USA flag logo/image

An Official Website of the United States Government

Hardware-based Computer Security System

Award Information

Agency:
Department of Homeland Security
Branch:
N/A
Award ID:
72153
Program Year/Program:
2007 / SBIR
Agency Tracking Number:
0522003
Solicitation Year:
2005
Solicitation Topic Code:
H-SB05.2-004
Solicitation Number:
N/A
Small Business Information
Cybernet Systems Corporation
3885 Research Park Drive Ann Arbor, MI 48108-2247
View profile »
Woman-Owned: Yes
Minority-Owned: No
HUBZone-Owned: No
 
Phase 2
Fiscal Year: 2007
Title: Hardware-based Computer Security System
Agency: DHS
Contract: NBCHC070050
Award Amount: $749,937.00
 

Abstract:

Rootkits are programs that hide pieces of software from the operating system. Rootkits replace or modify intrusion and system status applications, falsely reporting a clean system, when in fact the system has been compromised. A recent McAfee article stated rootkit infections for Windowsbased PCs were up 700% for first quarter 2006, and this trend is expected to continue. A compromised system cannot audit itself; our solution relies on a PCIExpress addon card running Linux that can monitor file accesses, prevent designated sectors modification, and can scan physical memory. This card provides a physically isolated process that monitors the host system, making it impossible for a rootkit to hide completely on the host. The card also logs forensic information and monitors network traffic to scan for malicious behavior. Software developed for our Phase I feasibility study demonstrated that our key components, file hashing and memory scanning, are capable of detecting current and expected rootkit technologies.Another component allows enterprise administration and information gathering across large organizations, and aggregates periodic information snapshots for security auditing and forensics. Requiring physical USB port access for configuration is an option.A bootable CDROM rootkit detection and repair tool for Windows would be a valuable spinoff.

Principal Investigator:

Chris C. Lomont
Ph.D.
(734) 668-2567
clomont@cybernet.com

Business Contact:

Daniel K. Jarrell
Contracts Manager
(734) 668-2567
proposals@cybernet.com
Small Business Information at Submission:

Cybernet Systems Corporation
727 Airport Boulevard Ann Arbor, MI 48108-1639

EIN/Tax ID: 430924383
DUNS: N/A
Number of Employees:
Woman-Owned: Yes
Minority-Owned: No
HUBZone-Owned: No