Current Challenge Problems
Current Challenge Problems
DreamPort is excited to announce three challenge problems we will focus on over the next several months. The challenge problems can be divided into functional capability (e.g., vulnerability research) and enabling technologies (e.g., machine learning). We are ultimately looking for functional capability, but the underlying solution should integrate one or more of the enabling technologies. The three capability areas include: vulnerability research, signature diversity, and global awareness of malware. The following short descriptions should serve as guiding and not be limiting or constraining.
DreamPort seeks innovative and creative ways to decrease the time to conduct vulnerability research and discover unknown vulnerabilities. We are looking for tools, techniques, algorithms, and/or approaches that enable expeditious vulnerability. The topic areas include, but not limited to, research in symbolic execution, graph analysis, research and automated proof of concept generation and advanced fuzzing techniques. The solutions should consider all platforms (e.g., computers, servers, mobile devices, IoT devices, SCADA/ICS systems), applications (e.g., commercial, open source, custom), operating systems (e.g., Windows, OS X, proprietary, IoT) and device firmware.
DreamPort seeks innovative and creative solutions to ensure continual operations when a vulnerability is found in common software, common libraries, and shared infrastructure. The benefits afforded by open source and reusable code can be offset when a single vulnerability is found in the codebase. We seek new approaches that increase our defense and minimize the impact of these devastating impacts by leveraging signature diversity and obfuscation to change the software, library, or shared infrastructure. We seek applied research in automated remediation mitigation and patch generation. Speed and cross-platform survivability is a must. Solutions should not be limited to just computers and servers. We are interested in discovering solutions across Internet of Things (IoT) devices, SCADA devices, and other non-standard platforms.
Global Situational Understanding of Malware
DreamPort seeks innovative and creative solutions to discover and track adversaries' maneuvers of malware in our infrastructure; this knowledge should leverage the knowledge gained from the specific malware's global footprint and manuevers. The ability to monitor malware in our infrastructure will allow us to better understand the specific goals and objectives of the malware, determine the adversary's intentions and attribute malicious activities. Some example needs include, but not limited to, are rapid malware detection leveraging dynamic, behavioral anti-virus solutions, advanced signature measurement solutions, and high-speed signature matching. DreamPort is seeking applied research in automated indicator of compromise generation as well.
DreamPort will prioritize solutions that explicitly demonstrate innovation in artificial intelligence, machine learning, zero trust networking, and quantum computing.
If you have ideas or solutions in these areas, please attend one of our two challenge problem discussion panels. The panels will include technical leaders from USCYBERCOM's Capabilities Development (J9), USCYBERCOM's Advanced Research and Development (ARD) division, Technical Outreach division, and Cyber Mission National Forces (CNMF).