Computer Network Operations (CNO) for Ground-based Midcourse Defense (GMD)
Agency / Branch:
DOD / MDA
The aim of this Phase I effort is to develop the means to learn exploiter methods using forensics information gathered through signature analysis. Currently, little is known about how tampering attacks are mounted and what tools and techniques turn out to be the most effective. The reason for this is simple. Little of the forensics information uncovered during an attack is mined as applications software binaries are tampered with and exploited. This Phase I effort corrects this state of affairs by developing analytical techniques based on signature analysis for use in better understanding the processes, methods and tools that bad guys use to exploit weapons system software. The output of our Phase I effort will verify the feasibility of employing the approaches we develop to represent, analyze and learn from the forensic information we decide to capture during an exploitation attempt. During the option period, RCI will conduct experiments to verify the utility and cost-effectiveness of its forensics approach through trial-use. The test-bed is important because it allows RCI to develop a forensics knowledge base by gathering attack signatures for analysis from real examples and pilot programs.
Small Business Information at Submission:
REIFER CONSULTANTS, INC.
P.O. Box 4046 Torrance, CA 90510
Number of Employees: