DARPA Readies Program to Safeguard Mixed Reality Users from Cognitive Attacks

DARPA is putting together the Intrinsic Cognitive Security ( ) research program “to build tactical mixed reality systems that protect against cognitive attacks.” ICS As the Pentagon sees (MR) becoming ubiquitous in future military missions, the US ( ) is looking to protect users against cognitive attacks in this hybrid environment. mixed reality Defense Advanced Research Projects Agency DARPA “The ICS program seeks breakthrough innovation for computational science to build tactical mixed reality systems that protect against cognitive attacks” DARPA, Intrinsic Cognitive Security (ICS) program, October 2023 According to the DARPA , such attacks can include: ICS program description Information flooding to increase equipment latency and induce physical illness. Planting real-world objects to overwhelm displays. Subverting a personal area network to sow confusion. Injecting virtual data to distract personnel. Using objects to overwhelm a user with confusing false alarms. Assessing user status through an eye tracker. And other potential attacks. Apart from military applications, DARPA’s new program could provide us with a glimpse into the future of the commercial metaverse and how bad actors could manipulate mixed reality environments in nefarious ways. ICS Criminal groups, governments, and corporations could weaponize the by manipulating mixed reality systems in real-time to be able to see what you see, to know what you are feeling, and to potentially plant deceptive information in order to achieve a desired reaction. metaverse A published in in 2020 lists five types of threats to mixed reality environments: research paper Procedia Computer Science : Involves challenges towards ensuring the security and privacy of data gathered and inputted to MR platform. Input Protection : The MR eye-wear can capture the sensitive information on the user’s desktop screen such as e-mails, chat logs. These necessary protections can be mapped to properties of concealment, unobservability & undetectability, and content awareness. Example : A large amount of data collected from the sensors is stored in the database or other forms of data storage. The main threats to data collection are tampering, denial of service, and unauthorized access among others. Data Protection : An adversary can tamper MR targets to elicit a different response from the system or to outright deny a service. Aside from security threats, likability, detectability, and identifiability are some of the privacy threats that results from continuous or persistent collection of data. Example : After the data is processed, the application sends output to the MR device which is to be displayed. In MR the applications may have access to other application outputs and thus can modify those outputs making them unreliable. Output Protection : Output displays are vulnerable to physical inference threats or visual channel exploits such as shoulder-surfing attacks. These are the same threats to user inputs especially when the input and output interfaces are on the same medium or are integrated together. Example : MR includes the utilization of other sensing and display interfaces to allow immersive interactions. One of the key prospects is how users can share MR experiences with guarantee of security and privacy of information. User Interaction Protection : An adversarial user can potentially tamper, spoof, or repudiate malicious actions during these interactions. As a consequence, genuine users might go through denial of service. Additionally, their personal data might have been compromised, leaked and used. Example : The MR interfaces are exposed to malicious and harmful interpretation leading to discovery of input and output display information. Device Protection : The head mounted displays (HMDs) display the content through its lenses, which other people can see from outside leading to leakage and external observation. Devices like a camera, which are also categorized as visual capture devices, are used to capture and extract this information which was leaked from the HMDs. Example A report by adds, “ .” Kaspersky It is nearly impossible to anonymize VR and AR tracking data because individuals have unique patterns of movement. Using the behavioral and biological information collected in VR headsets, researchers have identified users with a very high degree of accuracy – presenting a real problem if VR systems are hacked For DARPA’s program, the core technical hypothesis is that “formal methods can be extended with cognitive guarantees and models to protect mixed reality users from cognitive attacks.” ICS As “cognitive models represent aspects of human perception, action, memory, and reasoning,” DARPA’s program will “extend formal methods by explicitly creating and analyzing cognitive and other models as part of MR system development to protect the warfighter from adversary attacks.” ICS “Mixed reality integrates virtual and real worlds in real-time and will be ubiquitous in future military missions, including missions involving dismounted soldiers” DARPA, Intrinsic Cognitive Security (ICS) program, October 2023 For years, the US Department of Defense (DoD) has been funding research to equip its warfighters with . technologies to augment their capabilities For example, both DARPA and the Defense Innovation Unit (DIU) have been looking to mixed reality and hand-held devices for operators to interact with upwards of 250 autonomous vehicles through a military tactic known as swarming. In 2018, DARPA launched its OFFensive Swarm-Enabled Tactics ( ) program to leverage augmented and virtual reality, along with voice, gesture, and touch-based technologies, to enable users to interact with potentially hundreds of unmanned platforms simultaneously in real time. OFFSET And in March 2021, the that would allow soldiers to operate multiples types of unmanned air and land vehicles using wearable and handheld controllers. DIU was looking for commercial solutions Now, the Pentagon is looking to protect users from cognitive attacks in those mixed reality environments. Will solutions coming out DARPA’s program make their way into the commercial sector to protect private citizens in the metaverse? ICS Could the technology and tactics developed be used for future in their own right? PSYOPs and influence campaigns The program proposers day will be held on October 20, 2023 in Arlington, Virginia. ICS This article was originally published by on Tim Hinchliffe The Sociable.