Other security experts enlisted include Dan Roelker, whose background includes a stint at Raytheon where he started the DC Black Ops security unit. He also helped start Sourcefire, the intrusion detection company, and was a lead Snort developer. For DARPA he is now developing what he calls offensive security software.
"The current hacker vs. hacker mentality doesn't work very well and it doesn't scale," Roelker said. One of the main areas his research is looking at is automation, where DARPA can develop technology that lets a single operator handle multiple security missions.
Still others, such as Tim Fraser, who came from Microsoft's anti-malware group, are looking at ways to exploit and reuse code from current malware strings. The idea, Fraser said, is to extract malware features, study their evolution of malware and come up with an automated way to compare malware components and rapidly figure what's old and what's new. That method would conserve analysts' time, reduce costs and let analysts concentrate on the new component of a threat, he stated.
Sign up for MIS Asia eNewsletters.