Air Force looks to get proactive on cyber defense

Cyber deception and self-repairing code are among the techniques that AFRL is looking to develop.

The Air Force has put out a call for a range of proactive cyber defenses, including self-healing software and deceptive capabilities that could fool cyber attackers.

The Air Force Research Lab is launching an initiative to become more cyber resilient through five specific focus areas, according to a Broad Agency Announcement released on the FedBizOpps website earlier this month.

Overall, the service is looking for ways to increase situational awareness and assess potential impacts of attacks, as well as implement a deterrence and effects-based defense methodology. This includes research in trusted hardware and software, mission awareness, and recovery techniques.

The announcement names five focused research areas that the Air Force is investigating. Each focus area is only open for specific fiscal years:

Design Assurance (2014 – 2017). The Air Force is looking to develop mathematical specifications that would be able to prove how secure a hardware and software product is and develop proactive technologies to mitigate threats. The research will be used to create a design framework for assured cyber systems and develop a mathematically based security engineering culture.

Survival and Recovery of Essential Functions (2015-2017). Because current systems would not be able to withstand sophisticated attacks or accidents, AFRL is seeking systems that could find their own vulnerabilities and regenerate lost services and data. Examples of concepts that would fall under this thrust include self-protecting software systems capable of anticipating future threats, automatic repairs that could fix code and corrupted data, the identification of cyber defense metrics, and infrastructure virtualization.

Cyber Deception (2015 – 2016). The service wants tools that, similar to normal military operations, could provide cyber deception capabilities to trick and manipulate cyber attackers. Intended to be used solely on Defense Department networks, the mechanisms developed would have to be transparent to users and concealed from adversaries, all while impeding attackers by increasing the costs of their actions while providing increasingly limited gains. 

Cyber Agility (2015 – 2017). In addition to deception, the Air Force is also looking to develop maneuverability in the cyber realm, defending DOD networks by adding complexity and uncertainty for would-be attackers. At the same time, the Air Force is looking for techniques that would not adversely affect function and performance, and are transparent to network users.

Embedded System Resilience and Agility (2015 – 2017). The Air Force is looking to find preemptive defense approaches to protect vulnerable embedded systems. Embedded systems, which contain one or more microprocessors and software, often contain important information that represents significant security challenges. For instance, one focus falling under this research includes the command and control systems of unmanned aerial systems. The current research is looking to protect these assets without networking, and instead is focusing on hardware, software and advanced technical solutions.

Additional applications of the technology developed from this announcement could be used for attack geolocation, novel protocols, cloud security, mobile device security, virtualization security, cyber evaluation techniques, and cyber data modeling and mining.

Total funding for the announcement is approximately $49 million. The Air Force is currently accepting white papers on a rolling basis. The announcement will close on Sept. 30, 2019.