USA flag logo/image

An Official Website of the United States Government

Automatic Artificial Diversity for Virtual Machines

Award Information

Agency:
Department of Defense
Branch:
Air Force
Award ID:
97186
Program Year/Program:
2010 / SBIR
Agency Tracking Number:
F093-053-1983
Solicitation Year:
N/A
Solicitation Topic Code:
AF 09-053
Solicitation Number:
N/A
Small Business Information
Clear Hat Consulting, Inc.
56 E Pine Street Suite 300 Orlando, FL -
View profile »
Woman-Owned: No
Minority-Owned: No
HUBZone-Owned: No
 
Phase 1
Fiscal Year: 2010
Title: Automatic Artificial Diversity for Virtual Machines
Agency / Branch: DOD / USAF
Contract: FA8750-10-C-0096
Award Amount: $99,767.00
 

Abstract:

We propose to apply viral metamorphic transformation techniques to increase code diversification in homogenous virtualized environments. The idea of metamorphic transformation is borrowed from the computer virus world. By applying semantics preserving transformations to its own code, a metamorphic virus aims to create different versions of itself that escape detection by anti-viral software. Ironically, the metamorphic virus shares many of the characteristics that we have identified as desirable for increasing the diversification and resilience of legitimate software against automated attack. Like the virus, we want to reduce the number of identifiable patterns in the system. This is so that we can prevent an attacker's exploit code from using hardcoded offsets or patterns to locate, call, or subvert critical Operating System functions. Also like the virus, we seek to increase the difficulty of program analysis. By applying metamorphic transformations to system code, we can increase the burden on the attacker by requiring advanced capabilities like disassemblers that are impractical or unlikely to fit within most exploit payloads. Finally, because metamorphic transformations can be applied to binary code without affecting its underlying functionality, we anticipate being able to achieve maximum transparancy and interoperability with other, higher level diversification approaches. BENEFIT: A platform for automated diversification will be valuable to the government, especially in the defense sector to improve the resiliency and survivability among homogenous virtualized systems. Defense applications are likely to include peripheral network nodes in command and control centers and high performance computing centers that are exposed to unpredictable hostile threats over the internet. These systems will benefit from technologies designed to reduce susceptibility to automated attacks including viruses, trojans, worms, and botnets. These technologies will also be valuable in the commercial sector. By reducing susceptibility to attacks our solution will help minimize system downtime and translate to increased efficiency and reduced cost for businesses.

Principal Investigator:

Sherri Sparks
President
4078967010
sparks@clearhatconsulting.com

Business Contact:

Sherri Sparks
President
4078967010
sparks@clearhatconsulting.com
Small Business Information at Submission:

Clear Hat Consulting, Inc.
1207 Cole Rd. Orlando, FL 32803

EIN/Tax ID: 770679623
DUNS: N/A
Number of Employees:
Woman-Owned: No
Minority-Owned: No
HUBZone-Owned: No