August 16, 2024 at 06:40AM
The DARPA AI Cyber Challenge (AIxCC) semifinal competition at DEF CON 32 last week saw seven teams advance to the finals, each being awarded a $2 million prize. Partnered with ARPA-H, teams worked to secure open-source infrastructure software, with the aim of protecting critical infrastructure. The final competition will take place in August 2025.
The meeting notes indicate that seven teams have advanced to the finals of the DARPA AI Cyber Challenge (AIxCC) after the semifinal competition held at DEF CON 32. The advancing teams were each awarded a $2 million prize and will participate in the final competition in August 2025.
The competition, a partnership between DARPA and the Advanced Research Projects Agency for Health (ARPA-H), focused on designing AI systems to secure open-source infrastructure software used across various sectors. The urgent need to protect critical infrastructure was highlighted due to the vulnerabilities in the software’s large attack surfaces and lack of security tools at scale.
Teams were tasked with developing Cyber Reasoning Systems to find and fix vulnerabilities in Challenge Projects designed by AIxCC experts. Nearly 40 teams submitted systems, resulting in the discovery and patching of 22 unique synthetic vulnerabilities, including 11 unique C-based and 4 Java-based challenges. Additionally, a real-world bug in SQLite3 was found and disclosed.
The final round of the competition will occur in August 2025, where the winning teams will share a prize of $29.5 million. Participants are required to release their systems as open-source software after the competition.
One team, “all_you_need_is_a_fuzzing_brain”, will advance to the final, and teams have one year to further develop their technology before the competition.