USA flag logo/image

An Official Website of the United States Government

Preventing Program Hijacking via Static and Dynamic Analyses

Award Information

Agency:
Department of Defense
Branch:
N/A
Award ID:
Program Year/Program:
2012 / SBIR
Agency Tracking Number:
O113-IA5-4051
Solicitation Year:
2011
Solicitation Topic Code:
OSD11-IA5
Solicitation Number:
2011.3
Small Business Information
Zephyr Software LLC
2040 Tremont Rd Charlottesville, VA -
View profile »
Woman-Owned: No
Minority-Owned: No
HUBZone-Owned: No
 
Phase 1
Fiscal Year: 2012
Title: Preventing Program Hijacking via Static and Dynamic Analyses
Agency: DOD
Contract: N00014-12-M-0241
Award Amount: $131,237.00
 

Abstract:

Control flow hijacking occurs when an attacker overwrites a control-flow data item (e.g. return address or function pointer) to take control of the execution of a program. We propose to detect and prevent hijacking by using a low-overhead per-process dynamic run-time virtualization monitor, called an SDT (software dynamic translator) to make shadow copies of control-flow data items each time they are initialized or updated, and detect overwriting changes that occur between initialization and use. A static analyzer that operates on program binaries will help identify all control-data items, and reduce run-time overhead by identifying control-data items that are provably safe (not susceptible to overwriting between initialization and use). Remedial actions to be taken when attempted hijacking is detected will not be limited to program termination; program recovery techniques will be studied and designed.

Principal Investigator:

Clark L. Coleman
Research Scientist
(434) 284-3002
clc@zephyr-software.com

Business Contact:

Jack W. Davidson
President
(434) 242-4280
jwd@zephyr-software.com
Small Business Information at Submission:

Zephyr Software LLC
2040 Tremont Rd Charlottesville, VA -

EIN/Tax ID: 270338717
DUNS: N/A
Number of Employees:
Woman-Owned: No
Minority-Owned: No
HUBZone-Owned: No