DHS scientists to show AI-backed cybersecurity at RSA conference

The inclusion of network security tools powered by artificial intelligence in the DHS showcase confirms that RSA will mark the arrival of a new generation of cybersecurity technology powered by machine learning.
(Getty Images)

Scientists from the Department of Homeland Security will be at the annual RSA Conference next week, showcasing new cybersecurity technologies ready for the marketplace, including several involving artificial intelligence.

The news seems to confirm what many observers are predicting: the massive security conference in San Francisco will be a coming-out party for a new generation of cybersecurity technology powered by machine learning, or AI.

A dozen new, leading-edge technological tools developed by academic institutions or the U.S. national labs will be on display, DHS Science and Technology Directorate Spokesman John Verrico told CyberScoop, FedScoop’s sister publication.

“These are technologies that we are sponsoring through our ‘Transition to Practice’ program,” Verrico said.


DHS conducts regular “tech foraging” at federally funded academic institutions and selects about eight mature cybersecurity technologies a year for the 36-month program, according to its website. The selection focuses on gaps that DHS sees in the commercial marketplace, according to the website. The program is designed to help technologies get across the so-called “valley of death” between development and adoption via the marketplace.

The tools being showcased at RSA include using some form of AI or machine learning:

  • CHARIOT — A tool that uses machine learning to filter open-source social media searches to help eliminate topics irrelevant to cybersecurity analysts. The tool was developed by the Lincoln Laboratory at the Massachusetts Institute of Technology.
  • SilentAlarm — A technology for detecting abnormal network traffic developed by the Pacific Northwest National Laboratory that depends on dynamic behavior knowledge. The system uses machine learning and Bayesian inference to construct hypotheses regarding likely malicious activity on the network, and — when confidence about a particular piece of traffic  is sufficiently high — take a security action, like generating an alert or blocking access.
  • Dynamic Defense/Network Randomization — Dynamic Defense, developed by Sandia National Labs, uses a set of machine learning algorithms known as “chess master” to detect system patterns that deviate from normal operations, identify malicious activity employ mitigation  measures. It “provides situational awareness to an operator and uncertainty to an adversary.”

The Transition to Practice program includes training for the technology’s inventors, marketing, testing and evaluation, pilot deployment, and outreach. The technologies are “introduced to potential partners, investors, and integrators,” at a nationwide series of demonstration days, including at events similar to the RSA conference. It supports several different paths to the marketplace “including open source, licensing, startups, adoption by cyber operators, and government use.”

“Many of these technologies would find it hard to reach the marketplace” outside the of the program, said Verrico, noting that eight technologies had been successfully transitioned since its launch in 2012.

The DHS website has a complete list of the technologies being showcased at RSA, and a timetable of demonstrations here.

A list of the program’s eight successful technologies so far is here.

Latest Podcasts