About project

Innovation

The innovative aspects of CHIRP2C include approaches that are unique and novel while at the same time employing proven scientific principles and methods, thereby reducing technical risks in the development of the CHIRP2C testbed. CHIRP2C is revolutionary in seven aspects.

CHIRP2C is:

  1. Configured as low SWAP-C.
  2. Adaptive and modular within a plug-n-play architecture for scaling and future-proofing.
  3. Employs an open architecture for seamless integration with any legacy, current and future systems.
  4. Implements an HMB-based cognitive architecture for synergistic human-machine interaction (HMI).
  5. Provides a learning model to transition novice and non-REs to experts in an agile manner.
  6. Increases an RE’s efficiency by 10x.
  7. Reduces cognitive load on a RE by 80% through RE-specific workflow style and human factors optimization.

Objectives

Riverside Research created a novel and revolutionary cognitive human-in-the-loop cyber-collaboration system: Computer-Human Interaction for Rapid Program Analysis through Cognitive Collaboration (CHIRP2C). CHIRP2C is an innovative, non-invasive multi-modal system that provides proactive, dynamic, intelligent collaboration between humans and AI agents to rapidly discover software vulnerabilities and accelerate the reverse engineering process. CHIRP2C captures and decomposes code analysis workflow and reverse engineer’s (RE’s) cognitive load using passive and active human factors capture tools such as eye, haptic and brain activity trackers. CHIRP2C employs a cognitive learning based context processor (CP) that allows humans and computers to share and learn new concepts in an open easy-to-use platform while solving complex and impactful problems for real-world applications. The CP is based on the open Soar cognitive architecture that closely mimics the human behavioral model (HBM). This processor “learns” to abstract and conceptualize problems using both software artifacts as well as the observable behavior of the human RE in a problem-solving context to rapidly reason and propose information gap representations useful for vulnerability discovery. The overlapping similarities of human and AI’s Soar cognitive architecture substantially reduce the learning and information sharing costs while minimizing the RE’s cognitive load, thus leading to faster and more efficient vulnerability discovery.

Background

The threat of adversaries employing unmanned aircraft systems (UASs) to conduct intelligence, surveillance and reconnaissance missions is a rapidly evolving and growing problem. There is an immediate and urgent need to rapidly detect, identify, monitor and defeat adversarial UASs using non-invasive and non-destructive technologies to identify non-state actors’ intent and obtain actionable intelligence. Software reverse engineering can be a useful non-destructive tool to ascertain an adversarial UAS’ intent and functionality as well as to track and deter malicious activities if it can be executed in a dynamic and agile fashion. However, reverse engineering is a time-consuming and cost-prohibitive process that doesn't lend itself to near-or real-time implementation. Software reversing demands high skill and expertise that requires years of training and experience. Additionally, the process also induces acute fatigue in an analyst or engineer due to, high cognitive loading of the information. The solution of employing fully automated artificial intelligence (AI) agents fails at reverse engineering due to the lack of AI’s ability to understand a code or software’s intent.

Commercial Goals

Current state-of-the-art reverse engineering tools can perform rapid code navigation, program simulation, and code translation but do not include provisions for capturing workflow and higher levels of abstraction such as working hypotheses, concepts, program elements, and program features. In contrast, human hackers perform time-consuming tasks to discover and resolve vulnerabilities. CHIRP2C bridges the information and capability gaps by developing a novel human-computer interaction system that provides individualized cognitive assistance to the human hackers based on their working style and cognitive load while building an evolving reverser toolkit. We have identified government customers within the Air Force Research Laboratory (AFRL), Naval Medical Research Unit (NAMRU-D) and National Air and Space Intelligence Center (NASIC) in Dayton, Ohio who benefit from CHIRP2C’s capabilities for securing mission-critical systems, optimizing signal and image analyst workflow, solving software vulnerabilities; and reverse engineering for foreign material exploration (FME).