The DARPA Cyber Defense Program is developing the core computing and networking technologies required to protect DoD's information, information infrastructure, and mission-critical information systems. This includes new cyber-forensic techniques to automate the discovery, identification, and characterization of malware variants and thereby accelerate the development of effective responses. Such responses could include dynamic quarantine techniques that employ static and dynamic code analysis for program understanding.
The Cyber Defense Program is also developing network traffic monitoring techniques with performance and scalability orders of magnitude better than conventional approaches. The technologies being developed by the Cyber Defense Program will provide cost-effective cyber security and survivability solutions that enable DoD information systems to operate correctly and continuously even when they are attacked.