USA flag logo/image

An Official Website of the United States Government

Sanitizing Software of Malicious and Unauthorized Code

Award Information

Department of Defense
Office of the Secretary of Defense
Award ID:
Program Year/Program:
2006 / SBIR
Agency Tracking Number:
Solicitation Year:
Solicitation Topic Code:
Solicitation Number:
Small Business Information
GrammaTech, Inc
531 Esty Street Ithaca, NY -
View profile »
Woman-Owned: No
Minority-Owned: No
HUBZone-Owned: No
Phase 2
Fiscal Year: 2006
Title: Sanitizing Software of Malicious and Unauthorized Code
Agency / Branch: DOD / OSD
Contract: FA8650-06-C-8052
Award Amount: $750,000.00


The problem of malicious code inserted by a hostile inside attacker is of increasing concern to the government. The most efficient time to detect such code is during development. This is currently very difficult as malicious code can often be disguised as an innocent error, and because much code will only be available as object code. Sound static analysis tools that are capable of analyzing machine code directly offer the best hope of detecting these problems. A survey of over fifty static analysis tools in Phase I found that none were capable of addressing this issue. In Phase II we propose to develop such a tool. It will leverage both high-level source information and the actual machine code to create a precise program representation that has many applications in addition to malicious code detection, including machine-code analysis and executable editing. It will offer two modes: a lightweight screening mode requiring few resources but which will fail to detect some problems, and a much sounder mode capable of a much more stringent analysis. The tool will directly benefit software protection as its more precise intermediate representation will enable better and stronger anti-reverse-engineering transformations.

Principal Investigator:

Paul Anderson
Senior Scientist

Business Contact:

Ray Teitelbaum
Small Business Information at Submission:

317 N. Aurora Street Ithaca, NY 14850

EIN/Tax ID: 161338879
Number of Employees:
Woman-Owned: No
Minority-Owned: No
HUBZone-Owned: No