http://blog.wired.com/defense/2008/05/the-pentagons-w.html
By Noah Shachtman
Danger Room
Wired.com
May 05, 2008
The Pentagon's way-out researchers don't just want to build an Internet
simulator, to test out cyberwar tactics. They want the range's
operators to "realistically replicate human behavior and frailties,"
too.
Congress has ordered the Defense Advanced Research Projects Agency, or
Darpa, to put together a National Cyber Range, as part of a massive (and
massively secret) $30 billion, government-wide effort better prep for
battle online. The project is now considered a top priority for the
Agency. And to make sure the facility is as true-to-life as possible,
Darpa wants the contractors running the Range to be able to "replicate
realistic human behavior on nodes," a request for proposals, released
today, reveals.
Specifically, the Agency wants to have its contractors:
* Provide robust technologies to emulate human behavior on all
nodes of the range for testing all aspects of range behavior.
* Replicants will produce realistic chain of events between many
users without explicit scripting behavior.
* Replicants must be capable of implementing multiple user roles
similar to roles found on operational networks.
* Replicant behavior will change as the network environment
changes, as the replicated “outside environment” (i.e. DoD
DefCon, InfoCon, execution of war plans, etc) changes, and as
network activity changes (detected attacks, degradation of
services, etc).
* Replicants will simulate physical interaction with device
peripherals, such as keyboard and mice.
* Replicants will drive all common applications on a desktop
environments.
* Replicants will interact with authenticate systems, including but
not limited to DoD authentication systems (common access cards –
CAC), identity tokens.
These mock people have to be able to "demonstrate human-level behavior
on 80 percent of all events," the Agency adds. And mimicking us
flesh-and-blood types is only one of a wide array of tasks Darpa wants
to see operators of the National Cyber Range, or NCR, pull off.
The facility should also feature a "realistic, sophisticated,
nation-state quality offensive and defensive opposition forces" that can
fight military info-warriors in mock combat. Contractors have to be
ready to create 10,000-node tests from government-provided "network
diagrams and configuration files" in less than two hours. And those
nodes can't just be computers tied into a faux Internet. The NCR's
operators should be able to "integrate, replicate, or simulate" military
satellite and digital radio communications, mobile ad-hoc networks,
physical access control systems, U.S. and foreign "unmanned aerial
vehicles, weapons, [and] radar systems" -- even "cyber cafes" and
"personal digital assistances [sic]."
Darpa is moving fast on the project, its first since the dawn of the
space age that comes from a direct order from Congress. Although
there's no money in the Agency's budget for the NCR -- yet -- Darpa has
already begun reaching out to potential contractors. Proposals for the
Range are due on June 30.
_______________________________________________
Attend Black Hat USA, August 2-7 in Las Vegas,
the world's premier technical event for ICT security experts.
Featuring 40 hands-on training courses and 80 Briefings
presentations with lots of new content and new tools.
Network with 4,000 delegates from 50 nations.
Visit product displays by 30 top sponsors in
a relaxed setting. http://www.blackhat.com
This archive was generated by hypermail 2.1.3 : Tue May 06 2008 - 01:52:53 PDT