The US Government’s Defense Advanced Research Projects Agency (DARPA) is launching the AI Cyber Challenge, a two-year contest aimed at finding the best AI tools for identifying and fixing software vulnerabilities. Here are the key details:
- Collaboration: The challenge is being conducted in collaboration with industry giants such as OpenAI, Google, and Microsoft. The Linux Foundation’s Open Source Security Foundation (OpenSSF) will serve as the challenge advisor.
- Prize Pool: There’s a total prize pool of $18.5 million up for grabs. Small businesses participating in the challenge will receive $1 million each from DARPA to develop their AI-based tools.
- Objective: The participating teams, all based in the US, are tasked with creating AI systems capable of automatically defending software, especially critical infrastructure code, from cyberattacks.
- Software Vulnerabilities: The challenge is motivated by the increasing number of software vulnerabilities, particularly in open source code. The proliferation of open source software has created opportunities for supply chain attacks.
- Executive Order: President Biden recently signed an executive order aimed at improving cybersecurity standards for software used in the government, emphasizing the importance of secure software supply chains.
- AI’s Role: AI is seen as a key technology to help improve cybersecurity by automating threat detection and response. However, it’s essential to ensure that AI is used responsibly and effectively.
- Competition Timeline: The qualifying round for the AI Cyber Challenge is scheduled for Spring 2024. The top performers will be invited to the semifinals at DEF CON 2024, and the winners will compete in the final at DEF CON 2025.
- Open Source: While participation in the challenge is voluntary, winners will be encouraged to make their developed AI systems open source. This aligns with the broader trend of open sourcing AI tools and technologies to promote transparency and collaboration.
Overall, the AI Cyber Challenge represents an effort to harness AI’s potential for enhancing cybersecurity and defending critical software infrastructure against evolving cyber threats.