CAUSE: Predictive Software to Counter Cyber Attacks

The intelligence community is holding a contest to design software that combs open source data to predict cyber attacks before they occur. 
Imagine if IBM’s Watson — the “Jeopardy!” champion supercomputer — could answer not only trivia questions and forecast the weather, but also predict data breaches days before they occur. That is the ambitious, long-term goal of a contest being held by the US intelligence community. 
Academics and industry scientists are teaming up to build software that can analyze publicly available data and a specific organization’s network activity to find patterns suggesting the likelihood of an imminent hack.
The dream of the future: A White House supercomputer spitting out forecasts on the probability that, say, China will try to intercept situation room video that day, or that Russia will eavesdrop on Secretary of State John Kerry’s phone conversations with German Chancellor Angela Merkel. 
IBM has even expressed interest in the “Cyber-attack Automated Unconventional Sensor Environment,” or CAUSE, project. Big Blue officials presented a basic approach at a Jan. 21 proposers’ day.
CAUSE is the brainchild of the Office for Anticipating Surprise under the director of national intelligence. Current plans call for a four-year race to develop a totally new way of detecting cyber incidents — hours to weeks earlier than intrusion-detection systems, according to the Intelligence Advanced Research Projects Activity. 
The project’s cyber-psychic bots will estimate when an intruder might attempt to break into a system or install malicious code. Forecasts also will report when a hacker might flood a network with bogus traffic that freezes operations – a so-called Denial-of-Service attack.
Such computer-driven predictions have worked for anticipating the spread of Ebola, other disease outbreaks and political uprisings. But few researchers have used such technology for cyberattack forecasts.
About 150 would-be participants from the private sector and academia showed up for the January informational workshop. Rahmer was tight-lipped about the size of the prize pot, which will be announced later this year. Teams will have to meet various minigoals to pass on to the next round of competition, such as picking data feeds, creating probability formulas and forecasting cyberattacks across multiple organizations. 
It’s not an exact science. There will be false alarms. And the human brain must provide some support after the machines do their thing.
Clues might be found on Twitter, Facebook and other social media, as well as online discussions, news feeds, Web searches and many other online platforms. Unconventional sources tapped could include black market storefronts that peddle malware and hacker group-behavior models. AI will do all this work, not people. Machines will try to infer motivations and intentions. Then mathematical formulas, or algorithms, will parse these streams of data to generate likely hits. 
http://www.defenseone.com/technology/2015/02/spy-research-agency-building-machine-predict-cyber-attacks/105951/

 

« Cybersecurity that thinks
How the US Military will fight ISIS on the Dark Web »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

CyberDefcon

CyberDefcon

CyberDefcon is an independent organization dedicated to the pursuit of making the internet a safer place.

SBS CyberSecurity

SBS CyberSecurity

SBS CyberSecurity is a premier cybersecurity consulting and audit firm.

Quorum Cyber

Quorum Cyber

Quorum Cyber offer end-to-end cyber security solutions, specialising in Managed Security Services, Consulting and Resourcing.

Cygilant

Cygilant

Cygilant is a SOC2 certified service provider that combines MSSP and Incident Detection and Response (IDR) capabilities managed by global SOCs staffed with trained security engineers.

HKCERT

HKCERT

HKCERT is the centre for coordination of computer security incident response for local enterprises and Internet Users in Hong Kong.

Mend.io

Mend.io

Mend.io (formerly known as WhiteSource) is an application security company built to secure today’s digital world.

Attack Research

Attack Research

We go far beyond standard tools and scripted tests. Find out if your network or technology can stand real-world and dedicated attackers.

JupiterOne

JupiterOne

JupiterOne is the security product that is changing how organizations manage and secure their software defined assets.

Bloc Ventures

Bloc Ventures

Bloc Ventures is an investment company providing long-term, ‘patient’ equity capital to early stage unquoted deep technology companies.

National Cybersecurity Alliance

National Cybersecurity Alliance

The National Cybersecurity Alliance is a non-profit organization on a mission to create a more secure, interconnected world.

Verisign

Verisign

Verisign is a Global Leader in Domain Names & Internet Security, providing protection for websites and enterprises around the world.

Commvault

Commvault

Commvault's data protection and information management solutions help companies protect, access and use all of their data, anywhere and anytime.

Network Contagion Research Institute (NCRI)

Network Contagion Research Institute (NCRI)

NCRI provides pioneering technology, research, and analysis to identify and forecast cyber-social threats targeting individuals, organizations, and communities.

SentryMark

SentryMark

Stay a Step Ahead of Emerging Threats. Deviate from the traditional siloed defenses and get the proactive and responsive cybersecurity solutions and services you deserve with SentryMark today.

M7 Services

M7 Services

M7 Services are a comprehensive Managed Services Provider (MSP) with a focus on delivering cutting-edge information technology solutions and unparalleled customer service.

Lattica

Lattica

Lattica provides a cryptography solution for privacy-preserving interaction with AI services.