DARPA prize-winning bot Mayhem deploys to seek flaws, shut out botnets

darpa mayhem bot cyber grand challenge winners
DARPA
In a riff on Hitchcock’s To Catch a Thief, a powerful software bot is being used to defeat botnets. Carnegie Mellon spinoff ForAllSecure’s Mayhem software won $2 million in a Defense Advanced Research Projects Agency (DARPA) Pentagon hacking contest in Las Vegas last August, according to MIT Technology Review.

Mayhem is the creation of Carnegie Mellon professor David Brumley and two of his graduate students. In the DARPA contest, called the Cyber Grand Challenge, the competitors had two tasks: Fix and defend assigned server software and hack the server code assigned to other teams. The purpose of the contest, which awarded a total of $4 million in prizes, was to encourage the automating computer security tasks. DARPA states the primary focus is the development of defensive software, MIT Technology Review reports.

Fresh from the bot battle, Brumley and his company are adopting Mayhem for commercial applications, intended to find flaws in internet firmware, starting with, but not limited to, routers. In 2016 the group tested some parts of Mayhem’s code with nearly 2,000 router firmware images. In the course of testing, the code found that more than 40 percent of the routers had at least one vulnerability including 14 that had never before been detected and were involved in 69 separate software builds.

One of the biggest challenges with internet device vulnerabilities is chasing down and updating products from past product cycles. The promise of Mayhem is its potential to both detect and repair or defend against vulnerabilities quickly. One example is a botnet — a large number of computers or devices, often in the tens and hundreds of thousands, that are unknowingly recruited for malicious purposes by computer malware. When each of the multitude of devices is directed to make multiple, rapid requests of a single website in order to overwhelm servers and effectively shut down the site, it’s called a “distributed denial of service” (DDoS) attack.

After last October’s massive DDoS attack using vulnerability in smart home web cameras, the need for better screening and protection was underscored, particularly in devices purchased by less-knowledgeable users.

Mayhem’s job will be to find and patch immediately. “Now when a machine is compromised it takes days or weeks for someone to notice and then days or weeks — or never — until a patch is put out,” Brumley said. “Imagine a world where the first-time a hacker exploits a vulnerability he can only exploit one machine and then it’s patched.”

Answering concerns that human security experts will still want to check the work of defensive bots, according to Brumley even the United States government still wants to have a “human in the loop.”

“I’m not against that, but I feel that it slows down the process,” Brumley said.

Computing

Logitech’s G MX518 gaming mouse pairs classic looks with all-new tech

Logitech is relaunching one of its most popular classic gaming mice, the MX518. Now called the G MX518, it sports upgraded internals that give it a 16,000 DPI optical sensor and new and improved memory.
Gaming

You're never too broke to enjoy the best free-to-play games

Believe it or not, free-to-play games have evolved into engaging, enjoyable experiences. Here are a few of our favorites that you can play right now, including Warframe and the perennially popular League of Legends.
Gaming

These are the must-have games that every Xbox One owner needs

More than four years into its life span, Microsoft's latest console is finally coming into its own. From Cuphead to Halo 5, the best Xbox One games offer something for players of every type.
Gaming

Your PlayStation 4 game library isn't complete without these games

Looking for the best PS4 games out there? Out of the massive crop of titles available, we selected the best you should buy. No matter what your genre of choice may be, there's something here for you.
Computing

Microsoft could be planning a laptop with foldable screen, hints patent filing

Filed in late 2017 and titled "Bendable device with Display in Movable Connection With Body," the patent filing explains a new mechanism for laptops which can eliminate a hinge and allow the screen to fold shut from the inside,
Deals

From Chromebooks to MacBooks, here are the best laptop deals for February 2019

Whether you need a new laptop for school or work or you're just doing some post-holiday shopping, we've got you covered: These are the best laptop deals going right now, from discounted MacBooks to on-the-go gaming PCs.
Computing

With no plans for merging operating systems, Apple opts to combine apps instead

Apple is working on combining all of the the apps it offers to iPhone, iPad, and Mac users by 2021. App developers will soon be able to build and submit one version of their apps to be used by Apple product users.
Computing

Is AMD's Navi back on track for 2019? Here's everything you need to know

AMD's Navi graphics cards could be available as soon as July 2019 — as long as it's not delayed by stock problems. Billed as a successor to Polaris, Navi promises to deliver better performance to consoles, like Sony's PlayStation 5.
Deals

Here are the best Chromebook deals available in February 2019

Whether you want a compact laptop to enjoy some entertainment on the go, or you need a no-nonsense machine for school or work, we've smoked out the best cheap Chromebook deals -- from full-sized laptops to 2-in-1 convertibles -- that won't…
Computing

RTX might be expensive, but the 16 series could have the best Nvidia Turing GPUs

Set to debut at a step below the RTX 2060 on the price and performance spectrums, the GTX 1660 Ti and its other 16-series brethren could be Nvidia's killer mid-range cards of 2019 — especially with Tensor Core-powered DLSS.
Computing

Ryzen 3000 chips will be powerful, and they might be launched as early as July

AMD's upcoming Ryzen 3000 generation of CPUs could be the most powerful processors we've ever seen, with higher core counts, greater clock speeds, and competitive pricing. Here's what we know so far, based on both leaks and the recent…
Gaming

These are the coolest games you can play on your Google Chrome browser right now

Not only is Google Chrome a fantastic web browser, it's also a versatile gaming platform that you can access from just about anywhere. Here are a few of our favorite titles for the platform.
Computing

Amazon takes $200 off Apple’s latest 13-inch MacBook Air with retina display

Amazon is taking $200 off Apple's latest MacBook Air. This MacBook Air has 13-inch retina display, a built-in FaceTime HD camera, and that classic lightweight wedge shape the Air is loved and known for.
Deals

Samsung drops a solid $100 discount on the Chromebook Pro

If you're in the market for a new laptop, but can't afford to drop $1,000 on one of the best models out there, Chromebooks are an excellent option. Right now, Samsung is offering $100 off the Samsung Chromebook Pro.