This week, tomorrow actually, DARPA is having a workshop for the Cyber Genome Program to try and find a way to collect digital DNA. Taking this straight from their page:
“The objective of the Cyber Genome Program is to produce revolutionary cyber defense and investigatory technologies for the collection, identification, characterization, and presentation of properties and relationships from collected digital artifacts of software, data, and/or users to support DoD law enforcement, counter intelligence, and cyber defense teams. Digital artifacts may be collected from live systems (traditional computers, personal digital assistants, and/or distributed information systems such as ‘cloud computers’), from wired or wireless networks, or collected storage media. The format may include electronic documents or software (to include malicious software – malware). The Cyber Genome Program will encompass several program phases and technical areas of interest. Each of the technical areas will develop the cyber equivalent of fingerprints or DNA to facilitate developing the digital equivalent of genotype, as well as observed and inferred phenotype in order to determine the identity, lineage, and provenance of digital artifacts and users.”
It is very interesting how not too long after we are discussing cyber warfare with China that DARPA is tasked with finding a way to prove “Whodunit”. But how effective can they really be at determining the true culprit of a malicious attack? I find that many folks already assume China or some East European faction is hacking the US at any given time and that if some government official came out and said they were no one would question them. Is there a political need to confirm who the attacker is? I am sure we would like there to be one but really, when it comes down to it who besides the team at DARPA would have the ability to call them on it? I find it alarming that they claim to be looking for a way to track someone through digital DNA when not even real DNA can be trusted anymore.