

Several types of experiments are being conducted by the Defense Advanced Research Projects Agency (DARPA) Information Assurance (IA) Program in DARPA's IA Lab. This research program is driven by concepts of strategic cyberdefense. Each experiment involves a carefully formulated hypothesis that is intended to be either supported or refuted by the experimental testing. In many cases, "red team" attackers participate in all phases of the experiment and contribute to generating the data required to test the hypothesis. The red team is usually structured to model a well-resourced adversary, such as a foreign, national intelligence agency. The particular experiment described here explored one aspect of the IA program's grand hypothesis of dynamic defense: "Dynamic modification of defensive structure improves system assurance." This experiment concentrated on the assertion that autonomic response mechanisms can improve overall system assurance by thwarting an attack while it is underway. In most cases, each attack in this experiment was run first with only "prevent and detect" mechanisms enabled, then repeated with "prevent, detect, and respond mechanisms" enabled. The key result of this experiment is that the hypothesis was supported.