Researchers at Georgia Tech, funded by a $4 million DARPA grant, are developing METALLIC, a framework to analyze and mitigate exploit chains—complex, multi-step cyberattacks. The project aims to reduce detection and response times from days to hours by characterizing vulnerabilities, enabling semi-automated repairs, and adapting systems to changes. Led by cybersecurity experts, METALLIC promises to enhance software security and advance defenses against sophisticated attacks.

Researchers are receiving more than $4 million from DARPA to develop a new framework to analyze and model sophisticated attacks on software.

A common tactic cybercriminals use is an exploit chain, a series of interconnected steps or vulnerabilities that attackers exploit to breach software systems. Each step leverages the capability achieved in the preceding step, forming a systematic pathway to compromise.

Recognizing the severity of this threat, researchers at the School of Cybersecurity and Privacy (SCP) at Georgia Tech will work with Trusted Science and Technology Inc. to turn Metrology for Assessing the Leverage of and Liability for Compromises (METALLIC) into a working prototype of a security modeling and assessment framework. 

“We are developing a foundation framework to analyze and reason about cyber chains of exploits,” said Sukarno Mertoguno, SCP research professor and project lead.

“The structure we will implement in this project enables characterization and evaluation of exploit components, semi-automated repair, and adaptation of the chain to the changes in operating environment.”

The METALLIC project holds significant promise for advancing cybersecurity practices. For instance, METALLIC could help organizations detect and neutralize exploit chains faster, reducing the average time to identify and mitigate a breach from days to hours. 

By providing a comprehensive framework for modeling, analyzing, and mitigating exploit chains, METALLIC has the potential to empower security professionals with the tools and knowledge needed to better protect software systems from sophisticated cyberattacks.

This project represents an important step towards a more secure digital future, where individuals and organizations can confidently engage in online activities without fear of compromise.

Researchers and engineers with extensive expertise in various cybersecurity domains will spearhead the METALLIC project.

Mertoguno will lead the Georgia Tech team and be responsible for system security, systems-centric models, and scalable analysis. Wenke Lee, a professor at SCP, is responsible for vulnerability research, especially on mobile devices. Taesoo Kim, a professor at SCP, is responsible for exploit discovery and chaining. Brendan Saltaformaggio, an associate professor at SCP, will focus on root cause analysis.