The CASTLE program seeks to develop an AI toolkit to instantiate realistic network environments and train cyber agents to enable resilient network operations against advanced persistent threats (APT).
The program will develop open-source technology to generate training environments and enable cyber agents to perform controlled, measurable, and repeatable security assessments.
CASTLE will formulate network hardening as a reinforcement learning (RL) problem and train defensive agents in open, evolving, and adversarial environments that mimic actual networks. Environments execute agents inside instrumented subnets that are deployed to live networks and will simulate defensive actions that counter APT tools. Agent execution will produce calibrated datasets for progressively improving simulations. As an important benefit, toolkit datasets will promote open, rigorous evaluation of defensive approaches beyond the program.
DARPA is soliciting innovative proposals in the following technical areas:
- Automated instantiation of realistic network environments
- Learn defensive actions for maintaining operationally-relevant workflows
- Enumerate possible attack paths
– Proposals due 22 December 2022