Software Protection to Deter Malicious Forensic Data Collection and Exploitation
Agency / Branch:
DOD / OSD
Distributing applications across networks brings both new power and new risks. Mission-critical applications are increasingly spread over national or global networks to enable information gathering and sharing on an unprecedented scale. The Global Information Grid envisions diverse end-to-end information flows to enhance military effectiveness. While this large-scale information sharing promises new efficiencies, endpoints in these networks must be armored against attacks that exploit their new autonomy. Distributed applications must cope with the possibility that some network endpoints have been compromised and are gathering forensic data for malicious ends. We propose mimicry protection as a technique to make safety-critical applications indistinguishable from low-security applications for observers using forensic tools. This technique leverages techniques for automatically creating mimicry attacks that elude intrusion detection systems. By adapting mimicry techniques in the literature, we can offer mimicry protection that allows a security-critical application to mimic uninteresting applications, eluding all but the most intrusive and expensive forensic measures.
Small Business Information at Submission:
317 N. Aurora Street Ithaca, NY 14850
Number of Employees: