USA flag logo/image

An Official Website of the United States Government

Automatic Artificial Diversity for Virtual Machines

Award Information

Agency:
Department of Defense
Branch:
Air Force
Award ID:
97185
Program Year/Program:
2010 / SBIR
Agency Tracking Number:
F093-053-1797
Solicitation Year:
N/A
Solicitation Topic Code:
AF 09-053
Solicitation Number:
N/A
Small Business Information
GrammaTech, Inc
531 Esty Street Ithaca, NY -
View profile »
Woman-Owned: No
Minority-Owned: No
HUBZone-Owned: No
 
Phase 1
Fiscal Year: 2010
Title: Automatic Artificial Diversity for Virtual Machines
Agency / Branch: DOD / USAF
Contract: FA8750-10-C-0097
Award Amount: $100,000.00
 

Abstract:

We propose to introduce artificial diversity to each installation of a standard platform by running the system using a combination of hardware virtualization and software dynamic translation. Automatic, transparent diversification offers powerful protection for systems that would otherwise remain homogenous. Code exploits are usually highly dependent on the details of the software and the vulnerability they target. Diversification ensures that those details change from one instance to the next, thereby requiring that a customized exploit be developed for each machine f?" frequently an insurmountable challenge for the attacker. Diversification is also attractive because it offers some protection against unknown attack vectors and methodologies. BENEFIT: Standardization of computer platforms is an important tool for improving security. Up to 80% of the vulnerabilities that are exploited during penetration testing of government networks result from misconfigured software. Standardized platforms allow security experts to ensure that these vulnerabilities are closed. Unfortunately, wide distribution of a standard platform also means wide distribution of any vulnerability in that platform. While adoption of a standard platform may be the only hope an enterprise has of managing and avoiding known vulnerabilities, it also dramatically increases the potential damage from exploits of newly discovered vulnerabilities: a novel attack may subvert or disable all standardized machines. Our approach to artificial diversity will enable the security benefits of a standardized computing platform without the coincident standardization of security vulnerabilities.

Principal Investigator:

David Melski
VP of Research
6072737340
melski@grammatech.com

Business Contact:

Ray Teitelbaum
CEO
6072737340
tt@grammatech.com
Small Business Information at Submission:

GrammaTech, Inc
317 N. Aurora Street Ithaca, NY 14850

EIN/Tax ID: 161338879
DUNS: N/A
Number of Employees:
Woman-Owned: No
Minority-Owned: No
HUBZone-Owned: No