USA flag logo/image

An Official Website of the United States Government

Inline Botnet Extraction and Prevention

Award Information

Agency:
Department of Homeland Security
Branch:
N/A
Award ID:
81163
Program Year/Program:
2007 / SBIR
Agency Tracking Number:
0612013
Solicitation Year:
2006
Solicitation Topic Code:
H-SB06.1-008
Solicitation Number:
N/A
Small Business Information
Endeavor Systems
8300 Greensboro Drive Suite 600 McLean, VA 22102-3604
View profile »
Woman-Owned: Yes
Minority-Owned: No
HUBZone-Owned: No
 
Phase 2
Fiscal Year: 2007
Title: Inline Botnet Extraction and Prevention
Agency: DHS
Contract: D07PC75274 (formerly NBCHC070120)
Award Amount: $749,996.11
 

Abstract:

Inline Botnet Extraction And Response, iBEAR is a holistic solution of addressing botnets with collection, analysis, and prevention capability. The iBEAR is built on the success of our phase I research of botnet collection. Collection of malware is done through decoy and inline network prevention system to capture target malware and scanning malware without risking the end systems. A hybrid analysis approach uses both Pattern Recognition and Control Flow Graphs,CFG, to determine invariant attributes of the malware communications. The system then implements prevention rules to deny any botnet communication. While excited about our high quality botnet collections being used in Microsoft MSRT, Live OneCare and Window Defender, Endeavor proposes to develop a robust, automated iBEAR which is capable of handling large volume of botnets. Leveraging the FirstLight infrastructure, the generated signatures from iBEAR can be distributed globally across organizations.

Principal Investigator:

Christopher Jordan
(703) 728-6778
cjordan@endeavorsystems.com

Business Contact:

Jiemin Jordan
President
(703) 728-3002
jiemin@endeavorsystems.com
Small Business Information at Submission:

Endeavor Systems, Inc.
1420 Spring Hill Road, Suite 600 Mclean, VA 22102-3006

EIN/Tax ID: 542052063
DUNS: N/A
Number of Employees:
Woman-Owned: Yes
Minority-Owned: Yes
HUBZone-Owned: No