DARPA unveils winners of AI challenge to boost critical infrastructure cybersecurity

LAS VEGAS — The Defense Advanced Research Projects Agency on Friday announced the winners of its AI Cyber Challenge, or AIxCC, a two-year-long competition that evaluates AI models built to autonomously identify and patch vulnerabilities in open-source code used in critical infrastructure systems.

Team Atlanta, which includes experts from the Georgia Institute of Technology, Samsung Research, the Korea Advanced Institute of Science & Technology and the Pohang University of Science and Technology, won first place, DARPA announced at the DEF CON hacker convention in Las Vegas, Nevada.

Trail of Bits, a New York City-based small business, won second place. And Theori, a team of AI researchers and security professionals in the U.S. and South Korea, won third place.

Four of the models developed by the seven competing finalist teams have already been made available for use, while three others will become available in the coming weeks, DARPA director Stephen Winchell told a large audience at the convention, where the winners were announced.

“We’re living in a world right now that has ancient digital scaffolding that’s holding everything up. A lot of the code bases, a lot of the languages, a lot of the ways we do business — and everything we’ve built on top of it — is all incurred huge technical debt over the years,” Winchell said. “And the reality is [that] it is a problem that is beyond human scale, and it’s a critical problem that we need to solve right now.”

Open-source tools are free to use and implement, making them convenient for critical infrastructure owners and operators. But they’re particularly vulnerable to cyber exploitation because of the nature of their publicly available code bases. If hackers succeed in infiltrating a code base and leveraging a flaw, it could create cascading impacts on public health and safety.

The two-year competition was partly fueled by the advent of large language models that power popular consumer-facing generative AI tools. Many of the major companies that have rolled out such offerings, like Anthropic and OpenAI, provided their model infrastructure to competitors. The goal of the contest, in essence, was to mesh AI tooling into models that can automatically patch vulnerabilities in open-source code and deploy it at scale to those who may be vulnerable.

The teams at AIxCC uncovered 70 synthetic vulnerabilities built for the competition, along with 18 previously unknown real-world flaws. The latter were not planted in advance and were discovered during the teams’ scans. On average, their models patched flaws in just 45 minutes.

“The teams figured out how to use this technology in better, more innovative ways,” said Andrew Carney, the program manager for AIxCC, speaking on stage at DEF CON. “They also found way more real-world issue bugs — real vulnerabilities — that we are in the process of disclosing to maintainers.”

Open-source projects — which underpin software systems used everywhere — rely on contributions from community members to keep them updated with patches. The updates are often discussed on forums with volunteer software maintainers, who chat with one another about proposed changes.

Historically, community practices have operated under the premise that all contributors are benevolent. That notion was challenged last February when a user dubbed “Jia Tan” tried to quietly plant a backdoor into XZ Utils, a file transfer tool used in several Linux builds that power software in leading global companies.

DARPA and the Advanced Research Projects Agency for Health also distributed an additional $1.4 million in funds to help with additional implementation. The cost per successfully completed competition task was $152, a number that falls significantly below human labor costs. 

“Today, the world is different” because the competition has “fundamentally changed our understanding of what is possible in terms of automatically finding or really, more importantly, fixing vulnerabilities in software,” Kathleen Fisher, DARPA’s Information Innovation Office director, told reporters at a press conference on the sidelines of DEF CON.