Secure Computing Infrastructure Technologies
Agency / Branch:
DOD / MDA
The proposed SBIR Phase I effort will produce a toolkit that will automatically locate and remove dead code, unwanted behaviors, suspicious or unnecessary code from COTS software executables. The toolkit will be built using COTS packages from an exploiter point-of-view. Using a disassembler, we will identify symbol table, functional flow and call-call tree information. We will mine this information to identify candidate unneeded, unused and dead code. We will then use pattern-matching techniques and templates to locate other suspicious code. Once the information is synthesized, we will use our toolkit to remove unnecessary and potentially malicious code from COTS packages according to user-directed scenarios. This Phase I effort will verify our design concept via a demonstration. Our Phase II effort will demonstrate the concept more fully to potential users who are interested in scaling the concept to systems with large amounts of COTS in them.
Small Business Information at Submission:
REIFER CONSULTANTS, INC.
P.O. Box 4046 Torrance, CA 90510
Number of Employees: